[Bug 2100783] Re: systemd-boot does not support enough PE sections and externally provided initrd on UKI

Wed Mar 5 14:12:43 UTC 2025

** Description changed:

  We would like to boot arm and riscv using systemd-ukify, but the EFI
  stub in systemd-boot that is used by systemd-ukify to make the UKI only
  supports embedded initrd's. We would like to be able to externally
  provide the initrd. This is important for secure boot, as this way on
- kernel updates the initrd can be generated by update-initramfs while the
- UKI can be signed and provided as a package.
+ kernel updates the UKI can be signed and provided as a package while the
+ initrd can be generated by update-initramfs locally, as there are still
+ many things changing initramfs-hooks locally.

  The patch was rejected upstream:
  https://github.com/systemd/systemd/pull/35978

** Summary changed:

- systemd-boot does not support enough PE sections and externally provided initrd  on UKI
+ systemd-boot does not support an externally provided initrd  on UKI

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2100783

Title:
  systemd-boot does not support an externally provided initrd  on UKI

Status in systemd package in Ubuntu:
  New

Bug description:
  We would like to boot arm and riscv using systemd-ukify, but the EFI
  stub in systemd-boot that is used by systemd-ukify to make the UKI
  only supports embedded initrd's. We would like to be able to
  externally provide the initrd. This is important for secure boot, as
  this way on kernel updates the UKI can be signed and provided as a
  package while the initrd can be generated by update-initramfs locally,
  as there are still many things changing initramfs-hooks locally.

  The patch was rejected upstream:
  https://github.com/systemd/systemd/pull/35978

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2100783/+subscriptions