[RFC] SIGNEDv4: add Azure CVM support to the linux-generate ancillary package

[Dimitri John Ledkov]

jammy:linux-azure and jammy:linux-azure-fde now use the same ABI of
the kernel build, with the only difference being kenel image packaging
format (kernel.efi vs vmlinuz) and minor dependencies changes (control
fields & maintainer scripts). With otherwise identical publication
cycles, signing keys and targets.

With these patches I am proposing to add ability in
linux-signed/linux-generate packages to automatically paramerise and
produce kernel.efi and package it appropriately. Once deployed, it
will allow to remove linux-azure-fde derivatives, as all the packages
they currently produce will be superseeded by linux-azure set of
source packages.

Landing these changes will need to happen in order, thus this set of
patches is submitted for review, as post initial upgrade of
linux-signed, the other changes will be possible to do on per each
azure-fde kernel active at the time.

Steps:
1) Land ubuntu-core-initramfs changes to autocreate kernel.efi for linux-generate
https://github.com/snapcore/core-initrd/pull/150 (ready to land)

2) Land linux-signed v4 upgrade to support `--cvm` flag that will
automatically parameterise and produce CVM signed tarball, and
linux-image-*-fde signed packages. (ready to land)

3) Activate individual linux-signed-azure packages to produce -fde
variant (blocked on above).

4) Make individual linux-meta-azure changes to provide -fde meta's,
and also ensure transitional packages are in place to migrate people
off -fde variants of all other packages (headers, tools, modules, and
so on). (blocked on above)

I am sending out these patches for review, and to figure out if this
design approach is appropriate, and desired outcome. Care has been
taken to ensure that all package relationships remain the same, or
functionally equivalent. For example the linux-image-*-fde packages
will now contains more correct Provides matching the regular azure
packages. Invalid / no-op maintainer scripts are dropped, and
funtional parity is maintained. And test builds of these are also
provided.

If the review of these patches is satisfactory, I would want to
attempt applying these to jammy:linux-azure-6.2 (the upcoming edge
variant of azure). Once successful there, deploy signed changes to
rest of the signed packages, followed by conversion of the current
non-edge azure variants.

Patches after this cover letter:
step2 - linux-signed changes for all signed packages
step3 - example on how to modify package.config to activate CVM build for a given kernel
step4 - example meta changes to create metas for regular & CVM builds

Not provided is the final step to mark linux-*-fde packages a obsolete
in kernel-series.yaml.

Example builds are available in ppa:xnox/ubuntu/nonvirt for a 1037 azure/azure-fde abi:

https://launchpad.net/~xnox/+archive/ubuntu/nonvirt/+packages?field.name_filter=azure&field.status_filter=published&field.series_filter=jammy

Specifically linux-generate-azure, linux-signed-azure, linux-meta-azure are of interest.

Once all of the above is successful it will eliminate 4 kernel cranks
per each cycle. But it is also a gateway to do a similar conversion
for most linux-uc* packages as well, which will leverage most of this
work verbantim.

-- 
2.34.1