Multi-Profile UKIs and other ways to supercharge your Unified Kernel Images

Day 1 | 10:35 | 00:20 | UB4.136 | Lennart Poettering


Note: I'm reworking this at the moment, some things won't work.

The stream isn't available yet! Check back at 10:35.

systemd-stub/ukify/systemd-measure recently acquire support for "multi-profile" UKIs (i.e. a UKI that can synthesize multiple boot menu entries instead of one, each with sligh varations in kernel command line and similar). It already gained support for carrying multiple DeviceTrees with automatic matching against local hardware. There is working in include multiple system firmwares inside UKIs for confidential computing bring-your-own-firmware cases. All this elevates UKIs to a new level, and in this talk I'd like to provide an overview of what's going on and where we are going.