Am 02.10.25 um 09:02 schrieb Tomasz Torcz:
On Wed, Oct 01, 2025 at 05:22:36PM -0400, Neal Gompa wrote:
With three kernels at any given time (plus the rescue image), a
conservative estimate of 300MiB per generic initramfs makes 1.5GB very tight.
We probably do want to bump /boot to 2GB. And all our disk images need
similar adjustments unfortunately.
The real question is:
Does a initramfs need firmwareblobs packed inside it, or can they be
"externalized" ?
Plus Side:
If the firmware would be the same directory inside /boot/ for all
kernels and mounted to usr/lib/firmware, we would safe A LOT of space.
Also the creation time of any initramfs file would be decreased.
It makes firmware issues easier detectable , cause the next boot will
fail , instead of waiting for the next kernel update to happen, which
gives the false impression that the kernel caused it.
Negative Side:
This raises some security concers, cause it makes planting a bad
firmware easier, but not by a lot. To target this issue, encryption of
/boot/ is necessary anyways.
And booting an old kernel+old firmware (inside the archived initramfs )
would not be possible anymore.
best regards,
Marius Schwarz
--
_______________________________________________
devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
