Red Hat and Fedora engineers are planningAdded support for the unified kernel image to Fedora (Unified Kernel Images,UKI) and expects to seeInitial support was implemented in the spring release of Fedora Linux 38.

The proposal states that its objective is toGet rid of the initrd generated on the machine where the images;They are generated when building the kernel package and then shipped as part of UKI.

UKI is an all-in-one efi binary containing kernel, initrd, cmdline and signature. The secure boot signature covers everything, especially including the initrd; but this is not the case when the initrd is loaded from /boot as a separate file.

The main motivation for this move is to make the distribution more robust and secure.

It’s not realistic to quickly switch an entire distribution to a unified kernel. Too many features rely on the current workflow with host-specific initrds (and host-specific kernel command lines), which is fundamentally incompatible with the unified kernel, where everyone would have the same initrd and commands Row. That’s why there is “Phase 1” in the title, so we can have more stages in future versions.

The high-priority goals of the initial phase will beFocus on bringing UKI Distributed as an optional kernel sub-rpm,update the kernel install script to install and properly update the unity kernel, andfor UKI Added bootloader support.There are also plans to add proper discoverable partition support for installers (anaconda, image builder, etc.), forThe installer adds systemd-boot support, better metering and remote authentication support, and updates to Fedora Cloud images switched to use the unified kernel; however, these are low priority and may be moved to phase 2 as appropriate.

Phase 2/3 goals (longer-term stuff, in It is impractical to do it in Fedora 38):

• The kernel command line is no longer used for configuration.
• Get rid of storing secrets in the initrd.
• Handle dracut optional modules differently.

However, this tentative change proposal for Fedora 38 still needs to be approved by the Fedora Engineering and Steering Committee before it can be implemented. More details can be found at Fedora Wiki.