xnox
commented
2 years ago Alternative is to upgrade static-cmdline snippets in https://github.com/snapcore/snapd/blob/master/bootloader/assets/grub.go#L26
Closed xnox closed 1 year ago
xnox
commented
2 years ago Alternative is to upgrade static-cmdline snippets in https://github.com/snapcore/snapd/blob/master/bootloader/assets/grub.go#L26
xnox
commented
2 years ago Third option to report it as ubuntu-realtime bug and say that efi runtime should be turned on in realtime kernel, because modern computing needs it.
xnox
commented
1 year ago this shell be fixed in the RT kernel itself.
Kernel configuration supports turning off EFI runtime services on boot. Meaning, the kernel is booted with UEFI Secureboot and yet it doesn't allow access to efivarfs or any EFI services.
One such common kernel configuration is for Ubuntu Realtime Kernel. That is driven by the fact that EFI runtime services are unpredictable in their timings (reading and writing efivars can trigger a blocking EFI garbage collection of unknown amount of time).
On the other hand, Ubuntu Core sealed full disk encryption is a key feature.
Specify
efi=runtimekernel command line option, such that stock EFI gadget can be used with realtime-kernel and have full disk encryption out of the box.Note that snap refresh of gadget & kernel snaps, may result in realtime latency spikes.