The unified kernel image (UKI) is a new image format that contains additional components, esp. the initrd and kernel command line, besides the actual kernel image. Goal of the UKI is to extend the security guarantees provided by secure boot to all components required to boot the system up to the point that the rootfs is mounted. The consequence is that the initrd needs to be generated by RH during build time. This breaks the kdump tooling which currently expects that the kdump initrd is built locally.

At the moment there are three (planned) users of the UKI at RH nmbl, RHIVOS and, confidential VMs in the Azure cloud. In addition the RHEL Threat Model mentioned unsigned initrds as one of the known weaknesses in RHEL and suggested UKIs as the solution.

Add support to use UKI for kdump.