find . -print0 | cpio --null --create --quiet --format=newc --owner=0:0 | lz4 -9 -l > …/kernel-snap/initrd.img
for this i always get permission denied to access initrd.img even if i use sudo
Try with sudo sh -c '<full command>'. Anyway, if you need root permissions is probably because you used sudo while running unsquashfs/unmkinitramfs, that you don’t need, I think.
Hi @fguerzoni, I am also working on this and I managed to ADD tpm_tis_spi to initrd and compile the kernel snap with fde hooks
During the initial boot, it displayed and the process hangs:
secboot_tpm.go:77: checking if secure boot is enabled…
secboot_tpm.go:79: secure boot not enabled: not a supported EFI system
taskrunner.go:271: [change 2 "Setup system for run mode" task] failed: cannot encrypt device storage as mandated by model grade secured: not a supported EFI system
Did you manage to solve this issue?