Bug 1988760
| Summary: | edk2 does not ignore PMBR protective record BootIndicator as required by UEFI spec | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | Neal Gompa <ngompa13> | |
| Component: | edk2 | Assignee: | Philippe Mathieu-Daudé <philmd> | |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Xueqiang Wei <xuwei> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | CentOS Stream | CC: | berrange, bstinson, bugzilla, carl, chayang, coli, davdunc, davide, extras-qa, jinzhao, juzhang, jwboyer, kkiwi, kraxel, lersek, michel, mrezanin, ngompa13, pbonzini, philmd, virt-maint, xuwei | |
| Target Milestone: | beta | Keywords: | RFE, Triaged | |
| Target Release: | --- | Flags: | pm-rhel:
mirror+
|
|
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | edk2-20210527gite1999b264f1f-5.el9 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | 1978966 | |||
| : | 1988762 (view as bug list) | Environment: | ||
| Last Closed: | 2021-12-07 21:50:14 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
|
Description
Neal Gompa
2021-07-31 20:42:24 UTC
Reprodued it with edk2-ovmf-20210527gite1999b264f1f-4.el9.noarch.
Versions:
kernel-5.14.0-0.rc3.29.el9.x86_64
qemu-kvm-6.0.0-10.el9
edk2-ovmf-20210527gite1999b264f1f-4.el9-4
Steps:
1. install a rhel9 guest and boot it
/usr/libexec/qemu-kvm \
-S \
-name 'avocado-vt-vm1' \
-sandbox on \
-blockdev node-name=file_ovmf_code,driver=file,filename=/usr/share/OVMF/OVMF_CODE.secboot.fd,auto-read-only=on,discard=unmap \
-blockdev node-name=drive_ovmf_code,driver=raw,read-only=on,file=file_ovmf_code \
-blockdev node-name=file_ovmf_vars,driver=file,filename=/home/kvm_autotest_root/images/avocado-vt-vm1_rhel900-64-virtio-scsi.qcow2_VARS.fd,auto-read-only=on,discard=unmap \
-blockdev node-name=drive_ovmf_vars,driver=raw,read-only=off,file=file_ovmf_vars \
-machine q35,memory-backend=mem-machine_mem,pflash0=drive_ovmf_code,pflash1=drive_ovmf_vars \
-device pcie-root-port,id=pcie-root-port-0,multifunction=on,bus=pcie.0,addr=0x1,chassis=1 \
-device pcie-pci-bridge,id=pcie-pci-bridge-0,addr=0x0,bus=pcie-root-port-0 \
-nodefaults \
-device VGA,bus=pcie.0,addr=0x2 \
-m 15360 \
-object memory-backend-ram,size=15360M,id=mem-machine_mem \
-smp 16,maxcpus=16,cores=8,threads=1,dies=1,sockets=2 \
-cpu 'Skylake-Server',+kvm_pv_unhalt \
-chardev socket,id=qmp_id_qmpmonitor1,server=on,path=/tmp/avocado_dkpw73kl/monitor-qmpmonitor1-20210802-043048-9Ao7US0i,wait=off \
-mon chardev=qmp_id_qmpmonitor1,mode=control \
-chardev socket,id=qmp_id_catch_monitor,server=on,path=/tmp/avocado_dkpw73kl/monitor-catch_monitor-20210802-043048-9Ao7US0i,wait=off \
-mon chardev=qmp_id_catch_monitor,mode=control \
-device pvpanic,ioport=0x505,id=id3sIdKI \
-chardev socket,id=chardev_serial0,server=on,path=/tmp/avocado_dkpw73kl/serial-serial0-20210802-043048-9Ao7US0i,wait=off \
-device isa-serial,id=serial0,chardev=chardev_serial0 \
-chardev socket,id=seabioslog_id_20210802-043048-9Ao7US0i,path=/tmp/avocado_dkpw73kl/seabios-20210802-043048-9Ao7US0i,server=on,wait=off \
-device isa-debugcon,chardev=seabioslog_id_20210802-043048-9Ao7US0i,iobase=0x402 \
-device pcie-root-port,id=pcie-root-port-1,port=0x1,addr=0x1.0x1,bus=pcie.0,chassis=2 \
-device qemu-xhci,id=usb1,bus=pcie-root-port-1,addr=0x0 \
-device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1 \
-device pcie-root-port,id=pcie-root-port-2,port=0x2,addr=0x1.0x2,bus=pcie.0,chassis=3 \
-device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pcie-root-port-2,addr=0x0 \
-blockdev node-name=file_image1,driver=file,auto-read-only=on,discard=unmap,aio=threads,filename=/home/kvm_autotest_root/images/rhel900-64-virtio-scsi.qcow2,cache.direct=on,cache.no-flush=off \
-blockdev node-name=drive_image1,driver=qcow2,read-only=off,cache.direct=on,cache.no-flush=off,file=file_image1 \
-device scsi-hd,id=image1,drive=drive_image1,write-cache=on \
-device pcie-root-port,id=pcie-root-port-3,port=0x3,addr=0x1.0x3,bus=pcie.0,chassis=4 \
-device virtio-net-pci,mac=9a:04:b0:7c:7f:9c,id=idOUke6O,netdev=idGbNjIM,bus=pcie-root-port-3,addr=0x0 \
-netdev tap,id=idGbNjIM,vhost=on \
-vnc :0 \
-rtc base=utc,clock=host,driftfix=slew \
-boot menu=off,order=cdn,once=c,strict=off \
-enable-kvm \
-monitor stdio \
2. parted /dev/sda disk_set pmbr_boot on
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 20G 0 disk
├─sda1 8:1 0 600M 0 part /boot/efi
├─sda2 8:2 0 1G 0 part /boot
└─sda3 8:3 0 18.4G 0 part
├─rhel_bootp--73--131--163-root 253:0 0 16.4G 0 lvm /
└─rhel_bootp--73--131--163-swap 253:1 0 2G 0 lvm [SWAP]
# parted /dev/sda
GNU Parted 3.4
Using /dev/sda
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) print
Model: QEMU QEMU HARDDISK (scsi)
Disk /dev/sda: 21.5GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:
Number Start End Size File system Name Flags
1 1049kB 630MB 629MB fat32 EFI System Partition boot, esp
2 630MB 1704MB 1074MB xfs
3 1704MB 21.5GB 19.8GB lvm
(parted) disk_set pmbr_boot on
(parted) quit
3. Try to boot the image
# reboot
After step 3, failed to boot the image. Please refer to attachment for the screenshot.
QE bot(pre verify): Set 'Verified:Tested,SanityOnly' as gating/tier1 test pass. Tested with edk2-ovmf-20210527gite1999b264f1f-5.el9.noarch, not hit this issue. So set status to VERIFIED.
Versions:
Host:
kernel-5.14.0-0.rc4.35.el9.x86_64
qemu-kvm-6.0.0-10.el9
edk2-ovmf-20210527gite1999b264f1f-5.el9.noarch
Guest:
kernel-5.13.0-0.rc7.51.el9.x86_64
Steps:
1. install a rhel9 guest and boot it
/usr/libexec/qemu-kvm \
-S \
-name 'avocado-vt-vm1' \
-sandbox on \
-blockdev node-name=file_ovmf_code,driver=file,filename=/usr/share/OVMF/OVMF_CODE.secboot.fd,auto-read-only=on,discard=unmap \
-blockdev node-name=drive_ovmf_code,driver=raw,read-only=on,file=file_ovmf_code \
-blockdev node-name=file_ovmf_vars,driver=file,filename=/home/kvm_autotest_root/images/avocado-vt-vm1_rhel900-64-virtio-scsi.qcow2_VARS.fd,auto-read-only=on,discard=unmap \
-blockdev node-name=drive_ovmf_vars,driver=raw,read-only=off,file=file_ovmf_vars \
-machine q35,memory-backend=mem-machine_mem,pflash0=drive_ovmf_code,pflash1=drive_ovmf_vars \
-device pcie-root-port,id=pcie-root-port-0,multifunction=on,bus=pcie.0,addr=0x1,chassis=1 \
-device pcie-pci-bridge,id=pcie-pci-bridge-0,addr=0x0,bus=pcie-root-port-0 \
-nodefaults \
-device VGA,bus=pcie.0,addr=0x2 \
-m 15360 \
-object memory-backend-ram,size=15360M,id=mem-machine_mem \
-smp 16,maxcpus=16,cores=8,threads=1,dies=1,sockets=2 \
-cpu 'Skylake-Server',+kvm_pv_unhalt \
-chardev socket,id=qmp_id_qmpmonitor1,server=on,path=/tmp/avocado_dkpw73kl/monitor-qmpmonitor1-20210802-043048-9Ao7US0i,wait=off \
-mon chardev=qmp_id_qmpmonitor1,mode=control \
-chardev socket,id=qmp_id_catch_monitor,server=on,path=/tmp/avocado_dkpw73kl/monitor-catch_monitor-20210802-043048-9Ao7US0i,wait=off \
-mon chardev=qmp_id_catch_monitor,mode=control \
-device pvpanic,ioport=0x505,id=id3sIdKI \
-chardev socket,id=chardev_serial0,server=on,path=/tmp/avocado_dkpw73kl/serial-serial0-20210802-043048-9Ao7US0i,wait=off \
-device isa-serial,id=serial0,chardev=chardev_serial0 \
-chardev socket,id=seabioslog_id_20210802-043048-9Ao7US0i,path=/tmp/avocado_dkpw73kl/seabios-20210802-043048-9Ao7US0i,server=on,wait=off \
-device isa-debugcon,chardev=seabioslog_id_20210802-043048-9Ao7US0i,iobase=0x402 \
-device pcie-root-port,id=pcie-root-port-1,port=0x1,addr=0x1.0x1,bus=pcie.0,chassis=2 \
-device qemu-xhci,id=usb1,bus=pcie-root-port-1,addr=0x0 \
-device usb-tablet,id=usb-tablet1,bus=usb1.0,port=1 \
-device pcie-root-port,id=pcie-root-port-2,port=0x2,addr=0x1.0x2,bus=pcie.0,chassis=3 \
-device virtio-scsi-pci,id=virtio_scsi_pci0,bus=pcie-root-port-2,addr=0x0 \
-blockdev node-name=file_image1,driver=file,auto-read-only=on,discard=unmap,aio=threads,filename=/home/kvm_autotest_root/images/rhel900-64-virtio-scsi.qcow2,cache.direct=on,cache.no-flush=off \
-blockdev node-name=drive_image1,driver=qcow2,read-only=off,cache.direct=on,cache.no-flush=off,file=file_image1 \
-device scsi-hd,id=image1,drive=drive_image1,write-cache=on \
-device pcie-root-port,id=pcie-root-port-3,port=0x3,addr=0x1.0x3,bus=pcie.0,chassis=4 \
-device virtio-net-pci,mac=9a:04:b0:7c:7f:9c,id=idOUke6O,netdev=idGbNjIM,bus=pcie-root-port-3,addr=0x0 \
-netdev tap,id=idGbNjIM,vhost=on \
-vnc :0 \
-rtc base=utc,clock=host,driftfix=slew \
-boot menu=off,order=cdn,once=c,strict=off \
-enable-kvm \
-monitor stdio \
2. parted /dev/sda disk_set pmbr_boot on
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 10G 0 disk
├─sda1 8:1 0 600M 0 part /boot/efi
├─sda2 8:2 0 1G 0 part /boot
└─sda3 8:3 0 8.4G 0 part
├─rhel-root 253:0 0 7.4G 0 lvm /
└─rhel-swap 253:1 0 1G 0 lvm [SWAP]
# parted /dev/sda
GNU Parted 3.4
Using /dev/sda
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) print
Model: QEMU QEMU HARDDISK (scsi)
Disk /dev/sda: 10.7GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:
Number Start End Size File system Name Flags
1 1049kB 630MB 629MB fat32 EFI System Partition boot, esp
2 630MB 1704MB 1074MB xfs
3 1704MB 10.7GB 9032MB lvm
(parted) disk_set pmbr_boot on
(parted) quit
3. reboot the image, and check "Disk Flags: pmbr_boot"
# reboot
# parted /dev/sda
GNU Parted 3.4
Using /dev/sda
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) print
Model: QEMU QEMU HARDDISK (scsi)
Disk /dev/sda: 10.7GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags: pmbr_boot
Number Start End Size File system Name Flags
1 1049kB 630MB 629MB fat32 EFI System Partition boot, esp
2 630MB 1704MB 1074MB xfs
3 1704MB 10.7GB 9032MB lvm
|