RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1098846 - grubby will corrupt the grub.conf at yum update when tboot is used
Summary: grubby will corrupt the grub.conf at yum update when tboot is used
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: grubby
Version: 6.5
Hardware: x86_64
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Peter Jones
QA Contact: Release Test Team
URL:
Whiteboard:
Depends On:
Blocks: 1083985
TreeView+ depends on / blocked
 
Reported: 2014-05-19 03:02 UTC by Junxiao Bi
Modified: 2014-10-14 08:07 UTC (History)
6 users (show)

Fixed In Version: grubby-7.0.15-7.el6
Doc Type: Bug Fix
Doc Text:
Prior to this update, the Trusted Boot (tboot) module incorrectly used the tboot.gz multiboot image to search for a grub configuration file. As a consequence, running the "yum update" command led to grubby corrupting the grub.conf file when tboot was enabled and two or more kernels were updated. With this update, tboot uses specific kernel names to search for grub configuration, and corruption of grub.conf no longer occurs in the described scenario.
Clone Of:
Environment:
Last Closed: 2014-10-14 08:07:00 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1575 0 normal SHIPPED_LIVE grubby bug fix update 2014-10-14 01:27:27 UTC

Description Junxiao Bi 2014-05-19 03:02:10 UTC 
Description of problem:
1. Install OL6U5 on a machine where tboot is used. 
2. yum update (there must be at least two kernels updated for reproducing the bug)

After this, grub.conf corrupted. The first kernel have four initrd configed, but the other three have no initrd configed.

See it on my machine after yum update.


--- menu.lst    2014-05-05 13:49:25.025455305 -0700
+++ /boot/grub/menu.lst 2014-05-05 14:31:44.567706658 -0700
@@ -7,25 +7,45 @@
 #          kernel /boot/vmlinuz-version ro root=/dev/sdb1
 #          initrd /boot/initrd-[generic-]version.img
 #boot=/dev/sdb
-default=0
+default=2
 timeout=5
+title Oracle Linux Server (3.8.13-26.2.3.el6uek.x86_64.debug)
+       root (hd0,0)
+       kernel /boot/tboot.gz logging=vga,serial,memory numa=off
transparent_hugepage=never
+       module /boot/vmlinuz-3.8.13-26.2.3.el6uek.x86_64.debug ro
root=UUID=a5f9ccf2-bda0-4182-8f66-88e670958c3e intel_iommu=on amd_iommu=on
rd_NO_LUKS  KEYBOARDTYPE=pc KEYTABLE=us LANG=en_US.UTF-8 rd_NO_MD
SYSFONT=latarcyrheb-sun16  rd_NO_LVM rd_NO_DM
+       module /boot/initramfs-2.6.32-431.11.2.el6.x86_64.debug.img
+       module /boot/initramfs-3.8.13-26.2.3.el6uek.x86_64.img
+       module /boot/initramfs-2.6.32-431.11.2.el6.x86_64.img
+       module /boot/initramfs-3.8.13-26.2.3.el6uek.x86_64.debug.img
+title Oracle Linux Server Red Hat Compatible Kernel
(2.6.32-431.11.2.el6.x86_64)
+       root (hd0,0)
+       kernel /boot/tboot.gz logging=vga,serial,memory numa=off
transparent_hugepage=never
+       module /boot/vmlinuz-2.6.32-431.11.2.el6.x86_64 ro
root=UUID=a5f9ccf2-bda0-4182-8f66-88e670958c3e intel_iommu=on amd_iommu=on
rd_NO_LUKS  KEYBOARDTYPE=pc KEYTABLE=us LANG=en_US.UTF-8 rd_NO_MD
SYSFONT=latarcyrheb-sun16  rd_NO_LVM rd_NO_DM crashkernel=auto
+title Oracle Linux Server (3.8.13-26.2.3.el6uek.x86_64)
+       root (hd0,0)
+       kernel /boot/tboot.gz logging=vga,serial,memory numa=off
transparent_hugepage=never
+       module /boot/vmlinuz-3.8.13-26.2.3.el6uek.x86_64 ro
root=UUID=a5f9ccf2-bda0-4182-8f66-88e670958c3e intel_iommu=on amd_iommu=on
rd_NO_LUKS  KEYBOARDTYPE=pc KEYTABLE=us LANG=en_US.UTF-8 rd_NO_MD
SYSFONT=latarcyrheb-sun16  rd_NO_LVM rd_NO_DM
+title Oracle Linux Server Red Hat Compatible Kernel
(2.6.32-431.11.2.el6.x86_64.debug)
+       root (hd0,0)
+       kernel /boot/tboot.gz logging=vga,serial,memory numa=off
transparent_hugepage=never
+       module /boot/vmlinuz-2.6.32-431.11.2.el6.x86_64.debug ro
root=UUID=a5f9ccf2-bda0-4182-8f66-88e670958c3e intel_iommu=on amd_iommu=on
rd_NO_LUKS  KEYBOARDTYPE=pc KEYTABLE=us LANG=en_US.UTF-8 rd_NO_MD
SYSFONT=latarcyrheb-sun16  rd_NO_LVM rd_NO_DM crashkernel=auto



This is a bug of grubby. The following fix can fix it.

From 6812c243dc289ee6c2e322abdf587330e0889307 Mon Sep 17 00:00:00 2001
From: Junxiao Bi <junxiao.bi>
Date: Wed, 14 May 2014 16:44:21 +0800
Subject: [PATCH] grubby: fix initrd updating when multiboot exist

When using the following command to add an initrd for the kernel.
grubby --update-kernel=/boot/vmlinuz-2.6.32-431.17.1.el6.x86_64.debug 
       --initrd /boot/initramfs-2.6.32-431.17.1.el6.x86_64.debug.img
       --add-multiboot=/boot/tboot.gz
The multiboot image /boot/tboot.gz is used as the key to search the 
configure entry in grub.conf, this is wrong. There may be other kernels
also configure multiboot with the same name tboot.gz, if there index are 
smaller than the target one, then that will make the initrd added to the 
wrong kernel. Fix it to use kernel name as the search key.

Signed-off-by: Junxiao Bi <junxiao.bi>
Reviewed-by: John Haxby <john.haxby>
---
 grubby.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/grubby.c b/grubby.c
index a5637d3..0b19e7b 100644
--- a/grubby.c
+++ b/grubby.c
@@ -2205,7 +2205,7 @@ int addMBInitrd(struct grubConfig * cfg, const char *newMBKernel,
 
     if (!image) return 0;
 
-    for (; (entry = findEntryByPath(cfg, newMBKernel, prefix, &index)); index++) {
+    for (; (entry = findEntryByPath(cfg, image, prefix, &index)); index++) {
         kernelLine = getLineByType(LT_MBMODULE, entry->lines);
         if (!kernelLine) continue;
 
-- 
1.7.1


Version-Release number of selected component (if applicable):

7.0.15-5.0.2

How reproducible:

see above

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 2 Alexander Todorov 2014-07-22 10:11:33 UTC 
I can reproduce with the latest trees. 


1) Install RHEL 6.5 with tboot, kernel and kernel-debug. grub.conf looks like

default=0
timeout=5
serial --unit=0 --speed=115200
terminal --timeout=5 serial console
title Red Hat Enterprise Linux (2.6.32-431.el6.x86_64)
	root (hd0,0)
	kernel /tboot.gz logging=vga,serial,memory
	module /vmlinuz-2.6.32-431.el6.x86_64 ro root=/dev/mapper/vg_rhevhx365001g6-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=ttyS0,115200 crashkernel=auto rd_LVM_LV=vg_rhevhx365001g6/lv_root rd_LVM_LV=vg_rhevhx365001g6/lv_swap SYSFONT=latarcyrheb-sun16  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM
	module /initramfs-2.6.32-431.el6.x86_64.img
title Red Hat Enterprise Linux-debug (2.6.32-431.el6.x86_64.debug)
	root (hd0,0)
	kernel /tboot.gz logging=vga,serial,memory
	module /vmlinuz-2.6.32-431.el6.x86_64.debug ro root=/dev/mapper/vg_rhevhx365001g6-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=ttyS0,115200 crashkernel=auto rd_LVM_LV=vg_rhevhx365001g6/lv_root rd_LVM_LV=vg_rhevhx365001g6/lv_swap SYSFONT=latarcyrheb-sun16  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM
	module /initramfs-2.6.32-431.el6.x86_64.debug.img



Then issue yum update to upgrade to the latest nightly build. grub.conf now looks like:


default=0
timeout=5
serial --unit=0 --speed=115200
terminal --timeout=5 serial console
title Red Hat Enterprise Linux Server (2.6.32-491.el6.x86_64.debug)
	root (hd0,0)
	kernel /tboot.gz logging=vga,serial,memory
	module /vmlinuz-2.6.32-491.el6.x86_64.debug ro root=/dev/mapper/vg_rhevhx365001g6-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=ttyS0,115200 crashkernel=auto rd_LVM_LV=vg_rhevhx365001g6/lv_root rd_LVM_LV=vg_rhevhx365001g6/lv_swap SYSFONT=latarcyrheb-sun16  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM
	module /initramfs-2.6.32-491.el6.x86_64.img
	module /initramfs-2.6.32-491.el6.x86_64.debug.img
title Red Hat Enterprise Linux Server (2.6.32-491.el6.x86_64)
	root (hd0,0)
	kernel /tboot.gz logging=vga,serial,memory
	module /vmlinuz-2.6.32-491.el6.x86_64 ro root=/dev/mapper/vg_rhevhx365001g6-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=ttyS0,115200 crashkernel=auto rd_LVM_LV=vg_rhevhx365001g6/lv_root rd_LVM_LV=vg_rhevhx365001g6/lv_swap SYSFONT=latarcyrheb-sun16  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM
title Red Hat Enterprise Linux (2.6.32-431.el6.x86_64)
	root (hd0,0)
	kernel /tboot.gz logging=vga,serial,memory
	module /vmlinuz-2.6.32-431.el6.x86_64 ro root=/dev/mapper/vg_rhevhx365001g6-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=ttyS0,115200 crashkernel=auto rd_LVM_LV=vg_rhevhx365001g6/lv_root rd_LVM_LV=vg_rhevhx365001g6/lv_swap SYSFONT=latarcyrheb-sun16  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM
	module /initramfs-2.6.32-431.el6.x86_64.img
title Red Hat Enterprise Linux-debug (2.6.32-431.el6.x86_64.debug)
	root (hd0,0)
	kernel /tboot.gz logging=vga,serial,memory
	module /vmlinuz-2.6.32-431.el6.x86_64.debug ro root=/dev/mapper/vg_rhevhx365001g6-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD console=ttyS0,115200 crashkernel=auto rd_LVM_LV=vg_rhevhx365001g6/lv_root rd_LVM_LV=vg_rhevhx365001g6/lv_swap SYSFONT=latarcyrheb-sun16  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM
	module /initramfs-2.6.32-431.el6.x86_64.debug.img




See how the first entry (the default) points to two initramfs images while the second entry has none defined. This causes the system to not boot after restart.
Comment 4 Jan Stodola 2014-08-26 11:55:31 UTC 
Retested with grubby-7.0.15-7.el6, grub.conf is modified correctly after updating kernel packages:

default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux Server (2.6.32-497.el6.x86_64.debug)
        root (hd0,0)
        kernel /tboot.gz logging=vga,serial,memory
        module /vmlinuz-2.6.32-497.el6.x86_64.debug ro root=/dev/mapper/VolGroup-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        module /initramfs-2.6.32-497.el6.x86_64.debug.img
title Red Hat Enterprise Linux Server (2.6.32-497.el6.x86_64)
        root (hd0,0)
        kernel /tboot.gz logging=vga,serial,memory
        module /vmlinuz-2.6.32-497.el6.x86_64 ro root=/dev/mapper/VolGroup-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        module /initramfs-2.6.32-497.el6.x86_64.img
title Red Hat Enterprise Linux-debug (2.6.32-431.el6.x86_64.debug)
        root (hd0,0)
        kernel /tboot.gz logging=vga,serial,memory
        module /vmlinuz-2.6.32-431.el6.x86_64.debug ro root=/dev/mapper/VolGroup-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        module /initramfs-2.6.32-431.el6.x86_64.debug.img
title Red Hat Enterprise Linux (2.6.32-431.el6.x86_64)
        root (hd0,0)
        kernel /tboot.gz logging=vga,serial,memory
        module /vmlinuz-2.6.32-431.el6.x86_64 ro root=/dev/mapper/VolGroup-lv_root intel_iommu=on amd_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        module /initramfs-2.6.32-431.el6.x86_64.img

Moving to VERIFIED.
Comment 5 errata-xmlrpc 2014-10-14 08:07:00 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1575.html
Note You need to log in before you can comment on or make changes to this bug.