Bug 1862851 - Unable to boot vm on vsphere with rhcos-46.82.202007212240-0 where secure boot is enabled
Summary: Unable to boot vm on vsphere with rhcos-46.82.202007212240-0 where secure boo...
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: RHCOS
Version: 4.6
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.6.0
Assignee: Micah Abbott
QA Contact: Michael Nguyen
Depends On:
TreeView+ depends on / blocked
Reported: 2020-08-03 03:24 UTC by jima
Modified: 2020-10-27 16:22 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2020-10-27 16:22:03 UTC
Target Upstream Version:

Attachments (Terms of Use)
screenshot of error when booting vm (34.75 KB, image/png)
2020-08-03 03:24 UTC, jima
no flags Details
new error (323.50 KB, image/png)
2020-09-10 09:33 UTC, jima
no flags Details

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2020:4196 0 None None None 2020-10-27 16:22:22 UTC

Description jima 2020-08-03 03:24:25 UTC
Created attachment 1703221 [details]
screenshot of error when booting vm

Description of problem:
Install ocp4.6 with template rhcos-46.82.202007212240-0 on vsphere, where secure boot is enabled.
VM could not be booted, and error from console is shown that vmlinuz-4.18.0-211.el8.x86_64 has invalid signature. 
Please find captured screenshot from console in attachment.

Version-Release number of selected component (if applicable):

How reproducible:
Always after enabling secure boot on vsphere

Steps to Reproduce:
1. Install ocp4.6 with template rhcos-46.82.202007212240-0

Actual results:
VM could not boot up

Expected results:
VM can be started successfully

Additional info:

Comment 1 Colin Walters 2020-08-03 13:05:56 UTC

*** This bug has been marked as a duplicate of bug 1857238 ***

Comment 2 Colin Walters 2020-08-03 13:06:46 UTC
Oops sorry that one was closed, let's keep this one then as a tracker.

Comment 4 Micah Abbott 2020-09-09 20:16:15 UTC
A new kernel (4.18.0-193.19.1.el8_2) was finally included in RHCOS 46.82.202009091306-0.  This should allow UEFI Secure Boot to succeed.

Comment 7 jima 2020-09-10 09:32:25 UTC
I verified the bug with rhcos-46.82.202009091306-0 on vsphere, not hit the secure boot issue, but got new issue.
Please see attached screenshot of vm console ouptut.

Comment 8 jima 2020-09-10 09:33:10 UTC
Created attachment 1714399 [details]
new error

Comment 9 Micah Abbott 2020-09-10 20:31:23 UTC
@jima Yeah, that's a separate issue for sure.  Could you please mark this issue as VERIFIED and open a separate issue for the new error?

Comment 10 Colin Walters 2020-09-10 20:41:44 UTC
I filed https://github.com/lucab/vmw_backdoor-rs/issues/6

Comment 11 jima 2020-09-11 02:49:33 UTC
@Micah & @Colin, I filed Bug 1877995 to track the new issue, and set this to VERIFIED.

Comment 13 errata-xmlrpc 2020-10-27 16:22:03 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.