RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 903204 - don't boot from un-selected devices (add a boot option 'strict' to qemu)
Summary: don't boot from un-selected devices (add a boot option 'strict' to qemu)
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: qemu-kvm
Version: 6.4
Hardware: Unspecified
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Amos Kong
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On: 888633 1039446
Blocks: 888635
TreeView+ depends on / blocked
 
Reported: 2013-01-23 13:37 UTC by Amos Kong
Modified: 2015-05-25 00:07 UTC (History)
19 users (show)

Fixed In Version: qemu-kvm-0.12.1.2-2.362.el6
Doc Type: Bug Fix
Doc Text:
Clone Of: 888633
Environment:
Last Closed: 2013-11-21 06:31:18 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:1553 0 normal SHIPPED_LIVE Important: qemu-kvm security, bug fix, and enhancement update 2013-11-20 21:40:29 UTC

Description Amos Kong 2013-01-23 13:37:24 UTC 
seabios patch [1] was accepted by seabios upstream, I also posted patch [2] to qemu, it added a boot option to do strict boot.


[1] http://marc.info/?l=qemu-devel&m=135770863727593&w=3
[2] http://marc.info/?l=qemu-devel&m=135772076631275&w=3

+++ This bug was initially created as a clone of Bug #888633 +++

Description of problem:

As I said in https://bugzilla.redhat.com/show_bug.cgi?id=831273#c10

VMs after failure of network boot tries to boot from other devices even if the they are not selected, this problem also exists in seabios upstream.

Currently we would adjust the priority according boot_deivces parameter in seabios, the default priority is 9999. We can resolve this issue by ignoring boot dev if its priority is 9999.

Version-Release number of selected component (if applicable):
seabios-0.6.1.2-25.el6.x86_64

How reproducible:

Steps to Reproduce:
1. qemu-kvm -boot order=c rhel6.image.qcow2   (vm disk is non-bootable)
  
Actual results:
1. vm will try to boot from disk, and failed
2. vm also try to boot from un-selected network 

Expected results:
vm only try to boot from disk.

Additional info:
related bug: Bug 821331 - [RFE] KVM guest retry pxe booting even after failure

--- Additional comment from Amos Kong on 2012-12-19 02:31:05 EST ---

posted patch to seabios maillist
http://marc.info/?l=qemu-devel&m=135590174618120&w=3

--- Additional comment from Amos Kong on 2012-12-28 19:40:48 EST ---

V2 posted to upsteam:
http://www.seabios.org/pipermail/seabios/2012-December/005223.html
[SeaBIOS PATCH v2] boot: support strict boot and make it configurable
Comment 1 Amos Kong 2013-03-19 06:43:08 UTC 
http://lists.nongnu.org/archive/html/qemu-devel/2013-03/msg03142.html
[Qemu-devel] [PATCH v3] add a boot option to do strict boot
Comment 9 langfang 2013-07-01 09:07:53 UTC 
Reproduce this bug as follow version:
Host:
# uname -r 
2.6.32-393.el6.x86_64
# rpm -q qemu-kvm
qemu-kvm-0.12.1.2-2.356.el6.x86_64
# rpm -q seabios
seabios-0.6.1.2-28.el6.x86_64

Steps:
1.Boot guest 
 /usr/libexec/qemu-kvm -drive file=/home/test.qcow2,if=none,id=drive-ide0-0-0,format=raw,cache=none -device virtio-blk-pci,scsi=off,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 -vnc :0  -monitor stdio

Results:

Guest tried boot from Hard Disk-->tried to Floppy,CDROM,Netowork...-->show "No bootalbe device"

Verify this bug as follow version:
Host
# uname -r
2.6.32-393.el6.x86_64
# rpm -q qemu-kvm
qemu-kvm-0.12.1.2-2.377.el6.x86_64
# rpm -q seabios
seabios-0.6.1.2-28.el6.x86_64


Steps:
1.Boot guest with "-boot strict=on"
# /usr/libexec/qemu-kvm -drive file=/home/test.qcow2,if=none,id=drive-ide0-0-0,format=raw,cache=none -device virtio-blk-pci,scsi=off,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 -vnc :0  -monitor stdio -boot strict=on


Results:Guest only boot from hard disk

Addtional info:
1.Boot guest with hard disk(bootindex=1),CDROM(bootindex=2) and " -boot strict=on".Guest tried boot from Hard disk-->CDROM

2.Boot guest with hard disk(bootindex=2 ),network(bootindex=3),CDROM(bootindex=1)and "-boot strict=on" Guest tried boot from CDROM-->Hard disk-->network

3.Because fix is only for New interface (bootindex), so only test with "bootindex"parameter.
Comment 12 errata-xmlrpc 2013-11-21 06:31:18 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-1553.html
Note You need to log in before you can comment on or make changes to this bug.