Bug#1072962: efibootguard kernel stub fails to boot
Hi again, On Tue, 2024-06-11 at 09:17 +0100, Christopher Obbard wrote: > Hi Jan, > > On Tue, 2024-06-11 at 07:10 +0200, Jan Kiszka wrote: > > Chris, you could check if already the vanilla stub fails to run as EFI > > binary. It should at least print "Unified kernel stub (EFI Boot Guard > > v0.17)" and "Missing .kernel section" when there is no kernel linked to > > it. This is to rule out potential problems of the bg_gen_unified_kernel > > script. > > Launching the kernel stub binary directly in qemu (v8.2.4) using the command > in my original message, the stub seems to attempt to print something to the > EFI console, but it ends up showing as many characters of whitespace and > simply quitting after 5s. > > I guess this shows the bg_gen_unified_kernel script is OK and the issue > falls > in the stub? > > For the record, the efibootguard binary itself seems to work just fine. I also built efibootguard v0.13 (e.g the version which works in bookworm) in my local debian unstable environment. The built kernel stub fails in the same way I reported. So I believe this narrows things down to the cross-compiler, some library or something else in the environment. Thanks!
Bug#1072962: efibootguard kernel stub fails to boot
Hi, i build it isar-cip-core on bookworm as build enviroment and efibootguard boots. will test it on trixie. Best regards Quirin On 6/11/24 10:17 AM, Christopher Obbard wrote: Hi Jan, On Tue, 2024-06-11 at 07:10 +0200, Jan Kiszka wrote: Chris, you could check if already the vanilla stub fails to run as EFI binary. It should at least print "Unified kernel stub (EFI Boot Guard v0.17)" and "Missing .kernel section" when there is no kernel linked to it. This is to rule out potential problems of the bg_gen_unified_kernel script. Launching the kernel stub binary directly in qemu (v8.2.4) using the command in my original message, the stub seems to attempt to print something to the EFI console, but it ends up showing as many characters of whitespace and simply quitting after 5s. I guess this shows the bg_gen_unified_kernel script is OK and the issue falls in the stub? For the record, the efibootguard binary itself seems to work just fine. Thanks Chris
Bug#1072962: efibootguard kernel stub fails to boot
Hi Jan, On Tue, 2024-06-11 at 07:10 +0200, Jan Kiszka wrote: > Chris, you could check if already the vanilla stub fails to run as EFI > binary. It should at least print "Unified kernel stub (EFI Boot Guard > v0.17)" and "Missing .kernel section" when there is no kernel linked to > it. This is to rule out potential problems of the bg_gen_unified_kernel > script. Launching the kernel stub binary directly in qemu (v8.2.4) using the command in my original message, the stub seems to attempt to print something to the EFI console, but it ends up showing as many characters of whitespace and simply quitting after 5s. I guess this shows the bg_gen_unified_kernel script is OK and the issue falls in the stub? For the record, the efibootguard binary itself seems to work just fine. Thanks Chris
Bug#1072962: efibootguard kernel stub fails to boot
Quirin, I don't you have a local version working using the isar-cip-core integration? Chris, you could check if already the vanilla stub fails to run as EFI binary. It should at least print "Unified kernel stub (EFI Boot Guard v0.17)" and "Missing .kernel section" when there is no kernel linked to it. This is to rule out potential problems of the bg_gen_unified_kernel script. Jan
Bug#1072962: efibootguard kernel stub fails to boot
Package: efibootguard Version: 0.17-2 Severity: important X-Debbugs-Cc: chris.obb...@collabora.com, efibootguard-...@googlegroups.com Dear Maintainer, efibootguard kernel-stub 0.17 from unstable fails to boot. kernel stub version 0.13 built in debian stable works fine. Minimal reproduction case (on amd64, using Distro kernel, but a mainline kernel built with CONFIG_EFI_STUB also fails): $ bg_gen_unified_kernel \ /usr/lib/x86_64-linux-gnu/efibootguard/kernel-stubx64.efi \ /boot/vmlinuz-6.8.12-amd64 \ linux.efi $ qemu-system-x86_64 \ -bios /usr/share/ovmf/OVMF.fd \ -m 2048M \ -drive format=raw,file=fat:rw:$(pwd) .. wait for the system to boot to an EFI shell & attempt to run linux.efi from the cwd. For the non-working case, there is no shell output at all, even the version print from the Kernel stub. Perhaps this is some kind of toolchain/library issue? I am getting similar issues when building the kernel stub from source manually using a toolchain built by buildroot. If you have any hints on what to try next, it'd be helpful. I was going to try to build 0.17 in a Debian stable container, as a next step, to attempt to see if it is a toolchain/gnu-efi library issue. Thanks, Chris -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.8.12-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages efibootguard depends on: ii libc62.38-12.1 ii python3 3.11.8-1 efibootguard recommends no packages. efibootguard suggests no packages. -- no debconf information
