Unable to load shimx64.efi using iPXE over UEFI
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Invalid
|
Undecided
|
Unassigned | ||
grub2 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
ipxe (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
shim (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
[Impact]
libvirt supports creating virtual machines running in UEFI mode and uses iPXE to enable network booting. When MAAS gives shimx64.efi, as it does on all UEFI systems, to iPXE it chainloads grub but fails to the grub prompt. If I modify MAAS to give grubx64.efi instead of shimx64.efi UEFI booting works.
Ideally iPXE would be modified to properly chainload the shim however MAAS could also check the user-agent when returning the boot file as follows.
if option arch = 00:00 {
# pxe
filename "lpxelinux.0";
} elsif option arch = 00:07 and exists user-class and option user-class = "iPXE" {
# iPXE uefi_amd64
filename "grubx64.efi";
} elsif option arch = 00:07 {
# uefi_amd64
filename "bootx64.efi";
} elsif option arch = 00:09 and exists user-class and option user-class = "iPXE" {
# iPXE uefi_amd64
filename "grubx64.efi";
} elsif option arch = 00:09 {
# uefi_amd64
filename "bootx64.efi";
} elsif option arch = 00:0B {
# uefi_arm64
filename "grubaa64.efi";
} elsif option arch = 00:0C {
# open-firmware_
filename "bootppc64.bin";
} elsif option arch = 00:0E {
# powernv
filename "pxelinux.0";
option path-prefix "ppc64el/";
} elsif option arch = 00:1F {
# s390x
filename "boots390x.bin";
option path-prefix "s390x/";
} else {
# pxe
filename "lpxelinux.0";
}
[Test case]
Minimal test case:
Run the following command and ensure it boots (assuming a EFI system with shim and grub):
sudo kvm -bios /usr/share/
Optimally, also do the MAAS thing.
[Regression potential]
I switched the ipxe-qemu packages to build in qemu mode, which makes things use OVMF's internal network stack (so things might work differently with some bootloaders or something when netbooting).
It might do other stuff, too, I don't really know. That said, the configuration is specifically for qemu, and used by other distributions, so this aligns us more closely with them, reducing chances of breaking stuff.
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in maas: | |
milestone: | none → 2.5.0beta1 |
tags: | added: id-5b85855515a6063ed300711d |
Changed in maas: | |
milestone: | 2.5.0beta1 → 2.5.0beta2 |
Changed in ipxe (Ubuntu Bionic): | |
status: | New → In Progress |
description: | updated |
Changed in maas: | |
status: | Triaged → Invalid |
Changed in maas: | |
milestone: | 2.5.0beta2 → 2.5.0rc1 |
Changed in maas: | |
milestone: | 2.5.0rc1 → 2.5.x |
Changed in maas: | |
milestone: | 2.5.x → none |
I don't understand what iPXE has to do with anything here. If you are running a virtual machine in UEFI mode, you have a full UEFI firmware implementation which directly supports dhcp netboot without any involvement of iPXE. And I am unaware of any issues with netbooting ovmf to shim->grub- >grub.efi.