Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kola qemuexec fails on PXE with uefi-secure qemu-firmware #3804

Closed
travier opened this issue May 15, 2024 · 2 comments · Fixed by #3806
Closed

kola qemuexec fails on PXE with uefi-secure qemu-firmware #3804

travier opened this issue May 15, 2024 · 2 comments · Fixed by #3806

Comments

@travier
Copy link
Member

travier commented May 15, 2024
edited
Loading

Bug Report

We're trying to boot using PXE and Secure Boot enabled:

$ tree pxe
[drwxr-xr-x tim      tim       4.0K]  pxe
├── [-rw-r--r-- tim      tim          0]  disk.img
├── [lrwxrwxrwx tim      tim         31]  ldlinux.c32 -> /usr/share/syslinux/ldlinux.c32
├── [lrwxrwxrwx tim      tim         30]  pxelinux.0 -> /usr/share/syslinux/pxelinux.0
├── [drwxr-xr-x tim      tim         21]  pxelinux.cfg
│   └── [-rw-r--r-- tim      tim        278]  default
├── [-rw-r--r-- tim      tim        88M]  rhcos-4.14.0-x86_64-live-initramfs.x86_64.img
├── [-rw-r--r-- tim      tim        12M]  rhcos-4.14.0-x86_64-live-kernel-x86_64
└── [-rw-r--r-- tim      tim       994M]  rhcos-4.14.0-x86_64-live-rootfs.x86_64.img

$ cat pxe/pxelinux.cfg/default
DEFAULT pxeboot
TIMEOUT 20
PROMPT 0
LABEL pxeboot
    KERNEL rhcos-4.14.0-x86_64-live-kernel-x86_64
    APPEND initrd=rhcos-4.14.0-x86_64-live-initramfs.x86_64.img,rhcos-4.14.0-x86_64-live-rootfs.x86_64.img ignition.f0
IPAPPEND 2

$ cosa run -c --netboot pxe/pxelinux.0 -m 4096 --qemu-image disk.img --qemu-firmware uefi-secure

>>Start PXE over IPv4.
  Station IP address is 10.0.2.15

  Server IP address is 10.0.2.2
  NBP filename is /pxelinux.0
  NBP filesize is 42529 Bytes
 Downloading NBP file...

  NBP file downloaded successfully.
BdsDxe: failed to load Boot0001 "UEFI PXEv4 (MAC:525400123456)" from PciRoot(0x0)/Pci(0x2,0x0)/MAC(525400123456,0x1)/IPv4(0.0.0.0,0x0,DHCP,0.0.0.0,0.0.0.0,0.0.0.0): Not Found

>>Start PXE over IPv6.QEMU 8.2.2 monitor - type 'help' for more information
(qemu) 
  PXE-E16: No valid offer received.
BdsDxe: failed to load Boot0002 "UEFI PXEv6 (MAC:525400123456)" from PciRoot(0x0)/Pci(0x2,0x0)/MAC(525400123456,0x1)/IPv6(0000:0000:0000:0000:0000:0000:0000:0000,0x0,Static,0000:0000:0000:0000:0000:0000:0000:0000,0x40,0000:0000:0000:0000:d

>>Start HTTP Boot over IPv4.....
  Error: Could not retrieve NBP file size from HTTP server.

  Error: Server response timeout.
BdsDxe: failed to load Boot0003 "UEFI HTTPv4 (MAC:525400123456)" from PciRoot(0x0)/Pci(0x2,0x0)/MAC(525400123456,0x1)/IPv4(0.0.0.0,0x0,DHCP,0.0.0.0,0.0.0.0,0.0.0.0)/Uri(): Not Found

>>Start HTTP Boot over IPv6.

And it looks like something is missing in the PXE setup in COSA.

Environment

What operating system is being used to run coreos-assembler?

Fedora Kinoite 40

What operating system is being assembled?

RHCOS

Is coreos-assembler running in Podman or Docker?

podman

If Podman, is coreos-assembler running privileged or unprivileged?

Default alias

Expected Behavior

Actual Behavior

Reproduction Steps

  1. Follow the steps from https://coreos.github.io/coreos-assembler/cosa/run/#pxelinux
  2. Add --qemu-image disk.img --qemu-firmware uefi-secure to cosa run ... command

Other Information

For: https://issues.redhat.com/browse/OCPBUGS-33225
@HuijingHei
Copy link
Member

HuijingHei commented May 15, 2024
edited
Loading

Tried to add grub.cfg and shimx64.efi to pxelinux, failed with error coreos-livepxe-rootfs[797]: Only HTTP, HTTPS, and TFTP are supported. Please fix your PXE configuration., aslo can see EFI stub: UEFI Secure Boot is enabled.

$ cosa run -c --netboot pxelinux/shimx64.efi -m 4096 --qemu-firmware uefi-secure --qemu-image test.qcow2
  Booting `CoreOS (BIOS/UEFI)'

Loading kernel
Loading initrd
EFI stub: UEFI Secure Boot is enabled.
...
May 15 11:03:33 systemd[1]: Starting Acquire Live PXE rootfs Image...
May 15 11:03:33 coreos-livepxe-rootfs[797]: Fetching rootfs image from /rhcos-4.14.15-x86_64-live-rootfs.x86_64.img...
May 15 11:03:33 coreos-livepxe-rootfs[797]: Unsupported scheme for image specified by:
May 15 11:03:33 coreos-livepxe-rootfs[797]: coreos.live.rootfs_url=/rhcos-4.14.15-x86_64-live-rootfs.x86_64.img
May 15 11:03:33 coreos-livepxe-rootfs[797]: Only HTTP, HTTPS, and TFTP are supported. Please fix your PXE configuration.
May 15 11:03:33 systemd[1]: coreos-livepxe-rootfs.service: Main process exited, code=exited, status=1/FAILURE
May 15 11:03:33 systemd[1]: coreos-livepxe-rootfs.service: Failed with result 'exit-code'.
May 15 11:03:33 systemd[1]: Failed to start Acquire Live PXE rootfs Image.
May 15 11:03:33 systemd[1]: coreos-livepxe-rootfs.service: Triggering OnFailure= dependencies.

$ cat pxelinux/grub.cfg
default=0
timeout=1
menuentry "CoreOS (BIOS/UEFI)" {
        echo "Loading kernel"
        linux /rhcos-4.14.15-x86_64-live-kernel-x86_64 coreos.live.rootfs_url=/rhcos-4.14.15-x86_64-live-rootfs.x86_64.img ignition.firstboot ignition.platform.id=metal console=ttyS0
        echo "Loading initrd"
        initrd rhcos-4.14.15-x86_64-live-initramfs.x86_64.img
}

@travier
Copy link
Member Author

travier commented May 16, 2024

I'll make docs PR.

travier added a commit to travier/coreos-assembler that referenced this issue May 16, 2024
@travier
docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
b1cc7be 
Fixes: coreos#3804
@travier travier mentioned this issue May 16, 2024
Merged
travier added a commit to travier/coreos-assembler that referenced this issue May 16, 2024
@travier
docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
2bf428c 
Fixes: coreos#3804
travier added a commit to travier/coreos-assembler that referenced this issue May 16, 2024
@travier
docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
5de93ac 
Fixes: coreos#3804
travier added a commit to travier/coreos-assembler that referenced this issue May 16, 2024
@travier
docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
f2afb02 
Fixes: coreos#3804
travier added a commit to travier/coreos-assembler that referenced this issue May 16, 2024
@travier
docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
c242445 
Fixes: coreos#3804
travier added a commit to travier/coreos-assembler that referenced this issue May 22, 2024
@travier
docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
38b025e 
Fixes: coreos#3804
travier added a commit to travier/coreos-assembler that referenced this issue May 22, 2024
@travier
docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
0b53c4e 
Fixes: coreos#3804
travier added a commit that referenced this issue May 22, 2024
@travier
docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example
cfb6d37 
Fixes: #3804
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

docs/cosa/run: Add PXE with Shim and UEFI Secure Boot example travier/coreos-assembler
2 participants
@HuijingHei @travier