Want to understand why the num-config-parts is defaults to 2
12 views
Skip to first unread message
Venkat...@toshiba-tsip.com
Jul 27, 2022, 2:00:35 PM7/27/22
to efibootg...@googlegroups.com, jan.k...@siemens.com, dinesh...@toshiba-tsip.com, kazuhiro...@toshiba.co.jp
Hi,
My name is venkata and I am working with ISAR and CIP projects.
I am using efibootguard for secure boot verification in QEMU,
I have some questions on efibooguard compilation, please help me to understand,
When I am using single EFI partition in my system image (not observed that efibootguard is compiled with default 2 config-partitions), the efibootguard is failed to load the configuration and doesn’t boot.
After I recompile the efibootguard with "--with-num-config-parts=1" then it worked well.
I just wanted to understand the reason for setting the "num-config-parts" defaults to 2 [1], does it expects minimum of two efi partitions for some reason (swupdate?) that I should care about.
Also, do I need to compile efibootguard always when I use it for different partitions (2 for swupdate, 1 for single efi partition) or can I configure this on runtime?
[1] https://github.com/siemens/efibootguard/blob/master/configure.ac#L153
Thanks,
Venkata.
My name is venkata and I am working with ISAR and CIP projects.
I am using efibootguard for secure boot verification in QEMU,
I have some questions on efibooguard compilation, please help me to understand,
When I am using single EFI partition in my system image (not observed that efibootguard is compiled with default 2 config-partitions), the efibootguard is failed to load the configuration and doesn’t boot.
After I recompile the efibootguard with "--with-num-config-parts=1" then it worked well.
I just wanted to understand the reason for setting the "num-config-parts" defaults to 2 [1], does it expects minimum of two efi partitions for some reason (swupdate?) that I should care about.
Also, do I need to compile efibootguard always when I use it for different partitions (2 for swupdate, 1 for single efi partition) or can I configure this on runtime?
[1] https://github.com/siemens/efibootguard/blob/master/configure.ac#L153
Thanks,
Venkata.
Jan Kiszka
Jul 28, 2022, 4:51:58 AM7/28/22
to Venkat...@toshiba-tsip.com, efibootg...@googlegroups.com, dinesh...@toshiba-tsip.com, kazuhiro...@toshiba.co.jp
switching mechanism. Therefore, 2 config partitions is the most
reasonable default. You could have more partitions, but we didn't hit a
real use case for that yet. You may disable the switching feature and
only use EFI Boot Guard as watchdog driver, but that is a special case.
Therefore, 2 is default and will also be the setting in a pre-built
distro package.
Jan
--
Siemens AG, Technology
Competence Center Embedded Linux
Venkat...@toshiba-tsip.com
Jul 28, 2022, 9:02:28 AM7/28/22
to jan.k...@siemens.com, efibootg...@googlegroups.com, dinesh...@toshiba-tsip.com, kazuhiro...@toshiba.co.jp
Thanks for the explanation, I think there is an issue in v0.11,
when efibootugard is compiled with 2 config partitions and system has single efi partition then during boot it is failing to load the efi configuration,
here is the error during boot:
=====================================================
Loading configuration...
Config file found on volume 0.
1 config partitions detected.
Config filter:
Booting with environments from boot medium only.
WARNING: Too few config partitions: found: 1, but expected 2.
Config Revision: -1347440721:
ustate: 175
kernel: ?????????????????????????????????????????????????????????
[removed the junk characters]
timeout: 44975 seconds
WARNING: Config is partially corrupted. Please check.
=====================================================
this issue is not observed in v0.10, so checked the history and found that it is because of the below patch.
https://github.com/siemens/efibootguard/commit/77c44523eb6068ae1b4c80fb58e9d6cce58784b1
I fixed internally this problem and I will send the patch in another mail.
Thanks
Reply all
Reply to author
Forward
0 new messages