Bug#1034208: Partman may reset user's choice for ESP partitions use

Sat, 15 Apr 2023 07:48:33 -0700 

Control: tags -1 patch

On 11/04/2023 at 08:53, I wrote:



as discussed in #debian-boot (you asked for it), I observed that partman 
resets the method set by the user on ESP partitions after setting LVM or 
RAID (and possibly encryption, I forgot to test).

(...)

This is caused by /lib/partman/init.d/50efi rewriting "efi" to $id/ 
method when being re-run after leaving LVM/RAID setup.



Suggested fix: do not rewrite $id/method if 
/var/lib/partman/uefi_check_done exists, either by moving the check 
before the device loop (my preferred) or by adding a check before 
writing the method.


Here are patches implementing the two versions of the above fix.


Note: in order to deal with a similar issue with swap devices, 
partman-basicfilesystems init.d/autouse_swap sets a per-device flag to 
only run the first time each device is encountered. I guess per-device 
flags were used instead of a single global flag because new swap devices 
may be discovered later in virtual devices (e.g. logical volumes), but 
per-device flags are not needed for ESPs because AFAIK ESPs can only be 
plain partitions on local disks and it is unlikely that new local disks 
are discovered later (unless the user attaches a removable drive).
From 4bb7694a6750a0fd56bd4399c2412bb5304b1bd6 Mon Sep 17 00:00:00 2001
From: Pascal Hambourg <pas...@plouf.fr.eu.org>
Date: Tue, 11 Apr 2023 14:35:44 +0200
Subject: [PATCH] init.d/efi: Only run checks and set method "efi" for ESPs
 once

Only set method "efi" for ESP partitions once, else user's
choice (e.g. "do not use") may be reset to "ESP" after
setting up LVM, RAID or encrypted volumes.
Also run the whole checks once, pointless otherwise.

Fixes: #1034208
---
 init.d/efi | 49 +++++++++++++++++++++++++------------------------
 1 file changed, 25 insertions(+), 24 deletions(-)

diff --git a/init.d/efi b/init.d/efi
index fa44a97..4f408c2 100755
--- a/init.d/efi
+++ b/init.d/efi
@@ -34,6 +34,11 @@ fi
 
 . /lib/partman/lib/base.sh
 
+if [ -f /var/lib/partman/uefi_check_done ]; then
+	log "Found flag file /var/lib/partman/uefi_check_done, not checking further"
+	exit 0
+fi
+
 gpt_efi_type=c12a7328-f81f-11d2-ba4b-00a0c93ec93b
 gpt_bios_boot_type=21686148-6449-6e6f-744e-656564454649
 msdos_efi_type=0xef
@@ -133,28 +138,24 @@ done
 
 log "Found $NUM_ESP ESP(s), $NUM_NOT_ESP BIOS-bootable disk(s) total"
 
-if [ -f /var/lib/partman/uefi_check_done ]; then
-	log "Found flag file /var/lib/partman/uefi_check_done, not checking further"
-else
-	if in_efi_mode && [ $NUM_ESP = 0 ] && [ $NUM_NOT_ESP -gt 0 ]; then
-		case $ARCH in
-			i386/*|amd64/*)
-				db_input critical partman-efi/non_efi_system || true
-				db_go || exit 1
-				db_fset partman-efi/non_efi_system seen true
-				db_get partman-efi/non_efi_system
-				if [ "$RET" = false ]; then
-					log "User chose to ignore UEFI"
-					touch /var/lib/partman/ignore_uefi
-				else
-					log "User chose to continue in UEFI mode"
-				fi
-				;;
-		esac
-	fi
-	# We've got this far at least once without triggering the
-	# check. Flag that so that any further changes we make in this
-	# d-i session can't trigger a false-positive here.
-	touch /var/lib/partman/uefi_check_done
-	log "UEFI check done, wrote flag file /var/lib/partman/uefi_check_done"
+if in_efi_mode && [ $NUM_ESP = 0 ] && [ $NUM_NOT_ESP -gt 0 ]; then
+	case $ARCH in
+		i386/*|amd64/*)
+			db_input critical partman-efi/non_efi_system || true
+			db_go || exit 1
+			db_fset partman-efi/non_efi_system seen true
+			db_get partman-efi/non_efi_system
+			if [ "$RET" = false ]; then
+				log "User chose to ignore UEFI"
+				touch /var/lib/partman/ignore_uefi
+			else
+				log "User chose to continue in UEFI mode"
+			fi
+			;;
+	esac
 fi
+# We've got this far at least once without triggering the
+# check. Flag that so that any further changes we make in this
+# d-i session can't trigger a false-positive here.
+touch /var/lib/partman/uefi_check_done
+log "UEFI check done, wrote flag file /var/lib/partman/uefi_check_done"
-- 
2.30.2


From 6109240a6b599a5f198fd1b1a3747e81ec306118 Mon Sep 17 00:00:00 2001
From: Pascal Hambourg <pas...@plouf.fr.eu.org>
Date: Tue, 11 Apr 2023 14:16:29 +0200
Subject: [PATCH] init.d/efi: Only set method "efi" on ESP partitions once

Else user's choice (e.g. "do not use") may be reset to "ESP"
after setting up LVM, RAID or encrypted volumes.

Fixes: #1034208
---
 init.d/efi | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/init.d/efi b/init.d/efi
index fa44a97..af3e7e8 100755
--- a/init.d/efi
+++ b/init.d/efi
@@ -110,8 +110,11 @@ for dev in /var/lib/partman/devices/*; do
 		if [ "$efi" = yes ]; then
 			# An ESP is clearly not for BIOS use!
 			log "$dev $id is an ESP"
-			mkdir -p $id
-			echo efi >$id/method
+			# set method only once, see #1034208
+			if [ -f /var/lib/partman/uefi_check_done ]; then
+				mkdir -p $id
+				echo efi >$id/method
+			fi
 			NUM_ESP=$(($NUM_ESP + 1))
 		else
 			# BIOS may well work with anything else
-- 
2.30.2























					Reply via email to