On Tue, Jun 23, 2015 at 10:07:36AM +0200, Laszlo Ersek wrote: > On 06/23/15 04:25, Gary Ching-Pang Lin wrote: > > On Mon, Jun 22, 2015 at 02:24:55PM -0400, Peter Jones wrote: > >> On Sat, Jun 20, 2015 at 03:01:17PM +0200, Ard Biesheuvel wrote: > >> > >>> I wonder what is going on here. My AArch64 boot tests work fine with > >>> these patches applied, but they don't use shim. (They do use GRUB as > >>> an intermediate loader calling LoadImage() to boot a signed kernel). > >>> > >>> Are there any plans or patches yet to move shim to a more recent > >>> OpenSSL version? It shouldn't be affecting things like this, but it > >>> would allow a quick check if someone has patches already. > >> > >> Yes, there's a plan to do so - Gary Lin has had a patch in progress and > >> was waiting for this patch to hit before sending it to me. I expect to > >> see it any time. (I would not be surprised if he's trying to debug an > >> analog to this exact same issue...) > >> > > I'm currently busy with other things so the update in shim may be delayed > > for a while. > > > >> That said, it's unclear to me how shim being on a prior openssl version > >> would cause the problem Laszlo is seeing - there's no cross-linkage of > >> any kind between the two openssl builds in memory. > >> > > shim and grub2 are using the openssl lib independent from the one in > > firmware, > > so it surprised me the openssl update patches broke the bootloaders. I just > > tested OVMF R17650 with openSUSE 13.2 and everything went well. The shim we > > use in openSUSE 13.2 is 0.7 + a series of patches (most of them are upstream > > patches). Hope this could narrow down the issue. > > Huh. R17650 is past the openssl-1.0.2c update. > > Can you please give me (or link for me) the install media for openSUSE > 13.2? I'd like to try it. > openSUSE 13.2 is available in: https://software.opensuse.org/132/
Maybe you could download the shim first and test it in a vfat dir (ex: -hda fat:hda-contents/)? Just put shim.efi and MokManager.efi in the same directory, and shim will load MokManager when there is no grub2. If it works, then put grub.efi in the same directory and see whether the grub console shows or not. It would be easier to identify the problem. The openSUSE shim is available in https://build.opensuse.org/package/binaries/openSUSE:13.2/shim?repository=standard Cheers, Gary Lin ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
