On Mon, 2024-12-02 at 10:52 +0100, 'Jan Kiszka' via EFI Boot Guard wrote: > On 27.11.24 21:20, Maxime Roussin-Bélanger wrote: > > Hello, > > > > When *efibootguard* encounters the same label on multiple volumes, > > it > > might select the wrong volume to boot from. > > > > To reproduce this issue, consider a device with two *efibootguard- > > boot* > > partition labels, |BOOT0| and |BOOT1|. Additionally, a USB stick > > with a > > live image has the same *efibootguard-boot* labels. When we attempt > > to > > boot from the USB stick via the BIOS, *efibootguard* will load the > > EFI > > configuration from the USB stick but might boot from another volume > > with > > a matching label. The behavior appears somewhat random. > > > > The function |FileDevicePathFromConfig| does not seem to verify > > whether > > the selected device actually owns the volume; it simply matches the > > label and proceeds to boot from that volume. > > > > Is this a user configuration error, or does it indicate a bug in > > *efibootguard*? > > Well, it is an unexpected behavior of EBG, for sure, specifically > because it already prioritizes configs from the boot medium. We may > have > to sort not only the config_volumes in filter_cfg_parts but rather > the > actual entries in volumes itself. That should give labels on the boot > medium precedence.
Hi, IMHO this is a bug. We had the same one in the userspace parts, which I fixed in [1]. > > OTOH, it is a user mistake for provide a second medium with identical > labeling. Actually, why do you use EBG on that live stick at all? I don't think so. It is not a super-rare use-case to have multiple EBG devices on a single system (back then it was in an MTDA test environment where the DUT partitions are user-controlled and broke EBG of the MTDA device). [1]https://github.com/siemens/efibootguard/commit/ffbd35f76b7ae587211f999a8cbf4514b0ac4ed2 Best regards, Felix > Will > that stick be updated like a disk? > > Jan > > -- > Siemens AG, Technology > Linux Expert Center > -- Siemens AG, Technology Linux Expert Center -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to efibootguard-dev+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/efibootguard-dev/033a43092fdbc73268c8fbd2efd4c94ceba155e8.camel%40siemens.com.
