I was able to reproduce this w/o any chainloading. Just booting a hirsute image in QEMU w/ SecureBoot enabled was enough. I verified that I'm still seeing this issue w/ the current hirsute cloud image:
BdsDxe: loading Boot0001 "UEFI Misc Device" from PciRoot(0x0)/Pci(0x1,0x2)/Pci(0x0,0x0) BdsDxe: starting Boot0001 "UEFI Misc Device" from PciRoot(0x0)/Pci(0x1,0x2)/Pci(0x0,0x0) error: can't find command `hwmatch'. EFI stub: UEFI Secure Boot is enabled. !!!! X64 Exception Type - 06(#UD - Invalid Opcode) CPU Apic ID - 00000000 !!!! RIP - 00000000000E0000, CS - 0000000000000038, RFLAGS - 0000000000210207 RAX - 000000007EFC5660, RCX - 000000007D18F898, RDX - 00000000000016D4 RBX - 000000007EFAFFB0, RSP - 000000007EFAFE98, RBP - 8000000000000001 RSI - 000000003DA5EC2D, RDI - 000000003FFFF1C4 R8 - 0000000000000028, R9 - 000000007E7AC267, R10 - 000000007EFAFF50 R11 - 0000000000000000, R12 - 0000000000000000, R13 - 000000007D18F898 R14 - 000000003DA58D0C, R15 - 000000007EFAFFA0 DS - 0000000000000030, ES - 0000000000000030, FS - 0000000000000030 GS - 0000000000000030, SS - 0000000000000030 CR0 - 0000000080010033, CR2 - 0000000000000000, CR3 - 000000007EC01000 CR4 - 0000000000000668, CR8 - 0000000000000000 DR0 - 0000000000000000, DR1 - 0000000000000000, DR2 - 0000000000000000 DR3 - 0000000000000000, DR6 - 00000000FFFF0FF0, DR7 - 0000000000000400 GDTR - 000000007E9EEA98 0000000000000047, LDTR - 0000000000000000 IDTR - 000000007E401018 0000000000000FFF, TR - 0000000000000000 FXSAVE_STATE - 000000007EFAFAF0 !!!! Can't find image information. !!!! I then mounted the image externally, updating only shim-signed: Unpacking shim-signed (1.48+15.4-0ubuntu5) over (1.47+15.4-0ubuntu2) ... Setting up shim-signed (1.48+15.4-0ubuntu5) .. After that, the image booted up fine. ** Description changed: [Impact] This is a regression in shim 15.4 that causes a crash in shim when chainbooting. Also, the machine resets when you exit grub, rather than going back to the EFI shell when launched from it. [Test plan] - TODO for the chainboot, something similar to - https://github.com/lxc/lxd/issues/8770 - - For grub exit, we can easily launch VM and then EFI shell and then load - shim from in there, type exit in grub and should be back to EFI shell. + Boot an Ubuntu hirsute image in Secure Boot mode. While this issue was + originally seen while chainbooting in + https://github.com/lxc/lxd/issues/8770 - it was shown to be also + reproducible just by booting a hirsute instance. [Where problems could occur] In exiting shim, failure to boot, etc. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1931136 Title: Don't unhook ExitBootServices() when EBS protection is disabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim/+bug/1931136/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs