Ubuntu
efibootmgr package

UEFI BootOrder is not empty after I removed the last boot entry.

Bug #1460521 reported by Shih-Yuan Lee
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
HWE Next
Fix Released
High
Ivan Hu
efibootmgr (Ubuntu)
Fix Released
Undecided
Unassigned
Trusty
Fix Released
Undecided
Mathieu Trudel-Lapierre

Bug Description

[Impact]
Trusty users who attempt to reorganize EFI boot entries aggressively (deleting everything and creating a new Ubuntu entry, or deleting everything and leaving the installer create a new entry) may run into issues when a new BootOrder entry is created with an empty list: they will find a duplicate entry for the one added.

Upon the last deletion, users may also find that the command reports failure when the BootOrder entry was deleted successfully.

[Test case]
- Run the provided test_efi.sh on a system booted in EFI mode (that has EFI support). This test is destructive, only run it on a system if you know what you are doing and are able to recreate the appropriate Boot entries for starting the system.

This is runnable also on qemu, provided one uses the UEFI OVMF BIOS:
0) sudo apt install ovmf
1) qemu-img create -f qcow2 disks/efi-testdisk1.qcow2 32g
2) qemu-system-x86_64 -name efi-test-x86_64 -enable-kvm -monitor stdio -serial pty -boot menu=on -m 1024 -m 1024 -bios /usr/share/qemu/OVMF.fd -net user -net nic -drive file=trusty-desktop-amd64.iso,media=cdrom -drive file=disks/efi-testdisk1.qcow2

[Regression Potential]
A failure case following the application of this fix may be that BootOrder entries remain after deletion of a Boot entry when it should have been removed from the list. BIOSes should successfully recover from this if there are other valid BootOrder entries to boot from, but may fail to do so.

----

There is no such issue in Ubuntu 14.10 or 15.04.

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.2 LTS
Release: 14.04
Codename: trusty

$ dpkg-query -W efibootmgr
efibootmgr 0.5.4-7ubuntu1.1

$ sudo efibootmgr -v || echo "*failed*"
BootCurrent: 0000
Timeout: 0 seconds
BootOrder: 0000
Boot0000* ubuntu HD(1,800,100000,b8d7d8e9-4ac4-46cc-8bd0-8d90d6df1df4)File(\EFI\ubuntu\shimx64.efi)

$ sudo efibootmgr -v -B -b 0 || echo "*failed*"
*failed*

$ sudo efibootmgr -v || echo "*failed*"
BootCurrent: 0000
Timeout: 0 seconds
BootOrder: 0000

$ sudo efibootmgr -v -c -L ubuntu -l \\EFI\\ubuntu\\shimx64.efi || echo "*failed*"
BootCurrent: 0000
Timeout: 0 seconds
BootOrder: 0000,0000
Boot0000* ubuntu HD(1,800,100000,b8d7d8e9-4ac4-46cc-8bd0-8d90d6df1df4)File(\EFI\ubuntu\shimx64.efi)

You can see BootOrder having the duplicate 0000.

See original description
Revision history for this message
Shih-Yuan Lee (fourdollars) wrote :

Please run this script for this issue.
It should be no "*failed*" and no duplicate number in BootOrder.

== Expected Result ==
BootCurrent: 0000
Timeout: 0 seconds
BootOrder: 0000
Boot0000* ubuntu HD(1,800,100000,b8d7d8e9-4ac4-46cc-8bd0-8d90d6df1df4)File(\EFI\ubuntu\shimx64.efi)

== Actual Result ==
*failed*
*failed*
BootCurrent: 0000
Timeout: 0 seconds
BootOrder: 0000,0000,0000
Boot0000* ubuntu HD(1,800,100000,b8d7d8e9-4ac4-46cc-8bd0-8d90d6df1df4)File(\EFI\ubuntu\shimx64.efi)

Steve Langasek (vorlon)
Changed in efibootmgr (Ubuntu):
status: New → Fix Released
Steve Langasek (vorlon)
Changed in efibootmgr (Ubuntu Trusty):
status: New → Triaged
assignee: nobody → Mathieu Trudel-Lapierre (mathieu-tl)
Keng-Yu Lin (lexical)
Changed in hwe-next:
assignee: nobody → Ivan Hu (ivan.hu)
importance: Undecided → High
Ivan Hu (ivan.hu)
Changed in hwe-next:
status: New → Triaged
Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

It seems like given that this is reportedly fixed in 14.10; there's got to be a commit which fixes this upstream. I'd rather use that (since it's been reviewed, tested, and approved by upstream) than include other code, even if it does look fine.

I think the relevant git commit is https://github.com/rhinstaller/efibootmgr/commit/301c0628f7fa7333791d2b5d79eb8e02fc848ee7. I'll prepare an updated package for you to test.

Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

Looks like efibootmgr would need further commits to land before 301c0628. I'm not especially comfortable with backporting an update to use libefivar as well. In that light, looks like the BootOrder change is a better idea.

Shih-Yuan, have you tested the fix you're proposing? My main concern is that although having an empty BootOrder is good when there are no devices to boot from, if you reboot the system like this it might trigger the firmware to do recovery steps, and revert changes made. It would be better to just ensure that the deduplication code is correct.

Revision history for this message
Shih-Yuan Lee (fourdollars) wrote :

In fact, I have tried https://github.com/rhinstaller/efibootmgr/commit/301c0628f7fa7333791d2b5d79eb8e02fc848ee7 and it doesn't work for this issue.
I think my fix is the right way to fix this problem so I also made a pull request at https://github.com/rhinstaller/efibootmgr/pull/32 about this.
I have used this patch for some Ubuntu OEM projects and it does work well.

BTW, efibootmgr code base is very different between Ubuntu 14.04, 14.10 and 15.04.
Although Ubuntu 14.10 and 15.04 don't have the duplicate issue, but it still has other issue by the same script in comment #1.
We just didn't see any side effect from that issue yet.

Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

No, that commit wouldn't work by itself.

However, since your merge proposal has been reviewed now, so it's totally appropriate to sponsor: I'll upload to wily and prepare the Trusty SRU.

Mathieu Trudel-Lapierre (cyphermox)
description: updated
Revision history for this message
Mathieu Trudel-Lapierre (cyphermox) wrote :

No need to land this in Wily, it's already in 0.12-3.

Mathieu Trudel-Lapierre (cyphermox)
Changed in efibootmgr (Ubuntu Trusty):
status: Triaged → In Progress
Revision history for this message
Steve Langasek (vorlon) wrote : Please test proposed package

Hello Shih-Yuan, or anyone else affected,

Accepted efibootmgr into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/efibootmgr/0.5.4-7ubuntu1.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in efibootmgr (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed
Revision history for this message
Shih-Yuan Lee (fourdollars) wrote :

I have tested efibootmgr 0.5.4-7ubuntu1.2 and it does fix this issue.

tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package efibootmgr - 0.5.4-7ubuntu1.2

---------------
efibootmgr (0.5.4-7ubuntu1.2) trusty-proposed; urgency=medium

  * Delete BootOrder when necessary. (LP: #1460521)

 -- Shih-Yuan Lee (FourDollars) <email address hidden> Mon, 01 Jun 2015 13:58:37 +0800

Changed in efibootmgr (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Scott Kitterman (kitterman) wrote : Update Released

The verification of the Stable Release Update for efibootmgr has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Ivan Hu (ivan.hu)
Changed in hwe-next:
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.