Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
UEFI + FastBoot + SecureBoot + XEN + MDRAID
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
GreshniK
n00b
n00b


Joined: 22 Nov 2013
Posts: 3
Location: Ukraine

PostPosted: Thu May 15, 2014 10:42 am    Post subject: UEFI + FastBoot + SecureBoot + XEN + MDRAID Reply with quote

Hello Gentooers!

I have an ASRock H87 Pro4 mobo.
I'm trying to achieve booting in UEFI mode using native XEN.efi microkernel with FastBoot and SecureBoot enabled.
I have done my own SecureBoot keys injection into firmware, signed a kernel and all modules. Direct kernel UEFI boot working like a charm.

Problems begin whenever I'm trying to start dom0 using xen.efi
Xen version: app-emulation/xen-4.3.1-r5 USE="efi -custom-cflags -debug -flask -xsm"

There are two problems:
1. SecureBoot problem: I'm unable to sign xen-4.3.1.efi microkernel using sbsigntool (app-crypt/sbsigntool-0.6-r1)

Code:
gentoo ~ # sbsign --key /etc/ssl/private/db.key --cert /etc/ssl/private/db.crt --output xen-4.3.1.efi-signed xen-4.3.1.efi
warning: gap in section table:
    (null)  : 0xffff809882c50821 - 0xffff809882c50821,
    .reloc  : 0x001b43e0 - 0x001b5260,
gaps in the section table may result in different checksums
warning: data remaining[1790560 vs 2020472]: gaps between PE/COFF sections?
sbsign: malloc.c:2369: sysmalloc: Assertion `(old_top == (((mbinptr) (((char *) &((av)->bins[((1) - 1) * 2])) - __builtin_offsetof (struct malloc_chunk, fd)))) && old_size == 0) || ((unsigned long) (old_size) >= (unsigned long)((((__builtin_offsetof (struct malloc_chunk, fd_nextsize))+((2 * (sizeof(size_t))) - 1)) & ~((2 * (sizeof(size_t))) - 1))) && ((old_top)->size & 0x1) && ((unsigned long)old_end & pagemask) == 0)' failed.
Aborted


I have temporary overcome this issue by enrolling efi hash using HashTool.

2. EfiVars problem: It seems that xen.efi does not expose efi variables interface to the dom0 kernel.
I'm bootinf from an IMSM firmware RAID5 using mdraid (sys-fs/mdadm-3.2.6-r1).

But in FastBoot mode, with CSM disabled RAID works using efivars only. Because efi vars aren't passed to dom0 I'm stuck in initramfs and unable to assemble RAID array.
If I will enable Legacy OpROM in CSM, MDRAID assembly goes just fine, but then I'm unable to use FastBoot option.

When I'm trying to modprobe efivars in FastBoot mode, it gives me:
Code:
initramfs /# modprobe efivars
modprobe: ERROR: Could not insert 'efivars' module: No such device

Any advices are greatly appreciated!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum