[Bug 1923635] Re: ubuntu must support upgrading images with grub in removable path
Dimitri John Ledkov
1923635 at bugs.launchpad.net
Tue Apr 13 19:18:22 UTC 2021
When upgrading shim-signed, it will install new shim in
/boot/bootx64.efi and in /ubuntu/shimx64.efi, it will also install grub
with sbat section to /ubuntu/grubx64.efi.
If the machine was booting /boot/grubx64.efi before, it will fail, as
/boot/grubx64.efi will remain an old one without sbat section.
I am concerned about cloud images that were launched earlier than like
march 2020 and are applying upgrades, resulting in failure to boot.
I shall test this out, cause hopefully/maybe if boot/grubx64.efi fails
to verify, fallback is activated.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2 in Ubuntu.
https://bugs.launchpad.net/bugs/1923635
Title:
ubuntu must support upgrading images with grub in removable path
Status in grub2 package in Ubuntu:
New
Status in shim package in Ubuntu:
New
Status in shim-signed package in Ubuntu:
New
Bug description:
ubuntu must support upgrading images with grub in removable path
Currently whilst we install shim into removable path, we never upgrade
grubx64.efi in the removable path.
This leads to inconsistent behavior, where upgraded shim will boot
grubx64.efi from /boot/grubx64.efi which might lack sbat sections and
thus will not boot.
Either we need to support upgrade grubx64.efi in /boot/*.efi, or
remove it whenever we install new shim into /boot/bootx64.efi.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1923635/+subscriptions
More information about the foundations-bugs
mailing list