Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Loading ipxe.efi with a custom script
2016-12-01, 16:28
Post: #1
Loading ipxe.efi with a custom script
Hello,

our project (http://www.theforeman.org) provides functionality to generate bootdisk for individual hosts. These are either iPXE or SYSLINUX based without or with embedded linux kernel. The iPXE version does load the kernel/initramdisk directly via HTTP, users love this feature :-)

Now, we had no UEFI support, until now. I am able to implement SYSLINUX bootdisk type (we call it Full host image) with Grub2 and that was pretty simple. This should work even with SecureBoot.

I would like to add ipxe.efi into the image and be able to boot it, which is also doable either directly, or via chainbooting from Grub2. But the problem is, with SYSLINUX we've been able to provide the script via initramdisk:

Code:
default ipxe
label ipxe
kernel /ipxe
initrd /script

This worked fine, but I am unable to do the same with chainloading from Grub:

Code:
set default=0
set timeout=1
menuentry "Chainload iPXE - this does not work" {
  linuxefi /ipxe.efi
  initrdefi /script
}
menuentry "Chainload iPXE - this loads iPXE but no script" {
  search --no-floppy --set=root -f /ipxe.efi
  chainloader /ipxe.efi + 1
}

Is there a way to tell iPXE where the script is located?

If I want to boot iPXE directly, is there any way (e.g. hardcoded path like /EFI_SCRIPT) that would work out-of-box? What I want to avoid is building iPXE from scratch (with embedded script).

Thanks for help!
Find all posts by this user
Quote this message in a reply
2016-12-01, 23:38
Post: #2
RE: Loading ipxe.efi with a custom script
The efi version should probably take a script in the same way as legacy but might not be as easy. ipxe should also take cmdline parameters and run them as a script so something like ipxe.efi echo Im Alive should show that message and then exit, maybe not a so useful version, but then there is the file:// uri extension in ipxe.efi
so together you might be able to do something like ipxe.efi chain file://script.ipxe
Don't know if you need to initrd script.ipxe to have it loaded or not tho.
Find all posts by this user
Quote this message in a reply
2016-12-02, 10:54
Post: #3
RE: Loading ipxe.efi with a custom script
I suppose this all should work via linuxefi command, right? I tried this via chainloader and it does not seem to work.

I am getting "error: invalid magic number" when I attempt to boot it via linuxefi:

Code:
menuentry "Chainload iPXE B" {
  search --no-floppy --set=root -f /ipxe.efi
  linuxefi ($root)/ipxe.efi chain file:script
}

I am using latest http://boot.ipxe.org/ipxe.efi and also tried with build from recent Fedora.
Find all posts by this user
Quote this message in a reply
2016-12-02, 19:18
Post: #4
RE: Loading ipxe.efi with a custom script
just tested to start ipxe.efi and then running:
dhcp && chain http://boot.ipxe.org/ipxe.efi echo test
does not show test
so ipxe efi version does not take cmdline as of yet.

however an embeded script with something like
Code:
#!ipxe
prompt --key 0x02 --timeout 2000 Press Ctrl-B for the iPXE command line... && shell ||
chain file:boot.ipxe
Should probably work in your case, what is it that makes you not want to build ipxe yourself?
Find all posts by this user
Quote this message in a reply
2016-12-05, 13:30
Post: #5
RE: Loading ipxe.efi with a custom script
Yeah, this is indeed possible workaround. It's not as bad as compiling this everytime we generate an image.

Thanks, I am asking our colleagues at Red Hat how to handle that. https://bugzilla.redhat.com/show_bug.cgi?id=1401491
Find all posts by this user
Quote this message in a reply
2016-12-11, 02:17
Post: #6
RE: Loading ipxe.efi with a custom script
just sent a possible patch for efi cmdline to the mailinglist: http://lists.ipxe.org/pipermail/ipxe-dev...05306.html

And after that i looked on the redhat ticket and saw a similar implementation - the end result should be the same.

So does the chain file: approach work out?
And did the "error: invalid magic number" issue you mentioned on the mailing list get solved?
Find all posts by this user
Quote this message in a reply
2016-12-18, 02:07 (This post was last modified: 2016-12-18 03:05 by ndog.)
Post: #7
RE: Loading ipxe.efi with a custom script
I've recompiled latest ipxe.efi today and attempted to use with grub2 efi from pxe
Still getting "error: invalid magic number" when booting via linuxefi
Also gets stuck at iPXE initialising devices if booting via chainloader

It may work better with booting from HDD, but I haven't tested as of yet

menuentry "Chainload iPXE - error: invalid magic number" {
linuxefi /ipxe/ipxe.efi
initrdefi /ipxe/menu.ipxe
}

menuentry "Chainload iPXE - pxeboot stuck at iPXE initialising devices" {
chainloader /ipxe/ipxe.efi
}

Not to detract from OP but if compiled with DEBUG=device,pci
iPXE initialising devices...Adding 3c509 root bus
Adding EFI root bus
0000:00:19.0 (8086:1502) has driver "825791m"
0000:00:19.0 has mem d07000000 io 2080 irq 255
0000:00:19.0 latency timer is unreasonably low at 0. Setting to 32.
Find all posts by this user
Quote this message in a reply
2016-12-18, 10:12
Post: #8
RE: Loading ipxe.efi with a custom script
(2016-12-18 02:07)ndog Wrote:  I've recompiled latest ipxe.efi today and attempted to use with grub2 efi from pxe
Still getting "error: invalid magic number" when booting via linuxefi
Also gets stuck at iPXE initialising devices if booting via chainloader

It may work better with booting from HDD, but I haven't tested as of yet

Which version of ipxe is that? (git commit)

(2016-12-18 02:07)ndog Wrote:  menuentry "Chainload iPXE - error: invalid magic number" {
linuxefi /ipxe/ipxe.efi
initrdefi /ipxe/menu.ipxe
}
Don't know why you would get a error (from grub!) from that but ipxe does not support script file loading via initrd loaded script (yet)

(2016-12-18 02:07)ndog Wrote:  menuentry "Chainload iPXE - pxeboot stuck at iPXE initialising devices" {
chainloader /ipxe/ipxe.efi
}

Not to detract from OP but if compiled with DEBUG=device,pci
iPXE initialising devices...Adding 3c509 root bus
Adding EFI root bus
0000:00:19.0 (8086:1502) has driver "825791m"
0000:00:19.0 has mem d07000000 io 2080 irq 255
0000:00:19.0 latency timer is unreasonably low at 0. Setting to 32.

The debug output is normal so gives us nothing?
Does it work if you boot ipxe over the network without going via grub?
Find all posts by this user
Quote this message in a reply
2016-12-19, 08:58
Post: #9
RE: Loading ipxe.efi with a custom script
Hi NiKiZe
Thanks for your reply, ipxe efi works fine without going through grub. I think that magic number error has to do because grub efi is signed for secure boot. I will do further testing hopefully.
Find all posts by this user
Quote this message in a reply
2016-12-19, 19:13
Post: #10
RE: Loading ipxe.efi with a custom script
(2016-12-19 08:58)ndog Wrote:  I think that magic number error has to do because grub efi is signed for secure boot.

To make sense in a secure boot environment a signed grub should only be able to boot efi executables that is signed by a key that grub approves of. So in that case yes it makes sense that you get a error - but one can hope that it would generate a bit more informative error message.

which version(s) is it of ipxe in those 2 files? (git commit id)
Find all posts by this user
Quote this message in a reply
Post Reply 




User(s) browsing this thread: 1 Guest(s)