Date: Thu, 27 Aug 2015 03:44:28 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 202687] UEFI boot doesn't work on VMware virtual machines due to device path is broken Message-ID: <bug-202687-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202687 Bug ID: 202687 Summary: UEFI boot doesn't work on VMware virtual machines due to device path is broken Product: Base System Version: 10.2-RELEASE Hardware: amd64 OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: qiz@vmware.com Created attachment 160393 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=160393&action=edit Screenshot of the UEFI boot I downloaded FreeBSD-10.2-RELEASE-amd64-uefi-dvd1.iso and installed it on a virtual machine (on vSphere/Fusion/Workstation). After booting the VM, it hang at: Hit [Enter] to boot immediately, or any other key for command prompt. Booting [/boot/kernel/kernel]... Start @ 0xffffffff802dfc70 ... (refer to the attachment) This issue was also found in FreeBSD 10.1 release. Based on our developer's investigation with FreeBSD 10.1 release, it was found that the bootloader corrupted one of our device path, which looked like this: Before passing control to the bootloader, there's a handle which has a Device Path that looks like this: 0xcce4618: 0x02 0x01 0x0c 0x00 0xd0 0x41 0x03 0x0a 0xcce4620: 0x00 0x00 0x00 0x00 0x01 0x01 0x06 0x00 0xcce4628: 0x01 0x07 0x03 0x01 0x08 0x00 0x01 0x00 0xcce4630: 0x00 0x00 0x04 0x02 0x18 0x00 0x00 0x00 0xcce4638: 0x00 0x00 0x14 0x00 0x00 0x00 0x00 0x00 0xcce4640: 0x00 0x00 0x04 0x00 0x00 0x00 0x00 0x00 0xcce4648: 0x00 0x00 0x7f 0xff 0x04 0x00 0xaf 0xaf ^^^^^^^^^ ^^^^^^^^^ end dev path length=4 That's the device path for the El Torito partition on the ATAPI CD drive. Very shortly afterwards, the Device Path is truncated in a way that is not valid: 0xcce4618: 0x02 0x01 0x0c 0x00 0xd0 0x41 0x03 0x0a 0xcce4620: 0x00 0x00 0x00 0x00 0x01 0x01 0x06 0x00 0xcce4628: 0x01 0x07 0x03 0x01 0x08 0x00 0x01 0x00 0xcce4630: 0x00 0x00 0x7f 0xff 0x18 0x00 0x00 0x00 ^^^^^^^^^ ^^^^^^^^^ end dev path length=0x18 After digging through the bootloader source code, it's found that the bootloader is broken while introducing one of the most awesomely deadpan uses of an expletive in error-handling code: https://svnweb.freebsd.org/base/projects/uefi/sys/boot/efi/libefi/efipart.c?annotate=247380&pathrev=247380 It should copy the Device Path before truncating it, and it should fix the length of the last node as it truncates the path. - Qi -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-202687-8>