search

anatol / booster

Fast and secure initramfs generator
MIT License
504 stars 44 forks source link

Getting root partition autodiscovery to work #205

Closed Roger-Roger-debug closed 1 year ago

Roger-Roger-debug commented 1 year ago

Hello, I'm currently trying to get the root partition auto discovered but can't get it to work.

PC boots fine with the following options: root=PARTLABEL=ROOT rootflags=subvol=@ rw. From what I understood the first root flag shouldn't be necessary if I have a gpt partition with the correct type (set in gdisk to 8304, which should be a GUID of 4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709 and as such properly detected).

However, when I set the options to just rootflags=subvol=@ rw I am not prompted for the LUKS passphrase and am instead greeted by an error that says

booster: unable to detect active ESP: open /sys/firmware/efi/efivars/LoaderDevicePartUUID-...: no such file or directory
Press ENTER to reboot

Please let me know if you need any more info.

anatol commented 1 year ago

If root= is not specified, then booster triggers automatic partition discovery per its specification.

For that booster needs to get the active EFI partition. For that booster reads content of efivars file /sys/firmware/efi/efivars/LoaderDevicePartUUID-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f.

You do not have this file. Does it mean that you do not use EFI mode? Or you did not load efivarfs module?

Roger-Roger-debug commented 1 year ago

I am booted in EFI mode (at least according to the archwiki). I also have a bunch of efivars (efivar --list), however LoaderDevicePartUUID isn't part of them.

I made a universal: true image, I'm assuming the efivarfs module gets included in that?

anatol commented 1 year ago

The best way to debug it would be adding busybox to the extra_files list, rebuild booster image and boot to it. This will get you into the emergency shell on the error.

Then check if you have /sys/firmware/efi/efivars/ directory available and if yes - post its content (list of files).

anatol commented 1 year ago

I made a universal: true image, I'm assuming the efivarfs module gets included in that?

Great question. Arch Linux and many other distros have this module compiled-in. At some other systems this module is not included by default AFAIR. Thus one more thing to try is to add modules: efivarfs to the config.

Roger-Roger-debug commented 1 year ago

This is the booster config I tried

universal: true
extra_files: busybox
modules: efivarfs

I got an error saying sh: can't access tty; job control turned off and my keyboard wouldn't load, so I couldn't check it then.

For what it's worth these are the efivars on my booted system

AmdAcpiVar-79941ecd-ed36-49d0-8124-e4c31ac75cd4
AMD_PBS_SETUP-a339d746-f678-49b3-9fc7-54ce0f9df226
AMD_RAID-fe26a894-d199-47d4-8afa-070e3d54ba86
AmdSetup-3a997502-647a-4c82-998e-52ef9486a247
AmiHardwareSignatureSetupUpdateCountVar-81c76078-bfde-4368-9790-570914c01a65
AMITCGPPIVAR-a8a2093b-fefa-43c1-8e62-ce526847265e
AMITSESetup-c811fa38-42c8-4579-a9bb-60e94eddfb34
AOD_SETUP-5ed15dc0-edef-4161-9151-6014c4cc630c
ApServiceAuthority-ec87d643-eba4-4bb5-a1e5-3f3e36b20da9
ApServiceData-ec87d643-eba4-4bb5-a1e5-3f3e36b20da9
ApSyncFlagNv-ad3f6761-f0a3-46c8-a4cb-19b70ffdb305
AuditMode-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0000-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0001-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0002-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootCurrent-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootOptionSupport-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootOrder-8be4df61-93ca-11d2-aa0d-00e098032b8c
CACHE-ec87d643-eba4-4bb5-a1e5-3f3e36b20da9
ClearProfileAfterFlash-863fa0d5-4cf0-4da4-9af3-1bd7b3bd7e31
ConIn-8be4df61-93ca-11d2-aa0d-00e098032b8c
ConInDev-8be4df61-93ca-11d2-aa0d-00e098032b8c
ConOut-8be4df61-93ca-11d2-aa0d-00e098032b8c
ConOutDev-8be4df61-93ca-11d2-aa0d-00e098032b8c
CurrentPolicy-77fa9abd-0359-4d32-bd60-28f4e78f784b
db-d719b2cb-3d3a-4596-a3bc-dad00e67656f
dbDefault-8be4df61-93ca-11d2-aa0d-00e098032b8c
dbx-d719b2cb-3d3a-4596-a3bc-dad00e67656f
dbxDefault-8be4df61-93ca-11d2-aa0d-00e098032b8c
DefaultBootOrder-45cf35f6-0d6e-4d04-856a-0370a5b16f53
DeployedMode-8be4df61-93ca-11d2-aa0d-00e098032b8c
DeploymentModeNv-97e8965f-c761-4f48-b6e4-9ffa9cb2a2d6
DmiArray-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0100010400-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0100010500-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0100010700-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0100010800-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0200020400-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0200020500-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0200020600-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0200020700-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0200020800-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0300030400-4b3082a3-80c6-4d7e-9cd0-583917265df1
DmiVar0300030700-4b3082a3-80c6-4d7e-9cd0-583917265df1
DownCoreStatus-29749bad-401b-4f6d-b124-cece8c590c48
ErrOut-8be4df61-93ca-11d2-aa0d-00e098032b8c
ErrOutDev-8be4df61-93ca-11d2-aa0d-00e098032b8c
FBSelect-3fae9ba1-a3f1-42eb-b6f2-b616ea57db9d
FixedBoot-de8ab926-efda-4c23-bbc4-98fd29aa0069
GSEHWInfo-8a989680-e651-4c51-a2af-3cdb1a4ab5b0
HiiDB-1b838190-4625-4ead-abc9-cd5e6af18fe0
HwErrRecSupport-8be4df61-93ca-11d2-aa0d-00e098032b8c
KEK-8be4df61-93ca-11d2-aa0d-00e098032b8c
KEKDefault-8be4df61-93ca-11d2-aa0d-00e098032b8c
Lang-8be4df61-93ca-11d2-aa0d-00e098032b8c
LangCodes-8be4df61-93ca-11d2-aa0d-00e098032b8c
MaximumTableSize-4b3082a3-80c6-4d7e-9cd0-583917265df1
MemoryOverwriteRequestControl-e20939be-32d4-41be-a150-897f85d49829
MemoryOverwriteRequestControlLock-bb983ccf-151d-40e1-a07b-4a17be168292
MFlashVersionVariable-fd6b0489-d401-40c2-98b1-b1300b048711
MonotonicCounter-01368881-c4ad-4b1d-b631-d57a8ec8db6b
MountFirstScreenOffsetX-3ff963fb-0909-4899-9566-3e40985f61ed
MountFirstScreenOffsetY-79dd3cce-4534-4320-b6d6-5cc427d3fe35
msiDispatcherImageList-26817ae9-ca17-80d5-ab93-2f682e69efa9
MsiOcBackup-ba6510ad-1972-4d84-b28e-00e5fc8245cb
MsiOcCpuMemInfo-4ba187df-3bad-41b2-b73b-3d3dc1cc6387
MsiOcInfoFlag-48419251-dd85-4597-84b4-11182014adde
MsiOcMemECCInfo-78876464-9753-a77a-7607-652533891231
MsiOcMemPatchID-78876464-9753-a77a-7607-652533891231
MsiOcMemRGBInfo-78876464-9753-a77a-7607-652533891231
MsiOcMemSpdCheckSum-78876464-9753-a77a-7607-652533891231
MsiOcMemSpdData-78876464-9753-a77a-7607-652533891231
MsiOcMemSpdXMPInfo-78876464-9753-a77a-7607-652533891231
msiOcProFileStringCount-857fbb9e-8a3b-97ce-ae58-2515e09922bb
NetworkStackVar-d1405d16-7afc-4695-bb12-41459d3695a2
OA3MSDMvariable-01368881-c4ad-4b1d-b631-d57a8ec8db6b
OsIndicationsSupported-8be4df61-93ca-11d2-aa0d-00e098032b8c
PK-8be4df61-93ca-11d2-aa0d-00e098032b8c
PKDefault-8be4df61-93ca-11d2-aa0d-00e098032b8c
PlatformLang-8be4df61-93ca-11d2-aa0d-00e098032b8c
PlatformLangCodes-8be4df61-93ca-11d2-aa0d-00e098032b8c
ProFileAutoSaveInfo-515b6cdf-bbe7-4509-83cc-d725903d522a
SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c
SecureBootSetup-7b59104a-c00d-4158-87ff-f04d6396a915
Setup-ec87d643-eba4-4bb5-a1e5-3f3e36b20da9
SetupMode-8be4df61-93ca-11d2-aa0d-00e098032b8c
SignatureSupport-8be4df61-93ca-11d2-aa0d-00e098032b8c
SioSetupData-6b0cc1bc-910f-411e-b6cb-0e314d0bb8c1
SliderDlgNod2Fun-4c5fe008-9f33-4e30-a075-5b5c84deb9f8
SmbiosEntryPointTable-4b3082a3-80c6-4d7e-9cd0-583917265df1
SmbiosEntryPointTableF000-4b3082a3-80c6-4d7e-9cd0-583917265df1
SmbiosScratchBuffer-4b3082a3-80c6-4d7e-9cd0-583917265df1
StdDefaults-4599d26f-1a11-49b8-b91f-858745cff824
SyncFlashBufferAddress-0da1e40b-65a3-4547-8dae-4538c9685df8
Timeout-8be4df61-93ca-11d2-aa0d-00e098032b8c
TotalNumberOfRootBridges-fb5703f5-f8a7-f401-18b4-3f108deb2612
TPMPERBIOSFLAGS-7d3dceee-cbce-4ea7-8709-6e552f1edbde
UsbSupport-ec87d643-eba4-4bb5-a1e5-3f3e36b20da9
VendorKeys-8be4df61-93ca-11d2-aa0d-00e098032b8c
WMIAcpiMemAddr-ec87d643-eba4-4bb5-a1e5-3f3e36b20da9
WriteOnceStatus-4b3082a3-80c6-4d7e-9cd0-583917265df1
anatol commented 1 year ago

It looks like your bootloader does not properly set LoaderDevicePartUUID-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f efi variable. According to systemd (that used as a reference implementation here) the variable is needed for autodetect:

https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html

This generator will only look for the root partition on the same physical disk where the EFI System Partition (ESP) is located. Note that support from the boot loader is required: the EFI variable LoaderDevicePartUUID of the 4a67b082-0a4c-41cf-b6c7-440b29bb8c4f vendor UUID is used to determine from which partition, and hence the disk from which the system was booted. If the boot loader does not set this variable, this generator will not be able to autodetect the root partition. See the [Boot Loader Interface](https://systemd.io/BOOT_LOADER_INTERFACE) for details.

How do you load your computer with other initramfs? Does it really work at non-booster configuration? If yes - how does it detect the EFI partition?

Roger-Roger-debug commented 1 year ago

I didn't know that the bootloader needs to set the variable. I've been using refind but it works now with systemd-boot. Thanks for the hint.

anatol commented 1 year ago

systemd-boot does set this variable.

refind seems does not, and it means it does not support discoverable root partitions.

Roger-Roger-debug commented 1 year ago

After going through the refind config again I found a setting called write_systemd_vars that, when enabled, sets LoaderDevicePartUUID. With that autodiscovery works under refind as well.