From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D6C2321959CB2 for ; Mon, 5 Nov 2018 10:30:47 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 60C06A403B; Mon, 5 Nov 2018 18:30:46 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-125-224.rdu2.redhat.com [10.10.125.224]) by smtp.corp.redhat.com (Postfix) with ESMTP id 49068600D6; Mon, 5 Nov 2018 18:30:45 +0000 (UTC) To: Hristo Mihaylov , "edk2-devel@lists.01.org" References: From: Laszlo Ersek Message-ID: Date: Mon, 5 Nov 2018 19:30:44 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Mon, 05 Nov 2018 18:30:46 +0000 (UTC) Subject: Re: Linux kernel fails to boot after "Set boot script outside SMM after SmmReadyToLock" X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Nov 2018 18:30:48 -0000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 10/31/18 13:54, Hristo Mihaylov wrote: > Hello, > > I'm building a custom x86_64 platform. It gets to BDS, where I select an USB with Debian as a boot device. > > ``` > [Bds]Booting UEFI USB Flash Memory C412F52D6C89C0210002C15B > error: no suitable video mode found. > error: no video mode activated. > > > > GNU GRUB version 2.02~beta3-5 > > /----------------------------------------------------------------------------\ > | Graphical install | > |*Install | > | Advanced options ... | > | Install with speech synthesis | > | | > | | > | | > | | > | | > | | > | | > | | > | | > \----------------------------------------------------------------------------/ > Use the ^ and v keys to select which entry is highlighted. > Press enter to boot the selected OS, `e' to edit the commands > before booting or `c' for a command-line. > > > > GNU GRUB version 2.02~beta3-5 > > /----------------------------------------------------------------------------\ > |setparams 'Install' | > | | > | set background_color=black | > | linux /install.amd/vmlinuz console=ttyS0,115200 | > | initrd /install.amd/initrd.gz | > | | > | | > | | > | | > | | > | | > | | > | | > \----------------------------------------------------------------------------/ > > Minimum Emacs-like screen editing is supported. TAB lists > completions. Press Ctrl-x or F10 to boot, Ctrl-c or F2 for a > command-line or ESC to discard edits and return to the GRUB menu. > Booting a command list > > error: no suitable video mode found. > Booting in blind mode > ``` > > Here I set the serial console as a display device. Then I continue into booting the USB stick where I see 2 fatal errors. > Afterwhich, the kernel starts booting, but fails to boot completely with no error message or anything. The last few lines > Discover SATA devices. > > ``` > OnExitBootServices.. > IioInit Late Secure the Platform (TXT).. > S3BootScriptSaveMemWrite called > FATAL ERROR: Set boot script outside SMM after SmmReadyToLock!!! > S3BootScriptSaveMemWrite called > FATAL ERROR: Set boot script outside SMM after SmmReadyToLock!!! > SmmInstallProtocolInterface: 296EB418-C4C8-4E05-AB59-39E8AF56F00A 0 > SmmLockBoxSmmLib RestoreLockBox - Enter > SmmLockBoxSmmLib RestoreLockBox - Exit (Success) > SmmLockBoxSmmLib SaveLockBox - Enter > LockBoxGuid - B5AF1D7A-B8CF-4EB3-8925-A820E16B687D, SmramBuffer - 0x76F49000, Length - 0x36F6 > SmmLockBoxSmmLib SaveLockBox - Exit (Success) > SmmLockBoxSmmLib SaveLockBox - Enter > LockBoxGuid - 627EE2DA-3BF9-439B-929F-2E0E6E9DBA62, SmramBuffer - 0x76F48000, Length - 0x18 > SmmLockBoxSmmLib SaveLockBox - Exit (Success) > SmmLockBoxSmmLib SetLockBoxAttributes - Enter > SmmLockBoxSmmLib SetLockBoxAttributes - Exit (Success) > [ 0.000000] Linux version 4.9.0-6-amd64 (debian-kernel@lists.debian.org) (gcc version 6.3.0 20170516 (Debian 6.3.0-18+deb9u1) ) #1 SMP Debian 4.9.82-1+deb9u3 (2018-03-02) > [ 0.000000] Command line: BOOT_IMAGE=/install.amd/vmlinuz console=ttyS0,115200 > [ 0.000000] Intel Spectre v2 broken microcode detected; disabling Speculation Control > ``` > > Is this related to the SMM fatal errors? It's occurring here https://github.com/tianocore/edk2/blob/14923c1a6bf9940b48feeaf47cb5d6c662b6528c/MdeModulePkg/Library/PiDxeS3BootScriptLib/BootScriptSave.c#L829 > There a lot of function calls and I can't print a stack trace. > > If this is related to the SMM errors, any advice on how to fix them? If not, I guess it's off to the Debian mailing lists. I don't know why the kernel fails to boot, but I can comment on the SMM error messages. BDS has to lock down SMM before it launches third party drivers / applications. Therefore an ExitBootServices() callback ("notify function") that attempts to write the S3 boot script, *in combination with* a LockBox library instance that is backed by SMM, will not work. The S3 boot script generally serves for re-initializing / restoring platform chipset state on S3 resume, so I don't see why it should be delayed until an EBS handler. The Intel whitepaper A Tour Beyond BIOS Implementing S3 Resume with EDKII explains the right order of steps in section "Normal Boot Flow for S3". (The copy I have is quite dated at this point: October 2014.) You can also refer to PlatformBootManagerBeforeConsole() in "OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c": - signal the gEfiEndOfDxeEventGroupGuid event group - call S3SaveStateProtocol->Write - install gEfiDxeSmmReadyToLockProtocolGuid (Speaking in terms of PlatformBootManagerLib APIs, these should occur in BeforeConsole, and not in AfterConsole, in order to precede 3rd party drivers/apps. EfiBootManagerDispatchDeferredImages() called in BeforeConsole (meaning PCI oproms basically), but similarly after the last step of the above triplet.) Hope this helps, Laszlo