When installing memtest86+ on a machine using EFI boot via GRUB the entries generated by the GRUB configuration script that ships with the package don't seem to work. Reproducible: Always Steps to Reproduce: 1. Install sys-apps/memtest86+-7.00 with either the uefi64 or uefi32 USE flag enabled, as well as the boot flag 2. Run grub-mkconfig to produce a GRUB configuration file 3. Boot in EFI mode and try to enter one of the generated entries Actual Results: The GRUB entries don't load memtest86+, GRUB prints out an error message instead Expected Results: GRUB launches the memtest86+ executable I think the problem stems from the use of `chainloader` entries in the grub configuration file. The memtest86+ EFI executables generated on my machine appear to use Linux' EFI Boot Stub and thus cannot be loaded with the `chainloader` command, but they do work using the `linux` command instead.
This works for me as it is now. Typically the image should be bootable in either mode-- as a linux kernel, or chainloaded as an EFI application. Can you tell me more about your /boot setup? Is it on something besides a flat GPT partition with a simple FS? Can you share grub.cfg? I'm just worried that there may be unforseen consequences if we switch to "linux" now. This may be related to bug 893614. Thanks
My system is setup to boot via EFI w/ SecureBoot enabled. My boot chain starts with the shim bootloader (sys-boot/shim-15.6), which hands over the process to a GRUB image generated with: grub-mkstandalone --directory /usr/lib/grub/x86_64-efi --sbat /usr/share/grub/sbat.csv --format x86_64-efi "/boot/grub/grub.cfg=grub.cfg The GRUB image is then signed with a key which is loaded in the MOK list. The same key is used to sign the memtest86+ image (via the `SECUREBOOT_SIGN_KEY`/`SECUREBOOT_SIGN_CERT` variables in my make.conf and setting the `secureboot` `USE` flag for sys-apps/memtest86+). I'll attach my grub.cfg configuration file. The memtest86+ image is stored under /boot/memtest86plus/memtest.efi64. /boot is part of / which is a simple BTRFS partition, I don't use a separate boot partition.
Created attachment 892861 [details] GRUB configuration file
Does that signing get embedded into the memtest EFI image? I wouldn't be surprised if that makes it no longer able to boot as a linux kernel
Yes, the signing happens via `sbsign` just like the Linux kernel (see this code in secureboot.eclass): https://github.com/gentoo/gentoo/blob/master/eclass/secureboot.eclass#L143-L171 https://github.com/gentoo/gentoo/blob/master/eclass/secureboot.eclass#L130 If I call the `file` command on the memtest86+ executable it tells me it's a Linux image both before and after signing: # file /boot/memtest86plus/memtest.efi64 /boot/memtest86plus/memtest.efi64: Linux kernel x86 boot executable bzImage, version Memtest86+ v7.00, RW-rootFS, And I've verified that my signature is embedded: # sbverify --list /boot/memtest86plus/memtest.efi64 signature 1 image signature issuers: - /CN=Gabriele Svelto image signature certificates: - subject: /CN=Gabriele Svelto issuer: /CN=Gabriele Svelto ```
Hi, I was troubleshooting why I can't boot the Gentoo version of memtest+, I discovered the Official Grub ISO version of memtest+ does use the `linux` keyword configuration rather than the `chainloader` keyword Gentoo is using. Replacing `chainloader`->`linux` from Grub prompt did the trick, so I came here to look for bug report and found this one. Hello :) ---- ## Gentoo ## ❯ file /usr/share/memtest86+/memtest.efi64 /usr/share/memtest86+/memtest.efi64: Linux kernel x86 boot executable bzImage, version Memtest86+ v7.00, RW-rootFS, ## Official Grub ISO version ## ❯ file /mnt/usb/EFI/BOOT/memtest /mnt/usb/EFI/BOOT/memtest: Linux kernel x86 boot executable bzImage, version Memtest86+ v7.00, RW-rootFS, ❯ cat /mnt/usb/boot/grub/grub.cfg if loadfont unicode ; then set gfxmode=1024x768,800x600,auto set gfxpayload=800x600,1024x768 terminal_output gfxterm fi set default=0 set timeout=-1 insmod linux menuentry "Start Memtest86+, use built-in support for USB keyboards" { linux /boot/memtest keyboard=both } menuentry "Start Memtest86+, use BIOS legacy emulation for USB keyboards" { linux /boot/memtest keyboard=legacy } menuentry "Start Memtest86+, disable SMP and memory identification" { linux /boot/memtest nosmp nosm nobench } ---- I got deeper into upstream documentation, and found this (Source: https://memtest.org/readme): > When using an intermediate bootloader, either the memtest.bin file or the memtest.efi file should be stored in a disk partition the bootloader can access, and the bootloader configuration should be updated to boot from that file as if it were a Linux kernel with no initial RAM disk. I don't know if this change (not supporting `chainloader` anymore) happened with the v6.x, as it was based on a major code change. For the record, I cannot boot the official non-Grub ISO version of memtest+ from UEFI boot menu, but I'm not sure that's relevant. Regards.
(In reply to Gabriele Svelto from comment #2) > My system is setup to boot via EFI w/ SecureBoot enabled. My boot chain > starts with the shim bootloader (sys-boot/shim-15.6), which hands over the > process to a GRUB image generated with: > > grub-mkstandalone --directory /usr/lib/grub/x86_64-efi --sbat > /usr/share/grub/sbat.csv --format x86_64-efi "/boot/grub/grub.cfg=grub.cfg > > The GRUB image is then signed with a key which is loaded in the MOK list. > The same key is used to sign the memtest86+ image (via the > `SECUREBOOT_SIGN_KEY`/`SECUREBOOT_SIGN_CERT` variables in my make.conf and > setting the `secureboot` `USE` flag for sys-apps/memtest86+). > > I'll attach my grub.cfg configuration file. The memtest86+ image is stored > under /boot/memtest86plus/memtest.efi64. /boot is part of / which is a > simple BTRFS partition, I don't use a separate boot partition. I 'think' I have the same problem since enabling SecureBoot. Does it work if you disable SecureBoot?
I managed to get it starting with: menuentry 'Memtest86+ 64bit UEFI' { load_video set gfxpayload=800x600 insmod part_gpt insmod btrfs search --no-floppy --fs-uuid --set=root xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx linux "/rootfs/boot/memtest86plus/memtest.efi64" } The window is not fullscreen, but it's working.
