← Back to team overview

kernel-packages team mailing list archive

[Bug 1396383] Re: why signed kernels call update-grub?

 

** Tags added: kernel-key

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1396383

Title:
  why signed kernels call update-grub?

Status in linux package in Ubuntu:
  Confirmed

Bug description:
  Looking at the postrm of linux-signed-image-* it looks very different
  from linux-image-* ones

  $ cat linux-signed-image-3.16.0-20-generic.postrm 
  #!/bin/sh -e

  kernel='vmlinuz-3.16.0-20-generic'

  case "$0-$1" in
  *.postinst-configure)
  	rm -f /boot/$kernel.efi.signed
  	cp /boot/$kernel /boot/$kernel.efi.signed
  	sbattach --attach /usr/lib/linux/$kernel.efi.signature /boot/$kernel.efi.signed
  	
  	if which update-grub >/dev/null 2>&1; then
  		update-grub || true
  	fi
  	;;
  *.postrm-remove)
  	rm -f /boot/$kernel.efi.signed

  	if which update-grub >/dev/null 2>&1; then
  		update-grub || true
  	fi
  	;;
  esac

  
  Why does it call update-grub direct instead of calling into /etc/kernel like the normal kernel packages do?

  In essence on amd64 the amount of calls to update-grub is duplicated
  on both installation and removal of kernel packages, since -signed
  version is installed by default. Why can't we just install signed
  version and make it modify kernel image in-place?

  ProblemType: Bug
  DistroRelease: Ubuntu 14.10
  Package: linux-signed-generic 3.16.0.25.26
  ProcVersionSignature: Ubuntu 3.16.0-25.33-generic 3.16.7
  Uname: Linux 3.16.0-25-generic x86_64
  ApportVersion: 2.14.7-0ubuntu8
  Architecture: amd64
  AudioDevicesInUse:
   USER        PID ACCESS COMMAND
   /dev/snd/controlC0:  xnox       4525 F.... pulseaudio
  CurrentDesktop: Unity
  Date: Tue Nov 25 23:08:41 2014
  HibernationDevice: RESUME=UUID=2bf263f1-753f-4b2e-92a6-b00381515e0c
  InstallationDate: Installed on 2012-01-12 (1048 days ago)
  InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Alpha amd64 (20130318)
  MachineType: Gigabyte Technology Co., Ltd. To be filled by O.E.M.
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.16.0-25-generic.efi.signed root=UUID=6669d411-80c3-41cc-a629-ad84e1ee6854 ro quiet splash nomdmonddf nomdmonisw crashkernel=384M-:128M nomdmonddf nomdmonisw crashkernel=384M-:128M nomdmonddf nomdmonisw crashkernel=384M-:128M nomdmonddf nomdmonisw crashkernel=384M-:128M nomdmonddf nomdmonisw crashkernel=384M-:128M nomdmonddf nomdmonisw crashkernel=384M-:128M nomdmonddf nomdmonisw crashkernel=384M-:128M nomdmonddf nomdmonisw crashkernel=384M-:128M vt.handoff=7
  RelatedPackageVersions:
   linux-restricted-modules-3.16.0-25-generic N/A
   linux-backports-modules-3.16.0-25-generic  N/A
   linux-firmware                             1.138
  RfKill:
   
  SourcePackage: linux
  SystemImageInfo:
   current build number: 0
   device name: ?
   channel: daily
   last update: Unknown
  UpgradeStatus: No upgrade log present (probably fresh install)
  WifiSyslog:
   
  dmi.bios.date: 08/13/2013
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: F18g
  dmi.board.asset.tag: To be filled by O.E.M.
  dmi.board.name: Z77X-D3H
  dmi.board.vendor: Gigabyte Technology Co., Ltd.
  dmi.board.version: x.x
  dmi.chassis.asset.tag: To Be Filled By O.E.M.
  dmi.chassis.type: 3
  dmi.chassis.vendor: Gigabyte Technology Co., Ltd.
  dmi.chassis.version: To Be Filled By O.E.M.
  dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrF18g:bd08/13/2013:svnGigabyteTechnologyCo.,Ltd.:pnTobefilledbyO.E.M.:pvrTobefilledbyO.E.M.:rvnGigabyteTechnologyCo.,Ltd.:rnZ77X-D3H:rvrx.x:cvnGigabyteTechnologyCo.,Ltd.:ct3:cvrToBeFilledByO.E.M.:
  dmi.product.name: To be filled by O.E.M.
  dmi.product.version: To be filled by O.E.M.
  dmi.sys.vendor: Gigabyte Technology Co., Ltd.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1396383/+subscriptions


References