[ipxe-devel] IPXE fails to verify images on EFI system
Ján ONDREJ (SAL)
ondrejj at salstar.sk
Wed Jul 17 06:19:38 UTC 2019
Hello,
On Tue, Jul 09, 2019 at 01:32:36PM +0100, Michael Brown wrote:
> On 21/06/2019 09:48, Ján ONDREJ (SAL) wrote:
> > I am trying to make boot.salstar.sk working on an EFI system. After some
> > troubles with disabling secure boot or allowing my ipxe.efi image, it's
> > now booting, but my scripts are unable to validate ipxe script files.
> >
> > Error message is:
> >
> > Could not start download: Invalid argument (http://ipxe.org/1c25e082)
> >
> > Using an "chain http://..." command works well, but without signature
> > checking.
> >
> > Is this a bug of ipxe or is it a "feature" of EFI booting?
>
> As per the error page, it indicates a failure to obtain a usable entropy
> source. Try building with DEBUG=efi_entropy,entropy,drbg
Thanks for your reply. Here is an error message:
iPXE initialising devices...DRBG 0x73d9c020 instantiate
ENTROPY has RNG protocol
DRBG 0x73d9c020 could not get entropy input: Error 0x4226e195 (http://ipxe.org/4226e195)
ok
Is it possible to fix this? Can I somehow at least fallback to less secure
mode without good entropy?
Jan ONDREJ
More information about the ipxe-devel
mailing list