Built in grub gpg verification fails over tftp

Solution Verified - Updated -

Issue

  • While booting an x86_64 efi image over tftp on a vmware 10 instance fails.
  • The issue can be seen in rhel7 grub 2.02 when using a gpg public key with check_sigantures enabled.
  • All file operations over tftp complete, but grub immediately throws the following error:
alloc magic is broken at <addr>: <value>
Aborted. Press any key to exit.
  • Pressing a key takes us back to the EFI firmware.
  • We can work around the issue by disabling check signatures and manually running verify_detached on a file.
  • However, we have to pull the kernel and initrd twice, which doubles the boot time.
  • Signature checking from a memdisk does not appear to be broken.

Environment

  • Red Hat Enterprise Linux 7.0
  • tftp
  • gpg

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content