Stage0: Initrd not discovered when booting? #5048
Comments
|
Hi, my best guess from looking at the logs is that the difference in behaviour is caused by the different vs A compressed initrd file should not make a difference as long as it is a format the kernel understands, since Stage 0 just writes it to memory and passes it to the kernel unmodified. |
|
Thanks for the suggestion! Unfortunately, I think that might've been a red herring, as another run with the corrected From that file, it definitely seems like our other partitions are present ( |
|
Looking at this in more detail it looks like there is a compatibility problem with the QEMU virtio drivers and SEV-SNP. The kernel seems to find the initial RAM file system, but fails when trying to mount it. Which version of QEMU are you using? I would recommend trying the latest version or QEMU. You could also try the following patch that was needed for virtio-net-pci. It might also be needed for virtio disks (I haven't tested that since we don't expose any disk devices to the guest): dingelish/qemu@876e262 It might also be worth checking what you are running on the host. All our successful testing was with the latest relese of Debian stable and the latest upstream kernel release. |
|
I missed the bit in your answer above that you can boot using the disk. That would mean my suggestion above that it might be a virtio compatibility issue is incorrect. It still seems like it is finding the initial RAM disk, but cannot start it because it tries to mount it to the root and fails. I am not sure what the cause would be. Have you tried other kernels (like ours)? |
Just in case, I'll mention that we're using one of the hyperscaler QEMU versions: https://git.centos.org/rpms/qemu/tree/c9s-sig-hyperscale. This is basically just upstream 9.1+ QEMU, with some SNP patches applied. It might not be the issue as you mentioned.
I'll try out your kernel to see if it's an issue with ours, but our kernel should essentially just be the upstream 6.11 with light security patches. I can try later versions of that as well and report back! |
Hi folks, running into some issues (or perhaps I've missed some documentation somewhere) when trying to run with the
stage0bootloader in our stack using SEV-SNP, wondering if anyone ran into similar issues!I'm trying to leverage direct boot which seems like it was supported in #4189, but I'm running into some weird issues where by enabling
SEV-SNP, the kernel doesn't seem to want to load the initrd, instead complaining that I can't boot without some root device (although I expected the kernel to load initrd which would then find the root device).I've attached two files with some logs detailing the issue I'm seeing:
No SEV-SNP
cvm_stage0_no_sev_snp.txt
Launched with:
With SEV SNP
cvm_stage0_with_sev_snp.txt
Launched with:
Note both were launched with
q35, but I recall also seeing some similar issues withmicrovm, see:cvm_stage0_with_sev_snp_microvm.txt
From what I can tell, it looks like from the logs, the launch with SEV-SNP is indeed reading in the
initrdfile, and putting something insidezero_page: https://github.com/project-oak/oak/blob/main/stage0/src/lib.rs#L174-L179 and jumping directly into the kernel, as expected:However, when launching without SEV-SNP, I notice this log:
Whereas there is no equivalent log when I launch with the SEV-SNP arguments.
I've also noticed that #4189 (comment) launches with a
bin/initramfsfile, whereas we're loading in with alayer.cpio.gzinitrd file, which is obviously compressed. Not sure if this is an issue, since I thinkset_initial_ram_disk()should just load the initrd into the page, which the kernel then converts into an initramfs? Not sure if I've misunderstood that part. We're basically just running an upstream 6.11 kernel with some light patches that do not affect the boot process.Any support would be greatly appreciated, thanks!
The text was updated successfully, but these errors were encountered: