HTTP Boot Server boot kernel panic error

Hi,

Am trying to setup an HTTP boot server per this article: https://en.opensuse.org/UEFI_HTTPBoot_Server_Setup. Am using OpenSuse 15.4 as the server. The http server is apache2.

Using HTTPS, the client is now able to get the DHCP address from the OpenSUSE server and the grub MenuEntry displays. However, when I select the menu entry, the next screen displays the following:
Loading kernel…
Loading initial ramdisk…
error: …/…/grub-core/net/efi/http.c:332:Error| status=9
Press any key to continue

When I press a key to continue, it appears as though it is attempting to boot but then it stops with a kernel panic:
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0.0)

Does anyone have any ideas what could be causing this and how to fix it. Any input would be appreciated. Thanks!

wcn

status=9 == EFI_OUT_OF_RESOURCES. grub is using firmware HTTP driver and firmware returns an error message. Can you see in HTTP server logs how much grub2 downloaded? It would be helpful to make network capture of the whole boot sequence (use tcpdump or wireshark on HTTP server, whatever you are familiar with).

When I press a key to continue, it appears as though it is attempting to boot but then it stops with a kernel panic:
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0.0)

Without initrd kernel cannot find its root filesystem, that is clear.

Arvidjarr,

Thanks for your response. Never used tcpdump or wireshark but I’ll see if I can get one or the other working and post a capture.

Is the error an indication of the client not having enough memory (16GB) or the OS I’m trying to server being to large? I’m trying to serve the OpenSUSE iso files so the client can do an install.

I’ll get back to you when I have a network capture.

Again, thanks!

wcn

The error comes from firmware which is closed source so we have rather limited possibility to interpret it.

https://1drv.ms/u/s!Auhw4cGYX5AqgfRtDpdToVwvjXmY8g?e=Qv5pS2

Hi Arvidjarr,

This is a link to the tcpdump file. It’s huge. Have no idea what I am looking at. Thanks in advance for your help.

Next time please capture and provide binary dump (tcpdump -w capture-file …), not default text summary. It allows looking at package details beyond what is shown by default.

Anyway, assuming 192.168.111.101 is grub2 client and 192.168.111.1 is HTTP server - client receives data from server up to approximately 11MB and then it stops accepting data due to no buffer space (TCP window becomes zero) and it never recovers.

13:15:24.009354 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11117227, win 65535, length 0
13:15:24.009355 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11120147, win 64804, length 0
13:15:24.009386 IP 192.168.111.1.443 > 192.168.111.101.1790: Flags [P.], seq 11176922:11179842, ack 1762, win 63987, length 2920
13:15:24.009393 IP 192.168.111.1.443 > 192.168.111.101.1790: Flags [P.], seq 11179842:11182762, ack 1762, win 63987, length 2920
13:15:24.021708 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11123067, win 61884, length 0
13:15:24.021777 IP 192.168.111.1.443 > 192.168.111.101.1790: Flags [P.], seq 11182762:11184951, ack 1762, win 63987, length 2189
13:15:24.041953 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11125987, win 58964, length 0
13:15:24.052069 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11127445, win 57506, length 0
13:15:24.072259 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11130365, win 54586, length 0
13:15:24.092444 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11133285, win 51666, length 0
13:15:24.112671 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11136205, win 48746, length 0
13:15:24.132850 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11137665, win 47286, length 0
13:15:24.153041 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11142045, win 42906, length 0
13:15:24.173291 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11144965, win 39986, length 0
13:15:24.193438 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11147885, win 37066, length 0
13:15:24.213681 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11150805, win 34146, length 0
13:15:24.223800 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11151532, win 33419, length 0
13:15:24.243983 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11154452, win 30499, length 0
13:15:24.264149 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11157372, win 27579, length 0
13:15:24.284361 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11160292, win 24659, length 0
13:15:24.304532 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11163212, win 21739, length 0
13:15:24.324759 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11166132, win 18819, length 0
13:15:24.341970 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11168376, win 16575, length 0
13:15:24.362149 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11171296, win 13655, length 0
13:15:24.382367 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11174216, win 10735, length 0
13:15:24.392444 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11174541, win 10410, length 0
13:15:24.412634 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11176922, win 8029, length 0
13:15:24.432869 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11179842, win 5109, length 0
13:15:24.453033 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11182762, win 2189, length 0
13:15:24.473277 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11184951, win 0, length 0
13:15:25.372035 IP 192.168.111.1.443 > 192.168.111.101.1790: Flags .], ack 1762, win 63987, length 0
13:15:25.380336 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11184951, win 0, length 0
13:15:27.164046 IP 192.168.111.1.443 > 192.168.111.101.1790: Flags .], ack 1762, win 63987, length 0
13:15:27.166143 IP 192.168.111.101.1790 > 192.168.111.1.443: Flags .], ack 11184951, win 0, length 0
13:15:30.780047 IP 192.168.111.1.443 > 192.168.111.101.1790: Flags .], ack 1762, win 63987, length 0
13:15:37.948133 IP 192.168.111.1.443 > 192.168.111.101.1790: Flags .], ack 1762, win 63987, length 0
13:15:52.284117 IP 192.168.111.1.443 > 192.168.111.101.1790: Flags .], ack 1762, win 63987, length 0

This matches error code (out of resources). It is impossible to decide whether this is due to firmware or grub bug (it is possible that grub stops processing new data for some reasons).

As the patch to use firmware HTTP(S) services is SUSE specific, you should open bug report on https://bugzilla.opensuse.org (same user/password as here). Attach binary tcpdump capture, provide as much details as possible (in particular, exact sizes of linux kernel and initrd are certainly interesting), do not forget to describe your setup, IP addresses of client and server etc.

As a workaround you may try to generate smaller initrd or test different boot protocol (HTTP, FTP, TFTP). Do you really needs encryption?

Hi Arvidjarr,

I disabled CSM in the BIOS so that only UEFI was supported and now it boots further with no Status 9 error. But then I ran into another issue where it stopped at a graphical screen and asked me to select the URL file yet the one it had highlighted was correct? So I escaped out and was able to get it to boot all the way to the installation screen but only after selecting HTTP instead of HTTPS? I originally tried setting up the server to boot in http mode because I didn’t want to deal with setting up SSL certificates but when the client hit the dhcpd file it stated it would only continue in https mode. So I created the dummy certificate, installed the .der version of the certificate on the client via the BIOS menu and then it got to the “Status 9” error.

So now, my dhcpd.conf file has the URL listed as HTTPS and my grub.cfg file has the URL listed as HTTP??? Any idea why grub would fail in HTTPS mode?

Don’t waste a lot of time on this. If you know off the top of your head, great! If not, I’m not really all that concerned about it. It for lab testing anyway. As long as I can install OpenSuse from it, I can live with the anomalies.

Thanks again for all your help! I’ll wait for your reply and then tag solved.