Changes brought to bce(4) disabling ipmi access during boot
Paul Guyot
paulguyot at ieee.org
Wed Mar 14 22:44:49 UTC 2012
Hello,
Changes brought to bce(4) prevents booting a R410 Dell server with GELI-encrypted root ZFS partition requiring a passphrase, something that was possible with 9-RELEASE.
Using a binary search, the bug comes from the following revision:
Updating collection src-all/cvs
Edit src/sys/dev/bce/if_bce.c
Add delta 1.89.2.4 2012.01.09.19.07.14 yongari
Edit src/sys/dev/bce/if_bcereg.h
Add delta 1.35.2.3 2012.01.09.19.07.14 yongari
Shutting down connection to server
RELEASE as well as STABLE with date=2012.01.09.19.00.00 boot properly.
The boot fails with date=2012.01.09.19.08.00
For more details: the box is configured to boot from a plain ZFS pool that contains the kernel (zboot) and then to request passphrase for a GELI-encrypted ZFS pool containing everything else (including /etc/rc.d), in a way similar to what is described here: http://www.keltia.net/howtos/freebsd-dedibox
The passphrase should be entered from the virtual console (KVM) simulated by the ipmi controller (through Dell's "iDRAC6").
On RELEASE, the boot works properly and can be followed from the KVM console, where the passphrase can be entered. On STABLE, the KVM gets disconnected. Besides, the ipmi is down, and the box is eventually bricked: since plugging a real console is not an option, the only way to get access to the server is to reboot it electrically (and to configure the PXE to perform a netboot in order to switch the kernel).
I believe the ipmi controller uses the main ethernet port to simulate a physical console and the change in the bce driver disables the ethernet port. Since the box waits from the passphrase to configure the network, the box gets unreachable.
Paul
--
Semiocast http://semiocast.com/
+33.183627948 - 20 rue Lacaze, 75014 Paris
More information about the freebsd-stable
mailing list