awslabs
How to write a valid AAVMF file?
AAVMF files are not the same as OVMF 4M files it seems.
Setting "correct" filesize and blockmap does not appear to create valid AAVMF var files. See the naive approach in https://github.com/xnox/python-uefivars/commit/ba1919419b8e9a859ef5f1f5f515d2c3200e12b3
somehow with above patch doing:
uefivars -i edk2 -I /usr/share/AAVMF/AAVMF_VARS.ms.fd -o json -O ms.json
uefivars -i json -I ms.json -o edk2,preset=aavmf -O aavmf.ms.fd
truncate -s 64M aavmf.ms.fd
And booting the resulting firmware looses all variable settings, and the VM is no longer in secureboot mode.
Are some of the assumptions in writing edk2 format specific to OVMF and/or OVMF 4M size and/or blocksize?
I am using this library to write AAVMF volumes in ubuntu-boot-test, the trick with older versions was the following:
# Dump variable store back out
with open(self._uefi_vars_path, "wb") as f:
# FIXME: this is a workaround the incorrect length
# value used by the bytes() function of EDK2UEFIVarStore
# This means that the original file length gets lost and
# we must manually pad the thing
varstore.filelen = varstore.length
f.write(bytes(varstore))
if f.tell() < vars_length:
f.write(b"\xff" * (vars_length - f.tell()))
I was under the impression that this was fixed in the most recent version by commits: https://github.com/awslabs/python-uefivars/commit/e07bd0a992f46488cbac9d1239ba69b07c58b440 https://github.com/awslabs/python-uefivars/commit/5f07c28bac644e595248e9b96548c3a4db5bfa65 but maybe I am wrong.
Hm, the difference is that you are writting xff instead of x00. Let me see if that makes a difference or not.
Maybe, but I doubt it is the root cause (Although erased nor flash would read FFs)
I am also doing this in Python directly and using the same varstore class instance to do the re-serialization, maybe when you do it from JSON it gets reinitialized with some incorrect block or size attributes.
I have not tested if this works using the command line frontend.