TODO: Network boot for MacBook Pro

Posted on by Bian Xi

Network boot for MacBook Pro

Status

Tried iPXE, but failed after boot into kernel file.

Successfully load boot files

Able to boot by given filenames using similar method as below in iPXE configuration file tftp/boot.ipxe.

initrd ubuntu/12.10-desktop-${cpu_name}/casper/initrd.lz
chain ubuntu/12.10-desktop-${cpu_name}/casper/vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=192.168.1.17:/volume1/tftp/ubuntu/12.10-desktop-${cpu_name} quiet splash
boot

The error shows some sort of issue related to invalid function. Internet users mentioned that it was caused by converting EFI boot to MBR boot in iPXE but firmware doesn't support it.

Able to boot into EFI disk

Looks like MacbookPro supports EFI disk boot only

Issues

Secure boot

Secure boot verifies the signature of boot software whether trusted by firmware. This issue had been fixed after copy workable boot partition from other bootable images, such as ubuntu, fedora, or windows boot image, include /boot and /boot/efi.

Read kernel

Got issue with this stag, kernel read, but execution error with invalid function, didn't have time to troubleshoot.

Future

Grub boot

For network root partition boot, which has /bootlocally, root partition / on iSCSI disk, the grub should be configured as upgrade acceptable, including following requirements.

  • Kernel image should be a standard image to avoid manual kernel rebuilt process
  • Kernel image should include iSCSI driver
  • Kernel image should be able to configure fix IP Address, to avoid unstable iSCSI connection and unauthorized access
  • Kernel image should be able to configure bridge interface or macvlan interface, to support virtualization
  • Kernel image should be less network interface name dependent, to avoid network interface name changed

Network boot

For iPXE boot, iPXE firmware can be loaded by PXE boot process or a local disk, following requirements should be considered.

  • The kernel specification and detection are not part of iPXE configuration.
  • iPXE only detects iSCSI disk, and grub treats it as local disk, then boot from this local disk (iSCSI disk)
  • iPXE iSCSI disk should be able to be recognized by grub as local disk
  • Grub should not reset the network interface or renew IP address
  • MAC address should be the same in iPXE and Grub
  • OS should lock down the network interface, should not allow any services (Network Manager, etc) manage the interface.
  • OS should lock down iSCSI disk
  • Some requirements in Grub boot

References

Fix: System Found Unauthorized Changes on the Firmware, Operating System or UEFI Drivers

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>


The reCAPTCHA verification period has expired. Please reload the page.