[202211_SPC4_CS] Fix non-zero status exit on non secure boot system (s…

…onic-net#2715) What I did Warm-reboot fails on kvm due to non-zero exit upon command bootctl status 2>/dev/null | grep -c "Secure Boot: enabled" How I did it Added || true to return 0 when previous command fails. Added CHECK_SECURE_UPGRADE_ENABLED to check output of previous command Added debug logs How to verify it Run warm-reboot on kvm and physical device when increased verbosity. Expects debug log to indicate secure/non secure boot. Successful warm reboot
keboliu · Apr 4, 2023 · bcb14a9 · bcb14a9
1 parent fe1a1ab
commit bcb14a9
Showing 1 changed file with 8 additions and 5 deletions.
diff --git a/scripts/fast-reboot b/scripts/fast-reboot
@@ -617,12 +617,15 @@ fi
 if is_secureboot && grep -q aboot_machine= /host/machine.conf; then
     load_aboot_secureboot_kernel
 else
-    # check if secure boot is enable in UEFI
-    SECURE_UPGRADE_ENABLED=$(bootctl status 2>/dev/null | grep -c "Secure Boot: enabled")
-    if [ ${SECURE_UPGRADE_ENABLED} -eq 1 ]; then
-        load_kernel_secure
-    else
+    # check if secure boot is enable in UEFI 
+    CHECK_SECURE_UPGRADE_ENABLED=0
+    SECURE_UPGRADE_ENABLED=$(bootctl status 2>/dev/null | grep -c "Secure Boot: enabled") || CHECK_SECURE_UPGRADE_ENABLED=$?
+    if [[ CHECK_SECURE_UPGRADE_ENABLED -ne 0 ]]; then
+        debug "Loading kernel without secure boot"
         load_kernel
+    else
+        debug "Loading kernel with secure boot"
+        load_kernel_secure
     fi
 fi