fallback logic is confusing when there is more than one entry created

[slowpeek]

The problem

Assume the fallback creates boot entries (in such order) A, B. B would end up the top one in the bootorder. If the fallback decides not to reboot (no tpm or FB_NO_REBOOT is set), it would start A (in try_start_first_option() "first" means the first one created). But every subsequent reboot it would be B because of the bootorder.

How it should be: the fallback should start B. So with subsequent reboots the selected boot entry is the same.

Details

I use a virtualbox machine (efi enabled, secureboot disabled) running debian sid with shim 15.7 binaries extracted from ubuntu 22.04 shim-signed 1.51.3+15.7-0ubuntu1 package.

EFI/ layout:

EFI
    alpha
        BOOTX64.CSV
        grub.cfg
        grubx64.efi
        shimx64.efi
    beta
        BOOTX64.CSV
        grub.cfg
        grubx64.efi
        shimx64.efi
    tau
        BOOTX64.CSV
        grub.cfg
        grubx64.efi
        shimx64.efi
    xtra
        fbx64.efi
        mmx64.efi

• efi binaries above are all the same, just copies

• BOOTX64.CSV only differs in boot entry name. For example, alpha/BOOTX64.CSV

  shimx64.efi,alpha,,This is the boot entry for alpha
  

• grub.cfg is a stock one created as grub-install --removable with a small change to pass the dir name to the main config. For example, alpha/grub.cfg

  search.fs_uuid 6be1eb50-c733-41cd-b4d4-f0e65bdf08ac root hd0,gpt2 
  set prefix=($root)'/grub'
  
  set flavor=alpha
  export flavor
  
  configfile $prefix/grub.cfg
  

• main grub config, /boot/grub/grub.cfg, is modified to append $flavor value to the kernel cmdline like this:

  linux   /vmlinuz-6.1.0-5-amd64 ... flavor=$flavor
  

After wiping out existing boot entries with efibootmgr, I reboot and keep hitting Esc to enter the firmware and start EFI/xtra/fbx64.efi.

The fallback does its part, the system boots and

$ cat /proc/cmdline 
BOOT_IMAGE=/vmlinuz-6.1.0-5-amd64 ... flavor=tau

And bootorder

$ efibootmgr 
BootCurrent: 0006
Timeout: 0 seconds
BootOrder: 0009,0008,0007,0001,0002,0000,0003,0004,0005
Boot0000* UiApp
Boot0001* UEFI VBOX CD-ROM VB0-1a2b3c4d 
Boot0002* EFI Internal Shell
Boot0003* UEFI VBOX HARDDISK VB2ac10b5c-7b9e69a2 
Boot0004* UEFI PXEv4 (MAC:080027FAA0C1)
Boot0005* UEFI PXEv4 (MAC:0800275FDA73)
Boot0006* fbx64.efi
Boot0007* tau
Boot0008* alpha
Boot0009* beta

Now I reboot and

$ cat /proc/cmdline 
BOOT_IMAGE=/vmlinuz-6.1.0-5-amd64 ... flavor=beta

With the fallback it booted into "tau", but on subsequent reboots I get "beta". It is confusing from the user point.

Fallback log

The log is obtained with mokutil --set-fallback-verbosity true and a file attached to the machine's com port.

efi_main:1168: System BootOrder not found.  Initializing defaults.
set_boot_order:513: Original nbootorder: 6
Original BootOrder: 0001 0002 0000 0003 0004 0005 
find_boot_options:970: Found directory named "tau"
try_boot_csv:713: Found file "\EFI\tau\BOOTX64.CSV"
try_boot_csv:726: File looks like:
shimx64.efi,tau,,This is the boot entry for tau

populate_stanza:676: CSV data: "shimx64.efi,tau,,This is the boot entry for tau"
populate_stanza:682: filename: "shimx64.efi"
populate_stanza:689: label: "tau"
populate_stanza:695: arguments: ""
add_to_boot_list:576: file DP: PciRoot(0)/Pci(0xD,0x0)/Sata(0x1,0xFFFF,0x0)/HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\tau\shimx64.efi
FindSubDevicePath:74: input device path: "PciRoot(0)/Pci(0xD,0x0)/Sata(0x1,0xFFFF,0x0)/HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\tau\shimx64.efi"
FindSubDevicePath:81: sub-path (4,1):  "HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\tau\shimx64.efi"
add_to_boot_list:599: 04 01 2A 00 01 00 00 00 00 08 00 00 00 00 00 00 
add_to_boot_list:599: 00 28 01 00 00 00 00 00 59 2D 53 AB A0 BC AA 43 
add_to_boot_list:599: 9E 60 4F C8 39 C9 1D 35 02 02 04 04 2E 00 5C 00 
add_to_boot_list:599: 45 00 46 00 49 00 5C 00 74 00 61 00 75 00 5C 00 
add_to_boot_list:599: 73 00 68 00 69 00 6D 00 78 00 36 00 34 00 2E 00 
add_to_boot_list:599: 65 00 66 00 69 00 00 00 7F FF 04 00 
add_to_boot_list:606: device path: "HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\tau\shimx64.efi"
find_boot_option:458: Checked all boot entries
add_boot_option:246: Creating boot entry "Boot0007" with label "tau" for file "\EFI\tau\shimx64.efi"
add_boot_option:284: nbootorder: 7
BootOrder: 0007 0001 0002 0000 0003 0004 0005 
find_boot_options:970: Found directory named "alpha"
try_boot_csv:713: Found file "\EFI\alpha\BOOTX64.CSV"
try_boot_csv:726: File looks like:
shimx64.efi,alpha,,This is the boot entry for alpha

populate_stanza:676: CSV data: "shimx64.efi,alpha,,This is the boot entry for alpha"
populate_stanza:682: filename: "shimx64.efi"
populate_stanza:689: label: "alpha"
populate_stanza:695: arguments: ""
add_to_boot_list:576: file DP: PciRoot(0)/Pci(0xD,0x0)/Sata(0x1,0xFFFF,0x0)/HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\alpha\shimx64.efi
FindSubDevicePath:74: input device path: "PciRoot(0)/Pci(0xD,0x0)/Sata(0x1,0xFFFF,0x0)/HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\alpha\shimx64.efi"
FindSubDevicePath:81: sub-path (4,1): "HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\alpha\shimx64.efi"
add_to_boot_list:599: 04 01 2A 00 01 00 00 00 00 08 00 00 00 00 00 00 
add_to_boot_list:599: 00 28 01 00 00 00 00 00 59 2D 53 AB A0 BC AA 43 
add_to_boot_list:599: 9E 60 4F C8 39 C9 1D 35 02 02 04 04 32 00 5C 00 
add_to_boot_list:599: 45 00 46 00 49 00 5C 00 61 00 6C 00 70 00 68 00 
add_to_boot_list:599: 61 00 5C 00 73 00 68 00 69 00 6D 00 78 00 36 00 
add_to_boot_list:599: 34 00 2E 00 65 00 66 00 69 00 00 00 7F FF 04 00 
add_to_boot_list:606: device path: "HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\alpha\shimx64.efi"
find_boot_option:458: Checked all boot entries
add_boot_option:246: Creating boot entry "Boot0008" with label "alpha" for file "\EFI\alpha\shimx64.efi"
add_boot_option:284: nbootorder: 8
BootOrder: 0008 0007 0001 0002 0000 0003 0004 0005 
find_boot_options:970: Found directory named "beta"
try_boot_csv:713: Found file "\EFI\beta\BOOTX64.CSV"
try_boot_csv:726: File looks like:
shimx64.efi,beta,,This is the boot entry for beta

populate_stanza:676: CSV data: "shimx64.efi,beta,,This is the boot entry for beta"
populate_stanza:682: filename: "shimx64.efi"
populate_stanza:689: label: "beta"
populate_stanza:695: arguments: ""
add_to_boot_list:576: file DP: PciRoot(0)/Pci(0xD,0x0)/Sata(0x1,0xFFFF,0x0)/HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\beta\shimx64.efi
FindSubDevicePath:74: input device path: "PciRoot(0)/Pci(0xD,0x0)/Sata(0x1,0xFFFF,0x0)/HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\beta\shimx64.efi"
FindSubDevicePath:81: sub-path (4,1): "HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\beta\shimx64.efi"
add_to_boot_list:599: 04 01 2A 00 01 00 00 00 00 08 00 00 00 00 00 00 
add_to_boot_list:599: 00 28 01 00 00 00 00 00 59 2D 53 AB A0 BC AA 43 
add_to_boot_list:599: 9E 60 4F C8 39 C9 1D 35 02 02 04 04 30 00 5C 00 
add_to_boot_list:599: 45 00 46 00 49 00 5C 00 62 00 65 00 74 00 61 00 
add_to_boot_list:599: 5C 00 73 00 68 00 69 00 6D 00 78 00 36 00 34 00 
add_to_boot_list:599: 2E 00 65 00 66 00 69 00 00 00 7F FF 04 00 
add_to_boot_list:606: device path: "HD(1,GPT,AB532D59-BCA0-43AA-9E60-4FC839C91D35)/\EFI\beta\shimx64.efi"
find_boot_option:458: Checked all boot entries
add_boot_option:246: Creating boot entry "Boot0009" with label "beta" for file "\EFI\beta\shimx64.efi"
add_boot_option:284: nbootorder: 9
BootOrder: 0009 0008 0007 0001 0002 0000 0003 0004 0005 
find_boot_options:970: Found directory named "xtra"
update_boot_order:537: nbootorder: 9
BootOrder: 0009 0008 0007 0001 0002 0000 0003 0004 0005 
efi_main:1181: tpm not present, starting the first image

[kraxel]

Fedora 39 shimx64.efi shows the same inconsistent behavior.
Reproduces for me with a single BOOTX64.CSV file containing multiple lines.

# iconv -f UCS-2LE -t UTF-8 < /boot/efi/EFI/fedora/BOOTX64.CSV 
shimx64.efi,Fedora, ,Comment
shimx64.efi,6.5.5-300.fc39.x86_64,\EFI\Linux\10b06d03691b48b4935411f9bbc77a2a-6.5.5-300.fc39.x86_64.efi ,Comment