[bug #60136] grub2 incompatibility between at

bug-grub

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #60136] grub2 incompatibility between at_keyboard and gfxterm modul

From:	Hans Gruber
Subject:	[bug #60136] grub2 incompatibility between at_keyboard and gfxterm modules
Date:	Sat, 27 Feb 2021 08:38:29 -0500 (EST)
User-agent:	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0

URL:
  <https://savannah.gnu.org/bugs/?60136>

                 Summary: grub2 incompatibility between at_keyboard and
gfxterm modules
                 Project: GNU GRUB
            Submitted by: moocan2112
            Submitted on: Sat 27 Feb 2021 01:38:27 PM UTC
                Category: User Interface
                Severity: Major
                Priority: 5 - Normal
              Item Group: Software Error
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: moocan2112@yahoo.fr
             Open/Closed: Open
                 Release: 
                 Release: Git master
         Discussion Lock: Any
         Reproducibility: Every Time
         Planned Release: None

    _______________________________________________________

Details:

grub2 incompatibility between at_keyboard and gfxterm modules lead to : 
- impossible to type passphrase and access grub2 menu or console on a fully
encrypted installation
- access grub2 menu or console on non encrypted installation 

launchpad bug: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1914953

mail sent at bug-grub@gnu.org on February, 08 2021.

On a freshly installed Ubuntu 20.04.1 LTS (grub 2.04) (two different brands
and configurations of laptops) fully luks encrypted systems.

laptop 1 (Dell): x86_64 BIOS/GPT
/dev/sda1 => bios_grub
/dev/sda2 => luks encrypted LVM with VG,LV /boot, /root, /home, /swap

laptop 2 (Acer): x86_64 UEFI/GPT
/dev/sda1 => ESP
/dev/sda2 => luks encrypted LVM with VG,LV /boot, /root, /home, /swap

It's impossible with :
=> 1st stage grub: /dev/sda1 bios_grub (core.img) or ESP partition (grub.efi)
=> 2nd stage grub: /dev/sda2/LUKS_VOL/LVM/boot/grub
to:
1- set and use a local grub keyboard layout (French, German) to type
passphrase in 1st stage grub
2- access (edit mode or typing command under grub console) in 2nd stage grub

Tested with Dell (BIOS x86_64) or Acer, HP (UEFI x86_64):

[0] Default settings after installation :
1st stage grub: US keyboard layout (default)
2nd stage grub: gfxterm module loaded (install defaults)
=> 1st stage grub: almost impossible to type a strong passphrase with
accentuated characters and special characters due to typos error and keyboard
layout difference and unlock encrypted luks volume.
=> 2nd stage grub: working without trouble, can access ubuntu grub menus, edit
command and type command in the grub console as normal.

[1] Modfied settings after installation : 1st stage grub only
1st stage grub: French keyboard layouts with at_keyboard module ([1A] grub
core image config at the end)
2nd stage grub: gfxterm module loaded (no modification from default
installation)
=> 1st stage grub: can type strong passphrase and unlock at the first attempt
the luks encrypted volume
=> 2nd stage grub: Impossible to access grub menus, edit command and type
command in the grub console

[2] Modfied settings after installation : 2nd stage grub only
1st stage grub: default grub core.img after installation with US layout
2nd stage grub: gfxterm module loaded (install defaults) + at_keybord,
"terminal_input at_keyboard", keymap fr.gkb ([2A] grub.cfg config at the end)
=> 1st stage grub: almost impossible to type strong passphrase as in test case
[0]
=> 2nd stage grub: almost Impossible to access grub menus, edit command and
type command in the grub console). Each keystroke must be repeated 7 times or
more to get a result (and PC speaker beep every 1x or 4x keystrokes but it's
really secondary). Ressetting from "terminal_input at_keyboard" to
"terminal_input console" (by removing at_keyboard) or from "terminal_output
gfxterm" to "terminal_output console" (by removing gfxterm) (by typing
t(x7+2xbeep)e(x10+3xbeep)r(x7+4xbeep)m(x7+1xbeep)i.n..) resolved the
situation.

[3] Modfied settings after installation : 1st stage grub only
1st stage grub: French keyboard layout with at_keybord + gfxterm module
2nd stage grub: gfxterm module loaded (no modification from default
installation)
=> 1st stage grub: Impossible to type strong passphrase as in test case [0]
but this time it's because gfxterm and at_keyboard are loaded at the same time
and each keystroke must be typed 7x or more times (sometimes more than 10
times + beep) to be taken into account, so impossible to know what you are
typing because nothing is printed at screen while you type your password. By
accessing grub minimal console due to a limited core.img and removing
at_keybord with "terminal_input console" or removing gfxterm with
"terminal_output console" resolved the situation but typing such command as
set prefix=(memdisk), ... cryptomount -u xyzaabac, set
root='lvmid/Eh2HHw-Bceq-VfsK-Kz01-kaeg-dRbz-Rwcntf/nVAE5f-GOrJ-wvu3-RTN0-mzAe-G4Oo-mzTQrN'
and then the passphrase without any typos erros at first attempt with a
different keyboard layout was a real challenge.
=> 2nd stage grub: Impossible to access grub menus, edit command and type
command in the grub console when at_keybord (eg: "terminal_input at_keyboard")
is loaded even in 1st stage grub.

Conclusion:
It seems that if grub at_keyboard module is loaded with "terminal_input
at_keyboard" and current grub config or any other grub config  have a
"terminal_output gfxterm" it's almost impossible to type anything.

So, for international user typing a strong passphrase is almost impossible
without using something like "test123" or "qwerty123" without at_keyboard and
keeping access on any grub config (whatever the level) if gfxterm module is
loaded somewhere else too.

I apologize for my english language mistakes.
Regards,

[1A] minimal grub core.img (1st grub stage) with french keyboard layout (Dell
Laptop only but I can provide too the Acer laptaop with EFI difference to
generate a grub.efi)

insmod echo
insmod gzio
insmod part_gpt
insmod cryptodisk
insmod luks
insmod gcry_rijndael
insmod gcry_rijndael
insmod gcry_sha256
insmod lvm
insmod ext2
insmod keylayouts
insmod at_keyboard
set root=(memdisk)
set prefix=($root)/
terminal_input at_keyboard
keymap /fr.gkb
cryptomount -u xyz123abc456def789ghi
set
root='lvmid/Eh2HHw-Bceq-VfsK-Kz01-kaeg-dRbz-Rwcntf/nVAE5f-GOrJ-wvu3-RTN0-mzAe-G4Oo-mzTQrN'
set prefix=($root)/grub
configfile grub.cfg

[2A] Ubuntu grub (2nd stage) modification (Dell or Acer laptop)
insmod keylayouts
insmod at_keyboard
terminal_input at_keyboard
keymap $(prefix)/fr.gkb




    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?60136>

_______________________________________________
  Message sent via Savannah
  https://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[bug #60136] grub2 incompatibility between at_keyboard and gfxterm modules, Hans Gruber <=

Prev by Date: [bug #60114] The "Backspace" key doesn't work correctly in the superuser authentication prompt.
Previous by thread: [bug #60114] The "Backspace" key doesn't work correctly in the superuser authentication prompt.
Index(es):
- Date
- Thread