System is booting the installation media on reboot instead of the installed OS. The needle prior to the failure should have failed as well.

Created attachment 861978 [details]
build changes 19.1 to 21.1

Based on the changes between 19.1 and 21.1 this seem to point towards a yast issue, rather than grub/shim bug.

Rainer: sadly _packages.root is files on installation medium, but what yast uses is shim from target system. And there is a shim and it succeed to install:

2022-09-27 07:34:46 <1> install(3928) [Ruby] lib/cheetah.rb(record_commands):160 Executing "/usr/sbin/shim-install --config-file\=/boot/grub2/grub.cfg".
2022-09-27 07:34:46 <1> install(3928) [Ruby] lib/cheetah.rb(log_stream_line):208 Standard output: copying /usr/share/efi/x86_64/grub.efi to /boot/efi/EFI/sles/grub.efi
2022-09-27 07:34:46 <3> install(3928) [Ruby] lib/cheetah.rb(log_stream_line):208 Error output: Installing for x86_64-efi platform.

What looks wrong for me is that shim copy file to grub.efi but efibootmanager looks for shim.efi.

So for me it is something between grub and shim as from my POV just calls correctly shim.

Michael: please check and if you find anything problematic in configuration or have question, feel free to ask.

I created a VM with the following parameters:

"-drive file=disk.img,if=none,id=nvm -device nvme,serial=nvmetest,drive=nvm"

Although the 15-SP5 installer can recognize the NVME disk, OVMF failed to detect the disk and fell back to the DVD boot option after installation. I guess the openQA VM also ran into the same issue.

There are two OVMF/edk2 upstream patches addressing the issue that OVMF didn't detect the NVME controller properly. Maybe we need those patches.

MdeModulePkg/NvmExpressDxe: fix check for Cap.Css
https://github.com/tianocore/edk2/commit/5d8d8b514832fcaa36c0b573b51442c2f53e2aaf
MdeModulePkg/NvmExpressPei: fix check for NVM command set
https://github.com/tianocore/edk2/commit/69218d5d2854acaa7a11c777244de4a297d2fbb9

The edk2 commit(*) caused the regression is included in edk2-stable202202. If the system of the openQA worker is SLE15-SP4/openSUSE Leap 15.4, then it's affected.

Joey,

Could you help to backport the fixes mentioned in comment#5?

(*) https://github.com/tianocore/edk2/commit/9dd14fc91c174eae87fd122c7ac70073a363527f

(In reply to Gary Ching-Pang Lin from comment #6)
> The edk2 commit(*) caused the regression is included in edk2-stable202202.
> If the system of the openQA worker is SLE15-SP4/openSUSE Leap 15.4, then
> it's affected.
> 
> Joey,
> 
> Could you help to backport the fixes mentioned in comment#5?
> 
> (*)
> https://github.com/tianocore/edk2/commit/
> 9dd14fc91c174eae87fd122c7ac70073a363527f

Thanks Gary!

I have sent submitreq to 15-SP4/ovmf :

https://build.suse.de/request/show/281938

and Leap 15.4/ovmf :

https://build.opensuse.org/request/show/1008725

(In reply to Joey Lee from comment #8)
> (In reply to Gary Ching-Pang Lin from comment #6)
> > The edk2 commit(*) caused the regression is included in edk2-stable202202.
> > If the system of the openQA worker is SLE15-SP4/openSUSE Leap 15.4, then
> > it's affected.
> > 
> > Joey,
> > 
> > Could you help to backport the fixes mentioned in comment#5?
> > 
> > (*)
> > https://github.com/tianocore/edk2/commit/
> > 9dd14fc91c174eae87fd122c7ac70073a363527f
> 
> Thanks Gary!
> 
> I have sent submitreq to 15-SP4/ovmf :
> 
> https://build.suse.de/request/show/281938
> 
> and Leap 15.4/ovmf :
> 
> https://build.opensuse.org/request/show/1008725

The submitreq on Leap 15.4 be declined because the change must be submitted through SUSE:SLE-15-SP4:Update. 

So now we are waiting the above #281938 IBS request be merged.

(In reply to Joey Lee from comment #9)
> (In reply to Joey Lee from comment #8)
> > (In reply to Gary Ching-Pang Lin from comment #6)
> > > The edk2 commit(*) caused the regression is included in edk2-stable202202.
> > > If the system of the openQA worker is SLE15-SP4/openSUSE Leap 15.4, then
> > > it's affected.
> > > 
> > > Joey,
> > > 
> > > Could you help to backport the fixes mentioned in comment#5?
> > > 
> > > (*)
> > > https://github.com/tianocore/edk2/commit/
> > > 9dd14fc91c174eae87fd122c7ac70073a363527f
> > 
> > Thanks Gary!
> > 
> > I have sent submitreq to 15-SP4/ovmf :
> > 
> > https://build.suse.de/request/show/281938
> > 
> > and Leap 15.4/ovmf :
> > 
> > https://build.opensuse.org/request/show/1008725
> 
> The submitreq on Leap 15.4 be declined because the change must be submitted
> through SUSE:SLE-15-SP4:Update. 
> 
> So now we are waiting the above #281938 IBS request be merged.

The change be merged for 15-SP4 on IBS. It will also be pushed to Leap 15.4.

Set this issue to fixed.

SUSE-RU-2022:3811-1: An update that has two recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1199156,1203825
CVE References: 
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    ovmf-202202-150400.5.5.1
SUSE Linux Enterprise Module for Server Applications 15-SP4 (src):    ovmf-202202-150400.5.5.1
SUSE Linux Enterprise Micro 5.3 (src):    ovmf-202202-150400.5.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Is that issue resolved in the branched ovmf submitted to SLE 15 SP5 (https://build.suse.de/request/show/283236) as well?

(In reply to Stefan Weiberg from comment #12)
> Is that issue resolved in the branched ovmf submitted to SLE 15 SP5
> (https://build.suse.de/request/show/283236) as well?

The fixes are merged into upstream edk2-stable202208, so the update does include the fixes.

Set this issue to FIXED.