Checksum error on grub-efi-bootaa64.efi

DrAric · July 18, 2025, 6:34pm

I’m working on an integration of Mender into a Yocto scarthgap build. I cloned the scarthgap branch, but when I build it, I get this error:

WARNING: grub-efi-mender-precompiled-2.12-r0 do_fetch: Checksum failure encountered with download of https://downloads.mender.io/grub-mender-grubenv/grub-efi/2.12-grub-mender-grubenv-089c619e3b52b95fd14dc664cf4f6c243c840b94/aarch64/grub-efi-bootaa64.efi;md5sum=3cdc5695de01804044e3b5606a9dc889 - will attempt other sources if available

As the URL indicates the md5sum is expected to be 3cdc56… Sure enough, if I pull that file down with wget, the md5sum is 28d3fead8ae2… I’m getting a file that looks reasonable otherwise:

% md5sum grub-efi-bootaa64.efi
28d3fead8ae217a2a879e467b920a3a3  grub-efi-bootaa64.efi
% file grub-efi-bootaa64.efi 
grub-efi-bootaa64.efi: PE32+ executable (EFI application) Aarch64 (stripped to external PDB), for MS Windows

But I don’t want to trust an executable that may have been modified.

Has anyone else seen this?

Thanks,
Aric.

TheYoctoJester · July 20, 2025, 8:17am

Hi @DrAric,

Thanks for the report! Is this happening on an unmodified build, e.g. plain Yocto on scarthgap branch with meta-mender? Which board target? I agree that a changed hash should be carefully checked, so I’d like to reproduce it.

Greetz,
Josef

DrAric · July 21, 2025, 12:57pm

Hi, @TheYoctoJester.

I’m using a manifest that doesn’t come directly from Yocto. It comes from AMD (formerly Xilinx): https://github.com/Xilinx/yocto-manifests/tree/rel-v2025.1

I have also added a (thin-so-far) layer to support our hardware, and I’ve added the Mender layer from https://github.com/mendersoftware/meta-mender.git using branch scarthgap. The URI for the failing checksum is defined in this file.

It’s entirely possible I don’t have the build configured correctly yet for Mender. E.g., I think it’s strange that the failing file is related to GRUB EFI while I am building for an ARM processor that boots with U-Boot.

Thanks for the help!

TheYoctoJester · July 21, 2025, 3:13pm

Hi @DrAric,

Ah okay, we’re getting there. I guess that you do not have specified any additional MENDER_FEATURES then? Not knowing your board and setup, I have to assume that it is using a boot flow which is essentially

some loader -> u-boot -> Linux

The Mender defaults are GRUB+UEFI, so maybe this local.conf addition already gets you started:

MENDER_FEATURES_ENABLE:append = " mender-uboot mender-image-sd "
MENDER_FEATURES_DISABLE:append = " mender-grub mender-image-uefi "

Please note that this will probably will require a custom u-boot integration as described at Manual U-Boot integration | Mender documentation.

Hope this gets you started, let me know if you have additional questions.

Greetz,
Josef

DrAric · July 22, 2025, 1:31pm

Thanks, @TheYoctoJester, this got me past the md5sum error, so I’ll be working on the U-Boot integration next.

Topic		Replies	Views
Ubuntu image failing to boot after mender-convert + potential solution? Debian family	4	702	August 18, 2021
Error: grub-mender-grubenv:do_sign failed General Discussions yocto	13	126	August 27, 2024
Mender convert fails during grub install Debian family	7	915	October 25, 2022
Bleeding edge Yocto and raspberry pi 4 General Discussions honister-cm4-rpi-grub	8	1301	January 13, 2022
Simple configuration (dunfell) General Discussions	29	2472	March 9, 2021

Checksum error on grub-efi-bootaa64.efi

Related topics