Hello!
Recently my Palo Alto Firewall stopped booting properly.
When I rebooted with serial console attached, a u-boot terminal showed up:
Welcome to the PanOS Bootloader.
U-Boot 10.0.0.0-170 (Build time: Jul 15 2020 - 22:06:34)
Octeon unique ID: 070000914021f31e0294
N0.LMC0 Configuration Completed: 8192 MB
KINGFISHER board revision major:1, minor:4, serial #: 012801123723
OCTEON CN7130-AAP pass 1.2, Core clock: 1000 MHz, IO clock: 500 MHz, DDR clock: 800 MHz (1600 Mhz DDR)
Base DRAM address used by u-boot: 0x20f000000, size: 0x1000000
DRAM: 8 GiB
Clearing DRAM...... done
Octeon MMC/SD0: 0
Using default environment
MMC: Octeon MMC/SD0: 0, Octeon MMC/SD0: 0
Net: octeth0, octeth1, octeth2, octeth3, octeth4, octeth5, octeth6, octeth7, octrgmii0 [PRIME]
Type the command 'usb start' to scan for USB storage devices.
Autoboot to default partition in 5 seconds.
Enter 'maint' to boot to maint partition.
** File not found /boot/vmlinux.oct3-mp **
## No elf image at address 0x21000000
Kingfisher(ram) (mp)# (ram)#
The "kingfisher(ram) (mp)# (ram)#" is the terminal
It had failed to boot into PanOS
I manually tried loading 'vmlinux.oct3-mp' into memory and boot with default boot arguments, but kernel panic
Boot args:
bootoctlinux 21000000 console=ttyS0,9600n8 mem=4096 rootdelay=10 root=/dev/mmcblk0p3 numcores=4 quiet pktbuf=86016,2048 wqe=270336,128 mtdparts=spi32766.0:4M(ub),11072k(maint),64k(sysroot0),64k(sysroot1),64k(U-boot-env),2M(ub-fs) init=/sbin/init_kf
Failed boot:
Kingfisher(ram) (mp)# (ram)# ext2load mmc 0:2 21000000 /boot/vmlinux.oct3-mp
10453152 bytes read in 71775 ms (141.6 KiB/s)
Kingfisher(ram) (mp)# (ram)# run boot
Allocating memory for ELF segment: addr: 0xffffffff80100000 (adjusted to: 0x100000), size 0x827720
Bootloader: Done loading app on coremask:
0xf
Starting cores:
0xf
Linux version 3.10.87-oct3-mp (build@0c97fc0ce133) (gcc version 4.7.0 (Cavium Inc. Version: SDK_BUILD build 49) ) #17 SMP Thu Jan 24 16:58:30 PST 2019
CVMSEG size: 3 cache lines (384 bytes)
Cavium Inc. SDK-3.1.2
bootconsole [early0] enabled
CPU revision is: 000d9602 (Cavium Octeon III)
FPU revision is: 00739600
Checking for the multiply/shift bug... no.
Checking for the daddiu bug... no.
Determined physical RAM map:
memory: 000000000074c000 @ 0000000000100000 (kernel data and code)
memory: 0000000000054000 @ 000000000084c000 (usable after init)
memory: 0000000000088000 @ 00000000008a0000 (kernel data and code)
memory: 0000000000100000 @ 00000000eff00000 (usable)
memory: 000000000feff000 @ 00000000f0001000 (usable)
memory: 00000000f0000000 @ 000000011f000000 (usable)
Failed to execute /sbin/init_kf. Attempting defaults...
Kernel panic - not syncing: No init found. Try passing init= option to kernel. See Linux Documentation/init.txt for guidance.
I do not know what the 'Attempting Defaults' mean.
I decided to try and boot into something, and decided on OpenWRT since it has octeon as a target (The CPU is a Cavium Octeon III [CN7130]).
If openwrt works, it would make a pretty good router.
I downloaded some images, put it in a usb and tried one by one.
Also, I set mem=0, according to this guide on a router with the same cpu, or else it would kernel panic due to:
Kernel panic - not syncing: early_init_dt_alloc_memory_arch: Failed to allocate 10004 bytes align=0x40
- Factory Image for the Ubiquity Edgerouter 4, renamed as openwrtocteon.bin:
Output
Kingfisher(ram) (mp)# (ram)# fatload usb 0 21000000 openwrtocteon.bin
reading openwrtocteon.bin
24958048 bytes read in 1203 ms (19.8 MiB/s)
Kingfisher(ram) (mp)# (ram)# run boot
Allocating memory for ELF segment: addr: 0xffffffff81100000 (adjusted to: 0x1100000), size 0x29230fc
Bootloader: Done loading app on coremask:
0xf
Starting cores:
0xf
[ 0.000000] Linux version 5.15.150 (builder@buildhost) (mips64-openwrt-linux-musl-gcc (OpenWrt GCC 12.3.0 r23809-234f1a2efa) 12.3.0, GNU ld (GNU Binutils) 2.40.0) #0 SMP Fri Mar 22 22:09:42 2024
[ 0.000000] Skipping L2 locking due to reduced L2 cache size
[ 0.000000] CVMSEG size: 0 cache lines (0 bytes)
[ 0.000000] printk: bootconsole [early0] enabled
[ 0.000000] CPU0 revision is: 000d9602 (Cavium Octeon III)
[ 0.000000] FPU revision is: 00739600
M@XdVhY`Oe[`XdY`X`Xd\`\S*kYpPgU5=Gq@XdVdX2dOe[`XdY`X`Xd\`\S*kYtPgU5=GdVFihXOXF`X`X`Y`XS*kYxPgU5=GdVRpXgP`XF`X`X`Y`XS*kY|PgU5=GYR
V
SKeP
sV6mSDY
XSV
U
S+X
XgP+XWQ+QK!ZUgPegW5=G WS5gZT
It ends with a bunch of gibberish, possibly something to do with the baud rate as the Edgerouter used 115200
- Generic initramfs kernel for octeon target, renamed as general-initramfs-kernel.bin in the usb
Output
Kingfisher(ram) (mp)# (ram)# run boot
Allocating memory for ELF segment: addr: 0xffffffff81100000 (adjusted to: 0x1100000), size 0x1893e98
Bootloader: Done loading app on coremask:
0xf
Starting cores:
0xf
[ 0.000000] Linux version 6.1.104 (builder@buildhost) (mips64-openwrt-linux-musl-gcc (OpenWrt GCC 13.3.0 r27152-e497c975d3) 13.3.0, GNU ld (GNU Binutils) 2.42) #0 SMP Thu Aug 15 02:19:30 2024
[ 0.000000] Skipping L2 locking due to reduced L2 cache size
[ 0.000000] CVMSEG size: 0 cache lines (0 bytes)
[ 0.000000] printk: bootconsole [early0] enabled
[ 0.000000] CPU0 revision is: 000d9602 (Cavium Octeon III)
[ 0.000000] FPU revision is: 00739600
[ 0.000000] Kernel panic - not syncing: Corrupt Device Tree passed to kernel.
[ 0.000000] Rebooting in 1 seconds..
Kernel panics due to a corrupt device tree, dont know what that means.
I need help booting into openwrt
Thanks!