This bug was fixed in the package edk2 - 0~20191122.bd85bf54-2ubuntu3.4
---
edk2 (0~20191122.bd85bf54-2ubuntu3.4) focal; urgency=medium
[ dann frazier ]
* Provide 4MB OVMF images: The existing 2MB images no longer
have sufficient variable space for the current Secure Boot
Forbidden Signature Database. (LP: #1885662)
- Convert targets for pre-enrolled variable template images
into pattern rules. This will be useful for adding additional
pre-enrolled variable templates.
- Update fw descriptors to reference 4M images instead of their
2M counterparts. This will migrate tools that use the descriptor
interface (like libvirt) over to the 4M images when creating new
VMs. Existing 2M VMs will require manual migration.
* Increase autopkgtest timeout from 30s to 60s. (LP: #1885186)
[ Mustafa Kemal Gilor ]
* Added autopkg tests for 4MB OVMF images. (LP: #1885662)
-- Mustafa Kemal GILOR Tue, 08 Nov 2022
11:40:07 +0300
** Changed in: edk2 (Ubuntu Focal)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1885662
Title:
please provide 4MB firmware builds
Status in edk2 package in Ubuntu:
Fix Released
Status in edk2 source package in Xenial:
Won't Fix
Status in edk2 source package in Bionic:
New
Status in edk2 source package in Eoan:
Won't Fix
Status in edk2 source package in Focal:
Fix Released
Status in edk2 source package in Groovy:
Fix Released
Bug description:
[ Impact ]
Windows virtual machines running on top of Ubuntu Focal and Bionic
hypervisors with the OVMF UEFI bios are facing an issue while
installing the KB5012170 update from Microsoft. The windows update
cannot proceed to install the KB5012170, because the 2MB OVMF image on
the QEMU host no longer has sufficient space to store the contents for
the update, which causes the update process to fail. The people
running Windows VMs on Ubuntu Focal/QEMU are unable to update their
VMs.
There is a known workaround problem, which is using 4MB OVMF images
from either Debian or Ubuntu Jammy.
This fix is a backport of 4MB OVMF images from upstream for Focal.
This fix also changes the default OVMF image from 2MB to 4MB for all
new VMs that will be spawned by a hypervisor using the descriptor
interface.
Apart from the fix, the SRU includes autopkgtests for the backported
changes as well.
[ Test Plan ]
The test plan basically boils down to the scenario below:
- Spawn a Focal/QEMU host with the container/VM technology of your choice
- Create a Windows 10 VM on QEMU (use existing OVMF images at launch)
- Try to install KB5012170 on VM, and it should fail
- Install the fix to the Focal/QEMU host via PPA
- Launch the VM with new 4M images
- Try to install KB5012170 on VM, and it should succeed
The steps below are a reproduction of the test plan above with LXC as
a host environment for Focal/QEMU.
# Environment setup describes QEMU running over
# Focal LXC with X11 forwarding
# Download windows 10 ISO:
# https://www.microsoft.com/en-us/software-download/windows10ISO
# -- host shell --
# Create an LXC profile that enables X11 forwarding
# for containers
$ lxc profile create x11
$ cat x11.profile | lxc profile edit x11
# Create a Focal/QEMU container with X11 forwarding
$ lxc launch ubuntu:focal --profile default --profile x11 test-qemu-host
# Mount folder containing windows iso
$ lxc config device add test-qemu-host winiso disk source=/workspace/os-iso
path=/os-iso
$ lxc exec test-qemu-host -- sudo --user ubuntu --login
# -- QEMU container shell --
# Install QEMU & OVMF
$ sudo apt -y update && sudo apt -y install qemu-kvm ovmf
# Create a windows VM
$ mkdir windows-vm && cd windows-vm
$ qemu-img create -f qcow2 windows.img 32G
$ cp /usr/share/OVMF/OVMF_VARS.ms.fd OVMF_VARS.ms.windows.fd
# Launch the VM
$ qemu-system-x86_64 -hda windows.img -m 4096M -smp cores=4 -M q35,smm=on
-global ICH9-LPC.disable_s3=1 -global
driver=cfi.pflash01,property=secure,value=on -drive
if=pflash,format=raw,readonly=on,file=/usr/share/OVMF/OVMF_CODE.ms.fd -drive
if=pflash,format=raw,file=./OVMF_VARS.ms.windows.fd -cdrom
/os-iso/Win10_22H2_English_x64.iso
# Setup the operating system
# After everything settles:
# Download KB5012170 from Microsoft Update Catalog
# https://www.catalog.update.microsoft.com/Search.aspx?q=KB5012170
# Try to install the KB5012170 update, it should fail
# Shutdown VM
# Install fix to QEMU host from PPA:
sudo add-apt-repository ppa:mustafakemalgilor/lp-1885662-4
sudo apt update
# Re-launch VM with new 4M images:
cp /usr/share/OVMF/OVMF_VARS_4M.ms.fd OVMF_VARS_4M.ms.windows.fd
qemu-system-x86_64 -hda windows.img -m 8192M -smp cores=4 -M q35,smm=on
