[Bug 1968131] [NEW] Starting VM with UEFI firmware fails with swtpm

Thu, 07 Apr 2022 00:31:00 -0700 

Public bug reported:

https://launchpad.net/ubuntu/+source/libvirt/8.0.0-1ubuntu6 introduced a
recommendation to "swtpm", so this package now gets installed by default
when installing libvirt. But this broke UEFI:

  touch /var/lib/libvirt/empty.iso
  virt-install --name t1 --os-variant fedora28 --memory 128 --wait -1 
--noautoconsole --disk 'size=0.25,format=qcow2' --cdrom 
/var/lib/libvirt/empty.iso --boot uefi

This fails:

WARNING  Requested memory 128 MiB is less than the recommended 1024 MiB
for OS fedora28

Starting install...
Allocating 't1.qcow2'                                                           
                                               |    0 B  00:00:00 ... 
Removing disk 't1.qcow2'                                                        
                                               |    0 B  00:00:00     
ERROR    internal error: Could not run '/usr/bin/swtpm_setup'. exitstatus: 1; 
Check error log '/var/log/swtpm/libvirt/qemu/t1-swtpm.log' for details.
Domain installation does not appear to have been successful.


# cat /var/log/swtpm/libvirt/qemu/t1-swtpm.log
Starting vTPM manufacturing as swtpm:swtpm @ Thu 07 Apr 2022 07:11:55 AM UTC
Successfully created RSA 2048 EK with handle 0x81010001.
  Invoking /usr/lib/x86_64-linux-gnu/swtpm/swtpm-localca --type ek --ek 
91863a7321edf06c0feb6f388950774acca7813f0d595a78463c1ce29798ab015bebb70da8a1fb8c4c353507240d32afd0e51ff173068e86e40c8f71bfa311919dd8f840e7a11576515eff08739822cfe7d3c4cc0e228623f140fc2948a0c519bc2b3d06d0a7f5bd9add9d27d9d2132459ae7911dc441dd156c842ac7b8fcb5611e589fde7ca9516eaf3a32b64b7ece348b023a6567e64a9ad491c12b1309624f7fcaa4dc9f69387bc59a743c64db664f78258dccda63635e5e934f22e594e073906e737486268601fd812979a16db23faf0512d3b714d832d69a80fc01b31cec1d5603ee06544338907f38164636df6cfbdc1168ac5eda01ff5def64076e5e7
 --dir /var/lib/libvirt/swtpm/ade6145c-3d22-46d8-8bbc-29792e4cfa0c/tpm2 
--logfile /var/log/swtpm/libvirt/qemu/t1-swtpm.log --vmid 
t1:ade6145c-3d22-46d8-8bbc-29792e4cfa0c --tpm-spec-family 2.0 --tpm-spec-level 
0 --tpm-spec-revision 164 --tpm-manufacturer id:00001014 --tpm-model swtpm 
--tpm-version id:20191023 --tpm2 --configfile /etc/swtpm-localca.conf 
--optsfile /etc/swtpm-localca.options
Creating root CA and a local CA's signing key and issuer cert.
Could not create root-CA:Can't load ./.rnd into RNG
40D7AD231A7F0000:error:12000079:random number generator:RAND_load_file:Cannot 
open file:../crypto/rand/randfile.c:106:Filename=./.rnd
Cannot write random bytes:
40D7AD231A7F0000:error:12000079:random number generator:RAND_write_file:Cannot 
open file:../crypto/rand/randfile.c:240:Filename=./.rnd

Error creating local CA's signing key and cert.
swtpm-localca exit with status 1: 
An error occurred. Authoring the TPM state failed.
Ending vTPM manufacturing @ Thu 07 Apr 2022 07:11:56 AM UTC

When I uninstall swtpm, the domain creation/starting works (of course it
does not actually do anything due to the fake empty iso, but it does get
past that bug).

** Affects: libvirt (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: libvirt (Ubuntu Jammy)
     Importance: Undecided
         Status: New


** Tags: jammy regression-release

** Also affects: libvirt (Ubuntu Jammy)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968131

Title:
  Starting VM with UEFI firmware fails with swtpm

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1968131/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to