Public bug reported:
On the plucky release, the launch of SNP QEMU VM with SNP measurement
boot option fails due to the absence of OVMF amdsev file in the OVMF
plucky ubuntu package
Plucky OVMF package requires the integration of the AMD SEV firmware
file,OVMF.amdsev.fd, to enable support for SEV-secured VM remote
attestation and secret injection.
Currently, the SEV firmware necessary to support SEV Virtual Machine
Remote Attestation is not available within the Ubuntu OVMF package.
I attempted to execute an SNP QEMU measured boot using the OVMF file
packaged with Ubuntu, but this endeavor was unsuccessful due to the
provision of an invalid OVMF file within the Ubuntu OVMF package.
Error message that I see using Ubuntu OVMF.fd(/usr/share/ovmf/OVMF.fd) as guest
bios is as follows:
qemu-system-x86_64: SEV: guest firmware hashes table area is invalid (base=0x0
size=0x0)
QEMU commandline used for my SNP guest test launch on Plucky release is
as follows:
qemu-system-x86_64 \
-enable-kvm \
-cpu EPYC-v4 \
-m 2048 \
-nographic \
-netdev user,hostfwd=tcp::10030-:22,id=vmnic \
-device
virtio-net-pci,disable-legacy=on,iommu_platform=true,netdev=vmnic,romfile= \
-device virtio-scsi-pci,id=scsi0 \
-device scsi-hd,drive=disk0 \
-drive
if=none,id=disk0,format=qcow2,file=/home/amd/os-guest-test/os-guest-test-guest.qcow2
\
-machine memory-encryption=sev0,vmport=off \
-object memory-backend-memfd,id=ram1,size=2048M,share=true,prealloc=false \
-machine memory-backend=ram1 \
-object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,kernel-hashes=on \
-bios /usr/share/ovmf/OVMF.fd \
-kernel
/home/amd/os-guest-test/guest_kernel_initrd/vmlinuz-6.13.9-200.fc41.x86_64 \
-initrd
/home/amd/os-guest-test/guest_kernel_initrd/initramfs-6.13.9-200.fc41.x86_64.img
\
-append "console=tty1 console=ttyS0,115200n8 root=LABEL=fedora ro
rootflags=subvol=root"
ProblemType: Bug
DistroRelease: Ubuntu 25.04
Package: ovmf 2025.02-3ubuntu2
ProcVersionSignature: Ubuntu 6.14.0-13.13-generic 6.14.0
Uname: Linux 6.14.0-13-generic x86_64
ApportVersion: 2.32.0-0ubuntu3
Architecture: amd64
CasperMD5CheckResult: pass
Date: Tue Apr 8 05:43:04 2025
Dependencies:
InstallationDate: Installed on 2025-04-08 (0 days ago)
InstallationMedia: Ubuntu-Server 25.04 "Plucky Puffin" - Daily amd64 (20250407)
PackageArchitecture: all
ProcEnviron:
LANG=en_US.UTF-8
PATH=(custom, no user)
SHELL=/bin/bash
TERM=tmux-256color
XDG_RUNTIME_DIR=<set>
SourcePackage: edk2
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: edk2 (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug plucky
** Attachment added: "This screenshot shows the error message, and the QEMU
command used for my SNP guest launch test with direct measured boot opions"
https://bugs.launchpad.net/bugs/2106771/+attachment/5870949/+files/Error%20and%20QEMU%20commandline%20used.png
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2106771
Title:
Add support for QEMU AMD SNP VM Measured linux boot with the addition
of new AMDSEV OVMF.fd
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2106771/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
