fyi, I have now disabled the memory attribute protocol for all *.secboot.fd images in Debian. I've added *.secboot.strictnx.fd images that users can opt-in to, if they know their guest OS is compatible:
https://salsa.debian.org/qemu- team/edk2/-/commit/766e4f3cb33136c9411746c417d95283e6300dff I think we can now sync this package over, since there's no longer a practical delta. But note that my plan is also to immediately re-enable the memory attribute protocol for *.secboot.fd in Debian experimental with the next edk2 upstream release (expected this month), and then into unstable once forky opens for devel. Of course, it will still be possible to override this with a `-fw_cfg` flag. How should we handle that with Ubuntu? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2104316 Title: 25.04 beta TPMFDE: first boot failure To manage notifications about this bug go to: https://bugs.launchpad.net/snap-pc/+bug/2104316/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
