Public bug reported: Environment: Distribution: Ubuntu Plucky Platform: SNP-enabled QEMU guest Kernel: 6.14.0-27-generic
Issue: Guest attestation functionality is broken due to the absence of the sev-guest kernel module in the kernel package. This prevents proper operation of SNP (Secure Nested Paging) attestation features within Ubuntu Plucky guests running on SNP-enabled QEMU. Impact: Guest attestation process fails completely SNP security features are non-functional Tools like virtee/snpguest cannot perform attestation operations on Ubuntu Plucky Release Error Details: We observe the following issue during generation of SNP guest report on QEMU guest using virtee/snpguest tool: root@localhost:~# snpguest report attestation-report.bin random-request-data.txt --random ERROR: unable to open /dev/sev-guest because: No such file or directory (os error 2) When attempting to manually load the sev-guest module on QEMU guest, we see the following issue: root@localhost:~# modprobe sev-guest modprobe: FATAL: Module sev-guest not found in directory /lib/modules/6.14.0-27-generic Expected Behavior: The sev-guest kernel module should be included in the kernel package and available for loading to enable proper SNP guest attestation functionality. Actual Behavior: The sev-guest module is missing from the kernel/kernel module package, preventing SNP attestation features from working. QEMU CLI used for SNP Guest(Ubuntu Plucky version) launch: qemu-system-x86_64 \ -enable-kvm \ -cpu EPYC-v4 \ -nographic \ -machine memory-encryption=sev0 \ -object memory-backend-memfd,id=ram1,size=4096M \ -machine memory-backend=ram1 \ -object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,kernel-hashes=on \ -bios OVMF.amdsev.fd \ -kernel guest-ubuntu-plucky.efi virtee/snpguest tool link: https://github.com/virtee/snpguest.git Regular SNP Guest Attestation Process Link: https://github.com/virtee/snpguest/tree/main?tab=readme-ov-file#regular-attestation-flowchart ProblemType: Bug DistroRelease: Ubuntu 25.04 Package: linux-modules-6.14.0-27-generic 6.14.0-27.27 ProcVersionSignature: Ubuntu 6.14.0-27.27-generic 6.14.6 Uname: Linux 6.14.0-27-generic x86_64 AlsaDevices: total 0 crw-rw---- 1 root audio 116, 1 Jul 30 18:36 seq crw-rw---- 1 root audio 116, 33 Jul 30 18:36 timer AplayDevices: Error: [Errno 2] No such file or directory: 'aplay' ApportVersion: 2.32.0-0ubuntu5.3 Architecture: amd64 ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord' AudioDevicesInUse: Error: [Errno 2] No such file or directory: 'fuser' CRDA: N/A CasperMD5CheckResult: unknown Date: Wed Jul 30 18:52:33 2025 Dependencies: Lspci: Error: [Errno 2] No such file or directory: 'lspci' Lspci-vt: Error: [Errno 2] No such file or directory: 'lspci' Lsusb: Error: [Errno 2] No such file or directory: 'lsusb' Lsusb-t: Error: [Errno 2] No such file or directory: 'lsusb' Lsusb-v: Error: [Errno 2] No such file or directory: 'lsusb' MachineType: QEMU Standard PC (i440FX + PIIX, 1996) PciMultimedia: ProcEnviron: PATH=(custom, no user) SHELL=/bin/bash TERM=vt220 ProcFB: 0 simpledrmdrmfb ProcKernelCmdLine: console=ttyS0 RelatedPackageVersions: linux-restricted-modules-6.14.0-27-generic N/A linux-backports-modules-6.14.0-27-generic N/A linux-firmware N/A RfKill: Error: [Errno 2] No such file or directory: 'rfkill' SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 11/17/2024 dmi.bios.release: 0.0 dmi.bios.vendor: EDK II dmi.bios.version: edk2-20241117-5.fc41 dmi.chassis.type: 1 dmi.chassis.vendor: QEMU dmi.chassis.version: pc-i440fx-9.1 dmi.modalias: dmi:bvnEDKII:bvredk2-20241117-5.fc41:bd11/17/2024:br0.0:svnQEMU:pnStandardPC(i440FX+PIIX,1996):pvrpc-i440fx-9.1:cvnQEMU:ct1:cvrpc-i440fx-9.1:sku: dmi.product.name: Standard PC (i440FX + PIIX, 1996) dmi.product.version: pc-i440fx-9.1 dmi.sys.vendor: QEMU ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug plucky ** Attachment added: "sev-guest-module-issue-ubuntu-plucky.pdf" https://bugs.launchpad.net/bugs/2119148/+attachment/5894900/+files/sev-guest-module-issue-ubuntu-plucky.pdf -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2119148 Title: sev-guest kernel module not included in kernel package for SNP QEMU guests To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2119148/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
