[Bug 2122286] Re: firmware definitions lack "amd-sev-es" feature

Wed, 29 Oct 2025 02:15:57 -0700 

I do the verification on Noble 24.04.

$ apt policy ovmf
ovmf:
  Installed: 2024.02-2ubuntu0.4
  Candidate: 2024.02-2ubuntu0.4
  Version table:
     2024.02-2ubuntu0.5 100
        100 http://archive.ubuntu.com/ubuntu noble-proposed/main amd64 Packages
 *** 2024.02-2ubuntu0.4 500
        500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     2024.02-2ubuntu0.3 500
        500 http://archive.ubuntu.com/ubuntu noble-security/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
     2024.02-2 500
        500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages

$ virsh define vm.xml
error: Failed to define domain from vm.xml
error: operation failed: Unable to find 'efi' firmware that is compatible with 
the current configuration

$ sudo apt install ovmf=2024.02-2ubuntu0.5

$ virsh define vm.xml
Domain 'sev' defined from vm.xml

$ virsh start sev
  (assuming you did the work-around for granting libvirt access to /dev/sev)

$ virsh list --all
 Id   Name   State
----------------------
 2    sev    running


$ virsh console 2

-> Login as root with password
-> Check dmesg that this line is present:

[    0.360902] Memory Encryption Features active: AMD SEV SEV-ES


I also verified that libvirt detects the right OVMF file by checking the QEMU 
process arguments:

...
-blockdev 
{"driver":"file","filename":"/usr/share/ovmf/OVMF.amdsev.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}
 -blockdev 
{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}
...


** Tags removed: verification-needed verification-needed-noble
** Tags added: verification-done verification-done-noble

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2122286

Title:
  firmware definitions lack "amd-sev-es" feature

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2122286/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to