[Bug 2012028] Re: secure boot: TPM version '2.0' is not supported

Lena Voytek 2012028 at bugs.launchpad.net
Thu Mar 23 16:23:33 UTC 2023 

Hello,

I created a ppa with an update to 0.7.3 in lunar that should fix the
issue, located here:
https://launchpad.net/~lvoytek/+archive/ubuntu/swtpm-update-lunar

If you would like to test it you can run:

sudo add-apt-repository ppa:lvoytek/swtpm-update-lunar
sudo apt update
sudo apt upgrade


On my end swtpm now shows the proper capabilities:

# swtpm_setup --print-capabilities
{ "type": "swtpm_setup", "features": [ "tpm-1.2", "tpm-2.0", "cmdarg-keyfile-fd", "cmdarg-pwdfile-fd", "tpm12-not-need-root", "cmdarg-write-ek-cert-files", "cmdarg-create-config-files", "cmdarg-reconfigure-pcr-banks", "tpm2-rsa-keysize-2048", "tpm2-rsa-keysize-3072" ], "version": "0.7.3" }

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to swtpm in Ubuntu.
https://bugs.launchpad.net/bugs/2012028

Title:
  secure boot: TPM version '2.0' is not supported

Status in libvirt package in Ubuntu:
  Confirmed
Status in swtpm package in Ubuntu:
  In Progress
Status in libvirt source package in Lunar:
  Confirmed
Status in swtpm source package in Lunar:
  In Progress

Bug description:
  [Impact]

  Trying to create a VM with secure boot enabled in lunar always returns
  the following error:

    ERROR    unsupported configuration: TPM version '2.0' is not
  supported

  This is quite critical, because it makes impossible to test secure
  boot inside VMs, using lunar as host.

  [Test case]

  $ virt-install --name lunar_secure --arch x86_64 --feature smm=on
  --boot
  loader=/usr/share/OVMF/OVMF_CODE_4M.ms.fd,loader_ro=yes,loader_type=pflash
  --import --disk path=lunar_secure.img --disk path=lunar_secure-
  seed.img --memory 2048 --vcpus 2 --osinfo ubuntu22.10 --graphics none
  --console pty,target_type=serial --network network:default

  Starting install...
  ERROR    unsupported configuration: TPM version '2.0' is not supported
  Domain installation does not appear to have been successful.
  If it was, you can restart your domain by running:
    virsh --connect qemu:///system start lunar_secure
  otherwise, please restart your installation.

  ProblemType: Bug
  DistroRelease: Ubuntu 23.04
  Package: libvirt-daemon 9.0.0-2ubuntu1
  ProcVersionSignature: Ubuntu 6.2.0-17.17-generic 6.2.6
  Uname: Linux 6.2.0-17-generic x86_64
  ApportVersion: 2.26.0-0ubuntu2
  Architecture: amd64
  CasperMD5CheckResult: pass
  Date: Fri Mar 17 07:31:37 2023
  InstallationDate: Installed on 2022-07-25 (234 days ago)
  InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Alpha amd64 (20220724)
  SourcePackage: libvirt
  UpgradeStatus: Upgraded to lunar on 2023-02-11 (33 days ago)
  modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf']

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/2012028/+subscriptions

More information about the foundations-bugs mailing list