[Bug 2065874] Re: Can't update firmware on TPM-backed FDE systems

Mario Limonciello 2065874 at bugs.launchpad.net
Thu May 16 11:10:28 UTC 2024 

This is the original bug for deb fwupd: https://github.com/canonical/ubuntu-desktop-installer/issues/2371
This is the original bug for snap fwupd: https://github.com/fwupd/fwupd/issues/6264

The problem is that fwupd (both deb and snap) don't understand the
layout that TPM FDE uses.

As mentioned in https://github.com/canonical/ubuntu-desktop-
installer/issues/2371#issue-1940392263 about the deb problem:

> fwupd is not aware of this layout.
In order for a firmware update to work, fwupd expects to be able to create a new NVRAM boot entry using shim to chainload fwupdx64.efi.

As mentioned in
https://github.com/fwupd/fwupd/issues/6264#issuecomment-1764898120 about
the snap problem:

> My take on this issue is that it's because the Ubuntu 23.10 FDE mounts
stuff in a weird location. The ESP is at /run/mnt which isn't something
that the fwupd snap interface understands. It fully expects it to be in
/boot/efi.


** Also affects: ubuntu-desktop-provision
   Importance: Undecided
       Status: New

** Changed in: fwupd (Ubuntu)
       Status: New => Triaged

** Bug watch added: github.com/canonical/ubuntu-desktop-installer/issues #2371
   https://github.com/canonical/ubuntu-desktop-installer/issues/2371

** Bug watch added: github.com/fwupd/fwupd/issues #6264
   https://github.com/fwupd/fwupd/issues/6264

** Also affects: snapd
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to fwupd in Ubuntu.
https://bugs.launchpad.net/bugs/2065874

Title:
  Can't update firmware on TPM-backed FDE systems

Status in snapd:
  New
Status in ubuntu-desktop-provision:
  New
Status in fwupd package in Ubuntu:
  Triaged

Bug description:
  This was previously reported here: https://github.com/canonical/ubuntu-desktop-installer/issues/2371
  But I think that bug report and those posted in other projects don't seem to be getting attention.

  With the new TPM-backed FDE storage layout for Ubuntu 24.04, it is
  seemingly impossible to perform firmware updates using fwupd.

  Attempting to upgrade the firmware with `fwupdmgr upgrade XXXXXX`
  gives the attached error message.

  ProblemType: Bug
  DistroRelease: Ubuntu 24.04
  Package: fwupd 1.9.16-1
  ProcVersionSignature: Ubuntu 6.8.0-31.31-generic 6.8.1
  Uname: Linux 6.8.0-31-generic x86_64
  ApportVersion: 2.28.1-0ubuntu3
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Thu May 16 11:25:24 2024
  ProcEnviron:
   LANG=en_GB.UTF-8
   PATH=(custom, no user)
   SHELL=/usr/local/bin/bash
   TERM=xterm-256color
   XDG_RUNTIME_DIR=<set>
  SourcePackage: fwupd
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.fwupd.fwupd.conf: [inaccessible: [Errno 13] Permission denied: '/etc/fwupd/fwupd.conf']

To manage notifications about this bug go to:
https://bugs.launchpad.net/snapd/+bug/2065874/+subscriptions

More information about the foundations-bugs mailing list