[Bug 2104316] Re: 25.04 beta TPMFDE: first boot failure

Mate Kukri 2104316 at bugs.launchpad.net
Thu Apr 3 16:28:36 UTC 2025 

Two possible causes:
- UKIs don't work with mem attribute protocol + secure boot enabled, this is likely due to systemd's borked hooking of the SEC ARCH 2 protocol pointer, which i assume is in protected memory...
- grub page faults when running chainloader on kernel.efi , or linux + boot on kernel.efi, the exact cause of this is unclear right now. but probably because systemd-stub incorrectly marks itself as NX_COMPAT despite not being so.

Both of these things need to be investigated.

I think we should get rid of the mem attribute protocol in ubuntu's edk2
until these are fixed.

** Also affects: systemd (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: grub2 (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: grub2 (Ubuntu)
     Assignee: (unassigned) => Mate Kukri (mkukri)

** Changed in: systemd (Ubuntu)
     Assignee: (unassigned) => Mate Kukri (mkukri)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2 in Ubuntu.
https://bugs.launchpad.net/bugs/2104316

Title:
  25.04 beta TPMFDE: first boot failure

Status in Gadget snap for Personal Computers using Intel or AMD processors:
  New
Status in Ubuntu:
  New
Status in edk2 package in Ubuntu:
  New
Status in grub2 package in Ubuntu:
  New
Status in systemd package in Ubuntu:
  New

Bug description:
  25.04 beta hybrid TPMFDE: first boot failure

  Using virt-manager, creating a VM, adjusting the firmware for UEFI
  (.ms), and adding a TPM (default settings), the resulting system
  appears to install but fails on first boot.

  The screen shows TianoCore along with

  BdsDxe: loading Booot0003...
  BdsDxe: starting Booot0003...

  If I repeat this test with ubuntu 24.04.2 boot makes it boots as
  expected, showing this prior to continuing to the desktop:

  BdsDxe: loading Booot0003...
  BdsDxe: starting Booot0003...
  /EndEntire
  /EndEntire

  On 24.04.2, if I hit escape during the /EndEntire bit, I can see the
  Grub menu offering the "Run Ubuntu Core" option, which never seems to
  work on the 25.04 beta install.

To manage notifications about this bug go to:
https://bugs.launchpad.net/snap-pc/+bug/2104316/+subscriptions

More information about the foundations-bugs mailing list