[Bug 2104316] Re: 25.04 beta TPMFDE: first boot failure

[Michael Hudson-Doyle]

> - UKIs don't work with mem attribute protocol + secure boot enabled,
this is likely due to systemd's borked hooking of the SEC ARCH 2
protocol pointer, which i assume is in protected memory...

This makes sense because other systems boot after all. Is this "borked
hooking" only in newer systemds? (because Noble TPM FDE installs
apparently work with plucky ovmf)

> I think we should get rid of the mem attribute protocol in ubuntu's
edk2 until these are fixed.

You marked the edk2 task as invalid, but this sounds like you think we
should make a change to edk2? (even if it's not a bug in edk2, per se)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2 in Ubuntu.
https://bugs.launchpad.net/bugs/2104316

Title:
  25.04 beta TPMFDE: first boot failure

Status in Gadget snap for Personal Computers using Intel or AMD processors:
  New
Status in Ubuntu:
  New
Status in edk2 package in Ubuntu:
  Invalid
Status in grub2 package in Ubuntu:
  New
Status in systemd package in Ubuntu:
  New

Bug description:
  25.04 beta hybrid TPMFDE: first boot failure

  Using virt-manager, creating a VM, adjusting the firmware for UEFI
  (.ms), and adding a TPM (default settings), the resulting system
  appears to install but fails on first boot.

  The screen shows TianoCore along with

  BdsDxe: loading Booot0003...
  BdsDxe: starting Booot0003...

  If I repeat this test with ubuntu 24.04.2 boot makes it boots as
  expected, showing this prior to continuing to the desktop:

  BdsDxe: loading Booot0003...
  BdsDxe: starting Booot0003...
  /EndEntire
  /EndEntire

  On 24.04.2, if I hit escape during the /EndEntire bit, I can see the
  Grub menu offering the "Run Ubuntu Core" option, which never seems to
  work on the 25.04 beta install.

To manage notifications about this bug go to:
https://bugs.launchpad.net/snap-pc/+bug/2104316/+subscriptions