[Bug 2107457] Re: Can't boot after installation with TPM backed FDE on xps9320
Chris Coulson
2107457 at bugs.launchpad.net
Thu Apr 17 17:02:00 UTC 2025
I've just figured out what the issue is here - this device has a
debugging endpoint built into the firmware which is indicated in PCR7
7 a62bd67b2cc295976651b354468c0047f8d1547d25056ded5952aaf5991762a3
EV_EFI_ACTION UEFI Debug Mode
This causes us to silently mis-predict the PCR7 value today. This will
eventually be detected here and will prevent FDE from being enabled:
https://github.com/canonical/secboot/blob/2972449df0baab78eee8f5d99e01d479673651b0/efi/preinstall/check_host_security.go#L67
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to subiquity in Ubuntu.
https://bugs.launchpad.net/bugs/2107457
Title:
Can't boot after installation with TPM backed FDE on xps9320
Status in subiquity package in Ubuntu:
New
Bug description:
I tried installing Ubuntu 25.04 desktop with TPM backed FDE on two
different XPS 9320 units.
The installation seems to succeed.
However, on first boot, it is asking me for a recovery key.
Please enter the recovery key for volume ubuntu-
data-a2b3ba2e-2555-4957-a47b-94804d4c119 for device /dev/disk/by-
uuid/6bdc5a11-5d7d-4d64-89f-05d9464191e (press TAB for no echo)
Inputting the passphrase entered during the installation does not work
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/2107457/+subscriptions
More information about the foundations-bugs
mailing list