[Bug 2122286] [NEW] firmware definitions lack "amd-sev-es" feature
Takashi Kajinami
2122286 at bugs.launchpad.net
Sun Sep 7 14:55:19 UTC 2025
Public bug reported:
libvirt has had the capability to select the appropriate UEFI firmware according to the features requested.
Especially it introduced the selection logic for AMD SEV-ES in 7.2.0 which depends on the amd-sev-es feature contained in the firmware capability definitions, stored in /usr/share/qemu/firmware/ .
https://github.com/libvirt/libvirt/commit/f14ca48ef42e552d97cac096968e95680b3c75b4
However none of the firmware definition files contain "amd-sev-es"
feature so libvirt fails to detect the appropriate firmware.
---
$ grep -r amd-sev /usr/share/qemu/firmware/
/usr/share/qemu/firmware/40-edk2-x86_64-secure-enrolled.json: "amd-sev",
/usr/share/qemu/firmware/60-edk2-x86_64.json: "amd-sev",
/usr/share/qemu/firmware/50-edk2-x86_64-secure.json: "amd-sev",
---
1)
$ lsb_release -rd
No LSB modules are available.
Description: Ubuntu 24.04 LTS
Release: 24.04
2)
---
$ apt-cache policy ovmf
ovmf:
Installed: 2024.02-2ubuntu0.4
Candidate: 2024.02-2ubuntu0.4
Version table:
*** 2024.02-2ubuntu0.4 500
500 http://il.archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
100 /var/lib/dpkg/status
2024.02-2ubuntu0.3 500
500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
2024.02-2 500
500 http://il.archive.ubuntu.com/ubuntu noble/main amd64 Packages
---
3)
At least one firmware definition file with "amd-sev-es" feature exists
3)
None of firmware definition files contain "amd-sev-es" feature
** Affects: edk2 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to edk2 in Ubuntu.
https://bugs.launchpad.net/bugs/2122286
Title:
firmware definitions lack "amd-sev-es" feature
Status in edk2 package in Ubuntu:
New
Bug description:
libvirt has had the capability to select the appropriate UEFI firmware according to the features requested.
Especially it introduced the selection logic for AMD SEV-ES in 7.2.0 which depends on the amd-sev-es feature contained in the firmware capability definitions, stored in /usr/share/qemu/firmware/ .
https://github.com/libvirt/libvirt/commit/f14ca48ef42e552d97cac096968e95680b3c75b4
However none of the firmware definition files contain "amd-sev-es"
feature so libvirt fails to detect the appropriate firmware.
---
$ grep -r amd-sev /usr/share/qemu/firmware/
/usr/share/qemu/firmware/40-edk2-x86_64-secure-enrolled.json: "amd-sev",
/usr/share/qemu/firmware/60-edk2-x86_64.json: "amd-sev",
/usr/share/qemu/firmware/50-edk2-x86_64-secure.json: "amd-sev",
---
1)
$ lsb_release -rd
No LSB modules are available.
Description: Ubuntu 24.04 LTS
Release: 24.04
2)
---
$ apt-cache policy ovmf
ovmf:
Installed: 2024.02-2ubuntu0.4
Candidate: 2024.02-2ubuntu0.4
Version table:
*** 2024.02-2ubuntu0.4 500
500 http://il.archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
100 /var/lib/dpkg/status
2024.02-2ubuntu0.3 500
500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
2024.02-2 500
500 http://il.archive.ubuntu.com/ubuntu noble/main amd64 Packages
---
3)
At least one firmware definition file with "amd-sev-es" feature exists
3)
None of firmware definition files contain "amd-sev-es" feature
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2122286/+subscriptions
More information about the foundations-bugs
mailing list