[Bug 2122286] Re: firmware definitions lack "amd-sev-es" feature

Christian Ehrhardt 2122286 at bugs.launchpad.net
Wed Sep 24 07:31:32 UTC 2025 

We are un-duplicating the cases as we need to split the request for -snp
(only in qemu 9.1 and later which isn't in Noble) and that for -es which
is in Noble but lacks the edk2 build to provide it.


** This bug is no longer a duplicate of bug 2106771
   Add support for QEMU AMD SNP VM Measured linux boot with the addition of new AMDSEV OVMF.fd

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to edk2 in Ubuntu.
https://bugs.launchpad.net/bugs/2122286

Title:
  firmware definitions lack "amd-sev-es" feature

Status in edk2 package in Ubuntu:
  Triaged
Status in edk2 source package in Noble:
  New

Bug description:
  libvirt has had the capability to select the appropriate UEFI firmware according to the features requested.
  Especially it introduced the selection logic for AMD SEV-ES in 7.2.0 which depends on the amd-sev-es feature contained in the firmware capability definitions, stored in /usr/share/qemu/firmware/ .

  https://github.com/libvirt/libvirt/commit/f14ca48ef42e552d97cac096968e95680b3c75b4

  However none of the firmware definition files contain "amd-sev-es"
  feature so libvirt fails to detect the appropriate firmware.

  ---
  $ grep -r amd-sev /usr/share/qemu/firmware/
  /usr/share/qemu/firmware/40-edk2-x86_64-secure-enrolled.json:        "amd-sev",
  /usr/share/qemu/firmware/60-edk2-x86_64.json:        "amd-sev",
  /usr/share/qemu/firmware/50-edk2-x86_64-secure.json:        "amd-sev",
  ---

  1)
  $ lsb_release -rd
  No LSB modules are available.
  Description:	Ubuntu 24.04 LTS
  Release:	24.04

  2)
  ---
  $ apt-cache policy ovmf
  ovmf:
    Installed: 2024.02-2ubuntu0.4
    Candidate: 2024.02-2ubuntu0.4
    Version table:
   *** 2024.02-2ubuntu0.4 500
          500 http://il.archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
          100 /var/lib/dpkg/status
       2024.02-2ubuntu0.3 500
          500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
       2024.02-2 500
          500 http://il.archive.ubuntu.com/ubuntu noble/main amd64 Packages
  ---

  3)
  At least one firmware definition file with "amd-sev-es" feature exists

  
  3)
  None of firmware definition files contain "amd-sev-es" feature

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2122286/+subscriptions

More information about the foundations-bugs mailing list