Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 830006 - sys-firmware/edk2-ovmf-202105-r1 breaks some app-emulation/libvirt use-cases
Summary: sys-firmware/edk2-ovmf-202105-r1 breaks some app-emulation/libvirt use-cases
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Matthias Maier
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-12-26 14:11 UTC by Mart Raudsepp
Modified: 2022-04-03 04:06 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mart Raudsepp gentoo-dev 2021-12-26 14:11:53 UTC 
sys-firmware/edk2-ovmf-202105-r1 contains this in the ebuild:

# TODO: the binary 202105 package currently lacks the preseeded
#       OVMF_VARS.secboot.fd file (that we typically get from fedora)

However it still ships /usr/share/qemu/firmware/40-edk2-ovmf-x64-sb-enrolled.json which references it, and it is the lowest-numbered file in there, so gets picked out of the box. This breaks gnome-boxes completely for me:

libvirtd[91620]: Failed to open file '/usr/share/edk2-ovmf/OVMF_VARS.secboot.fd': No such file or directory

Things work fine (though maybe less secure?) after deleting that 40-edk2-ovmf-x64-sb-enrolled.json as well.

Please avoid this inconsistency by doing the TODO or at least dropping the json files too that need the missing files.

Thanks to Arsen for tracking down the root cause for my non-working gnome-boxes
Comment 1 Larry the Git Cow gentoo-dev 2022-01-04 00:02:17 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9e44e430b7bf879f821301b93fa5006e9d625097

commit 9e44e430b7bf879f821301b93fa5006e9d625097
Author:     Matthias Maier <tamiko@gentoo.org>
AuthorDate: 2022-01-04 00:01:49 +0000
Commit:     Matthias Maier <tamiko@gentoo.org>
CommitDate: 2022-01-04 00:02:11 +0000

    sys-firmware/edk2-ovmf: workaround: do not install broken qemu config
    
    As a temporary workaround do not install
    
      /usr/share/qemu/firmware/40-edk2-ovmf-x64-sb-enrolled.json
    
    We are currently not shipping the necessary OVMF_VARS.secboot.fd file
    
    Bug: https://bugs.gentoo.org/830006
    Package-Manager: Portage-3.0.30, Repoman-3.0.3
    RepoMan-Options: --force
    Signed-off-by: Matthias Maier <tamiko@gentoo.org>

 sys-firmware/edk2-ovmf/edk2-ovmf-202105-r2.ebuild | 177 ++++++++++++++++++++++
 1 file changed, 177 insertions(+)
Comment 2 Michal Privoznik 2022-03-07 13:05:18 UTC 
BTW: this is fixed upstream by the following commit:

https://gitlab.com/libvirt/libvirt/-/commit/32b9d8b0ae00669555f01f91ee11612a636c4b69
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-04-03 04:06:53 UTC 
(In reply to Michal Privoznik from comment #2)
> BTW: this is fixed upstream by the following commit:
> 
> https://gitlab.com/libvirt/libvirt/-/commit/
> 32b9d8b0ae00669555f01f91ee11612a636c4b69

Thanks! Fixed in 8.1.0 then.