Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 830006

Summary: sys-firmware/edk2-ovmf-202105-r1 breaks some app-emulation/libvirt use-cases
Product: Gentoo Linux Reporter: Mart Raudsepp <leio>
Component: Current packagesAssignee: Matthias Maier <tamiko>
Status: RESOLVED FIXED    
Severity: normal CC: ajak, arsen, sam, virtualization
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Mart Raudsepp gentoo-dev 2021-12-26 14:11:53 UTC 
sys-firmware/edk2-ovmf-202105-r1 contains this in the ebuild:

# TODO: the binary 202105 package currently lacks the preseeded
#       OVMF_VARS.secboot.fd file (that we typically get from fedora)

However it still ships /usr/share/qemu/firmware/40-edk2-ovmf-x64-sb-enrolled.json which references it, and it is the lowest-numbered file in there, so gets picked out of the box. This breaks gnome-boxes completely for me:

libvirtd[91620]: Failed to open file '/usr/share/edk2-ovmf/OVMF_VARS.secboot.fd': No such file or directory

Things work fine (though maybe less secure?) after deleting that 40-edk2-ovmf-x64-sb-enrolled.json as well.

Please avoid this inconsistency by doing the TODO or at least dropping the json files too that need the missing files.

Thanks to Arsen for tracking down the root cause for my non-working gnome-boxes
Comment 1 Larry the Git Cow gentoo-dev 2022-01-04 00:02:17 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9e44e430b7bf879f821301b93fa5006e9d625097

commit 9e44e430b7bf879f821301b93fa5006e9d625097
Author:     Matthias Maier <tamiko@gentoo.org>
AuthorDate: 2022-01-04 00:01:49 +0000
Commit:     Matthias Maier <tamiko@gentoo.org>
CommitDate: 2022-01-04 00:02:11 +0000

    sys-firmware/edk2-ovmf: workaround: do not install broken qemu config
    
    As a temporary workaround do not install
    
      /usr/share/qemu/firmware/40-edk2-ovmf-x64-sb-enrolled.json
    
    We are currently not shipping the necessary OVMF_VARS.secboot.fd file
    
    Bug: https://bugs.gentoo.org/830006
    Package-Manager: Portage-3.0.30, Repoman-3.0.3
    RepoMan-Options: --force
    Signed-off-by: Matthias Maier <tamiko@gentoo.org>

 sys-firmware/edk2-ovmf/edk2-ovmf-202105-r2.ebuild | 177 ++++++++++++++++++++++
 1 file changed, 177 insertions(+)
Comment 2 Michal Privoznik 2022-03-07 13:05:18 UTC 
BTW: this is fixed upstream by the following commit:

https://gitlab.com/libvirt/libvirt/-/commit/32b9d8b0ae00669555f01f91ee11612a636c4b69
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-04-03 04:06:53 UTC 
(In reply to Michal Privoznik from comment #2)
> BTW: this is fixed upstream by the following commit:
> 
> https://gitlab.com/libvirt/libvirt/-/commit/
> 32b9d8b0ae00669555f01f91ee11612a636c4b69

Thanks! Fixed in 8.1.0 then.