snapd

UC-20 can't be installed successfully with TPM 2.0 and secure boot enabled.

Bug #1904690 reported by Jerry Lee on 2020-11-18

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	snapd	Fix Released	Critical	Dimitri John Ledkov

Bug Description

I used a Dell laptop with TPM 2.0 and secure boot enabled.
I tried to install UC-20 on this laptop but the installation process hung and without response finally.
The tested image: http://cdimage.ubuntu.com/ubuntu-core/20/beta/20201117.3/ubuntu-core-20-amd64.img.xz

The last screen is captured as 2 pictures and are attached here.
The key messages are:

picture#1:(uc20-fail-1.jpg)
"gadget does not support encrypted data: volume "pc" has no structure with system-save role"

picture#1:(uc20-fail-2.jpg)
"error: cannot set device information: No option model in section"

Besides, I did some testings on the same Dell laptop and the results are for references:
(1) Both TPM 2.0 and secure boot were NOT enabled
Both UC-18 and UC-20 can be installed
(2) Both TPM 2.0 and secure boot were enabled
UC-18 can be installed.

See original description

Tags:

Revision history for this message

Jerry Lee (jerry-lee-tpe) wrote on 2020-11-18:

picture#1:(uc20-fail-1.jpg) Edit (677.3 KiB, image/jpeg)

Revision history for this message

Jerry Lee (jerry-lee-tpe) wrote on 2020-11-18:

picture#1:(uc20-fail-2.jpg) Edit (554.1 KiB, image/jpeg)

Attache the 2nd picture

Revision history for this message

Ian Johnson (anonymouse67) wrote on 2020-11-19:

Hi, we are in the process of trying to get all the bits in place for a final UC20 1.0 release, and unfortunately for encryption support, the gadget snap is slightly behind in that the gadget snap does not define the ubuntu-save partition yet, but it should be released to the beta channel shortly and when that is included in the image it should work.

Your result that if secure boot is disabled, then you can install UC20 is expected since ubuntu-save is only necessary for encryption support (it is optional for unencrypted installs), and secure boot is required for full disk encryption support.

Changed in snapd:
status:	New → Won't Fix
status:	Won't Fix → Triaged
importance:	Undecided → Critical
assignee:	nobody → Dimitri John Ledkov (xnox)
tags:	added: uc20

Jerry Lee (jerry-lee-tpe) on 2020-11-19

description:

updated

a59ff5 (a59ff5a59ff5) on 2021-03-29

Changed in snapd:
status:	Triaged → Fix Released

Ian Johnson (anonymouse67) on 2021-03-29

Changed in snapd:
status:	Fix Released → Triaged

Revision history for this message

Ian Johnson (anonymouse67) wrote on 2021-03-30:

Hi jerry-lee-tpe, can you test the released UC20 images with this now? All of the gadget snaps should be updated now with ubuntu-save.

Changed in snapd:
status:	Triaged → Fix Committed
status:	Fix Committed → Fix Released

Revision history for this message

Jerry Lee (jerry-lee-tpe) wrote on 2021-03-31:

@anonymouse67

I don't have the machine (model: Latitude 5511) at hands now...
Please close this case, I will report if I see the same error again.

Thanks

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.