** Description changed: [Impact] A patch for FDE in Ubuntu 26.04 LTS was backported to older releases where it was not strictly needed, causing crashes on systems with BitLocker as it tries to ask for a recovery key. + + The bug specifically relates to a crash in fwupdmgr when the snapd + recovey key prompt receives an EOF signal (using CTRL + D for example). + This is a consequence of incorrect error propagation in the patch + fwupdmgr-fde-verify-snapd-recovery-key.patch. + + The fix for Jammy and Noble is to drop the patch, which removes the error + surface completely. + + The fix for Questing, Resolute, and Stonking is to solve the error propagation + by using the correct glib error setters in order to assert that no error + variables are null. + + [ Test Plan ] + + ## Setup + + For each affected series, launch a VM using TPM FDE with swtpm and OVMF + vars. + + This can be done by downloading each desktop ISO from + https://releases.ubuntu.com/<SERIES> and installing them using this qemu.sh + script from Valentin David: + https://gist.github.com/valentindavid/7a6a74e6da16a3865b88e8bdf5c0294c#file-qemu-sh + + Copy this script to separate directories (i.e. noble/, jammy/, etc.) and + install the ISO using: + + $ ./qemu.sh clear reset cdrom <ISO_PATH> + + This will launch the Ubuntu install setup. After setup is complete, the + installed version can be launched from the associated directory by running + the script without any arguments: + + $ ./qemu.sh # in e.g. noble/ + + ## Reproduce + + Verify the bug by running: + + $ fwupdmgr refresh + $ fwupdmgr update # Enter 'y' on UEFI updates + + At the snapd fde recovery key prompt, send CTRL + D. + + This will crash fwupdmgr with a glib error. + + ## Verify fix + + Enable the proposed pocket in each VM. Upgrade fwupd: + + $ sudo apt upgrade fwupd + + Repeat the Reproduce steps. No glib error should be raised. + + + [ Where problems could occur ] + + For Jammy and Noble, this change will not verify the snapd recovery key + anymore on firmware upgrades. While this was not originally intended on + these releases, it may introduce an inconsistency with the graphical Firmware + Updater UI. As the patch is entirely removed on these releases, the risk + for breakage is roughly equal to before the patch was introduced. + + For Questing, Resolute, and Stonking, the regression lies in if the error + propagation were to present errors incorrectly, and users would thus possibly + get less information than before during errors. [Original Bug Description] The Ubuntu Error Tracker has been receiving reports about a problem regarding fwupd. This problem was most recently seen with package version 2.1.1-1ubuntu3, the problem page at https://errors.ubuntu.com/problem/9c441049f1b1cdc101d0e2b28a13dfad3d46dedf contains more details, including versions of packages affected, stacktrace or traceback, and individual crash reports. If you do not have access to the Ubuntu Error Tracker and are a software developer, you can request it at http://forms.canonical.com/reports/.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2156480 Title: [SRU] fwupdmgr incorrectly asks for recovery key and crashes To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/fwupd/+bug/2156480/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
