id = 1919
title = "UEFI SecureCode hangs on MacOs - 8.1.1 / MacOS Ventura"
state = "closed"
created_at = "2023-10-03T11:58:14.876Z"
closed_at = "2023-10-18T10:14:26.000Z"
labels = ["hostos: macOS", "target: i386"]
url = "https://gitlab.com/qemu-project/qemu/-/issues/1919"
host-os = "MacOS ventura 13.6"
host-arch = "x86_64`, `ARM` - problem tested on devices with Intel and Apple silicon"
qemu-version = "QEMU emulator version 8.1.1"
guest-os = "None - hangs during UEFI bios load"
guest-arch = "x86_64"
description = """Unable to load edk2 secure boot UEFI code. Non-secure edk2 bios works fine, but secure one hangs during load."""
reproduce = """1. Run mentioned command - it should display OVMF logo - but it hangs"""
additional = """* edk2-x86_64-code.fd works fine, edk2-x86_64-secure-code.fd not
* Tested with swtpm and without - doesn't matter
* TPM access has been observed (when swtpm enabled) - sounds like secure-code validation partially works

To enable TPM:
```
   -chardev socket,id=chrtpm,path=mytpm0/swtpm-sock \\
   -tpmdev emulator,id=tpm0,chardev=chrtpm \\
   -device tpm-tis,tpmdev=tpm0 \\
```
and run swtpm
```
swtpm socket --tpm2 --tpmstate dir=mytpm0 --ctrl type=unixio,path=mytpm0/swtpm-sock
```"""