Bug 2165506

Summary:	[virtio-win] Attestation signing is failing because of the legacy INF keyword usage in virtio-rng
Product:	Red Hat Enterprise Linux 9	Reporter:	Yvugenfi <yvugenfi>
Component:	virtio-win	Assignee:	Yvugenfi <yvugenfi>
virtio-win sub component:	virtio-win-prewhql	QA Contact:	menli <menli>
Status:	CLOSED MIGRATED	Docs Contact:
Severity:	high
Priority:	high	CC:	coli, jinzhao, juzhang, vrozenfe
Version:	9.2	Keywords:	MigratedToJIRA, Triaged
Target Milestone:	rc
Target Release:	---
Hardware:	Unspecified
OS:	Windows
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2023-06-28 08:37:05 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Yvugenfi@redhat.com 2023-01-30 09:57:05 UTC

Description of problem:

When submitting virtio-win-prewhql driver for attestation signing on the MS Hardware partners portal, the attestation singing fails during the validation stage with the following error:

"Error 1303 in viorng.inf, line 102 : Found legacy AddReg operation defining co-installers (CoInstallers32).

Failed INF validation. INF did not pass Desktop validation (InfVerif /k).
"


Version-Release number of selected component (if applicable):
The test was done with virtio-win-prewhql-0.1-232, but this is MS portal feature - so it will fail with all our previous versions.

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Currently, our cab file (the archive with driver binaries) has all the drivers together. Therefore, attestation signing for all the drivers will fail, although the problem is only in virtio-rng driver.
The keyword relates to the usage of the co-installer in virio-rng driver used to register cryptographic provided in Windows.

Comment 4 menli@redhat.com 2023-06-25 01:54:50 UTC

Hi Yan，

Do you think running a window guest whql test to verify the bz is enough at this moment? Or any other suggestions?


Thanks 
Menghuan

Comment 5 Yvugenfi@redhat.com 2023-06-25 06:15:02 UTC

(In reply to menli from comment #4)
> Hi Yan，
> 
> Do you think running a window guest whql test to verify the bz is enough at
> this moment? Or any other suggestions?
> 
> 
> Thanks 
> Menghuan

Hi Menghuan,

I am already tested that attestation signing works.
Submitting virtio-rng for WHQL certification also a good idea.
Other than that, I don't think something is needed.


Best regards,
Yan.

Comment 6 menli@redhat.com 2023-06-26 05:50:30 UTC

Thanks a lot Yan.

Based on comment5 and I tested a win2016 rng whql with build 238, the result is pass, so change the status to verified.

Comment 7 Yvugenfi@redhat.com 2023-06-26 06:30:21 UTC

(In reply to menli from comment #6)
> Thanks a lot Yan.
> 
> Based on comment5 and I tested a win2016 rng whql with build 238, the result
> is pass, so change the status to verified.

Sorry Menghuan,
Can you test that the submission of the driver to MS Hardware portal succeeded as well?

Thanks,
Yan.

Comment 8 menli@redhat.com 2023-06-26 06:46:43 UTC

(In reply to Yvugenfi from comment #7)
> (In reply to menli from comment #6)
> > Thanks a lot Yan.
> > 
> > Based on comment5 and I tested a win2016 rng whql with build 238, the result
> > is pass, so change the status to verified.
> 
> Sorry Menghuan,
> Can you test that the submission of the driver to MS Hardware portal
> succeeded as well?

 Yes, my fault, I noticed you already tested that attestation signing works and I ignored to check it on my side.
Will work on it, change the bz to ON_QA first.

> Thanks,
> Yan.