VirtualBox

Opened 4 years ago

Last modified 3 years ago

#19386 new defect

FileVault

Reported by: Jack_Smith Owned by:
Component: EFI Version: VirtualBox 6.1.4
Keywords: FileVault Cc:
Guest type: other Host type: Mac OS X

Description

VirtualBox successfully boots macOS Sierra, High Sierra, Mojave, or Catalina, and these operating systems allow encrypting volumes with FileVault2. Attempting to boot a FileVault2-encrypted volume in VirtualBox 6.1.4 or lower results in several boot errors, most importantly **** ERROR _LoginUIInitializedGraphics Can't install updated AppleEvent protocol. The FileVault login UI will not load, probably because macOS cannot find or use the VirtualBox EFI implementation of the UEFI Graphics Output Protocol.

An open-source (BSD 3-clause license) implementation of this graphics protocol is available through the OpenCore ConsoleGop.c source file.

The FileVault2 prompt can be successfully loaded by loading OpenCore through the EFI Internal Shell, and macOS boots normally when the correct password is provided.

Maybe this protocol can be implemented in VirtualBox so FileVault could work without the OpenCore bootloader.

Log files are not attached because the error doesn't show up in the log, only the normal VM startup and shutdown procedures.

Steps to reproduce:

  • Install any version of macOS Sierra, High Sierra, Mojave, or Catalina (and probably other versions that use FileVault2)
  • Encrypt the system volume with FileVault2 (called simply FileFault in System Preferences).
  • Reboot. The macOS kernel will not be able to load the FileVault password prompt.

Workaround:

  • Load OpenCore.efi through the EFI Internal Shell with ProvideConsoleGop set to true. The password prompt will be displayed and the FileVault volume can be decrypted, continuing normal boot.

Change History (5)

comment:1 by aeichner, 4 years ago

How do you enable FileVault for the VM in the first place? The option is greyed out for me completely.

comment:2 by aeichner, 4 years ago

Status: newawaitsfeedback

in reply to:  1 comment:3 by AP Simmons, 3 years ago

Replying to aeichner:

You can use the fdesetup command from an Admin account that has a SecureToken. The user created during the first time setup will work. See example below (or man fdesetup). 

% sudo fdesetup enable

comment:4 by AP Simmons, 3 years ago

Status: awaitsfeedbacknew

comment:5 by blastik, 3 years ago

so I'm experiencing this issue as well. is there any workaround for me to get that VM booting up again?

Note: See TracTickets for help on using tickets.

© 2023 Oracle
ContactPrivacy policyTerms of Use