Report what was done.
I uninstalled WSL and used the command line rather than Windows App Store to install it.
Additionally, enabled Hyper-V in Windows features
Yes, that was a dumb mistake on my part.
But since WSL2 is now working, I’m assuming virtualization is OK and it’s Docker for Windows that is acting up. Will try removing it and installing again, removing all the files it leaves in %appdata%/Docker
after first.
Interesting enough, the latest version of Docker shouldn’t require Hyper-V if it uses WSL2. Which, I’d think, would mean WSL2 shouldn’t require Hyper-V either.
My hypothesis is that my WSL was messed up to begin with and by re-installing it I fixed it.
But Docker, re-installing it didn’t help. Getting that annoying error after reinstall
I’ve confirmed in two ways that there’s an issue with the laptop/BIOS and not a docker problem.
Hypervisor reported as not present
When using Coreinfo by SysInternals. Specifically, it shows wherever a hypervisor is detected or not. When I ran it on my system, the report detected no hypervisor.
Running a Hyper-VM VM
As per Framework support, I’ve tried creating a new Hyper-V VM, and it failed with this error
I’ll update this thread once hear from Framework support.
Did you check the Hyper-V services? (Hyper-V Virtual Machine Management)
Is Data Execution Prevention (DEP) enabled in the BIOS? (Disclaimer: I still don’t have my Framework laptop, so possibly this setting doesn’t exist)
Run „bcdedit“ and check if the „hypervisorlaunchtype“ is set to auto, if not run „bcdedit /set hypervisortlaunchtype auto“ and reboot.
I assume you’re talking about the Windows feature? It’s been enabled.
That’s not exposed in Framework BIOS.
It’s already at auto
No, I meant Windows services: Win+R => services.msc
There are a lot of services starting with Hyper-V and a service called “HV Host Service”.
The startype of them should be set to “Manual (Trigger Start)”
The “HV Host Service” should be running.
Weird …
Did you check the Eventlog for errors? Maybe we can find there something which leads us to the cause of this problem.
Thank you! I’ve forgotten about system event logs entirely. When filtered on Errors only, I found these peculiar entry:
Hypervisor launch failed; Secure Mode Extensions have been enabled by the BIOS. Please disable Secure Mode Extensions in the BIOS to launch Hyper-V.
Also this:
The virtualization-based security enablement policy check at phase 0 failed with status: Virtual Secure Mode (VSM) is not initialized. The hypervisor or VSM may not be present or enabled
And also this one that talks about HvHost
, which might be related to Hyper-V:
The CmService service depends on the HvHost service which failed to start because of the following error:
A device attached to the system is not functioning.
The most interesting was about Secure Mode Extensions enabled in BIOS because I’ve reset the BIOS to the defaults, as instructed by the Framework support. I’ll have to reach out to them with this new information.
Thank you, @mahe, for this suggestion. It enforces my suspicion that it wasn’t Windows 11 at fault and that something else is at play.
Is your BIOS on the latest version?
Is TPM enabled in the BIOS?
As stated in the first error of your last post, check if Secure Mode Extensions (can be named SMX) are disabled in the BIOS.
Also check if all the virtualization features are enabled in the BIOS.
The error with VSM (2nd error you posted) is strange, afaik it can only occur on domain joined devices and usually has something to do with Credential Guard.
Which Windows Edition (Home, Pro, Enterprise, …) and version (feature version, like 21H2) are you running?
Gen12 has only one version, the version it’s shipped with.
Yes. That’s a part of the default BIOS settings.
Framework BIOS is very “primitive”. There’s nothing besides VMX (turned on).
Windows 11 Pro 21H2, build 22000.978, Windows Feature Experience Pack 1000.22000.978.0
hmmm, now this is more a shot in the blue, what you can try:
Enable Windows Defender Credential Guard by using Group Policy
You can edit your local Group Policies by running gpedit.msc
(first part of point 1, the Group Policy Management Console)
I would suggest doing the settings like they show them in the screenshot (point 5).
The important stuff is to enable Credential Guard Configuration
.
Be aware: Do NOT enable Virtualization Based Protection of Code Integrity
, leave it set to Not Configured
otherwise this may run you in really big troubles (chances are low, but who knows).
Reboot afterwards.
You can simply revert this change by setting to radio button back to Not Configured
and reboot.
Note 1: Enabling this could cause troubles with connecting to WiFi, if the WiFi you want to connect to only supports old authentication methods (which are known for being insecure for years now) you can’t connect to it.
Note 2: If your device is joined to a Domain, these settings could possibly be overwritten by GPOs set by your admins.
I’ve encountered the exact same issue today. Docker refuses to work on both the WSL2 and the old virtualization engine. Manually installing wsl fails. I’m getting the same errors as OP.
Please check if the Intel Trusted Execution Technology is disabled in BIOS.
Yes, gen 12, most expensive version. Everything related to virtualization (and almost anything else) is enabled in the BIOS.
Disabling Intel Trusted Execution Technology in BIOS has allowed Docker and Hyper-V to work!
Hypervisor is now reported as present, where previously it wasn’t.
@Heinz-Willi_Eichmeye, you’re a life saviour!
I wish A) Framework would not enable it in their default BIOS configuration and B) support be a bit more knowledgeable about this setting.
I can finally fully enjoy this amazing laptop!