6:04 p.m.
Libvirt allows specifying firmware for domains for quite some time now.
However, problem for mgmt applications is that they do not know which
firmware to chose as all they see are their paths and from that it's
impossible to tell whether one of them supports say secure boot.
This problem was addressed by qemu where Lazslo and Daniel created a
document, specification which describes metadata for each individual
firmware image. In the description (which itself is a JSON file for easy
machine parsing) then it's specified whether the firmware it's
describing supports secureboot, s3/s4 states, it it's bios or efi, and
so on.
These patches take advantage of that, and even though the description
files are not picked up by that many distributions yet, it allows users
to not care about putting specific firmware path into their domain XML.
It's as easy as:
<os firmware='efi'>
<loader secure='yes'/>
</os>
to have libvirt pick up OVMF image with secure enabled boot (and enabled
System Management Mode at the same time).
The metadata specification lives under
qemu.git/docs/interop/firmware.json and I highly recommend you go and
read it before reviewing (unless you're Laszlo or Daniel in which case
you already know what the document says).
As usual, you can find my patches at my github:
https://github.com/zippy2/libvirt/commits/firmware_v1
Michal Prívozník (15):
virmock: Initialize both symbols in VIR_MOCK_REAL_INIT_ALT
qemu_domain: Separate NVRAM VAR store file name generation
qemu_capabilities: Expose qemu <-> libvirt arch translators
virDomainLoaderDefParseXML: Allow loader path to be NULL
conf: Introduce VIR_DOMAIN_LOADER_TYPE_NONE
conf: Introduce firmware attribute to <os/>
qemu: Introduce basic skeleton for parsing firmware description
test: Introduce qemufirmwaretest
qemu_firmware: Introduce qemuFirmwareFetchConfigs
qemufirmwaretest: Test qemuFirmwareFetchConfigs()
qemu_firmware: Introduce qemuFirmwareFillDomain()
qemu_process: Call qemuFirmwareFillDomain
qemuDomainDefValidate: Don't require SMM if automatic firmware
selection enabled
qemu: Enable firmware autoselection
qemuxml2argvtest: Test os.firmware autoselection
docs/formatdomain.html.in | 22 +-
docs/schemas/domaincommon.rng | 12 +-
src/conf/domain_conf.c | 113 +-
src/conf/domain_conf.h | 15 +-
src/libvirt_private.syms | 2 +
src/qemu/Makefile.inc.am | 2 +
src/qemu/qemu_capabilities.c | 4 +-
src/qemu/qemu_capabilities.h | 3 +
src/qemu/qemu_command.c | 1 +
src/qemu/qemu_domain.c | 34 +-
src/qemu/qemu_domain.h | 4 +
src/qemu/qemu_firmware.c | 1285 +++++++++++++++++
src/qemu/qemu_firmware.h | 50 +
src/qemu/qemu_process.c | 5 +
tests/Makefile.am | 14 +-
tests/domaincapsschemadata/full.xml | 1 +
.../etc/qemu/firmware/40-ovmf-sb.json | 1 +
.../etc/qemu/firmware/60-ovmf.json | 0
.../user/.config/qemu/firmware/10-bios.json | 0
.../usr/share/qemu/firmware/40-bios.json | 35 +
.../usr/share/qemu/firmware/50-ovmf-sb.json | 36 +
.../usr/share/qemu/firmware/60-ovmf.json | 35 +
.../usr/share/qemu/firmware/70-aavmf.json | 35 +
tests/qemufirmwaretest.c | 129 ++
...arch64-os-firmware-efi.aarch64-latest.args | 37 +
.../aarch64-os-firmware-efi.xml | 30 +
.../os-firmware-bios.x86_64-latest.args | 39 +
tests/qemuxml2argvdata/os-firmware-bios.xml | 68 +
...os-firmware-efi-secboot.x86_64-latest.args | 42 +
.../os-firmware-efi-secboot.xml | 68 +
.../os-firmware-efi.x86_64-latest.args | 42 +
tests/qemuxml2argvdata/os-firmware-efi.xml | 68 +
tests/qemuxml2argvtest.c | 17 +
.../aarch64-os-firmware-efi.xml | 1 +
tests/qemuxml2xmloutdata/os-firmware-bios.xml | 1 +
.../os-firmware-efi-secboot.xml | 1 +
tests/qemuxml2xmloutdata/os-firmware-efi.xml | 1 +
tests/qemuxml2xmltest.c | 27 +
tests/virmock.h | 5 +-
39 files changed, 2255 insertions(+), 30 deletions(-)
create mode 100644 src/qemu/qemu_firmware.c
create mode 100644 src/qemu/qemu_firmware.h
create mode 120000 tests/qemufirmwaredata/etc/qemu/firmware/40-ovmf-sb.json
create mode 100644 tests/qemufirmwaredata/etc/qemu/firmware/60-ovmf.json
create mode 100644 tests/qemufirmwaredata/home/user/.config/qemu/firmware/10-bios.json
create mode 100644 tests/qemufirmwaredata/usr/share/qemu/firmware/40-bios.json
create mode 100644 tests/qemufirmwaredata/usr/share/qemu/firmware/50-ovmf-sb.json
create mode 100644 tests/qemufirmwaredata/usr/share/qemu/firmware/60-ovmf.json
create mode 100644 tests/qemufirmwaredata/usr/share/qemu/firmware/70-aavmf.json
create mode 100644 tests/qemufirmwaretest.c
create mode 100644 tests/qemuxml2argvdata/aarch64-os-firmware-efi.aarch64-latest.args
create mode 100644 tests/qemuxml2argvdata/aarch64-os-firmware-efi.xml
create mode 100644 tests/qemuxml2argvdata/os-firmware-bios.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/os-firmware-bios.xml
create mode 100644 tests/qemuxml2argvdata/os-firmware-efi-secboot.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/os-firmware-efi-secboot.xml
create mode 100644 tests/qemuxml2argvdata/os-firmware-efi.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/os-firmware-efi.xml
create mode 120000 tests/qemuxml2xmloutdata/aarch64-os-firmware-efi.xml
create mode 120000 tests/qemuxml2xmloutdata/os-firmware-bios.xml
create mode 120000 tests/qemuxml2xmloutdata/os-firmware-efi-secboot.xml
create mode 120000 tests/qemuxml2xmloutdata/os-firmware-efi.xml
--
2.19.2