On 2/17/22 12:54, Daniel P. Berrangé wrote:
Currently the 'nvram_template' entry is mandatory when parsing the firmware descriptor based on flash. QEMU is extending the firmware descriptor spec to make the 'nvram_template' optional, depending on the value of a new 'mode' field:
- "split" * "executable" contains read-only CODE * "nvram_template" contains read-write VARS
- "combined" * "executable" contains read-write CODE and VARs * "nvram_template" not present, as the "executable" is effectively the template on its own
- "stateless" * "executable" contains read-only CODE and VARs * "nvram_template" not present
In the latter case, the guest OS can write vars but the firmware will make no attempt to persist them, so any changes will be lost at poweroff.
For now we parse this new 'mode' but discard any firmware which is not 'mode=split' when matching for a domain. This is the minimum required to have libvirt not break when seeing the new firmware descriptors. Future changes will support the new modes.
In the tests we have a mixture of files with and without the mode attribute.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/qemu/qemu_firmware.c | 79 ++++++++++++++++--- .../share/qemu/firmware/50-ovmf-sb-keys.json | 33 ++++++++ .../out/usr/share/qemu/firmware/61-ovmf.json | 31 ++++++++ .../out/usr/share/qemu/firmware/70-aavmf.json | 28 +++++++ .../qemu/firmware/45-ovmf-sev-stateless.json | 31 ++++++++ .../qemu/firmware/55-ovmf-sb-combined.json | 33 ++++++++ .../usr/share/qemu/firmware/60-ovmf-sb.json | 1 + tests/qemufirmwaretest.c | 31 ++++++-- 8 files changed, 246 insertions(+), 21 deletions(-) create mode 100644 tests/qemufirmwaredata/out/usr/share/qemu/firmware/50-ovmf-sb-keys.json create mode 100644 tests/qemufirmwaredata/out/usr/share/qemu/firmware/61-ovmf.json create mode 100644 tests/qemufirmwaredata/out/usr/share/qemu/firmware/70-aavmf.json create mode 100644 tests/qemufirmwaredata/usr/share/qemu/firmware/45-ovmf-sev-stateless.json create mode 100644 tests/qemufirmwaredata/usr/share/qemu/firmware/55-ovmf-sb-combined.json
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> and safe for the freeze. Michal