On Fri, Mar 19, 2021 at 04:11:39PM +0100, Kashyap Chamarthy wrote:
On Fri, Mar 19, 2021 at 11:59:11AM +0100, Pavel Hrdina wrote:
On Fri, Mar 19, 2021 at 11:10:05AM +0100, Kashyap Chamarthy wrote:
On Thu, Mar 18, 2021 at 01:26:45PM +0100, Pavel Hrdina wrote:
[...]
Nit: I'd recast it as: "When using firmware auto-selection, different features are enabled in any given firmware binary."
Sounds a bit better but I've already pushed the patches.
Np; can be a follow-up.
[...]
Should we also list a couple of example features? E.g. "amd-sev" (on supported hardware), "acpi-s3", "secure-boot".
I was considering listing all features that the JSON files can have but most of the other features are already controlled by different XML elements. There is an explicit list of features later in the docs.
Ah, where's the explict list of features? I don't see them under the "BIOS bootloader" section: https://libvirt.org/formatdomain.html#bios-bootloader
Under the 'firmware' element there is a description of 'feature' element that lists mandatory attributes and for attribute 'name' there is a list of possible features which includes 'enrolled-keys' and 'secure-boot'. This is the part from formatdomain.rst file: ``feature`` The list of mandatory attributes: - ``enabled`` (accepted values are ``yes`` and ``no``) is used to tell libvirt if the feature must be enabled or not in the automatically selected firmware - ``name`` the name of the feature, the list of the features: - ``enrolled-keys`` whether the selected nvram template has default certificate enrolled. Firmware with Secure Boot feature but without enrolled keys will successfully boot non-signed binaries as well. Valid only for firmwares with Secure Boot feature. - ``secure-boot`` whether the firmware implements UEFI Secure boot feature. Pavel