Question about SEV* guests and automatic firmware selection

21 Apr 2025

Hi All,

While investigating an internal bug report, we noticed that a minimal firmware 
auto-selection configuration along with SEV* fails to find a match. E.g. the 
following config

<domain type="kvm">
   <os firmware="efi">
     <type arch="x86_64" machine="q35">hvm</type>
     <boot dev="hd"/>
   </os>
   <launchSecurity type="sev">
     <policy>0x07</policy>
   </launchSecurity>
...
</domain>

Fails with "Unable to find 'efi' firmware that is compatible with the current 
configuration". A firmware that should match has the following json description

{
     "description": "UEFI firmware for x86_64, with AMD SEV",
     "interface-types": [
         "uefi"
     ],
     "mapping": {
         "device": "flash",
	"mode": "stateless",
         "executable": {
             "filename": "/usr/share/qemu/ovmf-x86_64-sev.bin",
             "format": "raw"
         }
     },
     "targets": [
         {
             "architecture": "x86_64",
             "machines": [
                 "pc-q35-*"
             ]
         }
     ],
     "features": [
         "acpi-s4",
	"amd-sev",
	"amd-sev-es",
	"amd-sev-snp",
         "verbose-dynamic"
     ],
     "tags": [

     ]
}

Auto-selection works fine if I specify a 'stateless' firmware, e.g. amend the 
above config with

   <os firmware="efi">
     <type arch="x86_64" machine="q35">hvm</type>
     <loader stateless="yes"/>
     <boot dev="hd"/>
   </os>

Being unfamiliar with the firmware auto-selection code, I tried the below naive 
hack, which only led to test failures and the subsequent runtime error "unable 
to find any master var store for loader: /usr/share/qemu/ovmf-x86_64-sev.bin". 
Should auto-selection work with the minimal config, or is it expected that user 
also specify a stateless firmware?

Regards,
Jim

diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c
index 2d0ec0b4fa..660b74141a 100644
--- a/src/qemu/qemu_firmware.c
+++ b/src/qemu/qemu_firmware.c
@@ -1293,15 +1293,17 @@ qemuFirmwareMatchDomain(const virDomainDef *def,
              return false;
          }

-        if (loader && loader->stateless == VIR_TRISTATE_BOOL_YES) {
-            if (flash->mode != QEMU_FIRMWARE_FLASH_MODE_STATELESS) {
-                VIR_DEBUG("Discarding loader without stateless flash");
-                return false;
-            }
-        } else {
-            if (flash->mode != QEMU_FIRMWARE_FLASH_MODE_SPLIT) {
-                VIR_DEBUG("Discarding loader without split flash");
-                return false;
+        if (loader) {
+            if (loader->stateless == VIR_TRISTATE_BOOL_YES) {
+                if (flash->mode != QEMU_FIRMWARE_FLASH_MODE_STATELESS) {
+                    VIR_DEBUG("Discarding loader without stateless flash");
+                    return false;
+                }
+            } else if (loader->stateless == VIR_TRISTATE_BOOL_NO) {
+                if (flash->mode != QEMU_FIRMWARE_FLASH_MODE_SPLIT) {
+                    VIR_DEBUG("Discarding loader without split flash");
+                    return false;
+                }
              }
          }

    

Question about SEV* guests and automatic firmware selection

Jim Fehlig