[libvirt PATCH 00/15] qemu: Further improvements to firmware selection
More information in the commit message for 11/15. Ideally this would make it into 9.2.0 along with the other changes to firmware selection I've made in this cycle[1]. [1] https://listman.redhat.com/archives/libvir-list/2023-February/237806.html Andrea Bolognani (15): tests: Rename a few firmware tests tests: Fix firmware-auto-efi-loader-path-nonstandard tests: Add firmware-auto-efi-loader-path tests: Add more tests for manual Secure Boot configuration tests: Fix firmware descriptor masking test qemu: Introduce qemuFirmwareMatchesPaths() qemu: Discard requires-smm firmware when loader.secure=no qemu: Always go through firmware autoselection conf: Remove some firmware validation checks conf: Don't format firmware type/features when migrating qemu: Don't drop firmware type/features information qemu: Automatically add firmware type/features information conf: Don't explicitly set the secure-boot feature conf: Move validation check out of postparse qemu: Move validation check out of postparse src/conf/domain_conf.c | 5 +- src/conf/domain_postparse.c | 16 -- src/conf/domain_validate.c | 42 +--- src/qemu/qemu_domain.c | 6 - src/qemu/qemu_firmware.c | 186 +++++++++++++----- src/qemu/qemu_validate.c | 6 + .../{60-ovmf-sb.json => 42-masked.json} | 0 .../usr/share/qemu/firmware/42-masked.json | 37 ++++ tests/qemufirmwaretest.c | 2 + ...to-efi-loader-insecure.x86_64-latest.args} | 0 ...auto-efi-loader-insecure.x86_64-latest.err | 1 - ...-loader-path-nonstandard.x86_64-latest.err | 1 + ...ware-auto-efi-loader-path-nonstandard.xml} | 2 +- ...e-auto-efi-loader-path.x86_64-latest.args} | 0 ...are-auto-efi-loader-path.x86_64-latest.err | 1 - .../firmware-auto-efi-loader-path.xml | 2 +- ...to-efi-no-enrolled-keys.x86_64-latest.args | 5 +- ...nual-efi-loader-no-path.x86_64-latest.err} | 0 ...=> firmware-manual-efi-loader-no-path.xml} | 0 ...nual-efi-loader-secure.x86_64-latest.args} | 0 ... => firmware-manual-efi-loader-secure.xml} | 0 ...l-efi-no-enrolled-keys.x86_64-latest.args} | 0 ... firmware-manual-efi-no-enrolled-keys.xml} | 2 +- ...-manual-efi-no-secboot.x86_64-latest.args} | 4 +- ...xml => firmware-manual-efi-no-secboot.xml} | 5 +- ...are-manual-efi-secboot.x86_64-latest.args} | 0 ...re.xml => firmware-manual-efi-secboot.xml} | 2 +- tests/qemuxml2argvtest.c | 12 +- ...ware-auto-bios-stateless.x86_64-latest.xml | 6 +- .../firmware-auto-bios.x86_64-latest.xml | 6 +- ...rmware-auto-efi-aarch64.aarch64-latest.xml | 6 +- ...e-auto-efi-enrolled-keys.x86_64-latest.xml | 6 +- ...-efi-format-loader-qcow2.x86_64-latest.xml | 6 +- ...o-efi-format-loader-raw.aarch64-latest.xml | 6 +- ...-nvram-qcow2-network-nbd.x86_64-latest.xml | 5 +- ...-format-nvram-qcow2-path.x86_64-latest.xml | 6 +- ...o-efi-format-nvram-qcow2.x86_64-latest.xml | 6 +- ...uto-efi-loader-insecure.x86_64-latest.xml} | 8 +- ...loader-path-nonstandard.x86_64-latest.xml} | 4 +- ...re-auto-efi-loader-path.x86_64-latest.xml} | 6 +- ...e-auto-efi-loader-secure.x86_64-latest.xml | 6 +- ...uto-efi-no-enrolled-keys.x86_64-latest.xml | 9 +- ...ware-auto-efi-no-secboot.x86_64-latest.xml | 6 +- ...ware-auto-efi-nvram-file.x86_64-latest.xml | 6 +- ...-efi-nvram-network-iscsi.x86_64-latest.xml | 5 +- ...to-efi-nvram-network-nbd.x86_64-latest.xml | 5 +- .../firmware-auto-efi-nvram.x86_64-latest.xml | 6 +- ...irmware-auto-efi-secboot.x86_64-latest.xml | 6 +- ...irmware-auto-efi-smm-off.x86_64-latest.xml | 6 +- ...mware-auto-efi-stateless.x86_64-latest.xml | 6 +- .../firmware-auto-efi.x86_64-latest.xml | 6 +- ...manual-efi-acpi-aarch64.aarch64-latest.xml | 6 +- ...ware-manual-efi-acpi-q35.x86_64-latest.xml | 6 +- ...anual-efi-loader-secure.x86_64-latest.xml} | 6 +- ...al-efi-no-enrolled-keys.x86_64-latest.xml} | 8 +- ...e-manual-efi-no-secboot.x86_64-latest.xml} | 6 +- ...nual-efi-noacpi-aarch64.aarch64-latest.xml | 6 +- ...re-manual-efi-nvram-file.x86_64-latest.xml | 6 +- ...-efi-nvram-network-iscsi.x86_64-latest.xml | 5 +- ...al-efi-nvram-network-nbd.x86_64-latest.xml | 5 +- ...anual-efi-nvram-template.x86_64-latest.xml | 6 +- ...ware-manual-efi-secboot.x86_64-latest.xml} | 6 +- .../firmware-manual-efi.x86_64-latest.xml | 6 +- .../pvpanic-pci-aarch64.aarch64-latest.xml | 6 +- ...-pci-no-address-aarch64.aarch64-latest.xml | 6 +- .../virtio-iommu-aarch64.aarch64-latest.xml | 6 +- tests/qemuxml2xmltest.c | 8 +- 67 files changed, 409 insertions(+), 164 deletions(-) rename tests/qemufirmwaredata/etc/qemu/firmware/{60-ovmf-sb.json => 42-masked.json} (100%) create mode 100644 tests/qemufirmwaredata/usr/share/qemu/firmware/42-masked.json copy tests/qemuxml2argvdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.args => firmware-auto-efi-loader-insecure.x86_64-latest.args} (100%) delete mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err copy tests/qemuxml2argvdata/{firmware-auto-efi-loader-path.xml => firmware-auto-efi-loader-path-nonstandard.xml} (86%) copy tests/qemuxml2argvdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.args => firmware-auto-efi-loader-path.x86_64-latest.args} (100%) delete mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err rename tests/qemuxml2argvdata/{firmware-manual-efi-no-path.x86_64-latest.err => firmware-manual-efi-loader-no-path.x86_64-latest.err} (100%) rename tests/qemuxml2argvdata/{firmware-manual-efi-no-path.xml => firmware-manual-efi-loader-no-path.xml} (100%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.x86_64-latest.args => firmware-manual-efi-loader-secure.x86_64-latest.args} (100%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.xml => firmware-manual-efi-loader-secure.xml} (100%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.x86_64-latest.args => firmware-manual-efi-no-enrolled-keys.x86_64-latest.args} (100%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.xml => firmware-manual-efi-no-enrolled-keys.xml} (87%) copy tests/qemuxml2argvdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.args => firmware-manual-efi-no-secboot.x86_64-latest.args} (90%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.xml => firmware-manual-efi-no-secboot.xml} (72%) rename tests/qemuxml2argvdata/{firmware-manual-efi-secure.x86_64-latest.args => firmware-manual-efi-secboot.x86_64-latest.args} (100%) rename tests/qemuxml2argvdata/{firmware-manual-efi-secure.xml => firmware-manual-efi-secboot.xml} (86%) copy tests/qemuxml2xmloutdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml => firmware-auto-efi-loader-insecure.x86_64-latest.xml} (82%) copy tests/qemuxml2xmloutdata/{firmware-auto-bios-stateless.x86_64-latest.xml => firmware-auto-efi-loader-path-nonstandard.x86_64-latest.xml} (92%) copy tests/qemuxml2xmloutdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml => firmware-auto-efi-loader-path.x86_64-latest.xml} (89%) copy tests/qemuxml2xmloutdata/{firmware-manual-efi-secure.x86_64-latest.xml => firmware-manual-efi-loader-secure.x86_64-latest.xml} (89%) copy tests/qemuxml2xmloutdata/{firmware-manual-efi-secure.x86_64-latest.xml => firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml} (83%) copy tests/qemuxml2xmloutdata/{firmware-manual-efi-acpi-q35.x86_64-latest.xml => firmware-manual-efi-no-secboot.x86_64-latest.xml} (89%) rename tests/qemuxml2xmloutdata/{firmware-manual-efi-secure.x86_64-latest.xml => firmware-manual-efi-secboot.x86_64-latest.xml} (89%) -- 2.39.2
This unifies the naming between the manual and automatic selection cases, clarifies the contents of the tests and makes room for more tests being added in the future. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- ...ware-auto-efi-loader-path-nonstandard.x86_64-latest.err} | 0 ...th.xml => firmware-auto-efi-loader-path-nonstandard.xml} | 0 ...=> firmware-manual-efi-loader-no-path.x86_64-latest.err} | 0 ...i-no-path.xml => firmware-manual-efi-loader-no-path.xml} | 0 ...=> firmware-manual-efi-loader-secure.x86_64-latest.args} | 0 ...efi-secure.xml => firmware-manual-efi-loader-secure.xml} | 0 tests/qemuxml2argvtest.c | 6 +++--- ... => firmware-manual-efi-loader-secure.x86_64-latest.xml} | 0 tests/qemuxml2xmltest.c | 2 +- 9 files changed, 4 insertions(+), 4 deletions(-) rename tests/qemuxml2argvdata/{firmware-auto-efi-loader-path.x86_64-latest.err => firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err} (100%) rename tests/qemuxml2argvdata/{firmware-auto-efi-loader-path.xml => firmware-auto-efi-loader-path-nonstandard.xml} (100%) rename tests/qemuxml2argvdata/{firmware-manual-efi-no-path.x86_64-latest.err => firmware-manual-efi-loader-no-path.x86_64-latest.err} (100%) rename tests/qemuxml2argvdata/{firmware-manual-efi-no-path.xml => firmware-manual-efi-loader-no-path.xml} (100%) rename tests/qemuxml2argvdata/{firmware-manual-efi-secure.x86_64-latest.args => firmware-manual-efi-loader-secure.x86_64-latest.args} (100%) rename tests/qemuxml2argvdata/{firmware-manual-efi-secure.xml => firmware-manual-efi-loader-secure.xml} (100%) rename tests/qemuxml2xmloutdata/{firmware-manual-efi-secure.x86_64-latest.xml => firmware-manual-efi-loader-secure.x86_64-latest.xml} (100%) diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err similarity index 100% rename from tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err rename to tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.xml b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.xml similarity index 100% rename from tests/qemuxml2argvdata/firmware-auto-efi-loader-path.xml rename to tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.xml diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-no-path.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-manual-efi-loader-no-path.x86_64-latest.err similarity index 100% rename from tests/qemuxml2argvdata/firmware-manual-efi-no-path.x86_64-latest.err rename to tests/qemuxml2argvdata/firmware-manual-efi-loader-no-path.x86_64-latest.err diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-no-path.xml b/tests/qemuxml2argvdata/firmware-manual-efi-loader-no-path.xml similarity index 100% rename from tests/qemuxml2argvdata/firmware-manual-efi-no-path.xml rename to tests/qemuxml2argvdata/firmware-manual-efi-loader-no-path.xml diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-secure.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-efi-loader-secure.x86_64-latest.args similarity index 100% rename from tests/qemuxml2argvdata/firmware-manual-efi-secure.x86_64-latest.args rename to tests/qemuxml2argvdata/firmware-manual-efi-loader-secure.x86_64-latest.args diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-secure.xml b/tests/qemuxml2argvdata/firmware-manual-efi-loader-secure.xml similarity index 100% rename from tests/qemuxml2argvdata/firmware-manual-efi-secure.xml rename to tests/qemuxml2argvdata/firmware-manual-efi-loader-secure.xml diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 293aea60d5..9a2950f8ad 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1084,11 +1084,11 @@ mymain(void) DO_TEST_CAPS_LATEST("firmware-manual-bios-stateless"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-bios-not-stateless"); DO_TEST_CAPS_LATEST("firmware-manual-efi"); - DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-no-path"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-features"); DO_TEST_CAPS_LATEST("firmware-manual-efi-rw"); DO_TEST_CAPS_LATEST("firmware-manual-efi-rw-implicit"); - DO_TEST_CAPS_LATEST("firmware-manual-efi-secure"); + DO_TEST_CAPS_LATEST("firmware-manual-efi-loader-secure"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-loader-no-path"); DO_TEST_CAPS_LATEST("firmware-manual-efi-stateless"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-template"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-nvram-template-stateless"); @@ -1116,7 +1116,7 @@ mymain(void) DO_TEST_CAPS_LATEST("firmware-auto-efi-nvram"); DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-secure"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-insecure"); - DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-path"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-path-nonstandard"); DO_TEST_CAPS_LATEST("firmware-auto-efi-secboot"); DO_TEST_CAPS_LATEST("firmware-auto-efi-no-secboot"); DO_TEST_CAPS_LATEST("firmware-auto-efi-enrolled-keys"); diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-secure.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-loader-secure.x86_64-latest.xml similarity index 100% rename from tests/qemuxml2xmloutdata/firmware-manual-efi-secure.x86_64-latest.xml rename to tests/qemuxml2xmloutdata/firmware-manual-efi-loader-secure.x86_64-latest.xml diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 3d4c038c70..73bcfcc8b7 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -924,7 +924,7 @@ mymain(void) DO_TEST_CAPS_LATEST("firmware-manual-efi"); DO_TEST_CAPS_LATEST("firmware-manual-efi-rw"); DO_TEST_CAPS_LATEST("firmware-manual-efi-rw-implicit"); - DO_TEST_CAPS_LATEST("firmware-manual-efi-secure"); + DO_TEST_CAPS_LATEST("firmware-manual-efi-loader-secure"); DO_TEST_CAPS_LATEST("firmware-manual-efi-stateless"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-template"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-network-iscsi"); -- 2.39.2
This test is intended to simulate the use of an OVMF firmware image installed under a non-standard path. In order to make such a configuration work, the user would have to provide additional information. Right now it doesn't matter, because the configuration is rejected anyway, but the behavior is going to change slightly in the future. Prepare by making the configuration more complete and realistic. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- .../firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err | 2 +- .../firmware-auto-efi-loader-path-nonstandard.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err index e551fafd03..3f90a88791 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err +++ b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err @@ -1 +1 @@ -loader attribute 'type' cannot be specified when firmware autoselection is enabled +loader attribute 'readonly' cannot be specified when firmware autoselection is enabled diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.xml b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.xml index 5cf67730fd..daec5989d5 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.xml +++ b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.xml @@ -5,7 +5,7 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> - <loader>/path/to/OVMF_CODE.fd</loader> + <loader readonly='yes' type='pflash'>/path/to/OVMF_CODE.fd</loader> </os> <features> <acpi/> -- 2.39.2
This is identical to the existing firmware-auto-efi-loader-path-nonstandard test case, but uses a standard firmware path. Right now the two test cases behave identically, but that's going to change in the future. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- ...ware-auto-efi-loader-path.x86_64-latest.err | 1 + .../firmware-auto-efi-loader-path.xml | 18 ++++++++++++++++++ tests/qemuxml2argvtest.c | 1 + 3 files changed, 20 insertions(+) create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-path.xml diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err new file mode 100644 index 0000000000..3f90a88791 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err @@ -0,0 +1 @@ +loader attribute 'readonly' cannot be specified when firmware autoselection is enabled diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.xml b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.xml new file mode 100644 index 0000000000..3e0af7ee4d --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.xml @@ -0,0 +1,18 @@ +<domain type='kvm'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <vcpu placement='static'>1</vcpu> + <os firmware='efi'> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> + </os> + <features> + <acpi/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 9a2950f8ad..3175f59c48 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1116,6 +1116,7 @@ mymain(void) DO_TEST_CAPS_LATEST("firmware-auto-efi-nvram"); DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-secure"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-insecure"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-path"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-path-nonstandard"); DO_TEST_CAPS_LATEST("firmware-auto-efi-secboot"); DO_TEST_CAPS_LATEST("firmware-auto-efi-no-secboot"); -- 2.39.2
These cover the same scenarios as the matching test cases for autoselection. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- ...al-efi-no-enrolled-keys.x86_64-latest.args | 38 +++++++++++++++++++ .../firmware-manual-efi-no-enrolled-keys.xml | 20 ++++++++++ ...e-manual-efi-no-secboot.x86_64-latest.args | 37 ++++++++++++++++++ .../firmware-manual-efi-no-secboot.xml | 19 ++++++++++ ...ware-manual-efi-secboot.x86_64-latest.args | 38 +++++++++++++++++++ .../firmware-manual-efi-secboot.xml | 20 ++++++++++ tests/qemuxml2argvtest.c | 3 ++ ...ual-efi-no-enrolled-keys.x86_64-latest.xml | 37 ++++++++++++++++++ ...re-manual-efi-no-secboot.x86_64-latest.xml | 36 ++++++++++++++++++ ...mware-manual-efi-secboot.x86_64-latest.xml | 37 ++++++++++++++++++ tests/qemuxml2xmltest.c | 3 ++ 11 files changed, 288 insertions(+) create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-no-enrolled-keys.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-no-secboot.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-no-secboot.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-secboot.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-secboot.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-efi-no-secboot.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-efi-secboot.x86_64-latest.xml diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.args new file mode 100644 index 0000000000..a1481d834f --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.args @@ -0,0 +1,38 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/var/lib/libvirt/qemu/domain--1-guest \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-guest/.local/share \ +XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-guest/.cache \ +XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=guest,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-guest/master-key.aes"}' \ +-blockdev '{"driver":"file","filename":"/usr/share/OVMF/OVMF_CODE.secboot.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}' \ +-blockdev '{"driver":"file","filename":"/path/to/guest_VARS.fd","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}' \ +-machine pc-q35-4.0,usb=off,smm=on,dump-guest-core=off,memory-backend=pc.ram,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \ +-accel tcg \ +-cpu qemu64 \ +-global driver=cfi.pflash01,property=secure,value=on \ +-m 1024 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":1073741824}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid 63840878-0deb-4095-97e6-fc444d9bc9fa \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-global ICH9-LPC.noreboot=off \ +-watchdog-action reset \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-no-enrolled-keys.xml b/tests/qemuxml2argvdata/firmware-manual-efi-no-enrolled-keys.xml new file mode 100644 index 0000000000..bc715f704b --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-no-enrolled-keys.xml @@ -0,0 +1,20 @@ +<domain type='qemu'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> + <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> + </os> + <features> + <acpi/> + <smm state='on'/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-no-secboot.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-efi-no-secboot.x86_64-latest.args new file mode 100644 index 0000000000..5e5359ab71 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-no-secboot.x86_64-latest.args @@ -0,0 +1,37 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/var/lib/libvirt/qemu/domain--1-guest \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-guest/.local/share \ +XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-guest/.cache \ +XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=guest,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-guest/master-key.aes"}' \ +-blockdev '{"driver":"file","filename":"/usr/share/OVMF/OVMF_CODE.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}' \ +-blockdev '{"driver":"file","filename":"/path/to/guest_VARS.fd","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}' \ +-machine pc-q35-4.0,usb=off,dump-guest-core=off,memory-backend=pc.ram,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \ +-accel tcg \ +-cpu qemu64 \ +-m 1024 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":1073741824}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid 63840878-0deb-4095-97e6-fc444d9bc9fa \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-global ICH9-LPC.noreboot=off \ +-watchdog-action reset \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-no-secboot.xml b/tests/qemuxml2argvdata/firmware-manual-efi-no-secboot.xml new file mode 100644 index 0000000000..463a431c44 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-no-secboot.xml @@ -0,0 +1,19 @@ +<domain type='qemu'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> + <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> + </os> + <features> + <acpi/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-secboot.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-efi-secboot.x86_64-latest.args new file mode 100644 index 0000000000..a1481d834f --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-secboot.x86_64-latest.args @@ -0,0 +1,38 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/var/lib/libvirt/qemu/domain--1-guest \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-guest/.local/share \ +XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-guest/.cache \ +XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=guest,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-guest/master-key.aes"}' \ +-blockdev '{"driver":"file","filename":"/usr/share/OVMF/OVMF_CODE.secboot.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}' \ +-blockdev '{"driver":"file","filename":"/path/to/guest_VARS.fd","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}' \ +-machine pc-q35-4.0,usb=off,smm=on,dump-guest-core=off,memory-backend=pc.ram,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \ +-accel tcg \ +-cpu qemu64 \ +-global driver=cfi.pflash01,property=secure,value=on \ +-m 1024 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":1073741824}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid 63840878-0deb-4095-97e6-fc444d9bc9fa \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-global ICH9-LPC.noreboot=off \ +-watchdog-action reset \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-secboot.xml b/tests/qemuxml2argvdata/firmware-manual-efi-secboot.xml new file mode 100644 index 0000000000..1850c2b241 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-secboot.xml @@ -0,0 +1,20 @@ +<domain type='qemu'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> + <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/path/to/guest_VARS.fd</nvram> + </os> + <features> + <acpi/> + <smm state='on'/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 3175f59c48..23e48b251c 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1089,6 +1089,9 @@ mymain(void) DO_TEST_CAPS_LATEST("firmware-manual-efi-rw-implicit"); DO_TEST_CAPS_LATEST("firmware-manual-efi-loader-secure"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-loader-no-path"); + DO_TEST_CAPS_LATEST("firmware-manual-efi-secboot"); + DO_TEST_CAPS_LATEST("firmware-manual-efi-no-enrolled-keys"); + DO_TEST_CAPS_LATEST("firmware-manual-efi-no-secboot"); DO_TEST_CAPS_LATEST("firmware-manual-efi-stateless"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-template"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-nvram-template-stateless"); diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml new file mode 100644 index 0000000000..4caa7950ce --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml @@ -0,0 +1,37 @@ +<domain type='qemu'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <currentMemory unit='KiB'>1048576</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> + <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> + <boot dev='hd'/> + </os> + <features> + <acpi/> + <smm state='on'/> + </features> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='sata' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pcie-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <watchdog model='itco' action='reset'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-no-secboot.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-no-secboot.x86_64-latest.xml new file mode 100644 index 0000000000..ff7793a377 --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-no-secboot.x86_64-latest.xml @@ -0,0 +1,36 @@ +<domain type='qemu'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <currentMemory unit='KiB'>1048576</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> + <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> + <boot dev='hd'/> + </os> + <features> + <acpi/> + </features> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='sata' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pcie-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <watchdog model='itco' action='reset'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-secboot.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-secboot.x86_64-latest.xml new file mode 100644 index 0000000000..aa90d3e2f2 --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-secboot.x86_64-latest.xml @@ -0,0 +1,37 @@ +<domain type='qemu'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <currentMemory unit='KiB'>1048576</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> + <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/path/to/guest_VARS.fd</nvram> + <boot dev='hd'/> + </os> + <features> + <acpi/> + <smm state='on'/> + </features> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='sata' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pcie-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <watchdog model='itco' action='reset'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 73bcfcc8b7..7ada880da2 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -925,6 +925,9 @@ mymain(void) DO_TEST_CAPS_LATEST("firmware-manual-efi-rw"); DO_TEST_CAPS_LATEST("firmware-manual-efi-rw-implicit"); DO_TEST_CAPS_LATEST("firmware-manual-efi-loader-secure"); + DO_TEST_CAPS_LATEST("firmware-manual-efi-secboot"); + DO_TEST_CAPS_LATEST("firmware-manual-efi-no-enrolled-keys"); + DO_TEST_CAPS_LATEST("firmware-manual-efi-no-secboot"); DO_TEST_CAPS_LATEST("firmware-manual-efi-stateless"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-template"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-network-iscsi"); -- 2.39.2
Right now we're checking that firmware descriptor masking works as intended by creating an empty file matching 60-ovmf-sb.json in name. However, that firmware descriptors contains the details for a perfectly valid and quite common situation: Secure Boot being supported by the firmware build, but being effectively disabled by the lack of certificates in the NVRAM template. Unmask that firmware descriptor, and instead create a dummy one that has higher priority than all other OVMF builds and points to paths that are obviously incorrect, which should make it easy to notice it getting accidentally unmasked in the future. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- .../{60-ovmf-sb.json => 42-masked.json} | 0 .../usr/share/qemu/firmware/42-masked.json | 37 +++++++++++++++++++ tests/qemufirmwaretest.c | 2 + ...to-efi-no-enrolled-keys.x86_64-latest.args | 5 ++- ...uto-efi-no-enrolled-keys.x86_64-latest.xml | 3 +- 5 files changed, 44 insertions(+), 3 deletions(-) rename tests/qemufirmwaredata/etc/qemu/firmware/{60-ovmf-sb.json => 42-masked.json} (100%) create mode 100644 tests/qemufirmwaredata/usr/share/qemu/firmware/42-masked.json diff --git a/tests/qemufirmwaredata/etc/qemu/firmware/60-ovmf-sb.json b/tests/qemufirmwaredata/etc/qemu/firmware/42-masked.json similarity index 100% rename from tests/qemufirmwaredata/etc/qemu/firmware/60-ovmf-sb.json rename to tests/qemufirmwaredata/etc/qemu/firmware/42-masked.json diff --git a/tests/qemufirmwaredata/usr/share/qemu/firmware/42-masked.json b/tests/qemufirmwaredata/usr/share/qemu/firmware/42-masked.json new file mode 100644 index 0000000000..300dab1a9e --- /dev/null +++ b/tests/qemufirmwaredata/usr/share/qemu/firmware/42-masked.json @@ -0,0 +1,37 @@ +{ + "description": "bad firmware used to test descriptor masking", + "interface-types": [ + "uefi" + ], + "mapping": { + "device": "flash", + "mode": "split", + "executable": { + "filename": "/bad/executable/should/have/been/masked.fd", + "format": "raw" + }, + "nvram-template": { + "filename": "/bad/nvram/template/should/have/been/masked.fd", + "format": "raw" + } + }, + "targets": [ + { + "architecture": "x86_64", + "machines": [ + "pc-*", + "pc-q35-*" + ] + } + ], + "features": [ + "acpi-s3", + "amd-sev", + "requires-smm", + "secure-boot", + "verbose-dynamic" + ], + "tags": [ + + ] +} diff --git a/tests/qemufirmwaretest.c b/tests/qemufirmwaretest.c index 6817c93d9a..56df443056 100644 --- a/tests/qemufirmwaretest.c +++ b/tests/qemufirmwaretest.c @@ -72,6 +72,7 @@ testFWPrecedence(const void *opaque G_GNUC_UNUSED) PREFIX "/share/qemu/firmware/45-ovmf-sev-stateless.json", PREFIX "/share/qemu/firmware/50-ovmf-sb-keys.json", PREFIX "/share/qemu/firmware/55-ovmf-sb-combined.json", + PREFIX "/share/qemu/firmware/60-ovmf-sb.json", PREFIX "/share/qemu/firmware/61-ovmf.json", PREFIX "/share/qemu/firmware/65-ovmf-qcow2.json", PREFIX "/share/qemu/firmware/66-aavmf-qcow2.json", @@ -270,6 +271,7 @@ mymain(void) "/usr/share/OVMF/OVMF_CODE.secboot.fd:/usr/share/OVMF/OVMF_VARS.secboot.fd:" "/usr/share/OVMF/OVMF.sev.fd:NULL:" "/usr/share/OVMF/OVMF.secboot.fd:NULL:" + "/usr/share/OVMF/OVMF_CODE.secboot.fd:/usr/share/OVMF/OVMF_VARS.fd:" "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd:" "/usr/share/OVMF/OVMF_CODE.qcow2:/usr/share/OVMF/OVMF_VARS.qcow2", VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS, diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.args index 9326bfe305..b412af644c 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.args @@ -10,13 +10,14 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -name guest=guest,debug-threads=on \ -S \ -object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-guest/master-key.aes"}' \ --blockdev '{"driver":"file","filename":"/usr/share/OVMF/OVMF_CODE.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"driver":"file","filename":"/usr/share/OVMF/OVMF_CODE.secboot.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \ -blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}' \ -blockdev '{"driver":"file","filename":"/var/lib/libvirt/qemu/nvram/guest_VARS.fd","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}' \ -blockdev '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}' \ --machine pc-q35-4.0,usb=off,dump-guest-core=off,memory-backend=pc.ram,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \ +-machine pc-q35-4.0,usb=off,smm=on,dump-guest-core=off,memory-backend=pc.ram,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \ -accel kvm \ -cpu qemu64 \ +-global driver=cfi.pflash01,property=secure,value=on \ -m 1024 \ -object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":1073741824}' \ -overcommit mem-lock=off \ diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml index 8b3853dc17..6722b22aa1 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml @@ -6,12 +6,13 @@ <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> - <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> + <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> </os> <features> <acpi/> + <smm state='on'/> </features> <cpu mode='custom' match='exact' check='none'> <model fallback='forbid'>qemu64</model> -- 2.39.2
Right now we have checks in place that ensure that explicit paths are not provided when firmware autoselection has been enabled, but that's going to change soon. To prepare for that, take into account user-provided paths during firmware autoselection if present, and discard all firmware descriptors that don't contain matching information. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/qemu_firmware.c | 64 +++++++++++++++++++++++++++++++++------- 1 file changed, 54 insertions(+), 10 deletions(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 9de4166772..172be05d06 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -945,6 +945,55 @@ qemuFirmwareMatchesMachineArch(const qemuFirmware *fw, } +/** + * qemuFirmwareMatchesPaths: + * @fw: firmware definition + * @loader: loader definition + * @kernelPath: path to kernel image + * + * Checks whether @fw is compatible with the information provided as + * part of the domain definition. + * + * Returns: true if @fw is compatible with @loader and @kernelPath, + * false otherwise + */ +static bool +qemuFirmwareMatchesPaths(const qemuFirmware *fw, + const virDomainLoaderDef *loader, + const char *kernelPath) +{ + const qemuFirmwareMappingFlash *flash = &fw->mapping.data.flash; + const qemuFirmwareMappingKernel *kernel = &fw->mapping.data.kernel; + const qemuFirmwareMappingMemory *memory = &fw->mapping.data.memory; + + switch (fw->mapping.device) { + case QEMU_FIRMWARE_DEVICE_FLASH: + if (loader && loader->path && + STRNEQ(loader->path, flash->executable.filename)) + return false; + if (loader && loader->nvramTemplate && + STRNEQ(loader->nvramTemplate, flash->nvram_template.filename)) + return false; + break; + case QEMU_FIRMWARE_DEVICE_MEMORY: + if (loader && loader->path && + STRNEQ(loader->path, memory->filename)) + return false; + break; + case QEMU_FIRMWARE_DEVICE_KERNEL: + if (kernelPath && + STRNEQ(kernelPath, kernel->filename)) + return false; + break; + case QEMU_FIRMWARE_DEVICE_NONE: + case QEMU_FIRMWARE_DEVICE_LAST: + return false; + } + + return true; +} + + static qemuFirmwareOSInterface qemuFirmwareOSInterfaceTypeFromOsDefFirmware(virDomainOsDefFirmware fw) { @@ -1047,16 +1096,6 @@ qemuFirmwareMatchDomain(const virDomainDef *def, if (want == QEMU_FIRMWARE_OS_INTERFACE_NONE && loader) { want = qemuFirmwareOSInterfaceTypeFromOsDefLoaderType(loader->type); - - if (fw->mapping.device != QEMU_FIRMWARE_DEVICE_FLASH || - STRNEQ(loader->path, fw->mapping.data.flash.executable.filename)) { - VIR_DEBUG("Not matching FW interface %s or loader " - "path '%s' for user provided path '%s'", - qemuFirmwareDeviceTypeToString(fw->mapping.device), - fw->mapping.data.flash.executable.filename, - loader->path); - return false; - } } for (i = 0; i < fw->ninterfaces; i++) { @@ -1069,6 +1108,11 @@ qemuFirmwareMatchDomain(const virDomainDef *def, return false; } + if (!qemuFirmwareMatchesPaths(fw, def->os.loader, def->os.kernel)) { + VIR_DEBUG("No matching path in '%s'", path); + return false; + } + if (!qemuFirmwareMatchesMachineArch(fw, def->os.machine, def->os.arch)) { VIR_DEBUG("No matching machine type in '%s'", path); return false; -- 2.39.2
The requires-smm feature being present in a firmware descriptor causes loader.secure=yes to be automatically chosen for the domain, so we have to avoid this situation or the user's choice will be silently subverted. Note that we can't actually encounter loader.secure=no in this function at the moment because of earlier checks, but that's going to change soon. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/qemu_firmware.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 172be05d06..f7d7f78578 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1196,6 +1196,11 @@ qemuFirmwareMatchDomain(const virDomainDef *def, "but firmware '%s' requires it to be enabled", path); return false; } + if (loader && loader->secure == VIR_TRISTATE_BOOL_NO) { + VIR_DEBUG("Domain doesn't restrict pflash programming to SMM, " + "but firmware '%s' requires use of SMM", path); + return false; + } } else { if (loader && loader->secure == VIR_TRISTATE_BOOL_YES) { VIR_DEBUG("Domain restricts pflash programming to SMM, " -- 2.39.2
Right now there are a few scenarios in which we skip ahead, and removing these exceptions will make for more consistent and predictable behavior. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/qemu_firmware.c | 28 ---------------------------- 1 file changed, 28 deletions(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index f7d7f78578..e2c371d8a2 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1631,7 +1631,6 @@ int qemuFirmwareFillDomain(virQEMUDriver *driver, virDomainDef *def) { - g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver); virDomainLoaderDef *loader = def->os.loader; virStorageSource *nvram = loader ? loader->nvram : NULL; bool autoSelection = (def->os.firmware != VIR_DOMAIN_OS_DEF_FIRMWARE_NONE); @@ -1673,33 +1672,6 @@ qemuFirmwareFillDomain(virQEMUDriver *driver, return 0; } - /* For UEFI with firmware autoselection disabled, even if some of - * the information is missing we might still be able to avoid - * having to look at firmware descriptors */ - if (!autoSelection && - virDomainDefHasOldStyleROUEFI(def) && - loader->path) { - - /* For stateless firmwares, the firmware path is all we need */ - if (loader->stateless == VIR_TRISTATE_BOOL_YES) - return 0; - - /* If the path to the NVRAM file is already provided and it - * points to a non-local source, we don't need to look up any - * other information */ - if (loader->nvram && !virStorageSourceIsLocalStorage(loader->nvram)) - return 0; - - /* If we have the path to both the firmware itself and the - * corresponding NVRAM template we might still need to - * generate a path to the domain-specific NVRAM file, but - * otherwise we're good to go */ - if (loader->nvramTemplate) { - qemuFirmwareEnsureNVRAM(def, cfg, loader->format); - return 0; - } - } - /* Look for the information we need in firmware descriptors */ if ((ret = qemuFirmwareFillDomainModern(driver, def)) < 0) return -1; -- 2.39.2
libvirt 8.6.0 introduced these checks and very clearly delineated two possible firmware selection scenarios: manual firmware selection, where the user is responsible for providing all information, and firmware autoselection, where a list of desired features is provided and everything else is handled by libvirt. In the interest of maintaining the clear separation between these two scenarios, setting most attributes when firmware autoselection is active will result in the configuration being rejected. This works fine, but is unnecessarily restrictive: in most cases, the additional information that the user has provided matches the information that libvirt would have discovered on its own by looking at firmware descriptors, and asking the user to scrub it from the XML only result in pointless friction. Remove these checks entirely. Unsurprisingly, this results in a few test cases that were rejected until now to suddenly start working and producing sensible results. The firmware-auto-efi-loader-path-nonstandard test case is notable: while we can now enable the xml2xml part of the test, the xml2argv part is still failing, although in a slightly different way. This is expected: since the firmware binary is a non-standard one, libvirt is unable to figure out the missing information from a firmware descriptor, and the configuration is still ultimately an invalid one. However, if we were to find such a configuration on disk at daemon startup, we would not ignore it completely and instead would offer the user a chance to fix it. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_validate.c | 38 ------------------- ...uto-efi-loader-insecure.x86_64-latest.args | 37 ++++++++++++++++++ ...auto-efi-loader-insecure.x86_64-latest.err | 1 - ...-loader-path-nonstandard.x86_64-latest.err | 2 +- ...re-auto-efi-loader-path.x86_64-latest.args | 37 ++++++++++++++++++ ...are-auto-efi-loader-path.x86_64-latest.err | 1 - tests/qemuxml2argvtest.c | 6 +-- ...auto-efi-loader-insecure.x86_64-latest.xml | 36 ++++++++++++++++++ ...-loader-path-nonstandard.x86_64-latest.xml | 35 +++++++++++++++++ ...are-auto-efi-loader-path.x86_64-latest.xml | 36 ++++++++++++++++++ tests/qemuxml2xmltest.c | 3 ++ 11 files changed, 188 insertions(+), 44 deletions(-) create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.args delete mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.args delete mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err create mode 100644 tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 5fb2d4971c..6991cf1dd3 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -1609,44 +1609,6 @@ virDomainDefOSValidate(const virDomainDef *def, if (!loader) return 0; - if (loader->readonly) { - virReportError(VIR_ERR_XML_DETAIL, "%s", - _("loader attribute 'readonly' cannot be specified " - "when firmware autoselection is enabled")); - return -1; - } - if (loader->type) { - virReportError(VIR_ERR_XML_DETAIL, "%s", - _("loader attribute 'type' cannot be specified " - "when firmware autoselection is enabled")); - return -1; - } - if (loader->path) { - virReportError(VIR_ERR_XML_DETAIL, "%s", - _("loader path cannot be specified " - "when firmware autoselection is enabled")); - return -1; - } - if (loader->nvramTemplate) { - virReportError(VIR_ERR_XML_DETAIL, "%s", - _("nvram attribute 'template' cannot be specified " - "when firmware autoselection is enabled")); - return -1; - } - - /* We need to accept 'yes' here because the initial implementation - * of firmware autoselection used it as a way to request a firmware - * with Secure Boot support, so the error message is technically - * incorrect; however, we want to discourage people from using this - * attribute at all, so it's fine to be a bit more aggressive than - * it would be strictly required :) */ - if (loader->secure == VIR_TRISTATE_BOOL_NO) { - virReportError(VIR_ERR_XML_DETAIL, "%s", - _("loader attribute 'secure' cannot be specified " - "when firmware autoselection is enabled")); - return -1; - } - if (loader->nvram && def->os.firmware != VIR_DOMAIN_OS_DEF_FIRMWARE_EFI) { virReportError(VIR_ERR_XML_DETAIL, _("firmware type '%s' does not support nvram"), diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.args new file mode 100644 index 0000000000..9326bfe305 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.args @@ -0,0 +1,37 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/var/lib/libvirt/qemu/domain--1-guest \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-guest/.local/share \ +XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-guest/.cache \ +XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=guest,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-guest/master-key.aes"}' \ +-blockdev '{"driver":"file","filename":"/usr/share/OVMF/OVMF_CODE.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}' \ +-blockdev '{"driver":"file","filename":"/var/lib/libvirt/qemu/nvram/guest_VARS.fd","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}' \ +-machine pc-q35-4.0,usb=off,dump-guest-core=off,memory-backend=pc.ram,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \ +-accel kvm \ +-cpu qemu64 \ +-m 1024 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":1073741824}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid 63840878-0deb-4095-97e6-fc444d9bc9fa \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-global ICH9-LPC.noreboot=off \ +-watchdog-action reset \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.err deleted file mode 100644 index 564f0e6918..0000000000 --- a/tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.err +++ /dev/null @@ -1 +0,0 @@ -loader attribute 'secure' cannot be specified when firmware autoselection is enabled diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err index 3f90a88791..4cfde1bd2e 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err +++ b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err @@ -1 +1 @@ -loader attribute 'readonly' cannot be specified when firmware autoselection is enabled +operation failed: Unable to find any firmware to satisfy 'efi' diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.args new file mode 100644 index 0000000000..9326bfe305 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.args @@ -0,0 +1,37 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/var/lib/libvirt/qemu/domain--1-guest \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-guest/.local/share \ +XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-guest/.cache \ +XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=guest,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-guest/master-key.aes"}' \ +-blockdev '{"driver":"file","filename":"/usr/share/OVMF/OVMF_CODE.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}' \ +-blockdev '{"driver":"file","filename":"/var/lib/libvirt/qemu/nvram/guest_VARS.fd","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}' \ +-machine pc-q35-4.0,usb=off,dump-guest-core=off,memory-backend=pc.ram,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \ +-accel kvm \ +-cpu qemu64 \ +-m 1024 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":1073741824}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid 63840878-0deb-4095-97e6-fc444d9bc9fa \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-global ICH9-LPC.noreboot=off \ +-watchdog-action reset \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err deleted file mode 100644 index 3f90a88791..0000000000 --- a/tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err +++ /dev/null @@ -1 +0,0 @@ -loader attribute 'readonly' cannot be specified when firmware autoselection is enabled diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 23e48b251c..bd3f46fbe0 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1118,9 +1118,9 @@ mymain(void) DO_TEST_CAPS_LATEST("firmware-auto-efi-stateless"); DO_TEST_CAPS_LATEST("firmware-auto-efi-nvram"); DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-secure"); - DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-insecure"); - DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-path"); - DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-path-nonstandard"); + DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-insecure"); + DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-path"); + DO_TEST_CAPS_LATEST_FAILURE("firmware-auto-efi-loader-path-nonstandard"); DO_TEST_CAPS_LATEST("firmware-auto-efi-secboot"); DO_TEST_CAPS_LATEST("firmware-auto-efi-no-secboot"); DO_TEST_CAPS_LATEST("firmware-auto-efi-enrolled-keys"); diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml new file mode 100644 index 0000000000..a6af5512d3 --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml @@ -0,0 +1,36 @@ +<domain type='kvm'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <currentMemory unit='KiB'>1048576</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' secure='no' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> + <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> + <boot dev='hd'/> + </os> + <features> + <acpi/> + </features> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='sata' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pcie-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <watchdog model='itco' action='reset'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.xml new file mode 100644 index 0000000000..f68cddf8df --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.xml @@ -0,0 +1,35 @@ +<domain type='kvm'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <currentMemory unit='KiB'>1048576</currentMemory> + <vcpu placement='static'>1</vcpu> + <os firmware='efi'> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' type='pflash'>/path/to/OVMF_CODE.fd</loader> + <boot dev='hd'/> + </os> + <features> + <acpi/> + </features> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='sata' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pcie-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <watchdog model='itco' action='reset'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml new file mode 100644 index 0000000000..8b3853dc17 --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml @@ -0,0 +1,36 @@ +<domain type='kvm'> + <name>guest</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>1048576</memory> + <currentMemory unit='KiB'>1048576</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> + <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> + <boot dev='hd'/> + </os> + <features> + <acpi/> + </features> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='sata' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pcie-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <watchdog model='itco' action='reset'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 7ada880da2..6cdead532d 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -947,6 +947,9 @@ mymain(void) DO_TEST_CAPS_LATEST("firmware-auto-efi-stateless"); DO_TEST_CAPS_LATEST("firmware-auto-efi-nvram"); DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-secure"); + DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-insecure"); + DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-path"); + DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-path-nonstandard"); DO_TEST_CAPS_LATEST("firmware-auto-efi-secboot"); DO_TEST_CAPS_LATEST("firmware-auto-efi-no-secboot"); DO_TEST_CAPS_LATEST("firmware-auto-efi-enrolled-keys"); -- 2.39.2
The combination of explicit firmware paths, which we now produce in all cases, and firmware autoselection knobs is explicitly rejected by libvirt 8.6.0 and newer. Right now we produce inherently migratable XML in all cases, since we always strip those bits, but that's going to change soon. To prepare for that, make sure that we always skip the problematic elements and attributes when preparing a migratable XML. The destination will simply receive a fully specified firmware configuration, which is indistinguishable from one that was manually provided by the user and is thus accepted by any old version of libvirt, regardless of whether or not firmware autoselection was used on the source host. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_conf.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 9ef50c818b..9f49c6e62d 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -27382,6 +27382,7 @@ virDomainDefFormatInternalSetRootName(virDomainDef *def, const char *type = NULL; int n; size_t i; + bool migratable = !!(flags & VIR_DOMAIN_DEF_FORMAT_MIGRATABLE); virCheckFlags(VIR_DOMAIN_DEF_FORMAT_COMMON_FLAGS | VIR_DOMAIN_DEF_FORMAT_STATUS | @@ -27476,7 +27477,7 @@ virDomainDefFormatInternalSetRootName(virDomainDef *def, } virBufferAddLit(buf, "<os"); - if (def->os.firmware) + if (def->os.firmware && !migratable) virBufferAsprintf(buf, " firmware='%s'", virDomainOsDefFirmwareTypeToString(def->os.firmware)); virBufferAddLit(buf, ">\n"); @@ -27499,7 +27500,7 @@ virDomainDefFormatInternalSetRootName(virDomainDef *def, virBufferAsprintf(buf, ">%s</type>\n", virDomainOSTypeToString(def->os.type)); - if (def->os.firmwareFeatures) { + if (def->os.firmwareFeatures && !migratable) { virBufferAddLit(buf, "<firmware>\n"); virBufferAdjustIndent(buf, 2); -- 2.39.2
Now that we no longer reject configurations that include both this information and explicit firmware details, as long of course as everything is internally consistent, and that we've ensured that we produce maximally compatible XML on migration, we can stop stripping this information at the end of the firmware selection process. There are several advantages to keeping this information around: * if the user wants to change the firmware configuration for an existing VM, they can simply drop the <loader> and <nvram> elements, tweak the firmware autoselection parameters and let libvirt pick a firmware that matches on the new requirements; * management applications can inspect the XML and easily figure out firmware-related information without having to reverse-engineer them based on some opaque paths. Overall, this change makes things more transparent and easier to understand. The improvement is so significant that, in a follow-up commit, we're going to ensure that this information is available in even more cases. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/qemu_firmware.c | 3 --- .../firmware-auto-bios-stateless.x86_64-latest.xml | 2 +- .../qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml | 2 +- .../firmware-auto-efi-aarch64.aarch64-latest.xml | 2 +- .../firmware-auto-efi-enrolled-keys.x86_64-latest.xml | 6 +++++- .../firmware-auto-efi-format-loader-qcow2.x86_64-latest.xml | 2 +- .../firmware-auto-efi-format-loader-raw.aarch64-latest.xml | 2 +- ...uto-efi-format-nvram-qcow2-network-nbd.x86_64-latest.xml | 2 +- ...mware-auto-efi-format-nvram-qcow2-path.x86_64-latest.xml | 2 +- .../firmware-auto-efi-format-nvram-qcow2.x86_64-latest.xml | 2 +- .../firmware-auto-efi-loader-insecure.x86_64-latest.xml | 2 +- .../firmware-auto-efi-loader-path.x86_64-latest.xml | 2 +- .../firmware-auto-efi-loader-secure.x86_64-latest.xml | 2 +- .../firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml | 5 ++++- .../firmware-auto-efi-no-secboot.x86_64-latest.xml | 5 ++++- .../firmware-auto-efi-nvram-file.x86_64-latest.xml | 2 +- .../firmware-auto-efi-nvram-network-iscsi.x86_64-latest.xml | 2 +- .../firmware-auto-efi-nvram-network-nbd.x86_64-latest.xml | 2 +- .../firmware-auto-efi-nvram.x86_64-latest.xml | 2 +- .../firmware-auto-efi-secboot.x86_64-latest.xml | 5 ++++- .../firmware-auto-efi-smm-off.x86_64-latest.xml | 2 +- .../firmware-auto-efi-stateless.x86_64-latest.xml | 2 +- .../qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml | 2 +- .../pvpanic-pci-aarch64.aarch64-latest.xml | 2 +- .../pvpanic-pci-no-address-aarch64.aarch64-latest.xml | 2 +- .../virtio-iommu-aarch64.aarch64-latest.xml | 2 +- 26 files changed, 38 insertions(+), 28 deletions(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index e2c371d8a2..d906d8bc86 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1589,9 +1589,6 @@ qemuFirmwareFillDomainModern(virQEMUDriver *driver, if (qemuFirmwareEnableFeaturesModern(cfg, def, theone) < 0) goto cleanup; - def->os.firmware = VIR_DOMAIN_OS_DEF_FIRMWARE_NONE; - VIR_FREE(def->os.firmwareFeatures); - ret = 0; cleanup: diff --git a/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml index c7c6e23ea1..d1ecd8593f 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='bios'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader type='rom' stateless='yes'>/usr/share/seabios/bios-256k.bin</loader> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml index 4e0b45cccd..68e14d3e4b 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='bios'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader type='rom'>/usr/share/seabios/bios-256k.bin</loader> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml index 2eb5ab05fe..6da924793b 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='aarch64' machine='virt-4.0'>hvm</type> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-enrolled-keys.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-enrolled-keys.x86_64-latest.xml index 6814784721..90c5040ca6 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-enrolled-keys.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-enrolled-keys.x86_64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='yes' name='enrolled-keys'/> + <feature enabled='yes' name='secure-boot'/> + </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-qcow2.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-qcow2.x86_64-latest.xml index 00568560b6..9f0f3509f2 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-qcow2.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-qcow2.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-raw.aarch64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-raw.aarch64-latest.xml index b53f39a72e..8ab29edf42 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-raw.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-raw.aarch64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='aarch64' machine='virt-4.0'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-network-nbd.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-network-nbd.x86_64-latest.xml index f3ab8f6744..42b044d83f 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-network-nbd.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-network-nbd.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader> <nvram type='network' format='qcow2'> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-path.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-path.x86_64-latest.xml index c07a29aabd..6b53262dc7 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-path.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-path.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.qcow2' format='qcow2'>/path/to/guest_VARS.qcow2</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2.x86_64-latest.xml index 00568560b6..9f0f3509f2 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml index a6af5512d3..55da8ee12f 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' secure='no' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml index 8b3853dc17..3977ddc0c7 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml index 6814784721..1b1b9352c1 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml index 6722b22aa1..78b3b81506 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml @@ -4,8 +4,11 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-secboot.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-secboot.x86_64-latest.xml index 8b3853dc17..57e63a079c 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-secboot.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-secboot.x86_64-latest.xml @@ -4,8 +4,11 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-file.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-file.x86_64-latest.xml index cdb5d2b31a..8117f02f15 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-file.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-file.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd' type='file'> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-iscsi.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-iscsi.x86_64-latest.xml index 5a2e8715a0..d3ef57f682 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-iscsi.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-iscsi.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram type='network'> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-nbd.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-nbd.x86_64-latest.xml index 208257bb5b..6d0d112dd1 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-nbd.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-nbd.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram type='network'> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram.x86_64-latest.xml index f039d79ae4..d293cd3371 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/path/to/guest_VARS.fd</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-secboot.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-secboot.x86_64-latest.xml index 6814784721..6dcc5ea88d 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-secboot.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-secboot.x86_64-latest.xml @@ -4,8 +4,11 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='yes' name='secure-boot'/> + </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-smm-off.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-smm-off.x86_64-latest.xml index 3a50158fba..40d8b8815b 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-smm-off.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-smm-off.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-stateless.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-stateless.x86_64-latest.xml index 3bc9a7341e..7939dc666b 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-stateless.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-stateless.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' type='pflash' stateless='yes'>/usr/share/OVMF/OVMF.sev.fd</loader> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml index 6814784721..1b1b9352c1 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> diff --git a/tests/qemuxml2xmloutdata/pvpanic-pci-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/pvpanic-pci-aarch64.aarch64-latest.xml index 74e20499fd..50321aedd6 100644 --- a/tests/qemuxml2xmloutdata/pvpanic-pci-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/pvpanic-pci-aarch64.aarch64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='aarch64' machine='virt-6.0'>hvm</type> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> diff --git a/tests/qemuxml2xmloutdata/pvpanic-pci-no-address-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/pvpanic-pci-no-address-aarch64.aarch64-latest.xml index f92d222cfe..9a25573614 100644 --- a/tests/qemuxml2xmloutdata/pvpanic-pci-no-address-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/pvpanic-pci-no-address-aarch64.aarch64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='aarch64' machine='virt-6.0'>hvm</type> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> diff --git a/tests/qemuxml2xmloutdata/virtio-iommu-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/virtio-iommu-aarch64.aarch64-latest.xml index 9e4f81fde8..d560259d87 100644 --- a/tests/qemuxml2xmloutdata/virtio-iommu-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/virtio-iommu-aarch64.aarch64-latest.xml @@ -4,7 +4,7 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='aarch64' machine='virt-6.0'>hvm</type> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> -- 2.39.2
Even when the user is not taking advantage of firmware autoselection and instead manually providing all the necessary information, in most cases they're still going to use firmware builds that are provided by the OS vendor, are installed in standard paths and come with a corresponding firmware descriptor. Similarly, even when the user is not guiding the autoselection process by specifying the desired status of certain features and instead is relying on the system-level descriptor priority being set up correctly, libvirt will still ultimately decide to use a specific descriptor, which includes information about the firmware's features. In both these cases, take the additional information that were obtained from the firmware descriptor and reflect them back into the domain XML, where they can be conveniently inspected by the user and management applications alike. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/qemu_firmware.c | 86 ++++++++++++++++++- ...ware-auto-bios-stateless.x86_64-latest.xml | 4 + .../firmware-auto-bios.x86_64-latest.xml | 4 + ...rmware-auto-efi-aarch64.aarch64-latest.xml | 4 + ...-efi-format-loader-qcow2.x86_64-latest.xml | 4 + ...o-efi-format-loader-raw.aarch64-latest.xml | 4 + ...-nvram-qcow2-network-nbd.x86_64-latest.xml | 3 + ...-format-nvram-qcow2-path.x86_64-latest.xml | 4 + ...o-efi-format-nvram-qcow2.x86_64-latest.xml | 4 + ...auto-efi-loader-insecure.x86_64-latest.xml | 4 + ...are-auto-efi-loader-path.x86_64-latest.xml | 4 + ...e-auto-efi-loader-secure.x86_64-latest.xml | 4 + ...uto-efi-no-enrolled-keys.x86_64-latest.xml | 1 + ...ware-auto-efi-no-secboot.x86_64-latest.xml | 1 + ...ware-auto-efi-nvram-file.x86_64-latest.xml | 4 + ...-efi-nvram-network-iscsi.x86_64-latest.xml | 3 + ...to-efi-nvram-network-nbd.x86_64-latest.xml | 3 + .../firmware-auto-efi-nvram.x86_64-latest.xml | 4 + ...irmware-auto-efi-secboot.x86_64-latest.xml | 1 + ...irmware-auto-efi-smm-off.x86_64-latest.xml | 4 + ...mware-auto-efi-stateless.x86_64-latest.xml | 4 + .../firmware-auto-efi.x86_64-latest.xml | 4 + ...manual-efi-acpi-aarch64.aarch64-latest.xml | 6 +- ...ware-manual-efi-acpi-q35.x86_64-latest.xml | 6 +- ...manual-efi-loader-secure.x86_64-latest.xml | 6 +- ...ual-efi-no-enrolled-keys.x86_64-latest.xml | 6 +- ...re-manual-efi-no-secboot.x86_64-latest.xml | 6 +- ...nual-efi-noacpi-aarch64.aarch64-latest.xml | 6 +- ...re-manual-efi-nvram-file.x86_64-latest.xml | 6 +- ...-efi-nvram-network-iscsi.x86_64-latest.xml | 5 +- ...al-efi-nvram-network-nbd.x86_64-latest.xml | 5 +- ...anual-efi-nvram-template.x86_64-latest.xml | 6 +- ...mware-manual-efi-secboot.x86_64-latest.xml | 6 +- .../firmware-manual-efi.x86_64-latest.xml | 6 +- .../pvpanic-pci-aarch64.aarch64-latest.xml | 4 + ...-pci-no-address-aarch64.aarch64-latest.xml | 4 + .../virtio-iommu-aarch64.aarch64-latest.xml | 4 + 37 files changed, 225 insertions(+), 15 deletions(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index d906d8bc86..7a0b04eb1a 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1011,6 +1011,25 @@ qemuFirmwareOSInterfaceTypeFromOsDefFirmware(virDomainOsDefFirmware fw) } +static virDomainOsDefFirmware +qemuFirmwareOSInterfaceTypeToOsDefFirmware(qemuFirmwareOSInterface interface) +{ + switch (interface) { + case QEMU_FIRMWARE_OS_INTERFACE_BIOS: + return VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS; + case QEMU_FIRMWARE_OS_INTERFACE_UEFI: + return VIR_DOMAIN_OS_DEF_FIRMWARE_EFI; + case QEMU_FIRMWARE_OS_INTERFACE_UBOOT: + case QEMU_FIRMWARE_OS_INTERFACE_OPENFIRMWARE: + case QEMU_FIRMWARE_OS_INTERFACE_NONE: + case QEMU_FIRMWARE_OS_INTERFACE_LAST: + break; + } + + return VIR_DOMAIN_OS_DEF_FIRMWARE_NONE; +} + + static qemuFirmwareOSInterface qemuFirmwareOSInterfaceTypeFromOsDefLoaderType(virDomainLoader type) { @@ -1071,6 +1090,46 @@ qemuFirmwareEnsureNVRAM(virDomainDef *def, } + +/** + * qemuFirmwareSetOsFeatures: + * @def: domain definition + * @secureBoot: whether the 'secure-boot' feature is enabled + * @enrolledKeys: whether the 'enrolled-keys' feature is enabled + * + * Set firmware features for @def to match those declared by the JSON + * descriptor that was found to match autoselection requirements. + */ +static void +qemuFirmwareSetOsFeatures(virDomainDef *def, + bool secureBoot, + bool enrolledKeys) +{ + int *features = def->os.firmwareFeatures; + virDomainLoaderDef *loader = def->os.loader; + + if (!features) { + features = g_new0(int, VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_LAST); + def->os.firmwareFeatures = features; + } + + features[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] = virTristateBoolFromBool(secureBoot); + features[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] = virTristateBoolFromBool(enrolledKeys); + + /* If the NVRAM template is blank at this point and we're not dealing + * with a stateless firmware image, then it means that the NVRAM file + * is not local. In this scenario we can't really make any assumptions + * about its contents, so it's preferable to leave the state of the + * enrolled-keys feature unspecified */ + if (loader && + loader->type == VIR_DOMAIN_LOADER_TYPE_PFLASH && + loader->stateless != VIR_TRISTATE_BOOL_YES && + !loader->nvramTemplate) { + features[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] = VIR_TRISTATE_BOOL_ABSENT; + } +} + + #define VIR_QEMU_FIRMWARE_AMD_SEV_ES_POLICY (1 << 2) @@ -1294,6 +1353,8 @@ qemuFirmwareEnableFeaturesModern(virQEMUDriverConfig *cfg, const qemuFirmwareMappingMemory *memory = &fw->mapping.data.memory; virDomainLoaderDef *loader = NULL; virStorageFileFormat format; + bool hasSecureBoot = false; + bool hasEnrolledKeys = false; size_t i; switch (fw->mapping.device) { @@ -1366,20 +1427,39 @@ qemuFirmwareEnableFeaturesModern(virQEMUDriverConfig *cfg, def->os.loader->secure = VIR_TRISTATE_BOOL_YES; break; - case QEMU_FIRMWARE_FEATURE_NONE: + case QEMU_FIRMWARE_FEATURE_SECURE_BOOT: + hasSecureBoot = true; + break; + + case QEMU_FIRMWARE_FEATURE_ENROLLED_KEYS: + hasEnrolledKeys = true; + break; + case QEMU_FIRMWARE_FEATURE_ACPI_S3: case QEMU_FIRMWARE_FEATURE_ACPI_S4: case QEMU_FIRMWARE_FEATURE_AMD_SEV: case QEMU_FIRMWARE_FEATURE_AMD_SEV_ES: - case QEMU_FIRMWARE_FEATURE_ENROLLED_KEYS: - case QEMU_FIRMWARE_FEATURE_SECURE_BOOT: case QEMU_FIRMWARE_FEATURE_VERBOSE_DYNAMIC: case QEMU_FIRMWARE_FEATURE_VERBOSE_STATIC: + case QEMU_FIRMWARE_FEATURE_NONE: case QEMU_FIRMWARE_FEATURE_LAST: break; } } + if (!def->os.firmware) { + /* If a firmware type for autoselection was not already present, + * pick the first reasonable one from the descriptor list */ + for (i = 0; i < fw->ninterfaces; i++) { + def->os.firmware = qemuFirmwareOSInterfaceTypeToOsDefFirmware(fw->interfaces[i]); + if (def->os.firmware) + break; + } + } + if (def->os.firmware) { + qemuFirmwareSetOsFeatures(def, hasSecureBoot, hasEnrolledKeys); + } + return 0; } diff --git a/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml index d1ecd8593f..e69f8c01d0 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='bios'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader type='rom' stateless='yes'>/usr/share/seabios/bios-256k.bin</loader> <boot dev='hd'/> </os> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml index 68e14d3e4b..ffff5a79e2 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='bios'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader type='rom'>/usr/share/seabios/bios-256k.bin</loader> <boot dev='hd'/> </os> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml index 6da924793b..5779eca7a0 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='aarch64' machine='virt-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-qcow2.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-qcow2.x86_64-latest.xml index 9f0f3509f2..310ee6ec73 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-qcow2.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-qcow2.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-raw.aarch64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-raw.aarch64-latest.xml index 8ab29edf42..8eb6086e40 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-raw.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-loader-raw.aarch64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='aarch64' machine='virt-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-network-nbd.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-network-nbd.x86_64-latest.xml index 42b044d83f..7ea870bbcd 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-network-nbd.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-network-nbd.x86_64-latest.xml @@ -6,6 +6,9 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader> <nvram type='network' format='qcow2'> <source protocol='nbd' name='bar'> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-path.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-path.x86_64-latest.xml index 6b53262dc7..6cf33b0c76 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-path.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2-path.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.qcow2' format='qcow2'>/path/to/guest_VARS.qcow2</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2.x86_64-latest.xml index 9f0f3509f2..310ee6ec73 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-format-nvram-qcow2.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml index 55da8ee12f..7717677c4b 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-insecure.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' secure='no' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml index 3977ddc0c7..6f4bf4b5bb 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-path.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml index 1b1b9352c1..90c5040ca6 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='yes' name='enrolled-keys'/> + <feature enabled='yes' name='secure-boot'/> + </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml index 78b3b81506..e5caf31c4e 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml @@ -8,6 +8,7 @@ <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <firmware> <feature enabled='no' name='enrolled-keys'/> + <feature enabled='yes' name='secure-boot'/> </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-secboot.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-secboot.x86_64-latest.xml index 57e63a079c..6f4bf4b5bb 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-secboot.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-secboot.x86_64-latest.xml @@ -7,6 +7,7 @@ <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <firmware> + <feature enabled='no' name='enrolled-keys'/> <feature enabled='no' name='secure-boot'/> </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-file.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-file.x86_64-latest.xml index 8117f02f15..1418ddbfcd 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-file.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-file.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd' type='file'> <source file='/path/to/guest_VARS.fd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-iscsi.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-iscsi.x86_64-latest.xml index d3ef57f682..ec672780bb 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-iscsi.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-iscsi.x86_64-latest.xml @@ -6,6 +6,9 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram type='network'> <source protocol='iscsi' name='iqn.2013-07.com.example:iscsi-nopool'> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-nbd.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-nbd.x86_64-latest.xml index 6d0d112dd1..3f59dc4d61 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-nbd.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram-network-nbd.x86_64-latest.xml @@ -6,6 +6,9 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram type='network'> <source protocol='nbd' name='bar'> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram.x86_64-latest.xml index d293cd3371..b7dc8fa140 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-nvram.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='yes' name='enrolled-keys'/> + <feature enabled='yes' name='secure-boot'/> + </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/path/to/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-secboot.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-secboot.x86_64-latest.xml index 6dcc5ea88d..90c5040ca6 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-secboot.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-secboot.x86_64-latest.xml @@ -7,6 +7,7 @@ <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <firmware> + <feature enabled='yes' name='enrolled-keys'/> <feature enabled='yes' name='secure-boot'/> </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-smm-off.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-smm-off.x86_64-latest.xml index 40d8b8815b..4ab4d9587c 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-smm-off.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-smm-off.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-stateless.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-stateless.x86_64-latest.xml index 7939dc666b..b1aa817a56 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-stateless.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-stateless.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash' stateless='yes'>/usr/share/OVMF/OVMF.sev.fd</loader> <boot dev='hd'/> </os> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml index 1b1b9352c1..90c5040ca6 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='yes' name='enrolled-keys'/> + <feature enabled='yes' name='secure-boot'/> + </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-acpi-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-acpi-aarch64.aarch64-latest.xml index 34257e4f80..318ffdf93c 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-acpi-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-acpi-aarch64.aarch64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='aarch64' machine='virt-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-acpi-q35.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-acpi-q35.x86_64-latest.xml index ff7793a377..ac58a278f9 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-acpi-q35.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-acpi-q35.x86_64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-loader-secure.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-loader-secure.x86_64-latest.xml index aa90d3e2f2..69b6d91e99 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-loader-secure.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-loader-secure.x86_64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='yes' name='enrolled-keys'/> + <feature enabled='yes' name='secure-boot'/> + </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/path/to/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml index 4caa7950ce..2e287b8cd1 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='yes' name='secure-boot'/> + </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-no-secboot.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-no-secboot.x86_64-latest.xml index ff7793a377..ac58a278f9 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-no-secboot.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-no-secboot.x86_64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-noacpi-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-noacpi-aarch64.aarch64-latest.xml index 1f642cd179..2b4dff8800 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-noacpi-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-noacpi-aarch64.aarch64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='aarch64' machine='virt-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-file.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-file.x86_64-latest.xml index cdb5d2b31a..1418ddbfcd 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-file.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-file.x86_64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd' type='file'> <source file='/path/to/guest_VARS.fd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.xml index 5a2e8715a0..ec672780bb 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.xml @@ -4,8 +4,11 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram type='network'> <source protocol='iscsi' name='iqn.2013-07.com.example:iscsi-nopool'> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.xml index 208257bb5b..3f59dc4d61 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.xml @@ -4,8 +4,11 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram type='network'> <source protocol='nbd' name='bar'> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-template.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-template.x86_64-latest.xml index 3b79af418a..dc4b8bb97f 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-template.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-template.x86_64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-secboot.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-secboot.x86_64-latest.xml index aa90d3e2f2..69b6d91e99 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-secboot.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-secboot.x86_64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='yes' name='enrolled-keys'/> + <feature enabled='yes' name='secure-boot'/> + </firmware> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/path/to/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi.x86_64-latest.xml index ff6460d7b0..11d7623e7c 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi.x86_64-latest.xml @@ -4,8 +4,12 @@ <memory unit='KiB'>1048576</memory> <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> - <os> + <os firmware='efi'> <type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/pvpanic-pci-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/pvpanic-pci-aarch64.aarch64-latest.xml index 50321aedd6..2a83ace748 100644 --- a/tests/qemuxml2xmloutdata/pvpanic-pci-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/pvpanic-pci-aarch64.aarch64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='aarch64' machine='virt-6.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/pvpanic-pci-no-address-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/pvpanic-pci-no-address-aarch64.aarch64-latest.xml index 9a25573614..d5ed9b23fe 100644 --- a/tests/qemuxml2xmloutdata/pvpanic-pci-no-address-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/pvpanic-pci-no-address-aarch64.aarch64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='aarch64' machine='virt-6.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> <boot dev='hd'/> diff --git a/tests/qemuxml2xmloutdata/virtio-iommu-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/virtio-iommu-aarch64.aarch64-latest.xml index d560259d87..589295e602 100644 --- a/tests/qemuxml2xmloutdata/virtio-iommu-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/virtio-iommu-aarch64.aarch64-latest.xml @@ -6,6 +6,10 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='aarch64' machine='virt-6.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> <loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader> <nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram> <boot dev='hd'/> -- 2.39.2
Now that we're adding information obtained from the firmware descriptor to the domain XML, this will happen automatically whenever a firmware that has the enrolled-keys feature ends up being selected. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_postparse.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/conf/domain_postparse.c b/src/conf/domain_postparse.c index 22eb603b3b..79862a72cd 100644 --- a/src/conf/domain_postparse.c +++ b/src/conf/domain_postparse.c @@ -101,12 +101,6 @@ virDomainDefPostParseOs(virDomainDef *def) _("firmware feature 'enrolled-keys' cannot be enabled when firmware feature 'secure-boot' is disabled")); return -1; } - - /* For all non-broken firmware builds, enrolled-keys implies - * secure-boot, and having the Secure Boot keys in the NVRAM file - * when the firmware doesn't support the Secure Boot feature doesn't - * make sense anyway. Reflect this fact explicitly in the XML */ - def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] = VIR_TRISTATE_BOOL_YES; } if (!def->os.loader) -- 2.39.2
The reason why it was in postparse in the first place was so that we could could automatically enable the secure-boot feature in some cases, but that no longer happens so we can finally move it to the proper location. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_postparse.c | 10 ---------- src/conf/domain_validate.c | 8 ++++++++ 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/src/conf/domain_postparse.c b/src/conf/domain_postparse.c index 79862a72cd..2832705d0f 100644 --- a/src/conf/domain_postparse.c +++ b/src/conf/domain_postparse.c @@ -93,16 +93,6 @@ virDomainDefPostParseMemory(virDomainDef *def, static int virDomainDefPostParseOs(virDomainDef *def) { - if (def->os.firmwareFeatures && - def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] == VIR_TRISTATE_BOOL_YES) { - - if (def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] == VIR_TRISTATE_BOOL_NO) { - virReportError(VIR_ERR_XML_DETAIL, "%s", - _("firmware feature 'enrolled-keys' cannot be enabled when firmware feature 'secure-boot' is disabled")); - return -1; - } - } - if (!def->os.loader) return 0; diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 6991cf1dd3..f208c0c531 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -1606,6 +1606,14 @@ virDomainDefOSValidate(const virDomainDef *def, return -1; } + if (def->os.firmwareFeatures && + def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] == VIR_TRISTATE_BOOL_YES && + def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] == VIR_TRISTATE_BOOL_NO) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("firmware feature 'enrolled-keys' cannot be enabled when firmware feature 'secure-boot' is disabled")); + return -1; + } + if (!loader) return 0; -- 2.39.2
Suggested-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/qemu_domain.c | 6 ------ src/qemu/qemu_validate.c | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 0a7b30fa65..6c29c8f09f 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4474,12 +4474,6 @@ qemuDomainDefBootPostParse(virDomainDef *def, { bool abiUpdate = !!(parseFlags & VIR_DOMAIN_DEF_PARSE_ABI_UPDATE); - if (def->os.bootloader || def->os.bootloaderArgs) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("bootloader is not supported by QEMU")); - return -1; - } - /* Firmware selection can fail for a number of reasons, but the * most likely one is that the requested configuration contains * mistakes or includes constraints that are impossible to diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 12128acda6..b2624c9131 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -766,6 +766,12 @@ static int qemuValidateDomainDefBoot(const virDomainDef *def, virQEMUCaps *qemuCaps) { + if (def->os.bootloader || def->os.bootloaderArgs) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("bootloader is not supported by QEMU")); + return -1; + } + if (def->os.loader) { if (def->os.loader->secure == VIR_TRISTATE_BOOL_YES) { /* These are the QEMU implementation limitations. But we -- 2.39.2
On 3/17/23 20:27, Andrea Bolognani wrote:
More information in the commit message for 11/15.
Ideally this would make it into 9.2.0 along with the other changes to firmware selection I've made in this cycle[1].
[1] https://listman.redhat.com/archives/libvir-list/2023-February/237806.html
Andrea Bolognani (15): tests: Rename a few firmware tests tests: Fix firmware-auto-efi-loader-path-nonstandard tests: Add firmware-auto-efi-loader-path tests: Add more tests for manual Secure Boot configuration tests: Fix firmware descriptor masking test qemu: Introduce qemuFirmwareMatchesPaths() qemu: Discard requires-smm firmware when loader.secure=no qemu: Always go through firmware autoselection conf: Remove some firmware validation checks conf: Don't format firmware type/features when migrating qemu: Don't drop firmware type/features information qemu: Automatically add firmware type/features information conf: Don't explicitly set the secure-boot feature conf: Move validation check out of postparse qemu: Move validation check out of postparse
67 files changed, 409 insertions(+), 164 deletions(-)
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Michal
On Tue, Mar 21, 2023 at 01:49:50PM +0100, Michal Prívozník wrote:
On 3/17/23 20:27, Andrea Bolognani wrote:
More information in the commit message for 11/15.
Ideally this would make it into 9.2.0 along with the other changes to firmware selection I've made in this cycle[1].
[1] https://listman.redhat.com/archives/libvir-list/2023-February/237806.html
Andrea Bolognani (15): tests: Rename a few firmware tests tests: Fix firmware-auto-efi-loader-path-nonstandard tests: Add firmware-auto-efi-loader-path tests: Add more tests for manual Secure Boot configuration tests: Fix firmware descriptor masking test qemu: Introduce qemuFirmwareMatchesPaths() qemu: Discard requires-smm firmware when loader.secure=no qemu: Always go through firmware autoselection conf: Remove some firmware validation checks conf: Don't format firmware type/features when migrating qemu: Don't drop firmware type/features information qemu: Automatically add firmware type/features information conf: Don't explicitly set the secure-boot feature conf: Move validation check out of postparse qemu: Move validation check out of postparse
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Thanks a lot! There's a teeny tiny additional patch that needs to go in before I can push these, otherwise the Ubuntu jobs will start failing. Can you please take a look at that one too? https://listman.redhat.com/archives/libvir-list/2023-March/238956.html -- Andrea Bolognani / Red Hat / Virtualization
participants (2)
-
Andrea Bolognani -
Michal Prívozník