[libvirt PATCH 0/2] qemu: support stateless UEFI firmware
This is to enable SEV builds of UEFI which provide only a single CODE.fd file, with not VARS.fd. Daniel P. Berrangé (2): conf: support stateless UEFI firmware qemu: support use of stateless EFI firmware docs/formatdomain.rst | 9 +++- src/conf/domain_conf.c | 9 ++++ src/conf/domain_conf.h | 1 + src/conf/domain_validate.c | 26 ++++++++++ src/conf/schemas/domaincommon.rng | 5 ++ src/qemu/qemu_domain.c | 3 +- src/qemu/qemu_firmware.c | 48 +++++++++++-------- ...-auto-bios-not-stateless.x86_64-latest.err | 1 + .../firmware-auto-bios-not-stateless.xml | 18 +++++++ ...are-auto-bios-stateless.x86_64-latest.args | 32 +++++++++++++ .../firmware-auto-bios-stateless.xml | 18 +++++++ ...ware-auto-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-auto-efi-stateless.xml | 18 +++++++ .../firmware-manual-bios-not-stateless.err | 1 + .../firmware-manual-bios-not-stateless.xml | 15 ++++++ .../firmware-manual-bios-stateless.args | 30 ++++++++++++ .../firmware-manual-bios-stateless.xml | 15 ++++++ ...nual-efi-nvram-stateless.x86_64-latest.err | 1 + .../firmware-manual-efi-nvram-stateless.xml | 21 ++++++++ ...nvram-template-stateless.x86_64-latest.err | 1 + ...re-manual-efi-nvram-template-stateless.xml | 19 ++++++++ ...re-manual-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-manual-efi-stateless.xml | 18 +++++++ tests/qemuxml2argvtest.c | 10 ++++ ...ware-auto-bios-stateless.x86_64-latest.xml | 34 +++++++++++++ .../firmware-manual-bios-stateless.xml | 25 ++++++++++ .../firmware-manual-bios.xml | 25 ++++++++++ tests/qemuxml2xmltest.c | 3 ++ 28 files changed, 451 insertions(+), 21 deletions(-) create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios.xml -- 2.36.1
Normally when an UEFI firmware is marked as read-only, an associated NVRAM file will be created. Some builds of UEFI firmware, however, wish to remain stateless and so will be read-only, but never have any NVRAM file. To represent this concept a 'stateless' tristate bool attribute is introduced on the <loader/> element. There are rather a large number of permutations to consider. With default firmware selection * <os/> => Historic default, no change * <os> <loader stateless='yes'/> </os> => Explicit version of historic default, no change * <os> <loader stateless='no'/> </os> => Invalid, bios is always stateless With manual legacy BIOS selection * <os> <loader>/path/to/seabios</loader> ... </os> => Historic default, no change * <os> <loader stateless='yes'>/path/to/seabios</loader> ... </os> => Explicit version of historic default, no change * <os> <loader stateless='no'>/path/to/seabios</loader> ... </os> => Invalid, bios is always stateless With manual UEFI selection * <os> <loader type='pflash'>/path/to/edk2</loader> ... </os> => Historic default, no change * <os> <loader type='pflash' stateless='yes'>/path/to/edk2</loader> ... </os> => Skip auto-filling NVRAM / template * <os> <loader type='pflash' stateless='no'>/path/to/edk2</loader> ... </os> => Explicit version of historic default, no change With automatic firmware selection * <os firmware='bios'/> => Historic default, no change * <os firmware='bios'> <loader stateless='yes'/> </os> => Explicit version of historic default, no change * <os firmware='bios'> <loader stateless='no'/> </os> => Invalid, bios is always stateless * <os firmware='uefi'/> => Historic default, no change * <os firmware='uefi'> <loader stateless='yes'/> </os> => Skip auto-filling NVRAM / template * <os firmware='uefi'> <loader stateless='no'/> </os> => Explicit version of historic default, no change Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- docs/formatdomain.rst | 9 ++++- src/conf/domain_conf.c | 9 +++++ src/conf/domain_conf.h | 1 + src/conf/domain_validate.c | 26 ++++++++++++++ src/conf/schemas/domaincommon.rng | 5 +++ ...-auto-bios-not-stateless.x86_64-latest.err | 1 + .../firmware-auto-bios-not-stateless.xml | 18 ++++++++++ ...are-auto-bios-stateless.x86_64-latest.args | 32 +++++++++++++++++ .../firmware-auto-bios-stateless.xml | 18 ++++++++++ .../firmware-manual-bios-not-stateless.err | 1 + .../firmware-manual-bios-not-stateless.xml | 15 ++++++++ .../firmware-manual-bios-stateless.args | 30 ++++++++++++++++ .../firmware-manual-bios-stateless.xml | 15 ++++++++ ...nual-efi-nvram-stateless.x86_64-latest.err | 1 + .../firmware-manual-efi-nvram-stateless.xml | 21 ++++++++++++ ...nvram-template-stateless.x86_64-latest.err | 1 + ...re-manual-efi-nvram-template-stateless.xml | 19 +++++++++++ tests/qemuxml2argvtest.c | 8 +++++ ...ware-auto-bios-stateless.x86_64-latest.xml | 34 +++++++++++++++++++ .../firmware-manual-bios-stateless.xml | 25 ++++++++++++++ .../firmware-manual-bios.xml | 25 ++++++++++++++ tests/qemuxml2xmltest.c | 3 ++ 22 files changed, 316 insertions(+), 1 deletion(-) create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios.xml diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 3ea094e64c..4199abfd1a 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -242,7 +242,11 @@ harddisk, cdrom, network) determining where to obtain/find the boot image. firmwares may implement the Secure boot feature. Attribute ``secure`` can be used to tell the hypervisor that the firmware is capable of Secure Boot feature. It cannot be used to enable or disable the feature itself in the firmware. - :since:`Since 2.1.0` + :since:`Since 2.1.0`. If the loader is marked as read-only, then with UEFI it + is assumed that there will be a writable NVRAM available. In some cases, + however, it may be desirable for the loader to run without any NVRAM, discarding + any config changes on shutdown. The ``stateless`` flag can be used to control + this behaviour, when set to ``no`` NVRAM will never be created. ``nvram`` Some UEFI firmwares may want to use a non-volatile memory to store some variables. In the host, this is represented as a file and the absolute path @@ -262,6 +266,9 @@ harddisk, cdrom, network) determining where to obtain/find the boot image. **Note:** ``network`` backed NVRAM the variables are not instantiated from the ``template`` and it's user's responsibility to provide a valid NVRAM image. + It is not valid to provide this element if the loader is marked as + stateless. + ``boot`` The ``dev`` attribute takes one of the values "fd", "hd", "cdrom" or "network" and is used to specify the next boot device to consider. The diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index c7564e3a3a..e85cc1f809 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -16682,6 +16682,10 @@ virDomainLoaderDefParseXML(virDomainLoaderDef *loader, &loader->secure) < 0) return -1; + if (virXMLPropTristateBool(loaderNode, "stateless", VIR_XML_PROP_NONE, + &loader->stateless) < 0) + return -1; + return 0; } @@ -25888,6 +25892,11 @@ virDomainLoaderDefFormat(virBuffer *buf, virBufferAsprintf(&loaderAttrBuf, " type='%s'", virDomainLoaderTypeToString(loader->type)); + if (loader->stateless != VIR_TRISTATE_BOOL_ABSENT) { + virBufferAsprintf(&loaderAttrBuf, " stateless='%s'", + virTristateBoolTypeToString(loader->stateless)); + } + virBufferEscapeString(&loaderChildBuf, "%s", loader->path); virXMLFormatElementInternal(buf, "loader", &loaderAttrBuf, &loaderChildBuf, false, false); diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 90de50c12f..060c395943 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2266,6 +2266,7 @@ struct _virDomainLoaderDef { virTristateBool readonly; virDomainLoader type; virTristateBool secure; + virTristateBool stateless; virStorageSource *nvram; bool newStyleNVRAM; char *nvramTemplate; /* user override of path to master nvram */ diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 814922cd46..cfd868fafa 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -1672,6 +1672,32 @@ virDomainDefOSValidate(const virDomainDef *def, } } + if (loader->stateless == VIR_TRISTATE_BOOL_YES) { + if (loader->nvramTemplate) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("NVRAM template is not permitted when loader is stateless")); + return -1; + } + + if (loader->nvram) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("NVRAM is not permitted when loader is stateless")); + return -1; + } + } else if (loader->stateless == VIR_TRISTATE_BOOL_NO) { + if (def->os.firmware == VIR_DOMAIN_OS_DEF_FIRMWARE_NONE) { + if (def->os.loader->type != VIR_DOMAIN_LOADER_TYPE_PFLASH) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("Only pflash loader type permits NVRAM")); + return -1; + } + } else if (def->os.firmware != VIR_DOMAIN_OS_DEF_FIRMWARE_EFI) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("Only EFI firmware permits NVRAM")); + return -1; + } + } + return 0; } diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincommon.rng index 2f07c25430..aaecf795c6 100644 --- a/src/conf/schemas/domaincommon.rng +++ b/src/conf/schemas/domaincommon.rng @@ -320,6 +320,11 @@ </choice> </attribute> </optional> + <optional> + <attribute name="stateless"> + <ref name="virYesNo"/> + </attribute> + </optional> <optional> <ref name="absFilePath"/> </optional> diff --git a/tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.x86_64-latest.err new file mode 100644 index 0000000000..b058f970a4 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.x86_64-latest.err @@ -0,0 +1 @@ +Only EFI firmware permits NVRAM diff --git a/tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.xml b/tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.xml new file mode 100644 index 0000000000..b2c8fc1122 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.xml @@ -0,0 +1,18 @@ +<domain type='kvm'> + <name>fedora</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>8192</memory> + <vcpu placement='static'>1</vcpu> + <os firmware='bios'> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader stateless='no'/> + </os> + <features> + <acpi/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/firmware-auto-bios-stateless.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-bios-stateless.x86_64-latest.args new file mode 100644 index 0000000000..1d45a8cfba --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-bios-stateless.x86_64-latest.args @@ -0,0 +1,32 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/tmp/lib/domain--1-fedora \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/tmp/lib/domain--1-fedora/.local/share \ +XDG_CACHE_HOME=/tmp/lib/domain--1-fedora/.cache \ +XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=fedora,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tmp/lib/domain--1-fedora/master-key.aes"}' \ +-machine pc-q35-4.0,usb=off,dump-guest-core=off,memory-backend=pc.ram \ +-accel kvm \ +-cpu qemu64 \ +-bios /usr/share/seabios/bios-256k.bin \ +-m 8 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":8388608}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid 63840878-0deb-4095-97e6-fc444d9bc9fa \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-auto-bios-stateless.xml b/tests/qemuxml2argvdata/firmware-auto-bios-stateless.xml new file mode 100644 index 0000000000..4847951346 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-bios-stateless.xml @@ -0,0 +1,18 @@ +<domain type='kvm'> + <name>fedora</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>8192</memory> + <vcpu placement='static'>1</vcpu> + <os firmware='bios'> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader stateless='yes'/> + </os> + <features> + <acpi/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.err b/tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.err new file mode 100644 index 0000000000..188a5a4180 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.err @@ -0,0 +1 @@ +Only pflash loader type permits NVRAM diff --git a/tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.xml b/tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.xml new file mode 100644 index 0000000000..b60878ca0b --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.xml @@ -0,0 +1,15 @@ +<domain type='qemu'> + <name>test-bios</name> + <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> + <memory unit='KiB'>1048576</memory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='i686' machine='pc'>hvm</type> + <loader stateless='no'>/usr/share/seabios/bios.bin</loader> + </os> + <devices> + <emulator>/usr/bin/qemu-system-i386</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-bios-stateless.args b/tests/qemuxml2argvdata/firmware-manual-bios-stateless.args new file mode 100644 index 0000000000..e1cb064b71 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-bios-stateless.args @@ -0,0 +1,30 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/tmp/lib/domain--1-test-bios \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/tmp/lib/domain--1-test-bios/.local/share \ +XDG_CACHE_HOME=/tmp/lib/domain--1-test-bios/.cache \ +XDG_CONFIG_HOME=/tmp/lib/domain--1-test-bios/.config \ +QEMU_AUDIO_DRV=none \ +/usr/bin/qemu-system-i386 \ +-name guest=test-bios,debug-threads=on \ +-S \ +-object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-test-bios/master-key.aes \ +-machine pc,usb=off,dump-guest-core=off \ +-accel tcg \ +-bios /usr/share/seabios/bios.bin \ +-m 1024 \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid 362d1fc1-df7d-193e-5c18-49a71bd1da66 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-no-acpi \ +-boot strict=on \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-bios-stateless.xml b/tests/qemuxml2argvdata/firmware-manual-bios-stateless.xml new file mode 100644 index 0000000000..9d6f4e4c83 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-bios-stateless.xml @@ -0,0 +1,15 @@ +<domain type='qemu'> + <name>test-bios</name> + <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> + <memory unit='KiB'>1048576</memory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='i686' machine='pc'>hvm</type> + <loader stateless='yes'>/usr/share/seabios/bios.bin</loader> + </os> + <devices> + <emulator>/usr/bin/qemu-system-i386</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.x86_64-latest.err new file mode 100644 index 0000000000..de8db3763d --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.x86_64-latest.err @@ -0,0 +1 @@ +NVRAM is not permitted when loader is stateless diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.xml b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.xml new file mode 100644 index 0000000000..717712e89b --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.xml @@ -0,0 +1,21 @@ +<domain type='qemu'> + <name>test-bios</name> + <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> + <memory unit='KiB'>1048576</memory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <loader stateless='yes' readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> + <nvram type='file'> + <source file='/var/lib/libvirt/nvram/guest_VARS.fd'/> + </nvram> + </os> + <features> + <acpi/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.x86_64-latest.err new file mode 100644 index 0000000000..95ec794c17 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.x86_64-latest.err @@ -0,0 +1 @@ +NVRAM template is not permitted when loader is stateless diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.xml b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.xml new file mode 100644 index 0000000000..a6d7079b78 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.xml @@ -0,0 +1,19 @@ +<domain type='qemu'> + <name>test-bios</name> + <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> + <memory unit='KiB'>1048576</memory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <loader stateless='yes' readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> + <nvram template="/usr/share/OVMF/OVMF_VARS.fd"/> + </os> + <features> + <acpi/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index b2da42cb1f..57d5f3e1c1 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1190,6 +1190,10 @@ mymain(void) DO_TEST("firmware-manual-bios", QEMU_CAPS_DEVICE_ISA_SERIAL); + DO_TEST("firmware-manual-bios-stateless", + QEMU_CAPS_DEVICE_ISA_SERIAL); + DO_TEST_PARSE_ERROR("firmware-manual-bios-not-stateless", + QEMU_CAPS_DEVICE_ISA_SERIAL); DO_TEST_NOCAPS("firmware-manual-efi"); DO_TEST_PARSE_ERROR_NOCAPS("firmware-manual-efi-no-path"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-features"); @@ -1202,10 +1206,12 @@ mymain(void) QEMU_CAPS_ICH9_AHCI, QEMU_CAPS_VIRTIO_SCSI); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-template"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-nvram-template-stateless"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-network-iscsi"); DO_TEST_CAPS_VER_PARSE_ERROR("firmware-manual-efi-nvram-network-iscsi", "4.1.0"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-network-nbd"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-file"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-nvram-stateless"); /* Make sure all combinations of ACPI and UEFI behave as expected */ DO_TEST_NOCAPS("firmware-manual-efi-acpi-aarch64"); @@ -1218,6 +1224,8 @@ mymain(void) DO_TEST_NOCAPS("firmware-manual-noefi-noacpi-q35"); DO_TEST_CAPS_LATEST("firmware-auto-bios"); + DO_TEST_CAPS_LATEST("firmware-auto-bios-stateless"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-bios-not-stateless"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-bios-nvram"); DO_TEST_CAPS_LATEST("firmware-auto-efi"); DO_TEST_CAPS_LATEST("firmware-auto-efi-nvram"); diff --git a/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml new file mode 100644 index 0000000000..f1b5516ce4 --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml @@ -0,0 +1,34 @@ +<domain type='kvm'> + <name>fedora</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>8192</memory> + <currentMemory unit='KiB'>8192</currentMemory> + <vcpu placement='static'>1</vcpu> + <os firmware='bios'> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader stateless='yes'/> + <boot dev='hd'/> + </os> + <features> + <acpi/> + </features> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='sata' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pcie-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-bios-stateless.xml b/tests/qemuxml2xmloutdata/firmware-manual-bios-stateless.xml new file mode 100644 index 0000000000..de5ecb96dc --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-manual-bios-stateless.xml @@ -0,0 +1,25 @@ +<domain type='qemu'> + <name>test-bios</name> + <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> + <memory unit='KiB'>1048576</memory> + <currentMemory unit='KiB'>1048576</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='i686' machine='pc'>hvm</type> + <loader type='rom' stateless='yes'>/usr/share/seabios/bios.bin</loader> + <boot dev='hd'/> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-i386</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='pci' index='0' model='pci-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-bios.xml b/tests/qemuxml2xmloutdata/firmware-manual-bios.xml new file mode 100644 index 0000000000..75bb6038ca --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-manual-bios.xml @@ -0,0 +1,25 @@ +<domain type='qemu'> + <name>test-bios</name> + <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> + <memory unit='KiB'>1048576</memory> + <currentMemory unit='KiB'>1048576</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='i686' machine='pc'>hvm</type> + <loader type='rom'>/usr/share/seabios/bios.bin</loader> + <boot dev='hd'/> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-i386</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='pci' index='0' model='pci-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 68e5041bfd..8cac50c767 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -1067,12 +1067,15 @@ mymain(void) DO_TEST("numatune-hmat", QEMU_CAPS_NUMA_HMAT, QEMU_CAPS_OBJECT_MEMORY_RAM); DO_TEST_CAPS_LATEST("numatune-memnode-restrictive-mode"); + DO_TEST_NOCAPS("firmware-manual-bios"); + DO_TEST_NOCAPS("firmware-manual-bios-stateless"); DO_TEST_NOCAPS("firmware-manual-efi"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-network-iscsi"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-network-nbd"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-file"); DO_TEST_CAPS_LATEST("firmware-auto-bios"); + DO_TEST_CAPS_LATEST("firmware-auto-bios-stateless"); DO_TEST_CAPS_LATEST("firmware-auto-efi"); DO_TEST_CAPS_LATEST("firmware-auto-efi-nvram"); DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-secure"); -- 2.36.1
On 7/22/22 18:23, Daniel P. Berrangé wrote:
Normally when an UEFI firmware is marked as read-only, an associated NVRAM file will be created. Some builds of UEFI firmware, however, wish to remain stateless and so will be read-only, but never have any NVRAM file. To represent this concept a 'stateless' tristate bool attribute is introduced on the <loader/> element.
There are rather a large number of permutations to consider.
With default firmware selection
* <os/>
=> Historic default, no change
* <os> <loader stateless='yes'/> </os>
=> Explicit version of historic default, no change
* <os> <loader stateless='no'/> </os>
=> Invalid, bios is always stateless
With manual legacy BIOS selection
* <os> <loader>/path/to/seabios</loader> ... </os>
=> Historic default, no change
* <os> <loader stateless='yes'>/path/to/seabios</loader> ... </os>
=> Explicit version of historic default, no change
* <os> <loader stateless='no'>/path/to/seabios</loader> ... </os>
=> Invalid, bios is always stateless
With manual UEFI selection
* <os> <loader type='pflash'>/path/to/edk2</loader> ... </os>
=> Historic default, no change
* <os> <loader type='pflash' stateless='yes'>/path/to/edk2</loader> ... </os>
=> Skip auto-filling NVRAM / template
* <os> <loader type='pflash' stateless='no'>/path/to/edk2</loader> ... </os>
=> Explicit version of historic default, no change
With automatic firmware selection
* <os firmware='bios'/>
=> Historic default, no change
* <os firmware='bios'> <loader stateless='yes'/> </os>
=> Explicit version of historic default, no change
* <os firmware='bios'> <loader stateless='no'/> </os>
=> Invalid, bios is always stateless
* <os firmware='uefi'/>
=> Historic default, no change
* <os firmware='uefi'> <loader stateless='yes'/> </os>
=> Skip auto-filling NVRAM / template
* <os firmware='uefi'> <loader stateless='no'/> </os>
=> Explicit version of historic default, no change
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- docs/formatdomain.rst | 9 ++++- src/conf/domain_conf.c | 9 +++++ src/conf/domain_conf.h | 1 + src/conf/domain_validate.c | 26 ++++++++++++++ src/conf/schemas/domaincommon.rng | 5 +++ ...-auto-bios-not-stateless.x86_64-latest.err | 1 + .../firmware-auto-bios-not-stateless.xml | 18 ++++++++++ ...are-auto-bios-stateless.x86_64-latest.args | 32 +++++++++++++++++ .../firmware-auto-bios-stateless.xml | 18 ++++++++++ .../firmware-manual-bios-not-stateless.err | 1 + .../firmware-manual-bios-not-stateless.xml | 15 ++++++++ .../firmware-manual-bios-stateless.args | 30 ++++++++++++++++ .../firmware-manual-bios-stateless.xml | 15 ++++++++ ...nual-efi-nvram-stateless.x86_64-latest.err | 1 + .../firmware-manual-efi-nvram-stateless.xml | 21 ++++++++++++ ...nvram-template-stateless.x86_64-latest.err | 1 + ...re-manual-efi-nvram-template-stateless.xml | 19 +++++++++++ tests/qemuxml2argvtest.c | 8 +++++ ...ware-auto-bios-stateless.x86_64-latest.xml | 34 +++++++++++++++++++ .../firmware-manual-bios-stateless.xml | 25 ++++++++++++++ .../firmware-manual-bios.xml | 25 ++++++++++++++ tests/qemuxml2xmltest.c | 3 ++ 22 files changed, 316 insertions(+), 1 deletion(-) create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios.xml
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 3ea094e64c..4199abfd1a 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -242,7 +242,11 @@ harddisk, cdrom, network) determining where to obtain/find the boot image. firmwares may implement the Secure boot feature. Attribute ``secure`` can be used to tell the hypervisor that the firmware is capable of Secure Boot feature. It cannot be used to enable or disable the feature itself in the firmware. - :since:`Since 2.1.0` + :since:`Since 2.1.0`. If the loader is marked as read-only, then with UEFI it + is assumed that there will be a writable NVRAM available. In some cases, + however, it may be desirable for the loader to run without any NVRAM, discarding + any config changes on shutdown. The ``stateless`` flag can be used to control + this behaviour, when set to ``no`` NVRAM will never be created.
The ``stateless` flag (:since:since 8.6.0) can be used ... Or something among those lines, to make it obvious when the attribute was added.
``nvram`` Some UEFI firmwares may want to use a non-volatile memory to store some variables. In the host, this is represented as a file and the absolute path
Michal
Apologies for this feedback coming very late - not just post-merge but also extremely close to release. On Fri, Jul 22, 2022 at 05:23:16PM +0100, Daniel P. Berrangé wrote:
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 3ea094e64c..4199abfd1a 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -242,7 +242,11 @@ harddisk, cdrom, network) determining where to obtain/find the boot image. firmwares may implement the Secure boot feature. Attribute ``secure`` can be used to tell the hypervisor that the firmware is capable of Secure Boot feature. It cannot be used to enable or disable the feature itself in the firmware. - :since:`Since 2.1.0` + :since:`Since 2.1.0`. If the loader is marked as read-only, then with UEFI it + is assumed that there will be a writable NVRAM available. In some cases, + however, it may be desirable for the loader to run without any NVRAM, discarding + any config changes on shutdown. The ``stateless`` flag can be used to control + this behaviour, when set to ``no`` NVRAM will never be created.
Isn't the actual behavior the opposite of what you're describing here? That is, stateless=yes is what causes the NVRAM file to not be created.
+++ b/src/conf/domain_validate.c @@ -1672,6 +1672,32 @@ virDomainDefOSValidate(const virDomainDef *def, } }
+ if (loader->stateless == VIR_TRISTATE_BOOL_YES) { + if (loader->nvramTemplate) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("NVRAM template is not permitted when loader is stateless")); + return -1; + } + + if (loader->nvram) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("NVRAM is not permitted when loader is stateless")); + return -1; + } + } else if (loader->stateless == VIR_TRISTATE_BOOL_NO) { + if (def->os.firmware == VIR_DOMAIN_OS_DEF_FIRMWARE_NONE) { + if (def->os.loader->type != VIR_DOMAIN_LOADER_TYPE_PFLASH) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("Only pflash loader type permits NVRAM")); + return -1; + } + } else if (def->os.firmware != VIR_DOMAIN_OS_DEF_FIRMWARE_EFI) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("Only EFI firmware permits NVRAM")); + return -1; + }
These last two error messages could be improved IMO. Consider the firmware-auto-bios-not-stateless test case, where the input configuration looks like <os firmware='bios'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader stateless='no'/> </os> In this case, printing out Only EFI firmware permits NVRAM is a bit confusing, since the user has not directly mentioned NVRAM anywhere. Something along the lines of virReportError(VIR_ERR_XML_DETAIL, _("Firmware type '%s' only supports stateless operations"), virDomainOsDefFirmwareTypeToString(def->os.firmware)); would be more understandable and actionable, I think. -- Andrea Bolognani / Red Hat / Virtualization
When the <loader stateless='yes'/> attribute is set, the QEMU driver needs to do three things - Avoid looking for an NVRAM template - Avoid auto-populating an <nvram/> path - Find firmware descriptors with mode=stateless instead of mode=split Note, the first thing happens automatically when we solve the second thing. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/qemu/qemu_domain.c | 3 +- src/qemu/qemu_firmware.c | 48 +++++++++++-------- ...ware-auto-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-auto-efi-stateless.xml | 18 +++++++ ...re-manual-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-manual-efi-stateless.xml | 18 +++++++ tests/qemuxml2argvtest.c | 2 + 7 files changed, 135 insertions(+), 20 deletions(-) create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.xml diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 7df8041adf..b02ffc9a2e 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4683,7 +4683,8 @@ qemuDomainDefPostParse(virDomainDef *def, } if (virDomainDefHasOldStyleROUEFI(def) && - !def->os.loader->nvram) { + !def->os.loader->nvram && + def->os.loader->stateless != VIR_TRISTATE_BOOL_YES) { def->os.loader->nvram = virStorageSourceNew(); def->os.loader->nvram->type = VIR_STORAGE_TYPE_FILE; def->os.loader->nvram->format = VIR_STORAGE_FILE_RAW; diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index c477b45d62..eb7abb0b32 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1110,10 +1110,18 @@ qemuFirmwareMatchDomain(const virDomainDef *def, return false; } - if (fw->mapping.device == QEMU_FIRMWARE_DEVICE_FLASH && - fw->mapping.data.flash.mode != QEMU_FIRMWARE_FLASH_MODE_SPLIT) { - VIR_DEBUG("Discarding loader without split flash"); - return false; + if (fw->mapping.device == QEMU_FIRMWARE_DEVICE_FLASH) { + if (def->os.loader && def->os.loader->stateless == VIR_TRISTATE_BOOL_YES) { + if (fw->mapping.data.flash.mode != QEMU_FIRMWARE_FLASH_MODE_STATELESS) { + VIR_DEBUG("Discarding loader without stateless flash"); + return false; + } + } else { + if (fw->mapping.data.flash.mode != QEMU_FIRMWARE_FLASH_MODE_SPLIT) { + VIR_DEBUG("Discarding loader without split flash"); + return false; + } + } } if (def->sec) { @@ -1175,27 +1183,29 @@ qemuFirmwareEnableFeatures(virQEMUDriver *driver, VIR_FREE(def->os.loader->path); def->os.loader->path = g_strdup(flash->executable.filename); - if (STRNEQ(flash->nvram_template.format, "raw")) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, - _("unsupported nvram template format '%s'"), - flash->nvram_template.format); - return -1; - } + if (flash->mode == QEMU_FIRMWARE_FLASH_MODE_SPLIT) { + if (STRNEQ(flash->nvram_template.format, "raw")) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _("unsupported nvram template format '%s'"), + flash->nvram_template.format); + return -1; + } - VIR_FREE(def->os.loader->nvramTemplate); - def->os.loader->nvramTemplate = g_strdup(flash->nvram_template.filename); + VIR_FREE(def->os.loader->nvramTemplate); + def->os.loader->nvramTemplate = g_strdup(flash->nvram_template.filename); - if (!def->os.loader->nvram) { - def->os.loader->nvram = virStorageSourceNew(); - def->os.loader->nvram->type = VIR_STORAGE_TYPE_FILE; - def->os.loader->nvram->format = VIR_STORAGE_FILE_RAW; - qemuDomainNVRAMPathFormat(cfg, def, &def->os.loader->nvram->path); + if (!def->os.loader->nvram) { + def->os.loader->nvram = virStorageSourceNew(); + def->os.loader->nvram->type = VIR_STORAGE_TYPE_FILE; + def->os.loader->nvram->format = VIR_STORAGE_FILE_RAW; + qemuDomainNVRAMPathFormat(cfg, def, &def->os.loader->nvram->path); + } } VIR_DEBUG("decided on firmware '%s' template '%s' NVRAM '%s'", def->os.loader->path, - def->os.loader->nvramTemplate, - def->os.loader->nvram->path); + NULLSTR(def->os.loader->nvramTemplate), + NULLSTR(def->os.loader->nvram ? def->os.loader->nvram->path : NULL)); break; case QEMU_FIRMWARE_DEVICE_KERNEL: diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-stateless.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-stateless.x86_64-latest.args new file mode 100644 index 0000000000..89f733761e --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-efi-stateless.x86_64-latest.args @@ -0,0 +1,33 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/tmp/lib/domain--1-fedora \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/tmp/lib/domain--1-fedora/.local/share \ +XDG_CACHE_HOME=/tmp/lib/domain--1-fedora/.cache \ +XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=fedora,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tmp/lib/domain--1-fedora/master-key.aes"}' \ +-blockdev '{"driver":"file","filename":"/usr/share/OVMF/OVMF.sev.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}' \ +-machine pc-q35-4.0,usb=off,dump-guest-core=off,pflash0=libvirt-pflash0-format,memory-backend=pc.ram \ +-accel kvm \ +-cpu qemu64 \ +-m 8 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":8388608}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid 63840878-0deb-4095-97e6-fc444d9bc9fa \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-stateless.xml b/tests/qemuxml2argvdata/firmware-auto-efi-stateless.xml new file mode 100644 index 0000000000..1be0f4fd96 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-efi-stateless.xml @@ -0,0 +1,18 @@ +<domain type='kvm'> + <name>fedora</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>8192</memory> + <vcpu placement='static'>1</vcpu> + <os firmware='efi'> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <loader stateless='yes'/> + </os> + <features> + <acpi/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-stateless.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-efi-stateless.x86_64-latest.args new file mode 100644 index 0000000000..fa4a677ce9 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-stateless.x86_64-latest.args @@ -0,0 +1,33 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/tmp/lib/domain--1-test-bios \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/tmp/lib/domain--1-test-bios/.local/share \ +XDG_CACHE_HOME=/tmp/lib/domain--1-test-bios/.cache \ +XDG_CONFIG_HOME=/tmp/lib/domain--1-test-bios/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=test-bios,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tmp/lib/domain--1-test-bios/master-key.aes"}' \ +-blockdev '{"driver":"file","filename":"/usr/share/OVMF/OVMF_CODE.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}' \ +-machine pc,usb=off,dump-guest-core=off,pflash0=libvirt-pflash0-format,memory-backend=pc.ram \ +-accel tcg \ +-cpu qemu64 \ +-m 1024 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":1073741824}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid 362d1fc1-df7d-193e-5c18-49a71bd1da66 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-stateless.xml b/tests/qemuxml2argvdata/firmware-manual-efi-stateless.xml new file mode 100644 index 0000000000..6f2a4963b1 --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-manual-efi-stateless.xml @@ -0,0 +1,18 @@ +<domain type='qemu'> + <name>test-bios</name> + <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> + <memory unit='KiB'>1048576</memory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <loader readonly='yes' type='pflash' stateless='yes'>/usr/share/OVMF/OVMF_CODE.fd</loader> + </os> + <features> + <acpi/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 57d5f3e1c1..b72d61c3bc 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1205,6 +1205,7 @@ mymain(void) QEMU_CAPS_DEVICE_IOH3420, QEMU_CAPS_ICH9_AHCI, QEMU_CAPS_VIRTIO_SCSI); + DO_TEST_CAPS_LATEST("firmware-manual-efi-stateless"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-template"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-manual-efi-nvram-template-stateless"); DO_TEST_CAPS_LATEST("firmware-manual-efi-nvram-network-iscsi"); @@ -1228,6 +1229,7 @@ mymain(void) DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-bios-not-stateless"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-bios-nvram"); DO_TEST_CAPS_LATEST("firmware-auto-efi"); + DO_TEST_CAPS_LATEST("firmware-auto-efi-stateless"); DO_TEST_CAPS_LATEST("firmware-auto-efi-nvram"); DO_TEST_CAPS_LATEST("firmware-auto-efi-loader-secure"); DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-loader-insecure"); -- 2.36.1
On Fri, Jul 22, 2022 at 05:23:17PM +0100, Daniel P. Berrangé wrote:
VIR_DEBUG("decided on firmware '%s' template '%s' NVRAM '%s'", def->os.loader->path, - def->os.loader->nvramTemplate, - def->os.loader->nvram->path); + NULLSTR(def->os.loader->nvramTemplate), + NULLSTR(def->os.loader->nvram ? def->os.loader->nvram->path : NULL));
It would be nice to reflect in the live XML whether or not a stateless firmware has been picked. Something along the lines of the hastily thrown together, very lightly tested diff below should do the trick. diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index eb7abb0b32..68d562285e 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1200,6 +1200,9 @@ qemuFirmwareEnableFeatures(virQEMUDriver *driver, def->os.loader->nvram->format = VIR_STORAGE_FILE_RAW; qemuDomainNVRAMPathFormat(cfg, def, &def->os.loader->nvram->path); } + def->os.loader->stateless = VIR_TRISTATE_BOOL_NO; + } else if (flash->mode == QEMU_FIRMWARE_FLASH_MODE_STATELESS) { + def->os.loader->stateless = VIR_TRISTATE_BOOL_YES; } VIR_DEBUG("decided on firmware '%s' template '%s' NVRAM '%s'", -- Andrea Bolognani / Red Hat / Virtualization
On 7/22/22 18:23, Daniel P. Berrangé wrote:
This is to enable SEV builds of UEFI which provide only a single CODE.fd file, with not VARS.fd.
Daniel P. Berrangé (2): conf: support stateless UEFI firmware qemu: support use of stateless EFI firmware
docs/formatdomain.rst | 9 +++- src/conf/domain_conf.c | 9 ++++ src/conf/domain_conf.h | 1 + src/conf/domain_validate.c | 26 ++++++++++ src/conf/schemas/domaincommon.rng | 5 ++ src/qemu/qemu_domain.c | 3 +- src/qemu/qemu_firmware.c | 48 +++++++++++-------- ...-auto-bios-not-stateless.x86_64-latest.err | 1 + .../firmware-auto-bios-not-stateless.xml | 18 +++++++ ...are-auto-bios-stateless.x86_64-latest.args | 32 +++++++++++++ .../firmware-auto-bios-stateless.xml | 18 +++++++ ...ware-auto-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-auto-efi-stateless.xml | 18 +++++++ .../firmware-manual-bios-not-stateless.err | 1 + .../firmware-manual-bios-not-stateless.xml | 15 ++++++ .../firmware-manual-bios-stateless.args | 30 ++++++++++++ .../firmware-manual-bios-stateless.xml | 15 ++++++ ...nual-efi-nvram-stateless.x86_64-latest.err | 1 + .../firmware-manual-efi-nvram-stateless.xml | 21 ++++++++ ...nvram-template-stateless.x86_64-latest.err | 1 + ...re-manual-efi-nvram-template-stateless.xml | 19 ++++++++ ...re-manual-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-manual-efi-stateless.xml | 18 +++++++ tests/qemuxml2argvtest.c | 10 ++++ ...ware-auto-bios-stateless.x86_64-latest.xml | 34 +++++++++++++ .../firmware-manual-bios-stateless.xml | 25 ++++++++++ .../firmware-manual-bios.xml | 25 ++++++++++ tests/qemuxml2xmltest.c | 3 ++ 28 files changed, 451 insertions(+), 21 deletions(-) create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios.xml
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Michal
On Mon, Jul 25, 2022 at 03:40:41PM +0200, Michal Prívozník wrote:
On 7/22/22 18:23, Daniel P. Berrangé wrote:
This is to enable SEV builds of UEFI which provide only a single CODE.fd file, with not VARS.fd.
Daniel P. Berrangé (2): conf: support stateless UEFI firmware qemu: support use of stateless EFI firmware
docs/formatdomain.rst | 9 +++- src/conf/domain_conf.c | 9 ++++ src/conf/domain_conf.h | 1 + src/conf/domain_validate.c | 26 ++++++++++ src/conf/schemas/domaincommon.rng | 5 ++ src/qemu/qemu_domain.c | 3 +- src/qemu/qemu_firmware.c | 48 +++++++++++-------- ...-auto-bios-not-stateless.x86_64-latest.err | 1 + .../firmware-auto-bios-not-stateless.xml | 18 +++++++ ...are-auto-bios-stateless.x86_64-latest.args | 32 +++++++++++++ .../firmware-auto-bios-stateless.xml | 18 +++++++ ...ware-auto-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-auto-efi-stateless.xml | 18 +++++++ .../firmware-manual-bios-not-stateless.err | 1 + .../firmware-manual-bios-not-stateless.xml | 15 ++++++ .../firmware-manual-bios-stateless.args | 30 ++++++++++++ .../firmware-manual-bios-stateless.xml | 15 ++++++ ...nual-efi-nvram-stateless.x86_64-latest.err | 1 + .../firmware-manual-efi-nvram-stateless.xml | 21 ++++++++ ...nvram-template-stateless.x86_64-latest.err | 1 + ...re-manual-efi-nvram-template-stateless.xml | 19 ++++++++ ...re-manual-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-manual-efi-stateless.xml | 18 +++++++ tests/qemuxml2argvtest.c | 10 ++++ ...ware-auto-bios-stateless.x86_64-latest.xml | 34 +++++++++++++ .../firmware-manual-bios-stateless.xml | 25 ++++++++++ .../firmware-manual-bios.xml | 25 ++++++++++ tests/qemuxml2xmltest.c | 3 ++ 28 files changed, 451 insertions(+), 21 deletions(-) create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios.xml
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
ANy objection to me pushing this now, or wait until after freeze is over ? With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On 7/26/22 16:16, Daniel P. Berrangé wrote:
On Mon, Jul 25, 2022 at 03:40:41PM +0200, Michal Prívozník wrote:
On 7/22/22 18:23, Daniel P. Berrangé wrote:
This is to enable SEV builds of UEFI which provide only a single CODE.fd file, with not VARS.fd.
Daniel P. Berrangé (2): conf: support stateless UEFI firmware qemu: support use of stateless EFI firmware
docs/formatdomain.rst | 9 +++- src/conf/domain_conf.c | 9 ++++ src/conf/domain_conf.h | 1 + src/conf/domain_validate.c | 26 ++++++++++ src/conf/schemas/domaincommon.rng | 5 ++ src/qemu/qemu_domain.c | 3 +- src/qemu/qemu_firmware.c | 48 +++++++++++-------- ...-auto-bios-not-stateless.x86_64-latest.err | 1 + .../firmware-auto-bios-not-stateless.xml | 18 +++++++ ...are-auto-bios-stateless.x86_64-latest.args | 32 +++++++++++++ .../firmware-auto-bios-stateless.xml | 18 +++++++ ...ware-auto-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-auto-efi-stateless.xml | 18 +++++++ .../firmware-manual-bios-not-stateless.err | 1 + .../firmware-manual-bios-not-stateless.xml | 15 ++++++ .../firmware-manual-bios-stateless.args | 30 ++++++++++++ .../firmware-manual-bios-stateless.xml | 15 ++++++ ...nual-efi-nvram-stateless.x86_64-latest.err | 1 + .../firmware-manual-efi-nvram-stateless.xml | 21 ++++++++ ...nvram-template-stateless.x86_64-latest.err | 1 + ...re-manual-efi-nvram-template-stateless.xml | 19 ++++++++ ...re-manual-efi-stateless.x86_64-latest.args | 33 +++++++++++++ .../firmware-manual-efi-stateless.xml | 18 +++++++ tests/qemuxml2argvtest.c | 10 ++++ ...ware-auto-bios-stateless.x86_64-latest.xml | 34 +++++++++++++ .../firmware-manual-bios-stateless.xml | 25 ++++++++++ .../firmware-manual-bios.xml | 25 ++++++++++ tests/qemuxml2xmltest.c | 3 ++ 28 files changed, 451 insertions(+), 21 deletions(-) create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-not-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-nvram-template-stateless.xml create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/firmware-manual-efi-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-auto-bios-stateless.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios-stateless.xml create mode 100644 tests/qemuxml2xmloutdata/firmware-manual-bios.xml
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
ANy objection to me pushing this now, or wait until after freeze is over ?
Yeah, this is safe for freeze. Michal
On Fri, Jul 22, 2022 at 05:23:15PM +0100, Daniel P. Berrangé wrote:
This is to enable SEV builds of UEFI which provide only a single CODE.fd file, with not VARS.fd.
This is a significant enough user-visible change that a NEWS entry for it would be warranted. -- Andrea Bolognani / Red Hat / Virtualization
participants (3)
-
Andrea Bolognani -
Daniel P. Berrangé -
Michal Prívozník