4:52 p.m.
v2 of:
https://www.redhat.com/archives/libvir-list/2019-April/msg00460.html
diff to v1:
- Expose 'secure' too
- Switch to uint64_t for qemuFirmwareGetSupported()
Michal Prívozník (4):
qemu_firmware: Separate firmware loading into a function
qemu_firmware: Separate machine and arch matching into a function
qemu_firmware: Introduce qemuFirmwareGetSupported
domain capabilities: Expose firmware auto selection feature
docs/formatdomaincaps.html.in | 23 +++
docs/schemas/domaincaps.rng | 1 +
src/conf/domain_capabilities.c | 3 +
src/conf/domain_capabilities.h | 2 +
src/qemu/qemu_capabilities.c | 35 +++-
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_driver.c | 1 +
src/qemu/qemu_firmware.c | 169 ++++++++++++++----
src/qemu/qemu_firmware.h | 10 ++
tests/Makefile.am | 4 +-
.../qemu_1.7.0.x86_64.xml | 7 +
.../qemu_2.12.0-virt.aarch64.xml | 6 +
.../qemu_2.12.0.ppc64.xml | 4 +
.../qemu_2.12.0.s390x.xml | 4 +
.../qemu_2.12.0.x86_64.xml | 7 +
.../qemu_2.6.0-virt.aarch64.xml | 6 +
.../qemu_2.6.0.aarch64.xml | 4 +
.../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 4 +
.../qemu_2.6.0.x86_64.xml | 7 +
.../domaincapsschemadata/qemu_2.7.0.s390x.xml | 4 +
.../qemu_2.8.0-tcg.x86_64.xml | 7 +
.../domaincapsschemadata/qemu_2.8.0.s390x.xml | 4 +
.../qemu_2.8.0.x86_64.xml | 7 +
.../qemu_2.9.0-q35.x86_64.xml | 8 +
.../qemu_2.9.0-tcg.x86_64.xml | 7 +
.../qemu_2.9.0.x86_64.xml | 7 +
.../domaincapsschemadata/qemu_3.0.0.s390x.xml | 4 +
.../qemu_3.1.0.x86_64.xml | 7 +
.../qemu_4.0.0.x86_64.xml | 7 +
tests/domaincapstest.c | 16 ++
tests/qemufirmwaretest.c | 72 ++++++++
31 files changed, 412 insertions(+), 36 deletions(-)
--
2.21.0
4:52 p.m.
New subject: [libvirt] [PATCH v2 1/4] qemu_firmware: Separate firmware loading into a function
This piece of code will be reused later.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_firmware.c | 53 ++++++++++++++++++++++++++++------------
1 file changed, 38 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c
index 787b76b531..065e0d11aa 100644
--- a/src/qemu/qemu_firmware.c
+++ b/src/qemu/qemu_firmware.c
@@ -1314,15 +1314,49 @@ qemuFirmwareSanityCheck(const qemuFirmware *fw,
}
+static ssize_t
+qemuFirmwareFetchParsedConfigs(bool privileged,
+ qemuFirmwarePtr **firmwaresRet,
+ char ***pathsRet)
+{
+ VIR_AUTOSTRINGLIST paths = NULL;
+ size_t npaths;
+ qemuFirmwarePtr *firmwares = NULL;
+ size_t i;
+
+ if (qemuFirmwareFetchConfigs(&paths, privileged) < 0)
+ return -1;
+
+ npaths = virStringListLength((const char **)paths);
+
+ if (VIR_ALLOC_N(firmwares, npaths) < 0)
+ return -1;
+
+ for (i = 0; i < npaths; i++) {
+ if (!(firmwares[i] = qemuFirmwareParse(paths[i])))
+ goto error;
+ }
+
+ VIR_STEAL_PTR(*firmwaresRet, firmwares);
+ VIR_STEAL_PTR(*pathsRet, paths);
+ return npaths;
+
+ error:
+ while (i > 0)
+ qemuFirmwareFree(firmwares[--i]);
+ VIR_FREE(firmwares);
+ return -1;
+}
+
+
int
qemuFirmwareFillDomain(virQEMUDriverPtr driver,
virDomainObjPtr vm,
unsigned int flags)
{
VIR_AUTOSTRINGLIST paths = NULL;
- size_t npaths = 0;
qemuFirmwarePtr *firmwares = NULL;
- size_t nfirmwares = 0;
+ ssize_t nfirmwares = 0;
const qemuFirmware *theone = NULL;
size_t i;
int ret = -1;
@@ -1333,21 +1367,10 @@ qemuFirmwareFillDomain(virQEMUDriverPtr driver,
if (vm->def->os.firmware == VIR_DOMAIN_OS_DEF_FIRMWARE_NONE)
return 0;
- if (qemuFirmwareFetchConfigs(&paths, driver->privileged) < 0)
+ if ((nfirmwares = qemuFirmwareFetchParsedConfigs(driver->privileged,
+ &firmwares, &paths)) <
0)
return -1;
- npaths = virStringListLength((const char **)paths);
-
- if (VIR_ALLOC_N(firmwares, npaths) < 0)
- return -1;
-
- nfirmwares = npaths;
-
- for (i = 0; i < nfirmwares; i++) {
- if (!(firmwares[i] = qemuFirmwareParse(paths[i])))
- goto cleanup;
- }
-
for (i = 0; i < nfirmwares; i++) {
if (qemuFirmwareMatchDomain(vm->def, firmwares[i], paths[i])) {
theone = firmwares[i];
--
2.21.0
4:52 p.m.
New subject: [libvirt] [PATCH v2 2/4] qemu_firmware: Separate machine and arch matching into a function
This part of the code will be reused later.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_firmware.c | 47 +++++++++++++++++++++++++---------------
1 file changed, 29 insertions(+), 18 deletions(-)
diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c
index 065e0d11aa..8e9a225982 100644
--- a/src/qemu/qemu_firmware.c
+++ b/src/qemu/qemu_firmware.c
@@ -1054,6 +1054,34 @@ qemuFirmwareFetchConfigs(char ***firmwares,
}
+static bool
+qemuFirmwareMatchesMachineArch(const qemuFirmware *fw,
+ const char *machine,
+ virArch arch)
+{
+ size_t i;
+
+ for (i = 0; i < fw->ntargets; i++) {
+ size_t j;
+
+ if (arch != fw->targets[i]->architecture)
+ continue;
+
+ for (j = 0; j < fw->targets[i]->nmachines; j++) {
+ if (fnmatch(fw->targets[i]->machines[j], machine, 0) == 0)
+ break;
+ }
+
+ if (j == fw->targets[i]->nmachines)
+ continue;
+
+ break;
+ }
+
+ return i != fw->ntargets;
+}
+
+
static bool
qemuFirmwareMatchDomain(const virDomainDef *def,
const qemuFirmware *fw,
@@ -1078,24 +1106,7 @@ qemuFirmwareMatchDomain(const virDomainDef *def,
return false;
}
- for (i = 0; i < fw->ntargets; i++) {
- size_t j;
-
- if (def->os.arch != fw->targets[i]->architecture)
- continue;
-
- for (j = 0; j < fw->targets[i]->nmachines; j++) {
- if (fnmatch(fw->targets[i]->machines[j], def->os.machine, 0) == 0)
- break;
- }
-
- if (j == fw->targets[i]->nmachines)
- continue;
-
- break;
- }
-
- if (i == fw->ntargets) {
+ if (!qemuFirmwareMatchesMachineArch(fw, def->os.machine, def->os.arch)) {
VIR_DEBUG("No matching machine type in '%s'", path);
return false;
}
--
2.21.0
5:25 p.m.
New subject: [libvirt] [PATCH v2 2/4] qemu_firmware: Separate machine and arch matching into a function
On Tuesday, 9 April 2019 16:52:56 CEST Michal Privoznik wrote:
This part of the code will be reused later.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_firmware.c | 47 +++++++++++++++++++++++++---------------
1 file changed, 29 insertions(+), 18 deletions(-)
diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c
index 065e0d11aa..8e9a225982 100644
--- a/src/qemu/qemu_firmware.c
+++ b/src/qemu/qemu_firmware.c
@@ -1054,6 +1054,34 @@ qemuFirmwareFetchConfigs(char ***firmwares,
}
+static bool
+qemuFirmwareMatchesMachineArch(const qemuFirmware *fw,
+ const char *machine,
+ virArch arch)
+{
+ size_t i;
+
+ for (i = 0; i < fw->ntargets; i++) {
+ size_t j;
+
+ if (arch != fw->targets[i]->architecture)
+ continue;
+
+ for (j = 0; j < fw->targets[i]->nmachines; j++) {
+ if (fnmatch(fw->targets[i]->machines[j], machine, 0) == 0)
+ break;
+ }
Considering this is now an own function, this can just return directly,
removing ...
+
+ if (j == fw->targets[i]->nmachines)
+ continue;
+
+ break;
... these bits, and ...
+ }
+
+ return i != fw->ntargets;
... return false here.
Just a suggestion though.
--
Pino Toscano
4:52 p.m.
New subject: [libvirt] [PATCH v2 3/4] qemu_firmware: Introduce qemuFirmwareGetSupported
The point of this API is to fetch all FW descriptors, parse them
and return list of supported interfaces and SMM feature for given
combination of machine type and guest architecture.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_firmware.c | 71 ++++++++++++++++++++++++++++++++++++++-
src/qemu/qemu_firmware.h | 10 ++++++
tests/qemufirmwaretest.c | 72 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 152 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c
index 8e9a225982..84c14321f6 100644
--- a/src/qemu/qemu_firmware.c
+++ b/src/qemu/qemu_firmware.c
@@ -1349,7 +1349,8 @@ qemuFirmwareFetchParsedConfigs(bool privileged,
}
VIR_STEAL_PTR(*firmwaresRet, firmwares);
- VIR_STEAL_PTR(*pathsRet, paths);
+ if (pathsRet)
+ VIR_STEAL_PTR(*pathsRet, paths);
return npaths;
error:
@@ -1415,3 +1416,71 @@ qemuFirmwareFillDomain(virQEMUDriverPtr driver,
VIR_FREE(firmwares);
return ret;
}
+
+
+int
+qemuFirmwareGetSupported(const char *machine,
+ virArch arch,
+ bool privileged,
+ uint64_t *supported,
+ bool *secure)
+{
+ qemuFirmwarePtr *firmwares = NULL;
+ ssize_t nfirmwares = 0;
+ size_t i;
+
+ *supported = VIR_DOMAIN_OS_DEF_FIRMWARE_NONE;
+ *secure = false;
+
+ if ((nfirmwares = qemuFirmwareFetchParsedConfigs(privileged,
+ &firmwares, NULL)) < 0)
+ return -1;
+
+ for (i = 0; i < nfirmwares; i++) {
+ qemuFirmwarePtr fw = firmwares[i];
+ size_t j;
+
+ if (!qemuFirmwareMatchesMachineArch(fw, machine, arch))
+ continue;
+
+ for (j = 0; j < fw->ninterfaces; j++) {
+ switch (fw->interfaces[j]) {
+ case QEMU_FIRMWARE_OS_INTERFACE_UEFI:
+ *supported |= 1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_EFI;
+ break;
+ case QEMU_FIRMWARE_OS_INTERFACE_BIOS:
+ *supported |= 1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS;
+ break;
+ case QEMU_FIRMWARE_OS_INTERFACE_NONE:
+ case QEMU_FIRMWARE_OS_INTERFACE_OPENFIRMWARE:
+ case QEMU_FIRMWARE_OS_INTERFACE_UBOOT:
+ case QEMU_FIRMWARE_OS_INTERFACE_LAST:
+ default:
+ break;
+ }
+ }
+
+ for (j = 0; j < fw->nfeatures; j++) {
+ switch (fw->features[j]) {
+ case QEMU_FIRMWARE_FEATURE_REQUIRES_SMM:
+ *secure = true;
+ break;
+ case QEMU_FIRMWARE_FEATURE_NONE:
+ case QEMU_FIRMWARE_FEATURE_ACPI_S3:
+ case QEMU_FIRMWARE_FEATURE_ACPI_S4:
+ case QEMU_FIRMWARE_FEATURE_AMD_SEV:
+ case QEMU_FIRMWARE_FEATURE_ENROLLED_KEYS:
+ case QEMU_FIRMWARE_FEATURE_SECURE_BOOT:
+ case QEMU_FIRMWARE_FEATURE_VERBOSE_DYNAMIC:
+ case QEMU_FIRMWARE_FEATURE_VERBOSE_STATIC:
+ case QEMU_FIRMWARE_FEATURE_LAST:
+ break;
+ }
+ }
+ }
+
+ for (i = 0; i < nfirmwares; i++)
+ qemuFirmwareFree(firmwares[i]);
+ VIR_FREE(firmwares);
+ return 0;
+}
diff --git a/src/qemu/qemu_firmware.h b/src/qemu/qemu_firmware.h
index 7f8a0e4a15..5b3822b329 100644
--- a/src/qemu/qemu_firmware.h
+++ b/src/qemu/qemu_firmware.h
@@ -24,6 +24,7 @@
# include "domain_conf.h"
# include "viralloc.h"
# include "qemu_conf.h"
+# include "virarch.h"
typedef struct _qemuFirmware qemuFirmware;
typedef qemuFirmware *qemuFirmwarePtr;
@@ -48,4 +49,13 @@ qemuFirmwareFillDomain(virQEMUDriverPtr driver,
virDomainObjPtr vm,
unsigned int flags);
+int
+qemuFirmwareGetSupported(const char *machine,
+ virArch arch,
+ bool privileged,
+ uint64_t *supported,
+ bool *secure);
+
+verify(VIR_DOMAIN_OS_DEF_FIRMWARE_LAST <= 64);
+
#endif /* LIBVIRT_QEMU_FIRMWARE_H */
diff --git a/tests/qemufirmwaretest.c b/tests/qemufirmwaretest.c
index 2b5cbf649b..5fbd19f7c5 100644
--- a/tests/qemufirmwaretest.c
+++ b/tests/qemufirmwaretest.c
@@ -1,5 +1,7 @@
#include <config.h>
+#include <inttypes.h>
+
#include "testutils.h"
#include "virfilewrapper.h"
#include "qemu/qemu_firmware.h"
@@ -99,6 +101,53 @@ testFWPrecedence(const void *opaque ATTRIBUTE_UNUSED)
}
+struct supportedData {
+ const char *machine;
+ virArch arch;
+ bool secure;
+ unsigned int *interfaces;
+ size_t ninterfaces;
+};
+
+
+static int
+testSupportedFW(const void *opaque)
+{
+ const struct supportedData *data = opaque;
+ uint64_t actualInterfaces;
+ uint64_t expectedInterfaces = 0;
+ bool actualSecure;
+ size_t i;
+
+ for (i = 0; i < data->ninterfaces; i++)
+ expectedInterfaces |= 1 << data->interfaces[i];
+
+ if (qemuFirmwareGetSupported(data->machine, data->arch, false,
+ &actualInterfaces, &actualSecure) < 0) {
+ fprintf(stderr, "Unable to get list of supported interfaces\n");
+ return -1;
+ }
+
+ if (actualInterfaces != expectedInterfaces) {
+ fprintf(stderr,
+ "Mismatch in supported interfaces. "
+ "Expected 0x%" PRIx64 " got 0x%" PRIx64
"\n",
+ expectedInterfaces, actualInterfaces);
+ return -1;
+ }
+
+ if (actualSecure != data->secure) {
+ fprintf(stderr,
+ "Mismatch in supported secure boot. "
+ "Expected %d got %d\n",
+ data->secure, actualSecure);
+ return -1;
+ }
+
+ return 0;
+}
+
+
static int
mymain(void)
{
@@ -127,6 +176,29 @@ mymain(void)
if (virTestRun("QEMU FW precedence test", testFWPrecedence, NULL) < 0)
ret = -1;
+#define DO_SUPPORTED_TEST(machine, arch, secure, ...) \
+ do { \
+ unsigned int interfaces[] = {__VA_ARGS__}; \
+ struct supportedData data = {machine, arch, secure, \
+ interfaces, ARRAY_CARDINALITY(interfaces)}; \
+ if (virTestRun("QEMU FW SUPPORTED " machine " " #arch, \
+ testSupportedFW, &data) < 0) \
+ ret = -1; \
+ } while (0)
+
+ DO_SUPPORTED_TEST("pc-i440fx-3.1", VIR_ARCH_X86_64, false,
+ VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS,
+ VIR_DOMAIN_OS_DEF_FIRMWARE_EFI);
+ DO_SUPPORTED_TEST("pc-i440fx-3.1", VIR_ARCH_I686, false,
+ VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS);
+ DO_SUPPORTED_TEST("pc-q35-3.1", VIR_ARCH_X86_64, true,
+ VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS,
+ VIR_DOMAIN_OS_DEF_FIRMWARE_EFI);
+ DO_SUPPORTED_TEST("pc-q35-3.1", VIR_ARCH_I686, false,
+ VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS);
+ DO_SUPPORTED_TEST("virt-3.1", VIR_ARCH_AARCH64, false,
+ VIR_DOMAIN_OS_DEF_FIRMWARE_EFI);
+
virFileWrapperClearPrefixes();
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
--
2.21.0
4:52 p.m.
New subject: [libvirt] [PATCH v2 4/4] domain capabilities: Expose firmware auto selection feature
If a management application wants to use firmware auto selection
feature it can't currently know if the libvirtd it's talking to
support is or not. Moreover, it doesn't know which values that
are accepted for the @firmware attribute of <os/> when parsing
will allow successful start of the domain later, i.e. if the mgmt
application wants to use 'bios' whether there exists a FW
descriptor in the system that describes bios.
This commit then adds 'firmware' enum to <os/> element in
<domainCapabilities/> XML like this:
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
We can see both 'bios' and 'efi' listed which means that there
are descriptors for both found in the system (matched with the
machine type and architecture reported in the domain capabilities
earlier and not shown here).
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
docs/formatdomaincaps.html.in | 23 ++++++++++++
docs/schemas/domaincaps.rng | 1 +
src/conf/domain_capabilities.c | 3 ++
src/conf/domain_capabilities.h | 2 ++
src/qemu/qemu_capabilities.c | 35 +++++++++++++++++--
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_driver.c | 1 +
tests/Makefile.am | 4 ++-
.../qemu_1.7.0.x86_64.xml | 7 ++++
.../qemu_2.12.0-virt.aarch64.xml | 6 ++++
.../qemu_2.12.0.ppc64.xml | 4 +++
.../qemu_2.12.0.s390x.xml | 4 +++
.../qemu_2.12.0.x86_64.xml | 7 ++++
.../qemu_2.6.0-virt.aarch64.xml | 6 ++++
.../qemu_2.6.0.aarch64.xml | 4 +++
.../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 4 +++
.../qemu_2.6.0.x86_64.xml | 7 ++++
.../domaincapsschemadata/qemu_2.7.0.s390x.xml | 4 +++
.../qemu_2.8.0-tcg.x86_64.xml | 7 ++++
.../domaincapsschemadata/qemu_2.8.0.s390x.xml | 4 +++
.../qemu_2.8.0.x86_64.xml | 7 ++++
.../qemu_2.9.0-q35.x86_64.xml | 8 +++++
.../qemu_2.9.0-tcg.x86_64.xml | 7 ++++
.../qemu_2.9.0.x86_64.xml | 7 ++++
.../domaincapsschemadata/qemu_3.0.0.s390x.xml | 4 +++
.../qemu_3.1.0.x86_64.xml | 7 ++++
.../qemu_4.0.0.x86_64.xml | 7 ++++
tests/domaincapstest.c | 16 +++++++++
28 files changed, 194 insertions(+), 3 deletions(-)
diff --git a/docs/formatdomaincaps.html.in b/docs/formatdomaincaps.html.in
index 2583f9bead..b31b1729f4 100644
--- a/docs/formatdomaincaps.html.in
+++ b/docs/formatdomaincaps.html.in
@@ -119,6 +119,10 @@
<domainCapabilities>
...
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/OVMF/OVMF_CODE.fd</value>
<enum name='type'>
@@ -129,12 +133,26 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>yes</value>
+ <value>no</value>
+ </enum>
</loader>
</os>
...
<domainCapabilities>
</pre>
+ <p>The <code>firmware</code> enum corresponds to
+ <code>firmware</code> attribute of the <code>os</code>
element.
+ Plain presence of this enum means that libvirt is capable of so
+ called firmware auto selection. The listed values then represent
+ accepted values for the domain attribute. Only values for which
+ there exists a firmware descriptor that matches machine type and
+ architecture are listed, i.e. those which won't cause a failure
+ on domain startup.
+ </p>
+
<p>For the <code>loader</code> element, the following can
occur:</p>
<dl>
@@ -152,6 +170,11 @@
<dt><code>readonly</code></dt>
<dd>Options for the <code>readonly</code> attribute of the
<loader/> element.</dd>
+
+ <dt><code>secure</code></dt>
+ <dd>Options for the <code>secure</code> attribute of the
+ <loader/> element. Note, that <code>yes</code> is listed
+ only if there is a firmware that supports it.</dd>
</dl>
<h3><a id="elementsCPU">CPU configuration</a></h3>
diff --git a/docs/schemas/domaincaps.rng b/docs/schemas/domaincaps.rng
index 3c42cb8075..e629d6431f 100644
--- a/docs/schemas/domaincaps.rng
+++ b/docs/schemas/domaincaps.rng
@@ -77,6 +77,7 @@
<element name='os'>
<interleave>
<ref name='supported'/>
+ <ref name='enum'/>
<optional>
<ref name='loader'/>
</optional>
diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c
index 5a8f48da61..7935739409 100644
--- a/src/conf/domain_capabilities.c
+++ b/src/conf/domain_capabilities.c
@@ -415,6 +415,7 @@ virDomainCapsLoaderFormat(virBufferPtr buf,
virDomainCapsStringValuesFormat(buf, &loader->values);
ENUM_PROCESS(loader, type, virDomainLoaderTypeToString);
ENUM_PROCESS(loader, readonly, virTristateBoolTypeToString);
+ ENUM_PROCESS(loader, secure, virTristateBoolTypeToString);
FORMAT_EPILOGUE(loader);
}
@@ -427,6 +428,8 @@ virDomainCapsOSFormat(virBufferPtr buf,
FORMAT_PROLOGUE(os);
+ ENUM_PROCESS(os, firmware, virDomainOsDefFirmwareTypeToString);
+
virDomainCapsLoaderFormat(buf, loader);
FORMAT_EPILOGUE(os);
diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h
index 26f4b8c394..1bc482f5ee 100644
--- a/src/conf/domain_capabilities.h
+++ b/src/conf/domain_capabilities.h
@@ -51,12 +51,14 @@ struct _virDomainCapsLoader {
virDomainCapsStringValues values; /* Info about values for the element */
virDomainCapsEnum type; /* Info about virDomainLoader */
virDomainCapsEnum readonly; /* Info about readonly:virTristateBool */
+ virDomainCapsEnum secure; /* Info about secure:virTristateBool */
};
typedef struct _virDomainCapsOS virDomainCapsOS;
typedef virDomainCapsOS *virDomainCapsOSPtr;
struct _virDomainCapsOS {
virTristateBool supported;
+ virDomainCapsEnum firmware; /* Info about virDomainOsDefFirmware */
virDomainCapsLoader loader; /* Info about virDomainLoaderDef */
};
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 71d4c01296..a2de8630cd 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -46,6 +46,7 @@
#include "qemu_capspriv.h"
#include "qemu_qapi.h"
#include "qemu_process.h"
+#include "qemu_firmware.h"
#include <fcntl.h>
#include <sys/stat.h>
@@ -4920,6 +4921,7 @@ virQEMUCapsGetPreferredMachine(virQEMUCapsPtr qemuCaps)
static int
virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader,
+ bool secure,
virFirmwarePtr *firmwares,
size_t nfirmwares)
{
@@ -4928,6 +4930,7 @@ virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader,
capsLoader->supported = VIR_TRISTATE_BOOL_YES;
capsLoader->type.report = true;
capsLoader->readonly.report = true;
+ capsLoader->secure.report = true;
if (VIR_ALLOC_N(capsLoader->values.values, nfirmwares) < 0)
return -1;
@@ -4956,19 +4959,42 @@ virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr
capsLoader,
VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->readonly,
VIR_TRISTATE_BOOL_YES,
VIR_TRISTATE_BOOL_NO);
+
+ VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->secure,
+ VIR_TRISTATE_BOOL_NO);
+
+ if (secure)
+ VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->secure,
+ VIR_TRISTATE_BOOL_YES);
+
return 0;
}
static int
virQEMUCapsFillDomainOSCaps(virDomainCapsOSPtr os,
+ const char *machine,
+ virArch arch,
+ bool privileged,
virFirmwarePtr *firmwares,
size_t nfirmwares)
{
virDomainCapsLoaderPtr capsLoader = &os->loader;
+ uint64_t autoFirmwares = 0;
+ bool secure = false;
os->supported = VIR_TRISTATE_BOOL_YES;
- if (virQEMUCapsFillDomainLoaderCaps(capsLoader, firmwares, nfirmwares) < 0)
+ os->firmware.report = true;
+
+ if (qemuFirmwareGetSupported(machine, arch, privileged, &autoFirmwares,
&secure) < 0)
+ return -1;
+
+ if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS))
+ VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS);
+ if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_EFI))
+ VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_EFI);
+
+ if (virQEMUCapsFillDomainLoaderCaps(capsLoader, secure, firmwares, nfirmwares) <
0)
return -1;
return 0;
}
@@ -5298,6 +5324,7 @@ int
virQEMUCapsFillDomainCaps(virCapsPtr caps,
virDomainCapsPtr domCaps,
virQEMUCapsPtr qemuCaps,
+ bool privileged,
virFirmwarePtr *firmwares,
size_t nfirmwares)
{
@@ -5324,7 +5351,11 @@ virQEMUCapsFillDomainCaps(virCapsPtr caps,
domCaps->genid = virTristateBoolFromBool(
virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VMGENID));
- if (virQEMUCapsFillDomainOSCaps(os, firmwares, nfirmwares) < 0 ||
+ if (virQEMUCapsFillDomainOSCaps(os,
+ domCaps->machine,
+ domCaps->arch,
+ privileged,
+ firmwares, nfirmwares) < 0 ||
virQEMUCapsFillDomainCPUCaps(caps, qemuCaps, domCaps) < 0 ||
virQEMUCapsFillDomainIOThreadCaps(qemuCaps, domCaps) < 0 ||
virQEMUCapsFillDomainDeviceDiskCaps(qemuCaps,
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index c6f6980684..2b099c15c9 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -631,6 +631,7 @@ int virQEMUCapsInitGuestFromBinary(virCapsPtr caps,
int virQEMUCapsFillDomainCaps(virCapsPtr caps,
virDomainCapsPtr domCaps,
virQEMUCapsPtr qemuCaps,
+ bool privileged,
virFirmwarePtr *firmwares,
size_t nfirmwares);
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 7e5bbc3cc9..7fa5c985ec 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -19856,6 +19856,7 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
goto cleanup;
if (virQEMUCapsFillDomainCaps(caps, domCaps, qemuCaps,
+ driver->privileged,
cfg->firmwares, cfg->nfirmwares) < 0)
goto cleanup;
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 1319c3b12c..46d94d2236 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -1033,7 +1033,9 @@ domaincapsmock_la_LDFLAGS = $(MOCKLIBS_LDFLAGS)
domaincapsmock_la_LIBADD = $(MOCKLIBS_LIBS)
domaincapstest_SOURCES = \
- domaincapstest.c testutils.h testutils.c
+ domaincapstest.c testutils.h testutils.c \
+ virfilewrapper.c virfilewrapper.h \
+ $(NULL)
domaincapstest_LDADD = $(LDADDS)
if WITH_QEMU
diff --git a/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml
b/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml
index 497363bbe9..06908cc61e 100644
--- a/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='no'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml
b/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml
index 7639df44c6..5983a60887 100644
--- a/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml
+++ b/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml
@@ -6,6 +6,9 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +21,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml
b/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml
index f10d361359..42c67623f4 100644
--- a/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml
+++ b/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml
@@ -6,6 +6,7 @@
<vcpu max='1024'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml
b/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml
index 41a81ff02f..4804c13329 100644
--- a/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml
+++ b/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml
@@ -6,6 +6,7 @@
<vcpu max='248'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml
b/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml
index 5913e7fc63..f5f54cb484 100644
--- a/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml
b/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml
index 9ee801092e..99ee16e4bb 100644
--- a/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml
+++ b/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml
@@ -6,6 +6,9 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +21,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml
b/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml
index 4dd0b52ed3..61fdae009a 100644
--- a/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml
+++ b/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml
@@ -6,6 +6,7 @@
<vcpu max='1'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml
b/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml
index aa982d237e..a33960a2af 100644
--- a/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml
+++ b/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml
@@ -6,6 +6,7 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml
b/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml
index 6aa3f52ee4..94fe08bc92 100644
--- a/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml
b/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml
index 8daa15ab9d..1057573681 100644
--- a/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml
+++ b/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml
@@ -6,6 +6,7 @@
<vcpu max='248'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml
b/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml
index 081805aa4a..39f3bd6d9f 100644
--- a/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml
b/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml
index 62c51e4087..9ae9a1a8bc 100644
--- a/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml
+++ b/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml
@@ -6,6 +6,7 @@
<vcpu max='248'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml
b/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml
index 1bb034aa4f..1770c81fdb 100644
--- a/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml
b/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml
index 67c6d5e77e..e2ec30fda7 100644
--- a/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='288'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,10 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>yes</value>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml
b/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml
index 588ef08199..65226ee284 100644
--- a/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml
b/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml
index 598937a971..0093877a0b 100644
--- a/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml
b/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml
index 1d97f1f344..c8efefc5ba 100644
--- a/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml
+++ b/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml
@@ -6,6 +6,7 @@
<vcpu max='248'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml
b/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml
index f3a33aee98..f38a098a3d 100644
--- a/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml
b/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml
index df66be9e29..ef8184c06b 100644
--- a/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml
+++ b/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml
@@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
+ <enum name='firmware'>
+ <value>bios</value>
+ <value>efi</value>
+ </enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
+ <enum name='secure'>
+ <value>no</value>
+ </enum>
</loader>
</os>
<cpu>
diff --git a/tests/domaincapstest.c b/tests/domaincapstest.c
index 77c5fcfb73..3ee95a4b58 100644
--- a/tests/domaincapstest.c
+++ b/tests/domaincapstest.c
@@ -20,6 +20,8 @@
#include "testutils.h"
#include "domain_capabilities.h"
+#include "virfilewrapper.h"
+#include "configmake.h"
#define VIR_FROM_THIS VIR_FROM_NONE
@@ -104,6 +106,7 @@ fillQemuCaps(virDomainCapsPtr domCaps,
goto cleanup;
if (virQEMUCapsFillDomainCaps(caps, domCaps, qemuCaps,
+ false,
cfg->firmwares,
cfg->nfirmwares) < 0)
goto cleanup;
@@ -364,6 +367,13 @@ mymain(void)
#if WITH_QEMU
+ virFileWrapperAddPrefix(SYSCONFDIR "/qemu/firmware",
+ abs_srcdir "/qemufirmwaredata/etc/qemu/firmware");
+ virFileWrapperAddPrefix(PREFIX "/share/qemu/firmware",
+ abs_srcdir
"/qemufirmwaredata/usr/share/qemu/firmware");
+ virFileWrapperAddPrefix("/home/user/.config/qemu/firmware",
+ abs_srcdir
"/qemufirmwaredata/home/user/.config/qemu/firmware");
+
DO_TEST_QEMU("1.7.0", "caps_1.7.0",
"/usr/bin/qemu-system-x86_64", NULL,
"x86_64", VIR_DOMAIN_VIRT_KVM);
@@ -441,6 +451,10 @@ mymain(void)
"x86_64", VIR_DOMAIN_VIRT_KVM);
virObjectUnref(cfg);
+ virFileWrapperRemovePrefix(SYSCONFDIR "/qemu/firmware");
+ virFileWrapperRemovePrefix(PREFIX "/share/qemu/firmware");
+ virFileWrapperRemovePrefix("/home/user/.config/qemu/firmware");
+
#endif /* WITH_QEMU */
#if WITH_LIBXL
@@ -462,6 +476,8 @@ mymain(void)
DO_TEST_BHYVE("fbuf", "/usr/sbin/bhyve", &bhyve_caps,
VIR_DOMAIN_VIRT_BHYVE);
#endif /* WITH_BHYVE */
+ virFileWrapperClearPrefixes();
+
return ret;
}
--
2.21.0
10:35 a.m.
Hi,
On 04/09/19 16:52, Michal Privoznik wrote:
v2 of:
https://www.redhat.com/archives/libvir-list/2019-April/msg00460.html
diff to v1:
- Expose 'secure' too
- Switch to uint64_t for qemuFirmwareGetSupported()
Michal Prívozník (4):
qemu_firmware: Separate firmware loading into a function
qemu_firmware: Separate machine and arch matching into a function
qemu_firmware: Introduce qemuFirmwareGetSupported
domain capabilities: Expose firmware auto selection feature
docs/formatdomaincaps.html.in | 23 +++
docs/schemas/domaincaps.rng | 1 +
src/conf/domain_capabilities.c | 3 +
src/conf/domain_capabilities.h | 2 +
src/qemu/qemu_capabilities.c | 35 +++-
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_driver.c | 1 +
src/qemu/qemu_firmware.c | 169 ++++++++++++++----
src/qemu/qemu_firmware.h | 10 ++
tests/Makefile.am | 4 +-
.../qemu_1.7.0.x86_64.xml | 7 +
.../qemu_2.12.0-virt.aarch64.xml | 6 +
.../qemu_2.12.0.ppc64.xml | 4 +
.../qemu_2.12.0.s390x.xml | 4 +
.../qemu_2.12.0.x86_64.xml | 7 +
.../qemu_2.6.0-virt.aarch64.xml | 6 +
.../qemu_2.6.0.aarch64.xml | 4 +
.../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 4 +
.../qemu_2.6.0.x86_64.xml | 7 +
.../domaincapsschemadata/qemu_2.7.0.s390x.xml | 4 +
.../qemu_2.8.0-tcg.x86_64.xml | 7 +
.../domaincapsschemadata/qemu_2.8.0.s390x.xml | 4 +
.../qemu_2.8.0.x86_64.xml | 7 +
.../qemu_2.9.0-q35.x86_64.xml | 8 +
.../qemu_2.9.0-tcg.x86_64.xml | 7 +
.../qemu_2.9.0.x86_64.xml | 7 +
.../domaincapsschemadata/qemu_3.0.0.s390x.xml | 4 +
.../qemu_3.1.0.x86_64.xml | 7 +
.../qemu_4.0.0.x86_64.xml | 7 +
tests/domaincapstest.c | 16 ++
tests/qemufirmwaretest.c | 72 ++++++++
31 files changed, 412 insertions(+), 36 deletions(-)
you didn't push these patch sets to your personal repo, and also didn't
mention the fork-off commits on master. This matters because neither v1
nor v2 applies on top of master now (i.e., on a5e16020907e). So I tried
to correlate the posting timestamps of the cover letters with the commit
dates (not authorship dates) of the recent commits in the git history.
Ultimately I applied your
- v1 on top of fb0d6049cccf ("docs: Remove search.php and all
references", 2019-04-04), and
- v2 on top of c3e1275b6020 ("rpc: Refactor cleanup paths in
virNetLibsshAuthenticatePassword", 2019-04-09).
Then (because I have very little time for reviewing this,
unfortunately), I ran
$ git range-diff master michal_v1 michal_v2
... From that, I have two comments for the testSupportedFW() function:
(1) You still have one instance of:
++ expectedInterfaces |= 1 << data->interfaces[i];
Please update the integer constant 1 to 1ULL here as well.
(2) You have an error message in
++ if (actualSecure != data->secure) {
++ fprintf(stderr,
++ "Mismatch in supported secure boot. "
++ "Expected %d got %d\n",
++ data->secure, actualSecure);
+ return -1;
+ }
Please replace
"Mismatch in supported secure boot. "
with
"Mismatch in SMM requirement/support. "
(The commit message has been updated correctly already: it says "list of
supported interfaces and SMM feature", so that's OK.)
With (1) and (2) addressed:
Acked-by: Laszlo Ersek <lersek(a)redhat.com>
(If there are no other updates, I'm fine if you don't post v3 just for
these.)
Thanks
Laszlo
2:22 p.m.
On 4/10/19 10:35 AM, Laszlo Ersek wrote:
Hi,
On 04/09/19 16:52, Michal Privoznik wrote:
> v2 of:
>
> https://www.redhat.com/archives/libvir-list/2019-April/msg00460.html
>
> diff to v1:
> - Expose 'secure' too
> - Switch to uint64_t for qemuFirmwareGetSupported()
>
> Michal Prívozník (4):
> qemu_firmware: Separate firmware loading into a function
> qemu_firmware: Separate machine and arch matching into a function
> qemu_firmware: Introduce qemuFirmwareGetSupported
> domain capabilities: Expose firmware auto selection feature
>
> docs/formatdomaincaps.html.in | 23 +++
> docs/schemas/domaincaps.rng | 1 +
> src/conf/domain_capabilities.c | 3 +
> src/conf/domain_capabilities.h | 2 +
> src/qemu/qemu_capabilities.c | 35 +++-
> src/qemu/qemu_capabilities.h | 1 +
> src/qemu/qemu_driver.c | 1 +
> src/qemu/qemu_firmware.c | 169 ++++++++++++++----
> src/qemu/qemu_firmware.h | 10 ++
> tests/Makefile.am | 4 +-
> .../qemu_1.7.0.x86_64.xml | 7 +
> .../qemu_2.12.0-virt.aarch64.xml | 6 +
> .../qemu_2.12.0.ppc64.xml | 4 +
> .../qemu_2.12.0.s390x.xml | 4 +
> .../qemu_2.12.0.x86_64.xml | 7 +
> .../qemu_2.6.0-virt.aarch64.xml | 6 +
> .../qemu_2.6.0.aarch64.xml | 4 +
> .../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 4 +
> .../qemu_2.6.0.x86_64.xml | 7 +
> .../domaincapsschemadata/qemu_2.7.0.s390x.xml | 4 +
> .../qemu_2.8.0-tcg.x86_64.xml | 7 +
> .../domaincapsschemadata/qemu_2.8.0.s390x.xml | 4 +
> .../qemu_2.8.0.x86_64.xml | 7 +
> .../qemu_2.9.0-q35.x86_64.xml | 8 +
> .../qemu_2.9.0-tcg.x86_64.xml | 7 +
> .../qemu_2.9.0.x86_64.xml | 7 +
> .../domaincapsschemadata/qemu_3.0.0.s390x.xml | 4 +
> .../qemu_3.1.0.x86_64.xml | 7 +
> .../qemu_4.0.0.x86_64.xml | 7 +
> tests/domaincapstest.c | 16 ++
> tests/qemufirmwaretest.c | 72 ++++++++
> 31 files changed, 412 insertions(+), 36 deletions(-)
>
you didn't push these patch sets to your personal repo, and also didn't
mention the fork-off commits on master. This matters because neither v1
nor v2 applies on top of master now (i.e., on a5e16020907e). So I tried
to correlate the posting timestamps of the cover letters with the commit
dates (not authorship dates) of the recent commits in the git history.
Ultimately I applied your
- v1 on top of fb0d6049cccf ("docs: Remove search.php and all
references", 2019-04-04), and
- v2 on top of c3e1275b6020 ("rpc: Refactor cleanup paths in
virNetLibsshAuthenticatePassword", 2019-04-09).
Yeah, this was caused by Peter pushing some changes.
With (1) and (2) addressed:
Acked-by: Laszlo Ersek <lersek(a)redhat.com>
Yeah, fixed and pushed. Thanks!
Michal
1989
days inactive
1990
days old
7 comments
3 participants
participants (3)
-
Laszlo Ersek -
Michal Privoznik -
Pino Toscano