[libvirt] [PATCH v2 0/4] domain capabilities: Expose firmware auto selection feature

v2 of: https://www.redhat.com/archives/libvir-list/2019-April/msg00460.html diff to v1: - Expose 'secure' too - Switch to uint64_t for qemuFirmwareGetSupported() Michal Prívozník (4): qemu_firmware: Separate firmware loading into a function qemu_firmware: Separate machine and arch matching into a function qemu_firmware: Introduce qemuFirmwareGetSupported domain capabilities: Expose firmware auto selection feature docs/formatdomaincaps.html.in | 23 +++ docs/schemas/domaincaps.rng | 1 + src/conf/domain_capabilities.c | 3 + src/conf/domain_capabilities.h | 2 + src/qemu/qemu_capabilities.c | 35 +++- src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_driver.c | 1 + src/qemu/qemu_firmware.c | 169 ++++++++++++++---- src/qemu/qemu_firmware.h | 10 ++ tests/Makefile.am | 4 +- .../qemu_1.7.0.x86_64.xml | 7 + .../qemu_2.12.0-virt.aarch64.xml | 6 + .../qemu_2.12.0.ppc64.xml | 4 + .../qemu_2.12.0.s390x.xml | 4 + .../qemu_2.12.0.x86_64.xml | 7 + .../qemu_2.6.0-virt.aarch64.xml | 6 + .../qemu_2.6.0.aarch64.xml | 4 + .../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 4 + .../qemu_2.6.0.x86_64.xml | 7 + .../domaincapsschemadata/qemu_2.7.0.s390x.xml | 4 + .../qemu_2.8.0-tcg.x86_64.xml | 7 + .../domaincapsschemadata/qemu_2.8.0.s390x.xml | 4 + .../qemu_2.8.0.x86_64.xml | 7 + .../qemu_2.9.0-q35.x86_64.xml | 8 + .../qemu_2.9.0-tcg.x86_64.xml | 7 + .../qemu_2.9.0.x86_64.xml | 7 + .../domaincapsschemadata/qemu_3.0.0.s390x.xml | 4 + .../qemu_3.1.0.x86_64.xml | 7 + .../qemu_4.0.0.x86_64.xml | 7 + tests/domaincapstest.c | 16 ++ tests/qemufirmwaretest.c | 72 ++++++++ 31 files changed, 412 insertions(+), 36 deletions(-) -- 2.21.0

This piece of code will be reused later. Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/qemu/qemu_firmware.c | 53 ++++++++++++++++++++++++++++------------ 1 file changed, 38 insertions(+), 15 deletions(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 787b76b531..065e0d11aa 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1314,15 +1314,49 @@ qemuFirmwareSanityCheck(const qemuFirmware *fw, } +static ssize_t +qemuFirmwareFetchParsedConfigs(bool privileged, + qemuFirmwarePtr **firmwaresRet, + char ***pathsRet) +{ + VIR_AUTOSTRINGLIST paths = NULL; + size_t npaths; + qemuFirmwarePtr *firmwares = NULL; + size_t i; + + if (qemuFirmwareFetchConfigs(&paths, privileged) < 0) + return -1; + + npaths = virStringListLength((const char **)paths); + + if (VIR_ALLOC_N(firmwares, npaths) < 0) + return -1; + + for (i = 0; i < npaths; i++) { + if (!(firmwares[i] = qemuFirmwareParse(paths[i]))) + goto error; + } + + VIR_STEAL_PTR(*firmwaresRet, firmwares); + VIR_STEAL_PTR(*pathsRet, paths); + return npaths; + + error: + while (i > 0) + qemuFirmwareFree(firmwares[--i]); + VIR_FREE(firmwares); + return -1; +} + + int qemuFirmwareFillDomain(virQEMUDriverPtr driver, virDomainObjPtr vm, unsigned int flags) { VIR_AUTOSTRINGLIST paths = NULL; - size_t npaths = 0; qemuFirmwarePtr *firmwares = NULL; - size_t nfirmwares = 0; + ssize_t nfirmwares = 0; const qemuFirmware *theone = NULL; size_t i; int ret = -1; @@ -1333,21 +1367,10 @@ qemuFirmwareFillDomain(virQEMUDriverPtr driver, if (vm->def->os.firmware == VIR_DOMAIN_OS_DEF_FIRMWARE_NONE) return 0; - if (qemuFirmwareFetchConfigs(&paths, driver->privileged) < 0) + if ((nfirmwares = qemuFirmwareFetchParsedConfigs(driver->privileged, + &firmwares, &paths)) < 0) return -1; - npaths = virStringListLength((const char **)paths); - - if (VIR_ALLOC_N(firmwares, npaths) < 0) - return -1; - - nfirmwares = npaths; - - for (i = 0; i < nfirmwares; i++) { - if (!(firmwares[i] = qemuFirmwareParse(paths[i]))) - goto cleanup; - } - for (i = 0; i < nfirmwares; i++) { if (qemuFirmwareMatchDomain(vm->def, firmwares[i], paths[i])) { theone = firmwares[i]; -- 2.21.0

This part of the code will be reused later. Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/qemu/qemu_firmware.c | 47 +++++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 18 deletions(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 065e0d11aa..8e9a225982 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1054,6 +1054,34 @@ qemuFirmwareFetchConfigs(char ***firmwares, } +static bool +qemuFirmwareMatchesMachineArch(const qemuFirmware *fw, + const char *machine, + virArch arch) +{ + size_t i; + + for (i = 0; i < fw->ntargets; i++) { + size_t j; + + if (arch != fw->targets[i]->architecture) + continue; + + for (j = 0; j < fw->targets[i]->nmachines; j++) { + if (fnmatch(fw->targets[i]->machines[j], machine, 0) == 0) + break; + } + + if (j == fw->targets[i]->nmachines) + continue; + + break; + } + + return i != fw->ntargets; +} + + static bool qemuFirmwareMatchDomain(const virDomainDef *def, const qemuFirmware *fw, @@ -1078,24 +1106,7 @@ qemuFirmwareMatchDomain(const virDomainDef *def, return false; } - for (i = 0; i < fw->ntargets; i++) { - size_t j; - - if (def->os.arch != fw->targets[i]->architecture) - continue; - - for (j = 0; j < fw->targets[i]->nmachines; j++) { - if (fnmatch(fw->targets[i]->machines[j], def->os.machine, 0) == 0) - break; - } - - if (j == fw->targets[i]->nmachines) - continue; - - break; - } - - if (i == fw->ntargets) { + if (!qemuFirmwareMatchesMachineArch(fw, def->os.machine, def->os.arch)) { VIR_DEBUG("No matching machine type in '%s'", path); return false; } -- 2.21.0

On Tuesday, 9 April 2019 16:52:56 CEST Michal Privoznik wrote:
This part of the code will be reused later.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/qemu/qemu_firmware.c | 47 +++++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 18 deletions(-)
diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 065e0d11aa..8e9a225982 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1054,6 +1054,34 @@ qemuFirmwareFetchConfigs(char ***firmwares, }
+static bool +qemuFirmwareMatchesMachineArch(const qemuFirmware *fw, + const char *machine, + virArch arch) +{ + size_t i; + + for (i = 0; i < fw->ntargets; i++) { + size_t j; + + if (arch != fw->targets[i]->architecture) + continue; + + for (j = 0; j < fw->targets[i]->nmachines; j++) { + if (fnmatch(fw->targets[i]->machines[j], machine, 0) == 0) + break; + }
Considering this is now an own function, this can just return directly, removing ...
+ + if (j == fw->targets[i]->nmachines) + continue; + + break;
... these bits, and ...
+ } + + return i != fw->ntargets;
... return false here. Just a suggestion though. -- Pino Toscano

The point of this API is to fetch all FW descriptors, parse them and return list of supported interfaces and SMM feature for given combination of machine type and guest architecture. Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- src/qemu/qemu_firmware.c | 71 ++++++++++++++++++++++++++++++++++++++- src/qemu/qemu_firmware.h | 10 ++++++ tests/qemufirmwaretest.c | 72 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 152 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 8e9a225982..84c14321f6 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1349,7 +1349,8 @@ qemuFirmwareFetchParsedConfigs(bool privileged, } VIR_STEAL_PTR(*firmwaresRet, firmwares); - VIR_STEAL_PTR(*pathsRet, paths); + if (pathsRet) + VIR_STEAL_PTR(*pathsRet, paths); return npaths; error: @@ -1415,3 +1416,71 @@ qemuFirmwareFillDomain(virQEMUDriverPtr driver, VIR_FREE(firmwares); return ret; } + + +int +qemuFirmwareGetSupported(const char *machine, + virArch arch, + bool privileged, + uint64_t *supported, + bool *secure) +{ + qemuFirmwarePtr *firmwares = NULL; + ssize_t nfirmwares = 0; + size_t i; + + *supported = VIR_DOMAIN_OS_DEF_FIRMWARE_NONE; + *secure = false; + + if ((nfirmwares = qemuFirmwareFetchParsedConfigs(privileged, + &firmwares, NULL)) < 0) + return -1; + + for (i = 0; i < nfirmwares; i++) { + qemuFirmwarePtr fw = firmwares[i]; + size_t j; + + if (!qemuFirmwareMatchesMachineArch(fw, machine, arch)) + continue; + + for (j = 0; j < fw->ninterfaces; j++) { + switch (fw->interfaces[j]) { + case QEMU_FIRMWARE_OS_INTERFACE_UEFI: + *supported |= 1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_EFI; + break; + case QEMU_FIRMWARE_OS_INTERFACE_BIOS: + *supported |= 1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS; + break; + case QEMU_FIRMWARE_OS_INTERFACE_NONE: + case QEMU_FIRMWARE_OS_INTERFACE_OPENFIRMWARE: + case QEMU_FIRMWARE_OS_INTERFACE_UBOOT: + case QEMU_FIRMWARE_OS_INTERFACE_LAST: + default: + break; + } + } + + for (j = 0; j < fw->nfeatures; j++) { + switch (fw->features[j]) { + case QEMU_FIRMWARE_FEATURE_REQUIRES_SMM: + *secure = true; + break; + case QEMU_FIRMWARE_FEATURE_NONE: + case QEMU_FIRMWARE_FEATURE_ACPI_S3: + case QEMU_FIRMWARE_FEATURE_ACPI_S4: + case QEMU_FIRMWARE_FEATURE_AMD_SEV: + case QEMU_FIRMWARE_FEATURE_ENROLLED_KEYS: + case QEMU_FIRMWARE_FEATURE_SECURE_BOOT: + case QEMU_FIRMWARE_FEATURE_VERBOSE_DYNAMIC: + case QEMU_FIRMWARE_FEATURE_VERBOSE_STATIC: + case QEMU_FIRMWARE_FEATURE_LAST: + break; + } + } + } + + for (i = 0; i < nfirmwares; i++) + qemuFirmwareFree(firmwares[i]); + VIR_FREE(firmwares); + return 0; +} diff --git a/src/qemu/qemu_firmware.h b/src/qemu/qemu_firmware.h index 7f8a0e4a15..5b3822b329 100644 --- a/src/qemu/qemu_firmware.h +++ b/src/qemu/qemu_firmware.h @@ -24,6 +24,7 @@ # include "domain_conf.h" # include "viralloc.h" # include "qemu_conf.h" +# include "virarch.h" typedef struct _qemuFirmware qemuFirmware; typedef qemuFirmware *qemuFirmwarePtr; @@ -48,4 +49,13 @@ qemuFirmwareFillDomain(virQEMUDriverPtr driver, virDomainObjPtr vm, unsigned int flags); +int +qemuFirmwareGetSupported(const char *machine, + virArch arch, + bool privileged, + uint64_t *supported, + bool *secure); + +verify(VIR_DOMAIN_OS_DEF_FIRMWARE_LAST <= 64); + #endif /* LIBVIRT_QEMU_FIRMWARE_H */ diff --git a/tests/qemufirmwaretest.c b/tests/qemufirmwaretest.c index 2b5cbf649b..5fbd19f7c5 100644 --- a/tests/qemufirmwaretest.c +++ b/tests/qemufirmwaretest.c @@ -1,5 +1,7 @@ #include <config.h> +#include <inttypes.h> + #include "testutils.h" #include "virfilewrapper.h" #include "qemu/qemu_firmware.h" @@ -99,6 +101,53 @@ testFWPrecedence(const void *opaque ATTRIBUTE_UNUSED) } +struct supportedData { + const char *machine; + virArch arch; + bool secure; + unsigned int *interfaces; + size_t ninterfaces; +}; + + +static int +testSupportedFW(const void *opaque) +{ + const struct supportedData *data = opaque; + uint64_t actualInterfaces; + uint64_t expectedInterfaces = 0; + bool actualSecure; + size_t i; + + for (i = 0; i < data->ninterfaces; i++) + expectedInterfaces |= 1 << data->interfaces[i]; + + if (qemuFirmwareGetSupported(data->machine, data->arch, false, + &actualInterfaces, &actualSecure) < 0) { + fprintf(stderr, "Unable to get list of supported interfaces\n"); + return -1; + } + + if (actualInterfaces != expectedInterfaces) { + fprintf(stderr, + "Mismatch in supported interfaces. " + "Expected 0x%" PRIx64 " got 0x%" PRIx64 "\n", + expectedInterfaces, actualInterfaces); + return -1; + } + + if (actualSecure != data->secure) { + fprintf(stderr, + "Mismatch in supported secure boot. " + "Expected %d got %d\n", + data->secure, actualSecure); + return -1; + } + + return 0; +} + + static int mymain(void) { @@ -127,6 +176,29 @@ mymain(void) if (virTestRun("QEMU FW precedence test", testFWPrecedence, NULL) < 0) ret = -1; +#define DO_SUPPORTED_TEST(machine, arch, secure, ...) \ + do { \ + unsigned int interfaces[] = {__VA_ARGS__}; \ + struct supportedData data = {machine, arch, secure, \ + interfaces, ARRAY_CARDINALITY(interfaces)}; \ + if (virTestRun("QEMU FW SUPPORTED " machine " " #arch, \ + testSupportedFW, &data) < 0) \ + ret = -1; \ + } while (0) + + DO_SUPPORTED_TEST("pc-i440fx-3.1", VIR_ARCH_X86_64, false, + VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS, + VIR_DOMAIN_OS_DEF_FIRMWARE_EFI); + DO_SUPPORTED_TEST("pc-i440fx-3.1", VIR_ARCH_I686, false, + VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS); + DO_SUPPORTED_TEST("pc-q35-3.1", VIR_ARCH_X86_64, true, + VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS, + VIR_DOMAIN_OS_DEF_FIRMWARE_EFI); + DO_SUPPORTED_TEST("pc-q35-3.1", VIR_ARCH_I686, false, + VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS); + DO_SUPPORTED_TEST("virt-3.1", VIR_ARCH_AARCH64, false, + VIR_DOMAIN_OS_DEF_FIRMWARE_EFI); + virFileWrapperClearPrefixes(); return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE; -- 2.21.0

If a management application wants to use firmware auto selection feature it can't currently know if the libvirtd it's talking to support is or not. Moreover, it doesn't know which values that are accepted for the @firmware attribute of <os/> when parsing will allow successful start of the domain later, i.e. if the mgmt application wants to use 'bios' whether there exists a FW descriptor in the system that describes bios. This commit then adds 'firmware' enum to <os/> element in <domainCapabilities/> XML like this: <enum name='firmware'> <value>bios</value> <value>efi</value> </enum> We can see both 'bios' and 'efi' listed which means that there are descriptors for both found in the system (matched with the machine type and architecture reported in the domain capabilities earlier and not shown here). Signed-off-by: Michal Privoznik <mprivozn@redhat.com> --- docs/formatdomaincaps.html.in | 23 ++++++++++++ docs/schemas/domaincaps.rng | 1 + src/conf/domain_capabilities.c | 3 ++ src/conf/domain_capabilities.h | 2 ++ src/qemu/qemu_capabilities.c | 35 +++++++++++++++++-- src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_driver.c | 1 + tests/Makefile.am | 4 ++- .../qemu_1.7.0.x86_64.xml | 7 ++++ .../qemu_2.12.0-virt.aarch64.xml | 6 ++++ .../qemu_2.12.0.ppc64.xml | 4 +++ .../qemu_2.12.0.s390x.xml | 4 +++ .../qemu_2.12.0.x86_64.xml | 7 ++++ .../qemu_2.6.0-virt.aarch64.xml | 6 ++++ .../qemu_2.6.0.aarch64.xml | 4 +++ .../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 4 +++ .../qemu_2.6.0.x86_64.xml | 7 ++++ .../domaincapsschemadata/qemu_2.7.0.s390x.xml | 4 +++ .../qemu_2.8.0-tcg.x86_64.xml | 7 ++++ .../domaincapsschemadata/qemu_2.8.0.s390x.xml | 4 +++ .../qemu_2.8.0.x86_64.xml | 7 ++++ .../qemu_2.9.0-q35.x86_64.xml | 8 +++++ .../qemu_2.9.0-tcg.x86_64.xml | 7 ++++ .../qemu_2.9.0.x86_64.xml | 7 ++++ .../domaincapsschemadata/qemu_3.0.0.s390x.xml | 4 +++ .../qemu_3.1.0.x86_64.xml | 7 ++++ .../qemu_4.0.0.x86_64.xml | 7 ++++ tests/domaincapstest.c | 16 +++++++++ 28 files changed, 194 insertions(+), 3 deletions(-) diff --git a/docs/formatdomaincaps.html.in b/docs/formatdomaincaps.html.in index 2583f9bead..b31b1729f4 100644 --- a/docs/formatdomaincaps.html.in +++ b/docs/formatdomaincaps.html.in @@ -119,6 +119,10 @@ <domainCapabilities> ... <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/OVMF/OVMF_CODE.fd</value> <enum name='type'> @@ -129,12 +133,26 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>yes</value> + <value>no</value> + </enum> </loader> </os> ... <domainCapabilities> </pre> + <p>The <code>firmware</code> enum corresponds to + <code>firmware</code> attribute of the <code>os</code> element. + Plain presence of this enum means that libvirt is capable of so + called firmware auto selection. The listed values then represent + accepted values for the domain attribute. Only values for which + there exists a firmware descriptor that matches machine type and + architecture are listed, i.e. those which won't cause a failure + on domain startup. + </p> + <p>For the <code>loader</code> element, the following can occur:</p> <dl> @@ -152,6 +170,11 @@ <dt><code>readonly</code></dt> <dd>Options for the <code>readonly</code> attribute of the <loader/> element.</dd> + + <dt><code>secure</code></dt> + <dd>Options for the <code>secure</code> attribute of the + <loader/> element. Note, that <code>yes</code> is listed + only if there is a firmware that supports it.</dd> </dl> <h3><a id="elementsCPU">CPU configuration</a></h3> diff --git a/docs/schemas/domaincaps.rng b/docs/schemas/domaincaps.rng index 3c42cb8075..e629d6431f 100644 --- a/docs/schemas/domaincaps.rng +++ b/docs/schemas/domaincaps.rng @@ -77,6 +77,7 @@ <element name='os'> <interleave> <ref name='supported'/> + <ref name='enum'/> <optional> <ref name='loader'/> </optional> diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c index 5a8f48da61..7935739409 100644 --- a/src/conf/domain_capabilities.c +++ b/src/conf/domain_capabilities.c @@ -415,6 +415,7 @@ virDomainCapsLoaderFormat(virBufferPtr buf, virDomainCapsStringValuesFormat(buf, &loader->values); ENUM_PROCESS(loader, type, virDomainLoaderTypeToString); ENUM_PROCESS(loader, readonly, virTristateBoolTypeToString); + ENUM_PROCESS(loader, secure, virTristateBoolTypeToString); FORMAT_EPILOGUE(loader); } @@ -427,6 +428,8 @@ virDomainCapsOSFormat(virBufferPtr buf, FORMAT_PROLOGUE(os); + ENUM_PROCESS(os, firmware, virDomainOsDefFirmwareTypeToString); + virDomainCapsLoaderFormat(buf, loader); FORMAT_EPILOGUE(os); diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index 26f4b8c394..1bc482f5ee 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -51,12 +51,14 @@ struct _virDomainCapsLoader { virDomainCapsStringValues values; /* Info about values for the element */ virDomainCapsEnum type; /* Info about virDomainLoader */ virDomainCapsEnum readonly; /* Info about readonly:virTristateBool */ + virDomainCapsEnum secure; /* Info about secure:virTristateBool */ }; typedef struct _virDomainCapsOS virDomainCapsOS; typedef virDomainCapsOS *virDomainCapsOSPtr; struct _virDomainCapsOS { virTristateBool supported; + virDomainCapsEnum firmware; /* Info about virDomainOsDefFirmware */ virDomainCapsLoader loader; /* Info about virDomainLoaderDef */ }; diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 71d4c01296..a2de8630cd 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -46,6 +46,7 @@ #include "qemu_capspriv.h" #include "qemu_qapi.h" #include "qemu_process.h" +#include "qemu_firmware.h" #include <fcntl.h> #include <sys/stat.h> @@ -4920,6 +4921,7 @@ virQEMUCapsGetPreferredMachine(virQEMUCapsPtr qemuCaps) static int virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader, + bool secure, virFirmwarePtr *firmwares, size_t nfirmwares) { @@ -4928,6 +4930,7 @@ virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader, capsLoader->supported = VIR_TRISTATE_BOOL_YES; capsLoader->type.report = true; capsLoader->readonly.report = true; + capsLoader->secure.report = true; if (VIR_ALLOC_N(capsLoader->values.values, nfirmwares) < 0) return -1; @@ -4956,19 +4959,42 @@ virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader, VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->readonly, VIR_TRISTATE_BOOL_YES, VIR_TRISTATE_BOOL_NO); + + VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->secure, + VIR_TRISTATE_BOOL_NO); + + if (secure) + VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->secure, + VIR_TRISTATE_BOOL_YES); + return 0; } static int virQEMUCapsFillDomainOSCaps(virDomainCapsOSPtr os, + const char *machine, + virArch arch, + bool privileged, virFirmwarePtr *firmwares, size_t nfirmwares) { virDomainCapsLoaderPtr capsLoader = &os->loader; + uint64_t autoFirmwares = 0; + bool secure = false; os->supported = VIR_TRISTATE_BOOL_YES; - if (virQEMUCapsFillDomainLoaderCaps(capsLoader, firmwares, nfirmwares) < 0) + os->firmware.report = true; + + if (qemuFirmwareGetSupported(machine, arch, privileged, &autoFirmwares, &secure) < 0) + return -1; + + if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS)) + VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS); + if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_EFI)) + VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_EFI); + + if (virQEMUCapsFillDomainLoaderCaps(capsLoader, secure, firmwares, nfirmwares) < 0) return -1; return 0; } @@ -5298,6 +5324,7 @@ int virQEMUCapsFillDomainCaps(virCapsPtr caps, virDomainCapsPtr domCaps, virQEMUCapsPtr qemuCaps, + bool privileged, virFirmwarePtr *firmwares, size_t nfirmwares) { @@ -5324,7 +5351,11 @@ virQEMUCapsFillDomainCaps(virCapsPtr caps, domCaps->genid = virTristateBoolFromBool( virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VMGENID)); - if (virQEMUCapsFillDomainOSCaps(os, firmwares, nfirmwares) < 0 || + if (virQEMUCapsFillDomainOSCaps(os, + domCaps->machine, + domCaps->arch, + privileged, + firmwares, nfirmwares) < 0 || virQEMUCapsFillDomainCPUCaps(caps, qemuCaps, domCaps) < 0 || virQEMUCapsFillDomainIOThreadCaps(qemuCaps, domCaps) < 0 || virQEMUCapsFillDomainDeviceDiskCaps(qemuCaps, diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index c6f6980684..2b099c15c9 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -631,6 +631,7 @@ int virQEMUCapsInitGuestFromBinary(virCapsPtr caps, int virQEMUCapsFillDomainCaps(virCapsPtr caps, virDomainCapsPtr domCaps, virQEMUCapsPtr qemuCaps, + bool privileged, virFirmwarePtr *firmwares, size_t nfirmwares); diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 7e5bbc3cc9..7fa5c985ec 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -19856,6 +19856,7 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn, goto cleanup; if (virQEMUCapsFillDomainCaps(caps, domCaps, qemuCaps, + driver->privileged, cfg->firmwares, cfg->nfirmwares) < 0) goto cleanup; diff --git a/tests/Makefile.am b/tests/Makefile.am index 1319c3b12c..46d94d2236 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1033,7 +1033,9 @@ domaincapsmock_la_LDFLAGS = $(MOCKLIBS_LDFLAGS) domaincapsmock_la_LIBADD = $(MOCKLIBS_LIBS) domaincapstest_SOURCES = \ - domaincapstest.c testutils.h testutils.c + domaincapstest.c testutils.h testutils.c \ + virfilewrapper.c virfilewrapper.h \ + $(NULL) domaincapstest_LDADD = $(LDADDS) if WITH_QEMU diff --git a/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml b/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml index 497363bbe9..06908cc61e 100644 --- a/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='255'/> <iothreads supported='no'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml b/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml index 7639df44c6..5983a60887 100644 --- a/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml +++ b/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml @@ -6,6 +6,9 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +21,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml b/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml index f10d361359..42c67623f4 100644 --- a/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml +++ b/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml @@ -6,6 +6,7 @@ <vcpu max='1024'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'/> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +19,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml b/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml index 41a81ff02f..4804c13329 100644 --- a/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml +++ b/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml @@ -6,6 +6,7 @@ <vcpu max='248'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'/> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +19,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml b/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml index 5913e7fc63..f5f54cb484 100644 --- a/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml b/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml index 9ee801092e..99ee16e4bb 100644 --- a/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml +++ b/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml @@ -6,6 +6,9 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +21,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml b/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml index 4dd0b52ed3..61fdae009a 100644 --- a/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml +++ b/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml @@ -6,6 +6,7 @@ <vcpu max='1'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'/> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +19,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml b/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml index aa982d237e..a33960a2af 100644 --- a/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml +++ b/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml @@ -6,6 +6,7 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'/> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +19,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml b/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml index 6aa3f52ee4..94fe08bc92 100644 --- a/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml b/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml index 8daa15ab9d..1057573681 100644 --- a/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml +++ b/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml @@ -6,6 +6,7 @@ <vcpu max='248'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'/> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +19,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml b/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml index 081805aa4a..39f3bd6d9f 100644 --- a/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml b/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml index 62c51e4087..9ae9a1a8bc 100644 --- a/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml +++ b/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml @@ -6,6 +6,7 @@ <vcpu max='248'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'/> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +19,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml b/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml index 1bb034aa4f..1770c81fdb 100644 --- a/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml b/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml index 67c6d5e77e..e2ec30fda7 100644 --- a/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='288'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,10 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>yes</value> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml b/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml index 588ef08199..65226ee284 100644 --- a/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml b/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml index 598937a971..0093877a0b 100644 --- a/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml b/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml index 1d97f1f344..c8efefc5ba 100644 --- a/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml +++ b/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml @@ -6,6 +6,7 @@ <vcpu max='248'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'/> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +19,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml b/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml index f3a33aee98..f38a098a3d 100644 --- a/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml b/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml index df66be9e29..ef8184c06b 100644 --- a/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml @@ -6,6 +6,10 @@ <vcpu max='255'/> <iothreads supported='yes'/> <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/AAVMF/AAVMF_CODE.fd</value> <value>/usr/share/AAVMF/AAVMF32_CODE.fd</value> @@ -18,6 +22,9 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>no</value> + </enum> </loader> </os> <cpu> diff --git a/tests/domaincapstest.c b/tests/domaincapstest.c index 77c5fcfb73..3ee95a4b58 100644 --- a/tests/domaincapstest.c +++ b/tests/domaincapstest.c @@ -20,6 +20,8 @@ #include "testutils.h" #include "domain_capabilities.h" +#include "virfilewrapper.h" +#include "configmake.h" #define VIR_FROM_THIS VIR_FROM_NONE @@ -104,6 +106,7 @@ fillQemuCaps(virDomainCapsPtr domCaps, goto cleanup; if (virQEMUCapsFillDomainCaps(caps, domCaps, qemuCaps, + false, cfg->firmwares, cfg->nfirmwares) < 0) goto cleanup; @@ -364,6 +367,13 @@ mymain(void) #if WITH_QEMU + virFileWrapperAddPrefix(SYSCONFDIR "/qemu/firmware", + abs_srcdir "/qemufirmwaredata/etc/qemu/firmware"); + virFileWrapperAddPrefix(PREFIX "/share/qemu/firmware", + abs_srcdir "/qemufirmwaredata/usr/share/qemu/firmware"); + virFileWrapperAddPrefix("/home/user/.config/qemu/firmware", + abs_srcdir "/qemufirmwaredata/home/user/.config/qemu/firmware"); + DO_TEST_QEMU("1.7.0", "caps_1.7.0", "/usr/bin/qemu-system-x86_64", NULL, "x86_64", VIR_DOMAIN_VIRT_KVM); @@ -441,6 +451,10 @@ mymain(void) "x86_64", VIR_DOMAIN_VIRT_KVM); virObjectUnref(cfg); + virFileWrapperRemovePrefix(SYSCONFDIR "/qemu/firmware"); + virFileWrapperRemovePrefix(PREFIX "/share/qemu/firmware"); + virFileWrapperRemovePrefix("/home/user/.config/qemu/firmware"); + #endif /* WITH_QEMU */ #if WITH_LIBXL @@ -462,6 +476,8 @@ mymain(void) DO_TEST_BHYVE("fbuf", "/usr/sbin/bhyve", &bhyve_caps, VIR_DOMAIN_VIRT_BHYVE); #endif /* WITH_BHYVE */ + virFileWrapperClearPrefixes(); + return ret; } -- 2.21.0

Hi, On 04/09/19 16:52, Michal Privoznik wrote:
v2 of:
https://www.redhat.com/archives/libvir-list/2019-April/msg00460.html
diff to v1: - Expose 'secure' too - Switch to uint64_t for qemuFirmwareGetSupported()
Michal Prívozník (4): qemu_firmware: Separate firmware loading into a function qemu_firmware: Separate machine and arch matching into a function qemu_firmware: Introduce qemuFirmwareGetSupported domain capabilities: Expose firmware auto selection feature
docs/formatdomaincaps.html.in | 23 +++ docs/schemas/domaincaps.rng | 1 + src/conf/domain_capabilities.c | 3 + src/conf/domain_capabilities.h | 2 + src/qemu/qemu_capabilities.c | 35 +++- src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_driver.c | 1 + src/qemu/qemu_firmware.c | 169 ++++++++++++++---- src/qemu/qemu_firmware.h | 10 ++ tests/Makefile.am | 4 +- .../qemu_1.7.0.x86_64.xml | 7 + .../qemu_2.12.0-virt.aarch64.xml | 6 + .../qemu_2.12.0.ppc64.xml | 4 + .../qemu_2.12.0.s390x.xml | 4 + .../qemu_2.12.0.x86_64.xml | 7 + .../qemu_2.6.0-virt.aarch64.xml | 6 + .../qemu_2.6.0.aarch64.xml | 4 + .../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 4 + .../qemu_2.6.0.x86_64.xml | 7 + .../domaincapsschemadata/qemu_2.7.0.s390x.xml | 4 + .../qemu_2.8.0-tcg.x86_64.xml | 7 + .../domaincapsschemadata/qemu_2.8.0.s390x.xml | 4 + .../qemu_2.8.0.x86_64.xml | 7 + .../qemu_2.9.0-q35.x86_64.xml | 8 + .../qemu_2.9.0-tcg.x86_64.xml | 7 + .../qemu_2.9.0.x86_64.xml | 7 + .../domaincapsschemadata/qemu_3.0.0.s390x.xml | 4 + .../qemu_3.1.0.x86_64.xml | 7 + .../qemu_4.0.0.x86_64.xml | 7 + tests/domaincapstest.c | 16 ++ tests/qemufirmwaretest.c | 72 ++++++++ 31 files changed, 412 insertions(+), 36 deletions(-)
you didn't push these patch sets to your personal repo, and also didn't mention the fork-off commits on master. This matters because neither v1 nor v2 applies on top of master now (i.e., on a5e16020907e). So I tried to correlate the posting timestamps of the cover letters with the commit dates (not authorship dates) of the recent commits in the git history. Ultimately I applied your - v1 on top of fb0d6049cccf ("docs: Remove search.php and all references", 2019-04-04), and - v2 on top of c3e1275b6020 ("rpc: Refactor cleanup paths in virNetLibsshAuthenticatePassword", 2019-04-09). Then (because I have very little time for reviewing this, unfortunately), I ran $ git range-diff master michal_v1 michal_v2 ... From that, I have two comments for the testSupportedFW() function: (1) You still have one instance of: ++ expectedInterfaces |= 1 << data->interfaces[i]; Please update the integer constant 1 to 1ULL here as well. (2) You have an error message in ++ if (actualSecure != data->secure) { ++ fprintf(stderr, ++ "Mismatch in supported secure boot. " ++ "Expected %d got %d\n", ++ data->secure, actualSecure); + return -1; + } Please replace "Mismatch in supported secure boot. " with "Mismatch in SMM requirement/support. " (The commit message has been updated correctly already: it says "list of supported interfaces and SMM feature", so that's OK.) With (1) and (2) addressed: Acked-by: Laszlo Ersek <lersek@redhat.com> (If there are no other updates, I'm fine if you don't post v3 just for these.) Thanks Laszlo

On 4/10/19 10:35 AM, Laszlo Ersek wrote:
Hi,
On 04/09/19 16:52, Michal Privoznik wrote:
v2 of:
https://www.redhat.com/archives/libvir-list/2019-April/msg00460.html
diff to v1: - Expose 'secure' too - Switch to uint64_t for qemuFirmwareGetSupported()
Michal Prívozník (4): qemu_firmware: Separate firmware loading into a function qemu_firmware: Separate machine and arch matching into a function qemu_firmware: Introduce qemuFirmwareGetSupported domain capabilities: Expose firmware auto selection feature
docs/formatdomaincaps.html.in | 23 +++ docs/schemas/domaincaps.rng | 1 + src/conf/domain_capabilities.c | 3 + src/conf/domain_capabilities.h | 2 + src/qemu/qemu_capabilities.c | 35 +++- src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_driver.c | 1 + src/qemu/qemu_firmware.c | 169 ++++++++++++++---- src/qemu/qemu_firmware.h | 10 ++ tests/Makefile.am | 4 +- .../qemu_1.7.0.x86_64.xml | 7 + .../qemu_2.12.0-virt.aarch64.xml | 6 + .../qemu_2.12.0.ppc64.xml | 4 + .../qemu_2.12.0.s390x.xml | 4 + .../qemu_2.12.0.x86_64.xml | 7 + .../qemu_2.6.0-virt.aarch64.xml | 6 + .../qemu_2.6.0.aarch64.xml | 4 + .../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 4 + .../qemu_2.6.0.x86_64.xml | 7 + .../domaincapsschemadata/qemu_2.7.0.s390x.xml | 4 + .../qemu_2.8.0-tcg.x86_64.xml | 7 + .../domaincapsschemadata/qemu_2.8.0.s390x.xml | 4 + .../qemu_2.8.0.x86_64.xml | 7 + .../qemu_2.9.0-q35.x86_64.xml | 8 + .../qemu_2.9.0-tcg.x86_64.xml | 7 + .../qemu_2.9.0.x86_64.xml | 7 + .../domaincapsschemadata/qemu_3.0.0.s390x.xml | 4 + .../qemu_3.1.0.x86_64.xml | 7 + .../qemu_4.0.0.x86_64.xml | 7 + tests/domaincapstest.c | 16 ++ tests/qemufirmwaretest.c | 72 ++++++++ 31 files changed, 412 insertions(+), 36 deletions(-)
you didn't push these patch sets to your personal repo, and also didn't mention the fork-off commits on master. This matters because neither v1 nor v2 applies on top of master now (i.e., on a5e16020907e). So I tried to correlate the posting timestamps of the cover letters with the commit dates (not authorship dates) of the recent commits in the git history. Ultimately I applied your - v1 on top of fb0d6049cccf ("docs: Remove search.php and all references", 2019-04-04), and - v2 on top of c3e1275b6020 ("rpc: Refactor cleanup paths in virNetLibsshAuthenticatePassword", 2019-04-09).
Yeah, this was caused by Peter pushing some changes.
With (1) and (2) addressed:
Acked-by: Laszlo Ersek <lersek@redhat.com>
Yeah, fixed and pushed. Thanks! Michal
participants (3)
-
Laszlo Ersek
-
Michal Privoznik
-
Pino Toscano