The pci-bridge-many-disks test case is not related to firmware handling at all, so we can trim it without losing any coverage. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- tests/qemuxml2argvdata/pci-bridge-many-disks.args | 1 - tests/qemuxml2argvdata/pci-bridge-many-disks.xml | 1 - tests/qemuxml2xmloutdata/pci-bridge-many-disks.xml | 1 - 3 files changed, 3 deletions(-) diff --git a/tests/qemuxml2argvdata/pci-bridge-many-disks.args b/tests/qemuxml2argvdata/pci-bridge-many-disks.args index 4c98d395af..9fdb261fb8 100644 --- a/tests/qemuxml2argvdata/pci-bridge-many-disks.args +++ b/tests/qemuxml2argvdata/pci-bridge-many-disks.args @@ -14,7 +14,6 @@ QEMU_AUDIO_DRV=none \ -machine pc,usb=off,dump-guest-core=off \ -accel tcg \ -cpu qemu64,kvmclock=off \ --bios /usr/share/seabios/bios.bin \ -m 3907 \ -overcommit mem-lock=off \ -smp 1,sockets=1,cores=1,threads=1 \ diff --git a/tests/qemuxml2argvdata/pci-bridge-many-disks.xml b/tests/qemuxml2argvdata/pci-bridge-many-disks.xml index 5000574073..1eac85f092 100644 --- a/tests/qemuxml2argvdata/pci-bridge-many-disks.xml +++ b/tests/qemuxml2argvdata/pci-bridge-many-disks.xml @@ -5,7 +5,6 @@ <currentMemory unit='KiB'>4000000</currentMemory> <os> <type arch='x86_64' machine='pc'>hvm</type> - <loader>/usr/share/seabios/bios.bin</loader> <boot dev='hd'/> </os> <features> diff --git a/tests/qemuxml2xmloutdata/pci-bridge-many-disks.xml b/tests/qemuxml2xmloutdata/pci-bridge-many-disks.xml index 9584c81ae9..12caf1fb9c 100644 --- a/tests/qemuxml2xmloutdata/pci-bridge-many-disks.xml +++ b/tests/qemuxml2xmloutdata/pci-bridge-many-disks.xml @@ -6,7 +6,6 @@ <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> - <loader type='rom'>/usr/share/seabios/bios.bin</loader> <boot dev='hd'/> </os> <features> -- 2.35.3

This was introduced in commit 5882064084a733a661759f8f3461f7cbc259175e Author: Martin Kletzander <mkletzan@redhat.com> Date: Wed Feb 25 15:45:26 2015 +0100 tests: Add test for os interleaving to ensure a recent change in the schema was behaving correctly. Seven years later, it no longer seems very useful to keep it around. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- .../bios-nvram-os-interleave.xml | 40 -------------- .../bios-nvram-os-interleave.xml | 52 ------------------- tests/qemuxml2xmltest.c | 1 - 3 files changed, 93 deletions(-) delete mode 100644 tests/qemuxml2argvdata/bios-nvram-os-interleave.xml delete mode 100644 tests/qemuxml2xmloutdata/bios-nvram-os-interleave.xml diff --git a/tests/qemuxml2argvdata/bios-nvram-os-interleave.xml b/tests/qemuxml2argvdata/bios-nvram-os-interleave.xml deleted file mode 100644 index d6c86c661c..0000000000 --- a/tests/qemuxml2argvdata/bios-nvram-os-interleave.xml +++ /dev/null @@ -1,40 +0,0 @@ -<domain type='qemu'> - <name>test-bios</name> - <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> - <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> - <vcpu placement='static'>1</vcpu> - <os> - <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> - <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> - <type arch='x86_64' machine='pc'>hvm</type> - <boot dev='hd'/> - <bootmenu enable='yes'/> - </os> - <features> - <acpi/> - </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> - <devices> - <emulator>/usr/bin/qemu-system-x86_64</emulator> - <disk type='block' device='disk'> - <source dev='/dev/HostVG/QEMUGuest1'/> - <target dev='hda' bus='ide'/> - <address type='drive' controller='0' bus='0' target='0' unit='0'/> - </disk> - <controller type='usb' index='0'/> - <controller type='ide' index='0'/> - <controller type='pci' index='0' model='pci-root'/> - <serial type='pty'> - <target port='0'/> - </serial> - <console type='pty'> - <target type='serial' port='0'/> - </console> - <input type='tablet' bus='usb'/> - <memballoon model='virtio'/> - </devices> -</domain> diff --git a/tests/qemuxml2xmloutdata/bios-nvram-os-interleave.xml b/tests/qemuxml2xmloutdata/bios-nvram-os-interleave.xml deleted file mode 100644 index 6a40866b0b..0000000000 --- a/tests/qemuxml2xmloutdata/bios-nvram-os-interleave.xml +++ /dev/null @@ -1,52 +0,0 @@ -<domain type='qemu'> - <name>test-bios</name> - <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> - <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> - <vcpu placement='static'>1</vcpu> - <os> - <type arch='x86_64' machine='pc'>hvm</type> - <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> - <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> - <boot dev='hd'/> - <bootmenu enable='yes'/> - </os> - <features> - <acpi/> - </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> - <devices> - <emulator>/usr/bin/qemu-system-x86_64</emulator> - <disk type='block' device='disk'> - <driver name='qemu' type='raw'/> - <source dev='/dev/HostVG/QEMUGuest1'/> - <target dev='hda' bus='ide'/> - <address type='drive' controller='0' bus='0' target='0' unit='0'/> - </disk> - <controller type='usb' index='0'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/> - </controller> - <controller type='ide' index='0'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/> - </controller> - <controller type='pci' index='0' model='pci-root'/> - <serial type='pty'> - <target type='isa-serial' port='0'> - <model name='isa-serial'/> - </target> - </serial> - <console type='pty'> - <target type='serial' port='0'/> - </console> - <input type='tablet' bus='usb'/> - <input type='mouse' bus='ps2'/> - <input type='keyboard' bus='ps2'/> - <audio id='1' type='none'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> - </memballoon> - </devices> -</domain> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 4ad6b4dac1..714d36c0a0 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -1068,7 +1068,6 @@ mymain(void) DO_TEST_CAPS_LATEST("numatune-memnode-restrictive-mode"); DO_TEST_NOCAPS("bios-nvram"); - DO_TEST_NOCAPS("bios-nvram-os-interleave"); DO_TEST_CAPS_LATEST("bios-nvram-network-iscsi"); DO_TEST_CAPS_LATEST("bios-nvram-network-nbd"); DO_TEST_CAPS_LATEST("bios-nvram-file"); -- 2.35.3

When testing firmware selection, we don't really care about any of the hardware assigned to the VM, and in fact it's better to keep it as minimal as possible to make sure that the focus remains on the firmware bits. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- .../firmware-auto-bios.x86_64-latest.args | 12 +---- tests/qemuxml2argvdata/firmware-auto-bios.xml | 53 +------------------ ...mware-auto-efi-aarch64.aarch64-latest.args | 6 +-- .../firmware-auto-efi-aarch64.xml | 18 +------ ...-auto-efi-loader-secure.x86_64-latest.args | 12 +---- .../firmware-auto-efi-loader-secure.xml | 53 +------------------ ...to-efi-no-enrolled-keys.x86_64-latest.args | 3 -- .../firmware-auto-efi-no-enrolled-keys.xml | 32 +---------- .../firmware-auto-efi.x86_64-latest.args | 12 +---- tests/qemuxml2argvdata/firmware-auto-efi.xml | 53 +------------------ ...manual-bios-rw-implicit.x86_64-latest.args | 8 +-- .../firmware-manual-bios-rw-implicit.xml | 21 +------- ...firmware-manual-bios-rw.x86_64-latest.args | 8 +-- .../firmware-manual-bios-rw.xml | 21 +------- .../firmware-manual-bios.args | 11 +--- .../qemuxml2argvdata/firmware-manual-bios.xml | 26 +-------- .../firmware-manual-efi-acpi-aarch64.args | 1 - .../firmware-manual-efi-acpi-aarch64.xml | 4 +- .../firmware-manual-efi-acpi-q35.args | 1 - .../firmware-manual-efi-acpi-q35.xml | 4 +- .../firmware-manual-efi-no-path.xml | 5 +- .../firmware-manual-efi-noacpi-aarch64.args | 1 - .../firmware-manual-efi-noacpi-aarch64.xml | 4 +- .../firmware-manual-efi-noacpi-q35.xml | 4 +- ...e-manual-efi-nvram-file.x86_64-latest.args | 4 +- .../firmware-manual-efi-nvram-file.xml | 6 +-- ...efi-nvram-network-iscsi.x86_64-latest.args | 4 +- ...irmware-manual-efi-nvram-network-iscsi.xml | 9 +--- ...l-efi-nvram-network-nbd.x86_64-latest.args | 4 +- .../firmware-manual-efi-nvram-network-nbd.xml | 9 +--- ...nual-efi-nvram-template.x86_64-latest.args | 4 +- .../firmware-manual-efi-nvram-template.xml | 6 +-- .../firmware-manual-efi-secure.args | 9 +--- .../firmware-manual-efi-secure.xml | 19 +------ .../qemuxml2argvdata/firmware-manual-efi.args | 7 +-- .../qemuxml2argvdata/firmware-manual-efi.xml | 21 +------- .../firmware-manual-noefi-acpi-aarch64.xml | 7 +-- .../firmware-manual-noefi-acpi-q35.args | 4 -- .../firmware-manual-noefi-acpi-q35.xml | 7 +-- .../firmware-manual-noefi-noacpi-aarch64.args | 4 -- .../firmware-manual-noefi-noacpi-aarch64.xml | 7 +-- .../firmware-manual-noefi-noacpi-q35.args | 4 -- .../firmware-manual-noefi-noacpi-q35.xml | 7 +-- .../firmware-auto-bios.x86_64-latest.xml | 43 ++------------- ...rmware-auto-efi-aarch64.aarch64-latest.xml | 12 ++--- ...e-auto-efi-loader-secure.x86_64-latest.xml | 43 ++------------- ...uto-efi-no-enrolled-keys.x86_64-latest.xml | 37 ++++++++++++- .../firmware-auto-efi.x86_64-latest.xml | 43 ++------------- ...re-manual-efi-nvram-file.x86_64-latest.xml | 9 +--- ...-efi-nvram-network-iscsi.x86_64-latest.xml | 11 ++-- ...al-efi-nvram-network-nbd.x86_64-latest.xml | 11 ++-- .../firmware-manual-efi.xml | 21 ++------ 52 files changed, 111 insertions(+), 634 deletions(-) mode change 120000 => 100644 tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml diff --git a/tests/qemuxml2argvdata/firmware-auto-bios.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-bios.x86_64-latest.args index dd159e2604..1d45a8cfba 100644 --- a/tests/qemuxml2argvdata/firmware-auto-bios.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-bios.x86_64-latest.args @@ -26,17 +26,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --global ICH9-LPC.disable_s3=0 \ --global ICH9-LPC.disable_s4=1 \ --boot menu=on,strict=on \ --device '{"driver":"i82801b11-bridge","id":"pci.1","bus":"pcie.0","addr":"0x1e"}' \ --device '{"driver":"pci-bridge","chassis_nr":2,"id":"pci.2","bus":"pci.1","addr":"0x0"}' \ --device '{"driver":"ioh3420","port":8,"chassis":3,"id":"pci.3","bus":"pcie.0","addr":"0x1"}' \ --device '{"driver":"ich9-usb-ehci1","id":"usb","bus":"pcie.0","addr":"0x1d.0x7"}' \ --device '{"driver":"ich9-usb-uhci1","masterbus":"usb.0","firstport":0,"bus":"pcie.0","multifunction":true,"addr":"0x1d"}' \ --device '{"driver":"ich9-usb-uhci2","masterbus":"usb.0","firstport":2,"bus":"pcie.0","addr":"0x1d.0x1"}' \ --device '{"driver":"ich9-usb-uhci3","masterbus":"usb.0","firstport":4,"bus":"pcie.0","addr":"0x1d.0x2"}' \ +-boot strict=on \ -audiodev '{"id":"audio1","driver":"none"}' \ --device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.2","addr":"0x1"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-auto-bios.xml b/tests/qemuxml2argvdata/firmware-auto-bios.xml index 18ceafa948..0abbddb22e 100644 --- a/tests/qemuxml2argvdata/firmware-auto-bios.xml +++ b/tests/qemuxml2argvdata/firmware-auto-bios.xml @@ -2,67 +2,18 @@ <name>fedora</name> <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> <memory unit='KiB'>8192</memory> - <currentMemory unit='KiB'>8192</currentMemory> <vcpu placement='static'>1</vcpu> <os firmware='bios'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader secure='no'/> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> - <apic/> - <pae/> </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> - <pm> - <suspend-to-mem enabled='yes'/> - <suspend-to-disk enabled='no'/> - </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='usb' index='0' model='ich9-ehci1'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x7'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci1'> - <master startport='0'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x0' multifunction='on'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci2'> - <master startport='2'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x1'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci3'> - <master startport='4'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x2'/> - </controller> - <controller type='sata' index='0'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> - </controller> - <controller type='pci' index='0' model='pcie-root'/> - <controller type='pci' index='1' model='dmi-to-pci-bridge'> - <model name='i82801b11-bridge'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'/> - </controller> - <controller type='pci' index='2' model='pci-bridge'> - <model name='pci-bridge'/> - <target chassisNr='2'/> - <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> - </controller> - <controller type='pci' index='3' model='pcie-root-port'> - <model name='ioh3420'/> - <target chassis='3' port='0x8'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> - </controller> - <input type='mouse' bus='ps2'/> - <input type='keyboard' bus='ps2'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x02' slot='0x01' function='0x0'/> - </memballoon> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-aarch64.aarch64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-aarch64.aarch64-latest.args index 484905d863..93f808aba9 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-aarch64.aarch64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-efi-aarch64.aarch64-latest.args @@ -16,7 +16,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-aarch64test/.config \ -blockdev '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}' \ -machine virt-4.0,usb=off,dump-guest-core=off,gic-version=2,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,memory-backend=mach-virt.ram \ -accel tcg \ --cpu cortex-a53 \ +-cpu cortex-a15 \ -m 1024 \ -object '{"qom-type":"memory-backend-ram","id":"mach-virt.ram","size":1073741824}' \ -overcommit mem-lock=off \ @@ -30,10 +30,6 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-aarch64test/.config \ -rtc base=utc \ -no-shutdown \ -boot strict=on \ --kernel /aarch64.kernel \ --initrd /aarch64.initrd \ --append 'earlyprintk console=ttyAMA0,115200n8 rw root=/dev/vda rootwait' \ --dtb /aarch64.dtb \ -audiodev '{"id":"audio1","driver":"none"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-aarch64.xml b/tests/qemuxml2argvdata/firmware-auto-efi-aarch64.xml index 48605f7198..1e8dfffb5b 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-aarch64.xml +++ b/tests/qemuxml2argvdata/firmware-auto-efi-aarch64.xml @@ -2,30 +2,16 @@ <name>aarch64test</name> <uuid>496d7ea8-9739-544b-4ebd-ef08be936e8b</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='aarch64' machine='virt-4.0'>hvm</type> - <kernel>/aarch64.kernel</kernel> - <initrd>/aarch64.initrd</initrd> - <cmdline>earlyprintk console=ttyAMA0,115200n8 rw root=/dev/vda rootwait</cmdline> - <dtb>/aarch64.dtb</dtb> - <boot dev='hd'/> </os> <features> <acpi/> - <apic/> - <pae/> - <gic version='2'/> </features> - <cpu mode='custom' match='exact' check='none'> - <model fallback='allow'>cortex-a53</model> - </cpu> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/qemu-system-aarch64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-secure.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-loader-secure.x86_64-latest.args index 1bf6ec65bd..37564db12c 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-loader-secure.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-efi-loader-secure.x86_64-latest.args @@ -30,17 +30,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --global ICH9-LPC.disable_s3=0 \ --global ICH9-LPC.disable_s4=1 \ --boot menu=on,strict=on \ --device '{"driver":"i82801b11-bridge","id":"pci.1","bus":"pcie.0","addr":"0x1e"}' \ --device '{"driver":"pci-bridge","chassis_nr":2,"id":"pci.2","bus":"pci.1","addr":"0x0"}' \ --device '{"driver":"ioh3420","port":8,"chassis":3,"id":"pci.3","bus":"pcie.0","addr":"0x1"}' \ --device '{"driver":"ich9-usb-ehci1","id":"usb","bus":"pcie.0","addr":"0x1d.0x7"}' \ --device '{"driver":"ich9-usb-uhci1","masterbus":"usb.0","firstport":0,"bus":"pcie.0","multifunction":true,"addr":"0x1d"}' \ --device '{"driver":"ich9-usb-uhci2","masterbus":"usb.0","firstport":2,"bus":"pcie.0","addr":"0x1d.0x1"}' \ --device '{"driver":"ich9-usb-uhci3","masterbus":"usb.0","firstport":4,"bus":"pcie.0","addr":"0x1d.0x2"}' \ +-boot strict=on \ -audiodev '{"id":"audio1","driver":"none"}' \ --device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.2","addr":"0x1"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-loader-secure.xml b/tests/qemuxml2argvdata/firmware-auto-efi-loader-secure.xml index 67c93fdbb9..1b94c25f32 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-loader-secure.xml +++ b/tests/qemuxml2argvdata/firmware-auto-efi-loader-secure.xml @@ -2,67 +2,18 @@ <name>fedora</name> <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> <memory unit='KiB'>8192</memory> - <currentMemory unit='KiB'>8192</currentMemory> <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader secure='yes'/> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> - <apic/> - <pae/> </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> - <pm> - <suspend-to-mem enabled='yes'/> - <suspend-to-disk enabled='no'/> - </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='usb' index='0' model='ich9-ehci1'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x7'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci1'> - <master startport='0'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x0' multifunction='on'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci2'> - <master startport='2'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x1'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci3'> - <master startport='4'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x2'/> - </controller> - <controller type='sata' index='0'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> - </controller> - <controller type='pci' index='0' model='pcie-root'/> - <controller type='pci' index='1' model='dmi-to-pci-bridge'> - <model name='i82801b11-bridge'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'/> - </controller> - <controller type='pci' index='2' model='pci-bridge'> - <model name='pci-bridge'/> - <target chassisNr='2'/> - <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> - </controller> - <controller type='pci' index='3' model='pcie-root-port'> - <model name='ioh3420'/> - <target chassis='3' port='0x8'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> - </controller> - <input type='mouse' bus='ps2'/> - <input type='keyboard' bus='ps2'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x02' slot='0x01' function='0x0'/> - </memballoon> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.args index 57fc34cc4d..b2cc6d3ab8 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.args @@ -30,9 +30,6 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ -rtc base=utc \ -no-shutdown \ -boot strict=on \ --device '{"driver":"pcie-root-port","port":8,"chassis":1,"id":"pci.1","bus":"pcie.0","multifunction":true,"addr":"0x1"}' \ --device '{"driver":"pcie-root-port","port":9,"chassis":2,"id":"pci.2","bus":"pcie.0","addr":"0x1.0x1"}' \ --device '{"driver":"qemu-xhci","id":"usb","bus":"pci.1","addr":"0x0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.xml b/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.xml index 352908f745..e9717000a3 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.xml +++ b/tests/qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.xml @@ -2,49 +2,19 @@ <name>fedora</name> <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> <memory unit='KiB'>8192</memory> - <currentMemory unit='KiB'>8192</currentMemory> <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <firmware> <feature enabled='no' name='enrolled-keys'/> </firmware> - <boot dev='hd'/> </os> <features> <acpi/> - <apic/> - <pae/> </features> - <cpu mode='custom' match='exact' check='none'> - <model fallback='forbid'>qemu64</model> - </cpu> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>destroy</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='pci' index='0' model='pcie-root'/> - <controller type='pci' index='1' model='pcie-root-port'> - <model name='pcie-root-port'/> - <target chassis='1' port='0x8'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0' multifunction='on'/> - </controller> - <controller type='pci' index='2' model='pcie-root-port'> - <model name='pcie-root-port'/> - <target chassis='2' port='0x9'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/> - </controller> - <controller type='usb' index='0' model='qemu-xhci'> - <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> - </controller> - <controller type='sata' index='0'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> - </controller> - <input type='mouse' bus='ps2'/> - <input type='keyboard' bus='ps2'/> - <audio id='1' type='none'/> + <controller type='usb' model='none'/> <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-auto-efi.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi.x86_64-latest.args index 16eb08078c..51aa5c0303 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-efi.x86_64-latest.args @@ -29,17 +29,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --global ICH9-LPC.disable_s3=0 \ --global ICH9-LPC.disable_s4=1 \ --boot menu=on,strict=on \ --device '{"driver":"i82801b11-bridge","id":"pci.1","bus":"pcie.0","addr":"0x1e"}' \ --device '{"driver":"pci-bridge","chassis_nr":2,"id":"pci.2","bus":"pci.1","addr":"0x0"}' \ --device '{"driver":"ioh3420","port":8,"chassis":3,"id":"pci.3","bus":"pcie.0","addr":"0x1"}' \ --device '{"driver":"ich9-usb-ehci1","id":"usb","bus":"pcie.0","addr":"0x1d.0x7"}' \ --device '{"driver":"ich9-usb-uhci1","masterbus":"usb.0","firstport":0,"bus":"pcie.0","multifunction":true,"addr":"0x1d"}' \ --device '{"driver":"ich9-usb-uhci2","masterbus":"usb.0","firstport":2,"bus":"pcie.0","addr":"0x1d.0x1"}' \ --device '{"driver":"ich9-usb-uhci3","masterbus":"usb.0","firstport":4,"bus":"pcie.0","addr":"0x1d.0x2"}' \ +-boot strict=on \ -audiodev '{"id":"audio1","driver":"none"}' \ --device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.2","addr":"0x1"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-auto-efi.xml b/tests/qemuxml2argvdata/firmware-auto-efi.xml index 8109e227c0..b92277ddbe 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi.xml +++ b/tests/qemuxml2argvdata/firmware-auto-efi.xml @@ -2,67 +2,18 @@ <name>fedora</name> <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> <memory unit='KiB'>8192</memory> - <currentMemory unit='KiB'>8192</currentMemory> <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <loader secure='no'/> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> - <apic/> - <pae/> </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> - <pm> - <suspend-to-mem enabled='yes'/> - <suspend-to-disk enabled='no'/> - </pm> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='usb' index='0' model='ich9-ehci1'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x7'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci1'> - <master startport='0'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x0' multifunction='on'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci2'> - <master startport='2'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x1'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci3'> - <master startport='4'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x2'/> - </controller> - <controller type='sata' index='0'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> - </controller> - <controller type='pci' index='0' model='pcie-root'/> - <controller type='pci' index='1' model='dmi-to-pci-bridge'> - <model name='i82801b11-bridge'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'/> - </controller> - <controller type='pci' index='2' model='pci-bridge'> - <model name='pci-bridge'/> - <target chassisNr='2'/> - <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> - </controller> - <controller type='pci' index='3' model='pcie-root-port'> - <model name='ioh3420'/> - <target chassis='3' port='0x8'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> - </controller> - <input type='mouse' bus='ps2'/> - <input type='keyboard' bus='ps2'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x02' slot='0x01' function='0x0'/> - </memballoon> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-bios-rw-implicit.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-bios-rw-implicit.x86_64-latest.args index fde4c3f57f..9830078318 100644 --- a/tests/qemuxml2argvdata/firmware-manual-bios-rw-implicit.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-manual-bios-rw-implicit.x86_64-latest.args @@ -27,13 +27,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-test-bios/.config \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --boot menu=on,strict=on \ --device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ --blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}' \ --blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw","file":"libvirt-1-storage"}' \ --device '{"driver":"ide-hd","bus":"ide.0","unit":0,"drive":"libvirt-1-format","id":"ide0-0-0","bootindex":1}' \ --device '{"driver":"usb-tablet","id":"input0","bus":"usb.0","port":"1"}' \ +-boot strict=on \ -audiodev '{"id":"audio1","driver":"none"}' \ --device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-bios-rw-implicit.xml b/tests/qemuxml2argvdata/firmware-manual-bios-rw-implicit.xml index ebcd3e5300..6279bf2eb4 100644 --- a/tests/qemuxml2argvdata/firmware-manual-bios-rw-implicit.xml +++ b/tests/qemuxml2argvdata/firmware-manual-bios-rw-implicit.xml @@ -2,34 +2,17 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> <loader type='pflash'>/var/lib/libvirt/qemu/nvram/test-bios.fd</loader> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <disk type='block' device='disk'> - <source dev='/dev/HostVG/QEMUGuest1'/> - <target dev='hda' bus='ide'/> - <address type='drive' controller='0' bus='0' target='0' unit='0'/> - </disk> - <controller type='usb' index='0'/> - <controller type='ide' index='0'/> - <controller type='pci' index='0' model='pci-root'/> - <input type='tablet' bus='usb'/> - <input type='mouse' bus='ps2'/> - <input type='keyboard' bus='ps2'/> - <memballoon model='virtio'/> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-bios-rw.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-bios-rw.x86_64-latest.args index fde4c3f57f..9830078318 100644 --- a/tests/qemuxml2argvdata/firmware-manual-bios-rw.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-manual-bios-rw.x86_64-latest.args @@ -27,13 +27,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-test-bios/.config \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --boot menu=on,strict=on \ --device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ --blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}' \ --blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw","file":"libvirt-1-storage"}' \ --device '{"driver":"ide-hd","bus":"ide.0","unit":0,"drive":"libvirt-1-format","id":"ide0-0-0","bootindex":1}' \ --device '{"driver":"usb-tablet","id":"input0","bus":"usb.0","port":"1"}' \ +-boot strict=on \ -audiodev '{"id":"audio1","driver":"none"}' \ --device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-bios-rw.xml b/tests/qemuxml2argvdata/firmware-manual-bios-rw.xml index b03b4b5ecb..1dc9432523 100644 --- a/tests/qemuxml2argvdata/firmware-manual-bios-rw.xml +++ b/tests/qemuxml2argvdata/firmware-manual-bios-rw.xml @@ -2,34 +2,17 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> <loader readonly='no' type='pflash'>/var/lib/libvirt/qemu/nvram/test-bios.fd</loader> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <disk type='block' device='disk'> - <source dev='/dev/HostVG/QEMUGuest1'/> - <target dev='hda' bus='ide'/> - <address type='drive' controller='0' bus='0' target='0' unit='0'/> - </disk> - <controller type='usb' index='0'/> - <controller type='ide' index='0'/> - <controller type='pci' index='0' model='pci-root'/> - <input type='tablet' bus='usb'/> - <input type='mouse' bus='ps2'/> - <input type='keyboard' bus='ps2'/> - <memballoon model='virtio'/> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-bios.args b/tests/qemuxml2argvdata/firmware-manual-bios.args index 5767de0874..e1cb064b71 100644 --- a/tests/qemuxml2argvdata/firmware-manual-bios.args +++ b/tests/qemuxml2argvdata/firmware-manual-bios.args @@ -11,7 +11,7 @@ QEMU_AUDIO_DRV=none \ -name guest=test-bios,debug-threads=on \ -S \ -object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-test-bios/master-key.aes \ --machine pc,usb=off,dump-guest-core=off,graphics=off \ +-machine pc,usb=off,dump-guest-core=off \ -accel tcg \ -bios /usr/share/seabios/bios.bin \ -m 1024 \ @@ -26,12 +26,5 @@ QEMU_AUDIO_DRV=none \ -rtc base=utc \ -no-shutdown \ -no-acpi \ --boot menu=on,strict=on \ --usb \ --drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \ --device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \ --chardev pty,id=charserial0 \ --device isa-serial,chardev=charserial0,id=serial0,index=0 \ --device usb-tablet,id=input0,bus=usb.0,port=1 \ --device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x2 \ +-boot strict=on \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-bios.xml b/tests/qemuxml2argvdata/firmware-manual-bios.xml index 82092c1893..3e1946029c 100644 --- a/tests/qemuxml2argvdata/firmware-manual-bios.xml +++ b/tests/qemuxml2argvdata/firmware-manual-bios.xml @@ -2,36 +2,14 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='i686' machine='pc'>hvm</type> <loader>/usr/share/seabios/bios.bin</loader> - <boot dev='hd'/> - <bootmenu enable='yes'/> - <bios useserial='yes'/> </os> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/qemu-system-i386</emulator> - <disk type='block' device='disk'> - <source dev='/dev/HostVG/QEMUGuest1'/> - <target dev='hda' bus='ide'/> - <address type='drive' controller='0' bus='0' target='0' unit='0'/> - </disk> - <controller type='usb' index='0'/> - <controller type='ide' index='0'/> - <serial type='pty'> - <target port='0'/> - </serial> - <console type='pty'> - <target type='serial' port='0'/> - </console> - <input type='tablet' bus='usb'/> - <input type='mouse' bus='ps2'/> - <memballoon model='virtio'/> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-acpi-aarch64.args b/tests/qemuxml2argvdata/firmware-manual-efi-acpi-aarch64.args index 88ea50027c..ef98c940f7 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-acpi-aarch64.args +++ b/tests/qemuxml2argvdata/firmware-manual-efi-acpi-aarch64.args @@ -13,7 +13,6 @@ QEMU_AUDIO_DRV=none \ -object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-guest/master-key.aes \ -machine virt,usb=off,dump-guest-core=off,gic-version=2 \ -accel tcg \ --cpu cortex-a57 \ -drive file=/usr/share/AAVMF/AAVMF_CODE.fd,if=pflash,format=raw,unit=0,readonly=on \ -drive file=/some/user/nvram/path/guest_VARS.fd,if=pflash,format=raw,unit=1 \ -m 1024 \ diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-acpi-aarch64.xml b/tests/qemuxml2argvdata/firmware-manual-efi-acpi-aarch64.xml index ef95ba5c17..b18c5f55f0 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-acpi-aarch64.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-acpi-aarch64.xml @@ -11,11 +11,9 @@ <features> <acpi/> </features> - <cpu mode='custom'> - <model>cortex-a57</model> - </cpu> <devices> <emulator>/usr/bin/qemu-system-aarch64</emulator> + <controller type='usb' model='none'/> <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-acpi-q35.args b/tests/qemuxml2argvdata/firmware-manual-efi-acpi-q35.args index 1ea740d29c..0c5e3413c3 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-acpi-q35.args +++ b/tests/qemuxml2argvdata/firmware-manual-efi-acpi-q35.args @@ -13,7 +13,6 @@ QEMU_AUDIO_DRV=none \ -object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-guest/master-key.aes \ -machine q35,usb=off,dump-guest-core=off \ -accel tcg \ --cpu Haswell \ -drive file=/usr/share/OVMF/OVMF_CODE.fd,if=pflash,format=raw,unit=0,readonly=on \ -drive file=/some/user/nvram/path/guest_VARS.fd,if=pflash,format=raw,unit=1 \ -m 1024 \ diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-acpi-q35.xml b/tests/qemuxml2argvdata/firmware-manual-efi-acpi-q35.xml index 7e3fa48e9d..ea5289da2e 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-acpi-q35.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-acpi-q35.xml @@ -11,11 +11,9 @@ <features> <acpi/> </features> - <cpu mode='custom'> - <model>Haswell</model> - </cpu> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-no-path.xml b/tests/qemuxml2argvdata/firmware-manual-efi-no-path.xml index bf97f0bdd6..435f01dab4 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-no-path.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-no-path.xml @@ -2,18 +2,17 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> <loader readonly='yes' type='pflash'/> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> </features> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-aarch64.args b/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-aarch64.args index b8da2a53c7..f3aa947e52 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-aarch64.args +++ b/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-aarch64.args @@ -13,7 +13,6 @@ QEMU_AUDIO_DRV=none \ -object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-guest/master-key.aes \ -machine virt,usb=off,dump-guest-core=off,gic-version=2 \ -accel tcg \ --cpu cortex-a57 \ -drive file=/usr/share/AAVMF/AAVMF_CODE.fd,if=pflash,format=raw,unit=0,readonly=on \ -drive file=/some/user/nvram/path/guest_VARS.fd,if=pflash,format=raw,unit=1 \ -m 1024 \ diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-aarch64.xml b/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-aarch64.xml index c36ce824ac..3799a5181c 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-aarch64.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-aarch64.xml @@ -8,11 +8,9 @@ <loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> </os> - <cpu mode='custom'> - <model>cortex-a57</model> - </cpu> <devices> <emulator>/usr/bin/qemu-system-aarch64</emulator> + <controller type='usb' model='none'/> <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-q35.xml b/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-q35.xml index 4e4d6fa3d1..9b080fe31c 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-q35.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-noacpi-q35.xml @@ -8,11 +8,9 @@ <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> </os> - <cpu mode='custom'> - <model>Haswell</model> - </cpu> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-file.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-file.x86_64-latest.args index 4b0aec7539..bede23b678 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-file.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-file.x86_64-latest.args @@ -29,9 +29,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-test-bios/.config \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --boot menu=on,strict=on \ --device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ +-boot strict=on \ -audiodev '{"id":"audio1","driver":"none"}' \ --device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-file.xml b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-file.xml index 8df9412112..beed93adc1 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-file.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-file.xml @@ -2,7 +2,6 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> @@ -10,14 +9,13 @@ <nvram type='file'> <source file='/var/lib/libvirt/nvram/guest_VARS.fd'/> </nvram> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> </features> - <clock offset='utc'/> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.args index b8a323358d..868a5c6465 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.args @@ -30,9 +30,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-test-bios/.config \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --boot menu=on,strict=on \ --device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ +-boot strict=on \ -audiodev '{"id":"audio1","driver":"none"}' \ --device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-iscsi.xml b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-iscsi.xml index d8a354126d..efc60341ab 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-iscsi.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-iscsi.xml @@ -2,7 +2,6 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> @@ -15,17 +14,13 @@ </auth> </source> </nvram> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.args index 08dbd99335..7ea855e02c 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.args @@ -29,9 +29,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-test-bios/.config \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --boot menu=on,strict=on \ --device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ +-boot strict=on \ -audiodev '{"id":"audio1","driver":"none"}' \ --device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-nbd.xml b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-nbd.xml index 3350914607..60a963ca22 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-nbd.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-network-nbd.xml @@ -2,7 +2,6 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> @@ -12,17 +11,13 @@ <host name='example.org' port='6000'/> </source> </nvram> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template.x86_64-latest.args index 7dc0d604a0..de7245fed0 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template.x86_64-latest.args @@ -29,9 +29,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-test-bios/.config \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --boot menu=on,strict=on \ --device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ +-boot strict=on \ -audiodev '{"id":"audio1","driver":"none"}' \ --device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template.xml b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template.xml index 1bbe4314b5..0d7e43a26c 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-nvram-template.xml @@ -2,20 +2,18 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram template="/usr/share/OVMF/OVMF_VARS.fd"/> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> </features> - <clock offset='utc'/> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-secure.args b/tests/qemuxml2argvdata/firmware-manual-efi-secure.args index 741ed2c16c..fe0f78599b 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-secure.args +++ b/tests/qemuxml2argvdata/firmware-manual-efi-secure.args @@ -27,12 +27,5 @@ QEMU_AUDIO_DRV=none \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --boot menu=on,strict=on \ --device i82801b11-bridge,id=pci.1,bus=pcie.0,addr=0x1e \ --device pci-bridge,chassis_nr=2,id=pci.2,bus=pci.1,addr=0x0 \ --device ioh3420,port=8,chassis=3,id=pci.3,bus=pcie.0,addr=0x1 \ --device virtio-scsi-pci,id=scsi0,bus=pci.2,addr=0x1 \ --drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-scsi0-0-0-0 \ --device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1 \ --device virtio-balloon-pci,id=balloon0,bus=pci.2,addr=0x2 \ +-boot strict=on \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi-secure.xml b/tests/qemuxml2argvdata/firmware-manual-efi-secure.xml index fb5ca4c48d..090e37cecd 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi-secure.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi-secure.xml @@ -2,34 +2,19 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='q35'>hvm</type> <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> <smm state='on'/> </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <disk type='block' device='disk'> - <source dev='/dev/HostVG/QEMUGuest1'/> - <target dev='sda' bus='scsi'/> - <address type='drive' controller='0' bus='0' target='0' unit='0'/> - </disk> - <controller type='scsi' index='0'/> - <controller type='pci' index='0' model='pcie-root'/> - <input type='mouse' bus='ps2'/> - <input type='keyboard' bus='ps2'/> - <memballoon model='virtio'/> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-efi.args b/tests/qemuxml2argvdata/firmware-manual-efi.args index ed3c7c96e2..ac5f86dc83 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi.args +++ b/tests/qemuxml2argvdata/firmware-manual-efi.args @@ -26,10 +26,5 @@ QEMU_AUDIO_DRV=none \ -mon chardev=charmonitor,id=monitor,mode=control \ -rtc base=utc \ -no-shutdown \ --boot menu=on,strict=on \ --usb \ --drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \ --device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \ --device usb-tablet,id=input0,bus=usb.0,port=1 \ --device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x2 \ +-boot strict=on \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-efi.xml b/tests/qemuxml2argvdata/firmware-manual-efi.xml index 329d510e95..bbc4641da8 100644 --- a/tests/qemuxml2argvdata/firmware-manual-efi.xml +++ b/tests/qemuxml2argvdata/firmware-manual-efi.xml @@ -2,35 +2,18 @@ <name>test-bios</name> <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid> <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> - <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> </features> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <disk type='block' device='disk'> - <source dev='/dev/HostVG/QEMUGuest1'/> - <target dev='hda' bus='ide'/> - <address type='drive' controller='0' bus='0' target='0' unit='0'/> - </disk> - <controller type='usb' index='0'/> - <controller type='ide' index='0'/> - <controller type='pci' index='0' model='pci-root'/> - <input type='tablet' bus='usb'/> - <input type='mouse' bus='ps2'/> - <input type='keyboard' bus='ps2'/> - <memballoon model='virtio'/> + <controller type='usb' model='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-aarch64.xml b/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-aarch64.xml index cda1b1bdc6..12052e2f43 100644 --- a/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-aarch64.xml +++ b/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-aarch64.xml @@ -5,18 +5,13 @@ <vcpu placement='static'>1</vcpu> <os> <type arch='aarch64' machine='virt'>hvm</type> - <kernel>/var/lib/libvirt/images/guest.vmlinuz</kernel> - <initrd>/var/lib/libvirt/images/guest.initramfs</initrd> - <cmdline>console=ttyAMA0 rw root=/dev/vda rootwait</cmdline> </os> <features> <acpi/> </features> - <cpu mode='custom'> - <model>cortex-a57</model> - </cpu> <devices> <emulator>/usr/bin/qemu-system-aarch64</emulator> + <controller type='usb' model='none'/> <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-q35.args b/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-q35.args index d0490b9fef..d97ac2f634 100644 --- a/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-q35.args +++ b/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-q35.args @@ -13,7 +13,6 @@ QEMU_AUDIO_DRV=none \ -object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-guest/master-key.aes \ -machine q35,usb=off,dump-guest-core=off \ -accel tcg \ --cpu Haswell \ -m 1024 \ -overcommit mem-lock=off \ -smp 1,sockets=1,cores=1,threads=1 \ @@ -26,7 +25,4 @@ QEMU_AUDIO_DRV=none \ -rtc base=utc \ -no-shutdown \ -boot strict=on \ --kernel /var/lib/libvirt/images/guest.vmlinuz \ --initrd /var/lib/libvirt/images/guest.initramfs \ --append 'rw root=/dev/vda rootwait' \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-q35.xml b/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-q35.xml index 7d735f99c4..2b3ae78169 100644 --- a/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-q35.xml +++ b/tests/qemuxml2argvdata/firmware-manual-noefi-acpi-q35.xml @@ -5,18 +5,13 @@ <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='q35'>hvm</type> - <kernel>/var/lib/libvirt/images/guest.vmlinuz</kernel> - <initrd>/var/lib/libvirt/images/guest.initramfs</initrd> - <cmdline>rw root=/dev/vda rootwait</cmdline> </os> <features> <acpi/> </features> - <cpu mode='custom'> - <model>Haswell</model> - </cpu> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-aarch64.args b/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-aarch64.args index 0aa75ca624..293085b105 100644 --- a/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-aarch64.args +++ b/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-aarch64.args @@ -13,7 +13,6 @@ QEMU_AUDIO_DRV=none \ -object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-guest/master-key.aes \ -machine virt,usb=off,dump-guest-core=off,gic-version=2 \ -accel tcg \ --cpu cortex-a57 \ -m 1024 \ -overcommit mem-lock=off \ -smp 1,sockets=1,cores=1,threads=1 \ @@ -27,7 +26,4 @@ QEMU_AUDIO_DRV=none \ -no-shutdown \ -no-acpi \ -boot strict=on \ --kernel /var/lib/libvirt/images/guest.vmlinuz \ --initrd /var/lib/libvirt/images/guest.initramfs \ --append 'console=ttyAMA0 rw root=/dev/vda rootwait' \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-aarch64.xml b/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-aarch64.xml index e8551ed2d9..72d7bf2ed5 100644 --- a/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-aarch64.xml +++ b/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-aarch64.xml @@ -5,15 +5,10 @@ <vcpu placement='static'>1</vcpu> <os> <type arch='aarch64' machine='virt'>hvm</type> - <kernel>/var/lib/libvirt/images/guest.vmlinuz</kernel> - <initrd>/var/lib/libvirt/images/guest.initramfs</initrd> - <cmdline>console=ttyAMA0 rw root=/dev/vda rootwait</cmdline> </os> - <cpu mode='custom'> - <model>cortex-a57</model> - </cpu> <devices> <emulator>/usr/bin/qemu-system-aarch64</emulator> + <controller type='usb' model='none'/> <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-q35.args b/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-q35.args index 79ce26f047..c5e067853e 100644 --- a/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-q35.args +++ b/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-q35.args @@ -13,7 +13,6 @@ QEMU_AUDIO_DRV=none \ -object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-guest/master-key.aes \ -machine q35,usb=off,dump-guest-core=off \ -accel tcg \ --cpu Haswell \ -m 1024 \ -overcommit mem-lock=off \ -smp 1,sockets=1,cores=1,threads=1 \ @@ -27,7 +26,4 @@ QEMU_AUDIO_DRV=none \ -no-shutdown \ -no-acpi \ -boot strict=on \ --kernel /var/lib/libvirt/images/guest.vmlinuz \ --initrd /var/lib/libvirt/images/guest.initramfs \ --append 'rw root=/dev/vda rootwait' \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-q35.xml b/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-q35.xml index 163b424eac..2150c33b1c 100644 --- a/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-q35.xml +++ b/tests/qemuxml2argvdata/firmware-manual-noefi-noacpi-q35.xml @@ -5,15 +5,10 @@ <vcpu placement='static'>1</vcpu> <os> <type arch='x86_64' machine='q35'>hvm</type> - <kernel>/var/lib/libvirt/images/guest.vmlinuz</kernel> - <initrd>/var/lib/libvirt/images/guest.initramfs</initrd> - <cmdline>rw root=/dev/vda rootwait</cmdline> </os> - <cpu mode='custom'> - <model>Haswell</model> - </cpu> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml index e6704fb7de..c43f3b1147 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml @@ -9,12 +9,9 @@ <loader secure='no'/> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> - <apic/> - <pae/> </features> <cpu mode='custom' match='exact' check='none'> <model fallback='forbid'>qemu64</model> @@ -22,51 +19,17 @@ <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> - <pm> - <suspend-to-mem enabled='yes'/> - <suspend-to-disk enabled='no'/> - </pm> + <on_crash>destroy</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='usb' index='0' model='ich9-ehci1'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x7'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci1'> - <master startport='0'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x0' multifunction='on'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci2'> - <master startport='2'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x1'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci3'> - <master startport='4'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x2'/> - </controller> + <controller type='usb' index='0' model='none'/> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='pci' index='0' model='pcie-root'/> - <controller type='pci' index='1' model='dmi-to-pci-bridge'> - <model name='i82801b11-bridge'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'/> - </controller> - <controller type='pci' index='2' model='pci-bridge'> - <model name='pci-bridge'/> - <target chassisNr='2'/> - <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> - </controller> - <controller type='pci' index='3' model='pcie-root-port'> - <model name='ioh3420'/> - <target chassis='3' port='0x8'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> - </controller> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <audio id='1' type='none'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x02' slot='0x01' function='0x0'/> - </memballoon> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml index 627e285ae1..a926869046 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-aarch64.aarch64-latest.xml @@ -6,28 +6,24 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='aarch64' machine='virt-4.0'>hvm</type> - <kernel>/aarch64.kernel</kernel> - <initrd>/aarch64.initrd</initrd> - <cmdline>earlyprintk console=ttyAMA0,115200n8 rw root=/dev/vda rootwait</cmdline> - <dtb>/aarch64.dtb</dtb> <boot dev='hd'/> </os> <features> <acpi/> - <apic/> - <pae/> <gic version='2'/> </features> <cpu mode='custom' match='exact' check='none'> - <model fallback='allow'>cortex-a53</model> + <model fallback='forbid'>cortex-a15</model> </cpu> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> + <on_crash>destroy</on_crash> <devices> <emulator>/usr/bin/qemu-system-aarch64</emulator> + <controller type='usb' index='0' model='none'/> <controller type='pci' index='0' model='pcie-root'/> <audio id='1' type='none'/> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml index 35ee0a61b0..709fd42aa6 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-loader-secure.x86_64-latest.xml @@ -9,12 +9,9 @@ <loader secure='yes'/> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> - <apic/> - <pae/> </features> <cpu mode='custom' match='exact' check='none'> <model fallback='forbid'>qemu64</model> @@ -22,51 +19,17 @@ <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> - <pm> - <suspend-to-mem enabled='yes'/> - <suspend-to-disk enabled='no'/> - </pm> + <on_crash>destroy</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='usb' index='0' model='ich9-ehci1'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x7'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci1'> - <master startport='0'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x0' multifunction='on'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci2'> - <master startport='2'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x1'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci3'> - <master startport='4'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x2'/> - </controller> + <controller type='usb' index='0' model='none'/> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='pci' index='0' model='pcie-root'/> - <controller type='pci' index='1' model='dmi-to-pci-bridge'> - <model name='i82801b11-bridge'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'/> - </controller> - <controller type='pci' index='2' model='pci-bridge'> - <model name='pci-bridge'/> - <target chassisNr='2'/> - <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> - </controller> - <controller type='pci' index='3' model='pcie-root-port'> - <model name='ioh3420'/> - <target chassis='3' port='0x8'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> - </controller> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <audio id='1' type='none'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x02' slot='0x01' function='0x0'/> - </memballoon> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml deleted file mode 120000 index f954b0c4e1..0000000000 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml +++ /dev/null @@ -1 +0,0 @@ -../qemuxml2argvdata/firmware-auto-efi-no-enrolled-keys.xml \ No newline at end of file diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml new file mode 100644 index 0000000000..e5d307e0b2 --- /dev/null +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml @@ -0,0 +1,36 @@ +<domain type='kvm'> + <name>fedora</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>8192</memory> + <currentMemory unit='KiB'>8192</currentMemory> + <vcpu placement='static'>1</vcpu> + <os firmware='efi'> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + </firmware> + <boot dev='hd'/> + </os> + <features> + <acpi/> + </features> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' index='0' model='none'/> + <controller type='sata' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pcie-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml index ca323482f8..b152b3ef87 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml @@ -9,12 +9,9 @@ <loader secure='no'/> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> - <apic/> - <pae/> </features> <cpu mode='custom' match='exact' check='none'> <model fallback='forbid'>qemu64</model> @@ -22,51 +19,17 @@ <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> - <pm> - <suspend-to-mem enabled='yes'/> - <suspend-to-disk enabled='no'/> - </pm> + <on_crash>destroy</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='usb' index='0' model='ich9-ehci1'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x7'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci1'> - <master startport='0'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x0' multifunction='on'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci2'> - <master startport='2'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x1'/> - </controller> - <controller type='usb' index='0' model='ich9-uhci3'> - <master startport='4'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1d' function='0x2'/> - </controller> + <controller type='usb' index='0' model='none'/> <controller type='sata' index='0'> <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/> </controller> <controller type='pci' index='0' model='pcie-root'/> - <controller type='pci' index='1' model='dmi-to-pci-bridge'> - <model name='i82801b11-bridge'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'/> - </controller> - <controller type='pci' index='2' model='pci-bridge'> - <model name='pci-bridge'/> - <target chassisNr='2'/> - <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> - </controller> - <controller type='pci' index='3' model='pcie-root-port'> - <model name='ioh3420'/> - <target chassis='3' port='0x8'/> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> - </controller> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <audio id='1' type='none'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x02' slot='0x01' function='0x0'/> - </memballoon> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-file.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-file.x86_64-latest.xml index 97e029f70b..b78cafecc4 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-file.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-file.x86_64-latest.xml @@ -11,7 +11,6 @@ <source file='/var/lib/libvirt/nvram/guest_VARS.fd'/> </nvram> <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> @@ -25,15 +24,11 @@ <on_crash>destroy</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='usb' index='0' model='piix3-uhci'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/> - </controller> + <controller type='usb' index='0' model='none'/> <controller type='pci' index='0' model='pci-root'/> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <audio id='1' type='none'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> - </memballoon> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.xml index 73b7aefe7b..16de5e7387 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-iscsi.x86_64-latest.xml @@ -16,7 +16,6 @@ </source> </nvram> <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> @@ -27,18 +26,14 @@ <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> + <on_crash>destroy</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='usb' index='0' model='piix3-uhci'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/> - </controller> + <controller type='usb' index='0' model='none'/> <controller type='pci' index='0' model='pci-root'/> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <audio id='1' type='none'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> - </memballoon> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.xml index bc78be11b6..1adbd9e60e 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi-nvram-network-nbd.x86_64-latest.xml @@ -13,7 +13,6 @@ </source> </nvram> <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> @@ -24,18 +23,14 @@ <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> + <on_crash>destroy</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <controller type='usb' index='0' model='piix3-uhci'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/> - </controller> + <controller type='usb' index='0' model='none'/> <controller type='pci' index='0' model='pci-root'/> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <audio id='1' type='none'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> - </memballoon> + <memballoon model='none'/> </devices> </domain> diff --git a/tests/qemuxml2xmloutdata/firmware-manual-efi.xml b/tests/qemuxml2xmloutdata/firmware-manual-efi.xml index 7049f5e9c5..7e6b3ad432 100644 --- a/tests/qemuxml2xmloutdata/firmware-manual-efi.xml +++ b/tests/qemuxml2xmloutdata/firmware-manual-efi.xml @@ -9,7 +9,6 @@ <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader> <nvram>/some/user/nvram/path/guest_VARS.fd</nvram> <boot dev='hd'/> - <bootmenu enable='yes'/> </os> <features> <acpi/> @@ -17,28 +16,14 @@ <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> - <on_crash>restart</on_crash> + <on_crash>destroy</on_crash> <devices> <emulator>/usr/bin/qemu-system-x86_64</emulator> - <disk type='block' device='disk'> - <driver name='qemu' type='raw'/> - <source dev='/dev/HostVG/QEMUGuest1'/> - <target dev='hda' bus='ide'/> - <address type='drive' controller='0' bus='0' target='0' unit='0'/> - </disk> - <controller type='usb' index='0'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/> - </controller> - <controller type='ide' index='0'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/> - </controller> + <controller type='usb' index='0' model='none'/> <controller type='pci' index='0' model='pci-root'/> - <input type='tablet' bus='usb'/> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> <audio id='1' type='none'/> - <memballoon model='virtio'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> - </memballoon> + <memballoon model='none'/> </devices> </domain> -- 2.35.3

This currently has not effect whatsoever, so it's just cluttering the input files. We're going to add specific handling for this scenario, as well as a test case covering it, in an upcoming commit. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- tests/qemuxml2argvdata/firmware-auto-bios.xml | 1 - tests/qemuxml2argvdata/firmware-auto-efi.xml | 1 - tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml | 1 - tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml | 1 - 4 files changed, 4 deletions(-) diff --git a/tests/qemuxml2argvdata/firmware-auto-bios.xml b/tests/qemuxml2argvdata/firmware-auto-bios.xml index 1318f68243..06bb0bea9d 100644 --- a/tests/qemuxml2argvdata/firmware-auto-bios.xml +++ b/tests/qemuxml2argvdata/firmware-auto-bios.xml @@ -5,7 +5,6 @@ <vcpu placement='static'>1</vcpu> <os firmware='bios'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> - <loader secure='no'/> </os> <features> <acpi/> diff --git a/tests/qemuxml2argvdata/firmware-auto-efi.xml b/tests/qemuxml2argvdata/firmware-auto-efi.xml index 33bd7b0ac1..55b9be1aec 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi.xml +++ b/tests/qemuxml2argvdata/firmware-auto-efi.xml @@ -5,7 +5,6 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> - <loader secure='no'/> </os> <features> <acpi/> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml index b744234cf1..722294089e 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-bios.x86_64-latest.xml @@ -6,7 +6,6 @@ <vcpu placement='static'>1</vcpu> <os firmware='bios'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> - <loader secure='no'/> <boot dev='hd'/> </os> <features> diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml index 35d49b7c62..7e2e40036e 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi.x86_64-latest.xml @@ -6,7 +6,6 @@ <vcpu placement='static'>1</vcpu> <os firmware='efi'> <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> - <loader secure='no'/> <boot dev='hd'/> </os> <features> -- 2.35.3

Pure code movement, needed to prepare for upcoming changes. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_conf.c | 57 +++++++++++++++++++++--------------------- 1 file changed, 29 insertions(+), 28 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 709ca53790..6f5f370696 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -17991,34 +17991,6 @@ virDomainDefMaybeAddHostdevSCSIcontroller(virDomainDef *def) return 0; } -static int -virDomainLoaderDefParseXML(xmlNodePtr node, - virDomainLoaderDef *loader, - bool fwAutoSelect) -{ - if (!fwAutoSelect) { - if (virXMLPropTristateBool(node, "readonly", VIR_XML_PROP_NONE, - &loader->readonly) < 0) - return -1; - - if (virXMLPropEnum(node, "type", virDomainLoaderTypeFromString, - VIR_XML_PROP_NONZERO, &loader->type) < 0) - return -1; - - if (!(loader->path = virXMLNodeContentString(node))) - return -1; - - if (STREQ(loader->path, "")) - VIR_FREE(loader->path); - } - - if (virXMLPropTristateBool(node, "secure", VIR_XML_PROP_NONE, - &loader->secure) < 0) - return -1; - - return 0; -} - static int virDomainNvramDefParseXML(virDomainLoaderDef *loader, @@ -18065,6 +18037,35 @@ virDomainNvramDefParseXML(virDomainLoaderDef *loader, } +static int +virDomainLoaderDefParseXML(xmlNodePtr node, + virDomainLoaderDef *loader, + bool fwAutoSelect) +{ + if (!fwAutoSelect) { + if (virXMLPropTristateBool(node, "readonly", VIR_XML_PROP_NONE, + &loader->readonly) < 0) + return -1; + + if (virXMLPropEnum(node, "type", virDomainLoaderTypeFromString, + VIR_XML_PROP_NONZERO, &loader->type) < 0) + return -1; + + if (!(loader->path = virXMLNodeContentString(node))) + return -1; + + if (STREQ(loader->path, "")) + VIR_FREE(loader->path); + } + + if (virXMLPropTristateBool(node, "secure", VIR_XML_PROP_NONE, + &loader->secure) < 0) + return -1; + + return 0; +} + + static int virDomainSchedulerParseCommonAttrs(xmlNodePtr node, virProcessSchedPolicy *policy, -- 2.35.3

When the 'type' attribute is present we'd end up overwriting this value via virDomainStorageSourceParse(). Moving this assignment makes the current code clearer and will also help with upcoming changes. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_conf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 1cb162f67c..f19f6eb63c 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -18001,7 +18001,6 @@ virDomainLoaderDefParseXMLNvram(virDomainLoaderDef *loader, g_autofree char *nvramType = virXPathString("string(./os/nvram/@type)", ctxt); g_autoptr(virStorageSource) src = virStorageSourceNew(); - src->type = VIR_STORAGE_TYPE_FILE; src->format = VIR_STORAGE_FILE_RAW; if (!nvramType) { @@ -18011,6 +18010,7 @@ virDomainLoaderDefParseXMLNvram(virDomainLoaderDef *loader, return 0; /* no nvram */ src->path = nvramPath; + src->type = VIR_STORAGE_TYPE_FILE; } else { xmlNodePtr sourceNode; -- 2.35.3

All the data in the <nvram> element ends up in the same struct as that coming from the <loader> element, so it makes sense to have a single entry point for parsing an XML document into a virDomainLoaderDef instance. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_conf.c | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index fcb468b465..d6a33a0f81 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -18042,8 +18042,11 @@ virDomainLoaderDefParseXMLNvram(virDomainLoaderDef *loader, static int -virDomainLoaderDefParseXML(xmlNodePtr node, - virDomainLoaderDef *loader, +virDomainLoaderDefParseXML(virDomainLoaderDef *loader, + xmlNodePtr node, + xmlXPathContextPtr ctxt, + virDomainXMLOption *xmlopt, + unsigned int flags, bool fwAutoSelect) { if (!fwAutoSelect) { @@ -18066,6 +18069,11 @@ virDomainLoaderDefParseXML(xmlNodePtr node, &loader->secure) < 0) return -1; + if (virDomainLoaderDefParseXMLNvram(loader, + ctxt, xmlopt, flags, + fwAutoSelect) < 0) + return -1; + return 0; } @@ -18467,16 +18475,12 @@ virDomainDefParseBootLoaderOptions(virDomainDef *def, def->os.loader = g_new0(virDomainLoaderDef, 1); - if (virDomainLoaderDefParseXML(loader_node, - def->os.loader, + if (virDomainLoaderDefParseXML(def->os.loader, + loader_node, + ctxt, xmlopt, flags, fwAutoSelect) < 0) return -1; - if (virDomainLoaderDefParseXMLNvram(def->os.loader, - ctxt, xmlopt, flags, - fwAutoSelect) < 0) - return -1; - return 0; } -- 2.35.3

This makes the function more consistent with virDomainLoaderDefParseXML() by preferring the virXMLProp class of functions to XPath access. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_conf.c | 49 ++++++++++++++++++++++++------------------ 1 file changed, 28 insertions(+), 21 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index d60985cb85..858242b3ae 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -17994,43 +17994,45 @@ virDomainDefMaybeAddHostdevSCSIcontroller(virDomainDef *def) static int virDomainLoaderDefParseXMLNvram(virDomainLoaderDef *loader, + xmlNodePtr nvramNode, + xmlNodePtr nvramSourceNode, xmlXPathContextPtr ctxt, virDomainXMLOption *xmlopt, unsigned int flags, bool fwAutoSelect) { - g_autofree char *nvramType = virXPathString("string(./os/nvram/@type)", ctxt); g_autoptr(virStorageSource) src = virStorageSourceNew(); + int typePresent; + + if (!nvramNode) + return 0; if (!fwAutoSelect) - loader->nvramTemplate = virXPathString("string(./os/nvram[1]/@template)", ctxt); + loader->nvramTemplate = virXMLPropString(nvramNode, "template"); src->format = VIR_STORAGE_FILE_RAW; - if (!nvramType) { - char *nvramPath = NULL; - - if (!(nvramPath = virXPathString("string(./os/nvram[1])", ctxt))) - return 0; /* no nvram */ + if ((typePresent = virXMLPropEnum(nvramNode, "type", + virStorageTypeFromString, VIR_XML_PROP_NONE, + &src->type)) < 0) + return -1; - src->path = nvramPath; - src->type = VIR_STORAGE_TYPE_FILE; - } else { - xmlNodePtr sourceNode; + if (!typePresent) { + g_autofree char *path = NULL; - if ((src->type = virStorageTypeFromString(nvramType)) <= 0) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("unknown disk type '%s'"), nvramType); + if (!(path = virXMLNodeContentString(nvramNode))) return -1; - } - if (!(sourceNode = virXPathNode("./os/nvram/source[1]", ctxt))) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("Missing source element for nvram")); + if (STREQ(path, "")) + return 0; + + src->type = VIR_STORAGE_TYPE_FILE; + src->path = g_steal_pointer(&path); + } else { + if (!nvramSourceNode) return -1; - } - if (virDomainStorageSourceParse(sourceNode, ctxt, src, flags, xmlopt) < 0) + if (virDomainStorageSourceParse(nvramSourceNode, ctxt, src, flags, xmlopt) < 0) return -1; loader->newStyleNVRAM = true; @@ -18044,6 +18046,8 @@ virDomainLoaderDefParseXMLNvram(virDomainLoaderDef *loader, static int virDomainLoaderDefParseXML(virDomainLoaderDef *loader, xmlNodePtr loaderNode, + xmlNodePtr nvramNode, + xmlNodePtr nvramSourceNode, xmlXPathContextPtr ctxt, virDomainXMLOption *xmlopt, unsigned int flags, @@ -18070,6 +18074,7 @@ virDomainLoaderDefParseXML(virDomainLoaderDef *loader, return -1; if (virDomainLoaderDefParseXMLNvram(loader, + nvramNode, nvramSourceNode, ctxt, xmlopt, flags, fwAutoSelect) < 0) return -1; @@ -18468,6 +18473,8 @@ virDomainDefParseBootLoaderOptions(virDomainDef *def, unsigned int flags) { xmlNodePtr loaderNode = virXPathNode("./os/loader[1]", ctxt); + xmlNodePtr nvramNode = virXPathNode("./os/nvram[1]", ctxt); + xmlNodePtr nvramSourceNode = virXPathNode("./os/nvram/source[1]", ctxt); const bool fwAutoSelect = def->os.firmware != VIR_DOMAIN_OS_DEF_FIRMWARE_NONE; if (!loaderNode) @@ -18476,7 +18483,7 @@ virDomainDefParseBootLoaderOptions(virDomainDef *def, def->os.loader = g_new0(virDomainLoaderDef, 1); if (virDomainLoaderDefParseXML(def->os.loader, - loaderNode, + loaderNode, nvramNode, nvramSourceNode, ctxt, xmlopt, flags, fwAutoSelect) < 0) return -1; -- 2.35.3

The latter doesn't make sense without the former, so make that visible in the XML. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_conf.c | 10 ++++++++++ .../firmware-auto-efi-enrolled-keys.x86_64-latest.xml | 1 + 2 files changed, 11 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 9b82f391c4..3977b5040f 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -4876,6 +4876,16 @@ virDomainDefPostParseMemory(virDomainDef *def, static void virDomainDefPostParseOs(virDomainDef *def) { + if (def->os.firmwareFeatures && + def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] == VIR_TRISTATE_BOOL_YES) { + + /* For all non-broken firmware builds, enrolled-keys implies + * secure-boot, and having the Secure Boot keys in the NVRAM file + * when the firmware doesn't support the Secure Boot feature doesn't + * make sense anyway. Reflect this fact explicitly in the XML */ + def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] = VIR_TRISTATE_BOOL_YES; + } + if (!def->os.loader) return; diff --git a/tests/qemuxml2xmloutdata/firmware-auto-efi-enrolled-keys.x86_64-latest.xml b/tests/qemuxml2xmloutdata/firmware-auto-efi-enrolled-keys.x86_64-latest.xml index aa08caa4f7..8dcc741c1e 100644 --- a/tests/qemuxml2xmloutdata/firmware-auto-efi-enrolled-keys.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/firmware-auto-efi-enrolled-keys.x86_64-latest.xml @@ -8,6 +8,7 @@ <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> <firmware> <feature enabled='yes' name='enrolled-keys'/> + <feature enabled='yes' name='secure-boot'/> </firmware> <boot dev='hd'/> </os> -- 2.35.3

This combination doesn't make sense and so the firmware autoselection logic will not be able to find a suitable firmware, but it's more user-friendly to report a detailed error upfront. Note that this check would ideally happen in the validate phase, but if we moved it there we would no longer be able to automatically enable secure-boot when enrolled-keys=yes. Since the combination never resulted in a working configuration, the chances of this causing real-world VMs to disappear are extremely low. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_conf.c | 7 +++++++ ...enrolled-keys-no-secboot.x86_64-latest.err | 1 + ...ware-auto-efi-enrolled-keys-no-secboot.xml | 21 +++++++++++++++++++ tests/qemuxml2argvtest.c | 1 + 4 files changed, 30 insertions(+) create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys-no-secboot.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys-no-secboot.xml diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index d88d352fb6..0c6504348c 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -4879,6 +4879,13 @@ virDomainDefPostParseOs(virDomainDef *def) if (def->os.firmwareFeatures && def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] == VIR_TRISTATE_BOOL_YES) { + if (def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] == VIR_TRISTATE_BOOL_NO) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("firmware feature 'enrolled-keys' cannot be enabled when " + "firmware feature 'secure-boot' is disabled")); + return -1; + } + /* For all non-broken firmware builds, enrolled-keys implies * secure-boot, and having the Secure Boot keys in the NVRAM file * when the firmware doesn't support the Secure Boot feature doesn't diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys-no-secboot.x86_64-latest.err b/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys-no-secboot.x86_64-latest.err new file mode 100644 index 0000000000..989d3dbf5a --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys-no-secboot.x86_64-latest.err @@ -0,0 +1 @@ +firmware feature 'enrolled-keys' cannot be enabled when firmware feature 'secure-boot' is disabled diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys-no-secboot.xml b/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys-no-secboot.xml new file mode 100644 index 0000000000..722793684c --- /dev/null +++ b/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys-no-secboot.xml @@ -0,0 +1,21 @@ +<domain type='kvm'> + <name>fedora</name> + <uuid>63840878-0deb-4095-97e6-fc444d9bc9fa</uuid> + <memory unit='KiB'>8192</memory> + <vcpu placement='static'>1</vcpu> + <os firmware='efi'> + <type arch='x86_64' machine='pc-q35-4.0'>hvm</type> + <firmware> + <feature enabled='yes' name='enrolled-keys'/> + <feature enabled='no' name='secure-boot'/> + </firmware> + </os> + <features> + <acpi/> + </features> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <controller type='usb' model='none'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index d21b2d9154..b01ad8d4e9 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1224,6 +1224,7 @@ mymain(void) DO_TEST_CAPS_LATEST("firmware-auto-efi-no-secboot"); DO_TEST_CAPS_LATEST("firmware-auto-efi-enrolled-keys"); DO_TEST_CAPS_LATEST("firmware-auto-efi-no-enrolled-keys"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("firmware-auto-efi-enrolled-keys-no-secboot"); DO_TEST_CAPS_ARCH_LATEST("firmware-auto-efi-aarch64", "aarch64"); DO_TEST_NOCAPS("clock-utc"); -- 2.35.3

This makes it explicit that there are two possible scenarios (whether or not firmware autoselection is in use) and will make upcoming changes cleaner to implement. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_validate.c | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 33b6f47159..1f6c32a816 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -1598,21 +1598,23 @@ static int virDomainDefOSValidate(const virDomainDef *def, virDomainXMLOption *xmlopt) { - if (def->os.firmware && - !(xmlopt->config.features & VIR_DOMAIN_DEF_FEATURE_FW_AUTOSELECT)) { - virReportError(VIR_ERR_XML_DETAIL, "%s", - _("firmware auto selection not implemented for this driver")); - return -1; - } + virDomainLoaderDef *loader = def->os.loader; - if (!def->os.loader) - return 0; + if (def->os.firmware) { + if (!(xmlopt->config.features & VIR_DOMAIN_DEF_FEATURE_FW_AUTOSELECT)) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("firmware auto selection not implemented for this driver")); + return -1; + } + } else { + if (!loader) + return 0; - if (!def->os.loader->path && - def->os.firmware == VIR_DOMAIN_OS_DEF_FIRMWARE_NONE) { - virReportError(VIR_ERR_XML_DETAIL, "%s", - _("no loader path specified and firmware auto selection disabled")); - return -1; + if (!loader->path) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("no loader path specified and firmware auto selection disabled")); + return -1; + } } return 0; -- 2.35.3

Regardless of whether firmware autoselection is in use, we still want to parse the list of requested features. Doing this will allow us to produce better error messages. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/conf/domain_conf.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 7947b1f5e6..fb8bf4cfec 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -18439,20 +18439,6 @@ virDomainDefParseBootFirmwareOptions(virDomainDef *def, int n = 0; size_t i; - if (!firmware) - return 0; - - fw = virDomainOsDefFirmwareTypeFromString(firmware); - - if (fw <= 0) { - virReportError(VIR_ERR_XML_ERROR, - _("unknown firmware value %s"), - firmware); - return -1; - } - - def->os.firmware = fw; - if ((n = virXPathNodeSet("./os/firmware/feature", ctxt, &nodes)) < 0) return -1; @@ -18479,6 +18465,20 @@ virDomainDefParseBootFirmwareOptions(virDomainDef *def, def->os.firmwareFeatures = g_steal_pointer(&features); + if (!firmware) + return 0; + + fw = virDomainOsDefFirmwareTypeFromString(firmware); + + if (fw <= 0) { + virReportError(VIR_ERR_XML_ERROR, + _("unknown firmware value %s"), + firmware); + return -1; + } + + def->os.firmware = fw; + return 0; } -- 2.35.3

Currently, a firmware configuration such as <os firmware='efi'> <firmware> <feature enabled='yes' name='enrolled-keys'/> </firmware> </os> will correctly pick a firmware that implements the Secure Boot feature and initialize the NVRAM file so that it contains the keys necessary to enforce the signing requirements. However, the lack of a <loader secure='yes'/> element makes it possible for pflash writes to happen outside of SMM mode. This means that the EFI secure variables where the keys are stored could potentially be overwritten by malicious code running in the guest, thus making it possible to circumvent Secure Boot. To prevent that from happening, automatically turn on the loader.secure feature whenever a firmware that implements Secure Boot is chosen by the firmware autoselection logic. This is identical to the way we already automatically enable SMM in such a scenario. Note that, while this is technically a guest-visible change, it will not affect migration of existings VMs and will not prevent legitimate guest code from running. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/qemu_firmware.c | 2 ++ .../firmware-auto-efi-enrolled-keys.x86_64-latest.args | 1 + .../qemuxml2argvdata/firmware-auto-efi-nvram.x86_64-latest.args | 1 + .../firmware-auto-efi-secboot.x86_64-latest.args | 1 + tests/qemuxml2argvdata/firmware-auto-efi.x86_64-latest.args | 1 + 5 files changed, 6 insertions(+) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index c8f462bfcf..5b2fa51a9c 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1240,6 +1240,8 @@ qemuFirmwareEnableFeatures(virQEMUDriver *driver, case VIR_TRISTATE_SWITCH_LAST: break; } + VIR_DEBUG("Enabling secure loader"); + def->os.loader->secure = VIR_TRISTATE_BOOL_YES; break; case QEMU_FIRMWARE_FEATURE_NONE: diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys.x86_64-latest.args index 885c83445d..7479b05af4 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-efi-enrolled-keys.x86_64-latest.args @@ -17,6 +17,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ -machine pc-q35-4.0,usb=off,smm=on,dump-guest-core=off,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,memory-backend=pc.ram \ -accel kvm \ -cpu qemu64 \ +-global driver=cfi.pflash01,property=secure,value=on \ -m 8 \ -object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":8388608}' \ -overcommit mem-lock=off \ diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-nvram.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-nvram.x86_64-latest.args index e37521b0a3..1061e93554 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-nvram.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-efi-nvram.x86_64-latest.args @@ -17,6 +17,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ -machine pc-q35-4.0,usb=off,smm=on,dump-guest-core=off,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,memory-backend=pc.ram \ -accel kvm \ -cpu qemu64 \ +-global driver=cfi.pflash01,property=secure,value=on \ -m 8 \ -object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":8388608}' \ -overcommit mem-lock=off \ diff --git a/tests/qemuxml2argvdata/firmware-auto-efi-secboot.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi-secboot.x86_64-latest.args index 885c83445d..7479b05af4 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi-secboot.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-efi-secboot.x86_64-latest.args @@ -17,6 +17,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ -machine pc-q35-4.0,usb=off,smm=on,dump-guest-core=off,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,memory-backend=pc.ram \ -accel kvm \ -cpu qemu64 \ +-global driver=cfi.pflash01,property=secure,value=on \ -m 8 \ -object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":8388608}' \ -overcommit mem-lock=off \ diff --git a/tests/qemuxml2argvdata/firmware-auto-efi.x86_64-latest.args b/tests/qemuxml2argvdata/firmware-auto-efi.x86_64-latest.args index 885c83445d..7479b05af4 100644 --- a/tests/qemuxml2argvdata/firmware-auto-efi.x86_64-latest.args +++ b/tests/qemuxml2argvdata/firmware-auto-efi.x86_64-latest.args @@ -17,6 +17,7 @@ XDG_CONFIG_HOME=/tmp/lib/domain--1-fedora/.config \ -machine pc-q35-4.0,usb=off,smm=on,dump-guest-core=off,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,memory-backend=pc.ram \ -accel kvm \ -cpu qemu64 \ +-global driver=cfi.pflash01,property=secure,value=on \ -m 8 \ -object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":8388608}' \ -overcommit mem-lock=off \ -- 2.35.3

Provide simple recipes for the most common high-level tasks. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- docs/kbase/index.rst | 3 ++ docs/kbase/meson.build | 1 + docs/kbase/secureboot.rst | 102 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 106 insertions(+) create mode 100644 docs/kbase/secureboot.rst diff --git a/docs/kbase/index.rst b/docs/kbase/index.rst index 8b710db85a..896ececdf2 100644 --- a/docs/kbase/index.rst +++ b/docs/kbase/index.rst @@ -61,6 +61,9 @@ Usage `Snapshots <snapshots.html>`__ Details about snapshotting a VM +`Secure Boot <secureboot.html>`__ + Enable and disable the Secure Boot feature + Debugging --------- diff --git a/docs/kbase/meson.build b/docs/kbase/meson.build index eb9c9544d6..c7eae3738f 100644 --- a/docs/kbase/meson.build +++ b/docs/kbase/meson.build @@ -15,6 +15,7 @@ docs_kbase_files = [ 'qemu-passthrough-security', 'rpm-deployment', 's390_protected_virt', + 'secureboot', 'secureusage', 'snapshots', 'systemtap', diff --git a/docs/kbase/secureboot.rst b/docs/kbase/secureboot.rst new file mode 100644 index 0000000000..90c37d707c --- /dev/null +++ b/docs/kbase/secureboot.rst @@ -0,0 +1,102 @@ +=========== +Secure Boot +=========== + +.. contents:: + +Quick configuration +=================== + +If you have libvirt 8.5.0 or newer, when creating a new VM you can +ask for Secure Boot to be enabled with + +:: + + <os firmware='efi'> + <firmware> + <feature enabled='yes' name='enrolled-keys'/> + </firmware> + </os> + +and for it to be disabled with + +:: + + <os firmware='efi'> + <firmware> + <feature enabled='no' name='enrolled-keys'/> + </firmware> + </os> + +These configuration will cause unsigned guest operating systems to +be rejected and allowed respectively. + + +Older libvirt versions +====================== + +If your libvirt version is older than 8.5.0 but newer than 7.2.0, +then enabling Secure Boot requires a slightly more verbose XML +snippet: + +:: + + <os firmware='efi'> + <loader secure='yes'/> + <firmware> + <feature enabled='yes' name='enrolled-keys'/> + </firmware> + </os> + +Versions older than 7.2.0 require manually providing all information +about the firmware and are not covered here. Plese refer to `the +relevant documentation +<../formatdomain.html#operating-system-booting>`__ for details. + + +Changing an existing VM +======================= + +Once the VM has been created, updating the XML configuration as +described above is **not** enough to change the Secure Boot status: +the NVRAM file associated with the VM has to be regenerated from its +template as well. + +In order to do that, update the XML and then start the VM with + +:: + + $ virsh start $vm --reset-nvram + +This option is only available starting with libvirt 8.1.0, so if your +version of libvirt is older than that you will have to delete the +NVRAM file manually before starting the VM. + +Most guest operating systems will be able to cope with the NVRAM file +being reinitialized, but in some cases the VM will be unable to boot +after the change. + + +Additional information +====================== + +There are two parts to enabling Secure Boot: the firmware supporting +the feature, and it being active. + +Most host operating systems ship a build of EDKII (the open source +EFI implementation used for QEMU VMs) that supports the Secure Boot +feature, but simply using such a build will not result in unsigned +guest operating systems being rejected: for that to happen, keys that +can be used to validate the operating system signature need to be +provided as well. + +Asking for the ``enrolled-keys`` firmware feature to be enabled will +cause libvirt to initialize the NVRAM file associated with the VM +from a template that contains a suitable set of keys. These keys +being present will cause the firmware to enforce the Secure Boot +signing requirements. + +The opposite configuration, where the feature is explicitly disabled, +will result in no keys being present in the NVRAM file. Unable to +verify signatures, the firmware will allow even unsigned operating +systems to run. -- 2.35.3