diff --git a/docs/formatdomaincaps.html.in b/docs/formatdomaincaps.html.in index 2583f9bead..b31b1729f4 100644 --- a/docs/formatdomaincaps.html.in +++ b/docs/formatdomaincaps.html.in @@ -119,6 +119,10 @@ <domainCapabilities> ... <os supported='yes'> + <enum name='firmware'> + <value>bios</value> + <value>efi</value> + </enum> <loader supported='yes'> <value>/usr/share/OVMF/OVMF_CODE.fd</value> <enum name='type'> @@ -129,12 +133,26 @@ <value>yes</value> <value>no</value> </enum> + <enum name='secure'> + <value>yes</value> + <value>no</value> + </enum> </loader> </os> ... <domainCapabilities> +

The firmware enum corresponds to + firmware attribute of the os element. + Plain presence of this enum means that libvirt is capable of so + called firmware auto selection. The listed values then represent + accepted values for the domain attribute. Only values for which + there exists a firmware descriptor that matches machine type and + architecture are listed, i.e. those which won't cause a failure + on domain startup. +

+

For the loader element, the following can occur:

@@ -152,6 +170,11 @@
readonly
Options for the readonly attribute of the <loader/> element.
+ +
secure
+
Options for the secure attribute of the + <loader/> element. Note, that yes is listed + only if there is a firmware that supports it.

CPU configuration

diff --git a/docs/schemas/domaincaps.rng b/docs/schemas/domaincaps.rng index 3c42cb8075..e629d6431f 100644 --- a/docs/schemas/domaincaps.rng +++ b/docs/schemas/domaincaps.rng @@ -77,6 +77,7 @@ + diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c index 5a8f48da61..7935739409 100644 --- a/src/conf/domain_capabilities.c +++ b/src/conf/domain_capabilities.c @@ -415,6 +415,7 @@ virDomainCapsLoaderFormat(virBufferPtr buf, virDomainCapsStringValuesFormat(buf, &loader->values); ENUM_PROCESS(loader, type, virDomainLoaderTypeToString); ENUM_PROCESS(loader, readonly, virTristateBoolTypeToString); + ENUM_PROCESS(loader, secure, virTristateBoolTypeToString); FORMAT_EPILOGUE(loader); } @@ -427,6 +428,8 @@ virDomainCapsOSFormat(virBufferPtr buf, FORMAT_PROLOGUE(os); + ENUM_PROCESS(os, firmware, virDomainOsDefFirmwareTypeToString); + virDomainCapsLoaderFormat(buf, loader); FORMAT_EPILOGUE(os); diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index d31d346a7b..cd09d50cee 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -52,12 +52,14 @@ struct _virDomainCapsLoader { virDomainCapsStringValues values; /* Info about values for the element */ virDomainCapsEnum type; /* Info about virDomainLoader */ virDomainCapsEnum readonly; /* Info about readonly:virTristateBool */ + virDomainCapsEnum secure; /* Info about secure:virTristateBool */ }; typedef struct _virDomainCapsOS virDomainCapsOS; typedef virDomainCapsOS *virDomainCapsOSPtr; struct _virDomainCapsOS { virTristateBool supported; + virDomainCapsEnum firmware; /* Info about virDomainOsDefFirmware */ virDomainCapsLoader loader; /* Info about virDomainLoaderDef */ }; diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 71d4c01296..a2de8630cd 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -46,6 +46,7 @@ #include "qemu_capspriv.h" #include "qemu_qapi.h" #include "qemu_process.h" +#include "qemu_firmware.h" #include #include @@ -4920,6 +4921,7 @@ virQEMUCapsGetPreferredMachine(virQEMUCapsPtr qemuCaps) static int virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader, + bool secure, virFirmwarePtr *firmwares, size_t nfirmwares) { @@ -4928,6 +4930,7 @@ virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader, capsLoader->supported = VIR_TRISTATE_BOOL_YES; capsLoader->type.report = true; capsLoader->readonly.report = true; + capsLoader->secure.report = true; if (VIR_ALLOC_N(capsLoader->values.values, nfirmwares) < 0) return -1; @@ -4956,19 +4959,42 @@ virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader, VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->readonly, VIR_TRISTATE_BOOL_YES, VIR_TRISTATE_BOOL_NO); + + VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->secure, + VIR_TRISTATE_BOOL_NO); + + if (secure) + VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->secure, + VIR_TRISTATE_BOOL_YES); + return 0; } static int virQEMUCapsFillDomainOSCaps(virDomainCapsOSPtr os, + const char *machine, + virArch arch, + bool privileged, virFirmwarePtr *firmwares, size_t nfirmwares) { virDomainCapsLoaderPtr capsLoader = &os->loader; + uint64_t autoFirmwares = 0; + bool secure = false; os->supported = VIR_TRISTATE_BOOL_YES; - if (virQEMUCapsFillDomainLoaderCaps(capsLoader, firmwares, nfirmwares) < 0) + os->firmware.report = true; + + if (qemuFirmwareGetSupported(machine, arch, privileged, &autoFirmwares, &secure) < 0) + return -1; + + if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS)) + VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS); + if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_EFI)) + VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_EFI); + + if (virQEMUCapsFillDomainLoaderCaps(capsLoader, secure, firmwares, nfirmwares) < 0) return -1; return 0; } @@ -5298,6 +5324,7 @@ int virQEMUCapsFillDomainCaps(virCapsPtr caps, virDomainCapsPtr domCaps, virQEMUCapsPtr qemuCaps, + bool privileged, virFirmwarePtr *firmwares, size_t nfirmwares) { @@ -5324,7 +5351,11 @@ virQEMUCapsFillDomainCaps(virCapsPtr caps, domCaps->genid = virTristateBoolFromBool( virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VMGENID)); - if (virQEMUCapsFillDomainOSCaps(os, firmwares, nfirmwares) < 0 || + if (virQEMUCapsFillDomainOSCaps(os, + domCaps->machine, + domCaps->arch, + privileged, + firmwares, nfirmwares) < 0 || virQEMUCapsFillDomainCPUCaps(caps, qemuCaps, domCaps) < 0 || virQEMUCapsFillDomainIOThreadCaps(qemuCaps, domCaps) < 0 || virQEMUCapsFillDomainDeviceDiskCaps(qemuCaps, diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 1f341fc0cd..9abeed9014 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -632,6 +632,7 @@ int virQEMUCapsInitGuestFromBinary(virCapsPtr caps, int virQEMUCapsFillDomainCaps(virCapsPtr caps, virDomainCapsPtr domCaps, virQEMUCapsPtr qemuCaps, + bool privileged, virFirmwarePtr *firmwares, size_t nfirmwares); diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 1b40567dee..fe2c586274 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -19857,6 +19857,7 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn, goto cleanup; if (virQEMUCapsFillDomainCaps(caps, domCaps, qemuCaps, + driver->privileged, cfg->firmwares, cfg->nfirmwares) < 0) goto cleanup; diff --git a/tests/Makefile.am b/tests/Makefile.am index 1319c3b12c..46d94d2236 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1033,7 +1033,9 @@ domaincapsmock_la_LDFLAGS = $(MOCKLIBS_LDFLAGS) domaincapsmock_la_LIBADD = $(MOCKLIBS_LIBS) domaincapstest_SOURCES = \ - domaincapstest.c testutils.h testutils.c + domaincapstest.c testutils.h testutils.c \ + virfilewrapper.c virfilewrapper.h \ + $(NULL) domaincapstest_LDADD = $(LDADDS) if WITH_QEMU diff --git a/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml b/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml index 497363bbe9..06908cc61e 100644 --- a/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_1.7.0.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml b/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml index 7639df44c6..5983a60887 100644 --- a/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml +++ b/tests/domaincapsschemadata/qemu_2.12.0-virt.aarch64.xml @@ -6,6 +6,9 @@ + + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +21,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml b/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml index f10d361359..42c67623f4 100644 --- a/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml +++ b/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml @@ -6,6 +6,7 @@ + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +19,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml b/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml index 41a81ff02f..4804c13329 100644 --- a/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml +++ b/tests/domaincapsschemadata/qemu_2.12.0.s390x.xml @@ -6,6 +6,7 @@ + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +19,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml b/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml index 5913e7fc63..f5f54cb484 100644 --- a/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml b/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml index 9ee801092e..99ee16e4bb 100644 --- a/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml +++ b/tests/domaincapsschemadata/qemu_2.6.0-virt.aarch64.xml @@ -6,6 +6,9 @@ + + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +21,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml b/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml index 4dd0b52ed3..61fdae009a 100644 --- a/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml +++ b/tests/domaincapsschemadata/qemu_2.6.0.aarch64.xml @@ -6,6 +6,7 @@ + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +19,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml b/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml index aa982d237e..a33960a2af 100644 --- a/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml +++ b/tests/domaincapsschemadata/qemu_2.6.0.ppc64.xml @@ -6,6 +6,7 @@ + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +19,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml b/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml index 6aa3f52ee4..94fe08bc92 100644 --- a/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.6.0.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml b/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml index 8daa15ab9d..1057573681 100644 --- a/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml +++ b/tests/domaincapsschemadata/qemu_2.7.0.s390x.xml @@ -6,6 +6,7 @@ + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +19,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml b/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml index 081805aa4a..39f3bd6d9f 100644 --- a/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.8.0-tcg.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml b/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml index 62c51e4087..9ae9a1a8bc 100644 --- a/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml +++ b/tests/domaincapsschemadata/qemu_2.8.0.s390x.xml @@ -6,6 +6,7 @@ + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +19,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml b/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml index 1bb034aa4f..1770c81fdb 100644 --- a/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.8.0.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml b/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml index 67c6d5e77e..e2ec30fda7 100644 --- a/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.9.0-q35.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,10 @@ yes no + + yes + no + diff --git a/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml b/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml index 588ef08199..65226ee284 100644 --- a/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.9.0-tcg.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml b/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml index 598937a971..0093877a0b 100644 --- a/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_2.9.0.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml b/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml index 1d97f1f344..c8efefc5ba 100644 --- a/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml +++ b/tests/domaincapsschemadata/qemu_3.0.0.s390x.xml @@ -6,6 +6,7 @@ + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +19,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml b/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml index f3a33aee98..f38a098a3d 100644 --- a/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_3.1.0.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,9 @@ yes no + + no + diff --git a/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml b/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml index df66be9e29..ef8184c06b 100644 --- a/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml +++ b/tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml @@ -6,6 +6,10 @@ + + bios + efi + /usr/share/AAVMF/AAVMF_CODE.fd /usr/share/AAVMF/AAVMF32_CODE.fd @@ -18,6 +22,9 @@ yes no + + no + diff --git a/tests/domaincapstest.c b/tests/domaincapstest.c index 77c5fcfb73..3ee95a4b58 100644 --- a/tests/domaincapstest.c +++ b/tests/domaincapstest.c @@ -20,6 +20,8 @@ #include "testutils.h" #include "domain_capabilities.h" +#include "virfilewrapper.h" +#include "configmake.h" #define VIR_FROM_THIS VIR_FROM_NONE @@ -104,6 +106,7 @@ fillQemuCaps(virDomainCapsPtr domCaps, goto cleanup; if (virQEMUCapsFillDomainCaps(caps, domCaps, qemuCaps, + false, cfg->firmwares, cfg->nfirmwares) < 0) goto cleanup; @@ -364,6 +367,13 @@ mymain(void) #if WITH_QEMU + virFileWrapperAddPrefix(SYSCONFDIR "/qemu/firmware", + abs_srcdir "/qemufirmwaredata/etc/qemu/firmware"); + virFileWrapperAddPrefix(PREFIX "/share/qemu/firmware", + abs_srcdir "/qemufirmwaredata/usr/share/qemu/firmware"); + virFileWrapperAddPrefix("/home/user/.config/qemu/firmware", + abs_srcdir "/qemufirmwaredata/home/user/.config/qemu/firmware"); + DO_TEST_QEMU("1.7.0", "caps_1.7.0", "/usr/bin/qemu-system-x86_64", NULL, "x86_64", VIR_DOMAIN_VIRT_KVM); @@ -441,6 +451,10 @@ mymain(void) "x86_64", VIR_DOMAIN_VIRT_KVM); virObjectUnref(cfg); + virFileWrapperRemovePrefix(SYSCONFDIR "/qemu/firmware"); + virFileWrapperRemovePrefix(PREFIX "/share/qemu/firmware"); + virFileWrapperRemovePrefix("/home/user/.config/qemu/firmware"); + #endif /* WITH_QEMU */ #if WITH_LIBXL @@ -462,6 +476,8 @@ mymain(void) DO_TEST_BHYVE("fbuf", "/usr/sbin/bhyve", &bhyve_caps, VIR_DOMAIN_VIRT_BHYVE); #endif /* WITH_BHYVE */ + virFileWrapperClearPrefixes(); + return ret; }