1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-25 01:34:11 +03:00
Commit Graph

5 Commits

Author SHA1 Message Date
Andrea Bolognani
a97c56888c tests: Update firmware descriptor files
These are imported from Fedora 38's edk2 package.

The files that are being replaced date back to RHEL 7 and no
longer represent what libvirt is likely to encounter on an
actual production system.

Notably, the paths have all changed, with both x86_64 and
aarch64 builds now living under /usr/share/edk2 and the AAVMF
name being having been phased out.

Additionally, the 4MB qcow2 format builds have been introduced
on x86_64 and given high priority, effectively making qcow2
the default format across architectures.

The impact of these changes on the test suite is, predictably,
quite severe.

For the cases where paths to firmware files were explicitly
provided as part of the input, they have been adjusted so that
the modern paths are used instead of the legacy ones. Other
than that, input files have been left untouched.

The following expected changes can be seen in output files:

  * where qcow2 firmware was used on x86_64, Secure Boot
    support is now enabled;

  * all ABI_UPDATE test cases for x86_64 now use qcow2
    formatted firmware;

  * test cases where legacy paths were manually provided
    no longer get additional information about the firmware
    added to the output XML.

Some of the changes described above highlight why, in order
to guarantee a stable guest ABI over time and regardless of
changes to the host's configuration, it was necessary to move
firmware selection from VM startup time to VM creation time.

In a few cases, updating the firmware descriptors changes the
behavior in a way that's undesired and uncovers latent bugs
in libvirt:

  * firmware-manual-efi-secboot-legacy-paths ends up with
    Secure Boot disabled, despite the input XML specifically
    requesting it to be enabled;

  * firmware-manual-efi-rw-modern-paths loses the
    loader.readonly=no part of the configuration and starts
    using an NVRAM file;

  * firmware-manual-efi-nvram-template-nonstandard starts
    failing altogether with a fairly obscure error message.

We're going to address all these issues with upcoming changes.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-08-21 13:51:24 +02:00
Andrea Bolognani
24ad99d76d qemu: Automatically add firmware type/features information
Even when the user is not taking advantage of firmware
autoselection and instead manually providing all the necessary
information, in most cases they're still going to use firmware
builds that are provided by the OS vendor, are installed in
standard paths and come with a corresponding firmware
descriptor.

Similarly, even when the user is not guiding the autoselection
process by specifying the desired status of certain features
and instead is relying on the system-level descriptor priority
being set up correctly, libvirt will still ultimately decide to
use a specific descriptor, which includes information about the
firmware's features.

In both these cases, take the additional information that were
obtained from the firmware descriptor and reflect them back into
the domain XML, where they can be conveniently inspected by the
user and management applications alike.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-03-22 13:49:53 +01:00
Andrea Bolognani
50d68c1d10 qemu: Don't drop firmware type/features information
Now that we no longer reject configurations that include both
this information and explicit firmware details, as long of
course as everything is internally consistent, and that we've
ensured that we produce maximally compatible XML on migration,
we can stop stripping this information at the end of the
firmware selection process.

There are several advantages to keeping this information around:

  * if the user wants to change the firmware configuration for
    an existing VM, they can simply drop the <loader> and
    <nvram> elements, tweak the firmware autoselection parameters
    and let libvirt pick a firmware that matches on the new
    requirements;

  * management applications can inspect the XML and easily
    figure out firmware-related information without having to
    reverse-engineer them based on some opaque paths.

Overall, this change makes things more transparent and easier to
understand. The improvement is so significant that, in a
follow-up commit, we're going to ensure that this information is
available in even more cases.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-03-22 13:49:53 +01:00
Andrea Bolognani
9567f3ba1f qemu: Move firmware selection from startup to postparse
Currently, firmware selection is performed as part of the
domain startup process. This mostly works fine, but there's a
significant downside to this approach: since the process is
affected by factors outside of libvirt's control, specifically
the contents of the various JSON firmware descriptors and
their names, it's pretty much impossible to guarantee that the
outcome is always going to be the same. It would only take an
edk2 update, or a change made by the local admin, to render a
domain unbootable or downgrade its boot security.

To avoid this, move firmware selection to the postparse phase.
This way it will only be performed once, when the domain is
first defined; subsequent boots will not need to go through
the process again, as all the paths that were picked during
firmware selection are recorded in the domain XML.

Care is taken to ensure that existing domains are handled
correctly, even if their firmware configuration can't be
successfully resolved. Failure to complete the firmware
selection process is only considered fatal when defining a
new domain; in all other cases the error will be reported
during startup, as is already the case today.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-03-03 13:49:56 +01:00
Andrea Bolognani
6f1c6534a8 tests: Add more firmware tests
These cover scenarios such as using the new, more verbose
format of the <nvram> element to point to a local path, mixing
firmware autoselection with non-local NVRAM files, and
explicitly disabling SMM when using firmware autoselection.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-03-03 13:40:53 +01:00