2019-06-12 12:25:28 +02:00
|
|
|
<domain type='qemu'>
|
|
|
|
<name>guest</name>
|
|
|
|
<uuid>1ccfd97d-5eb4-478a-bbe6-88d254c16db7</uuid>
|
|
|
|
<metadata>
|
|
|
|
<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
|
|
|
|
<libosinfo:os id="http://fedoraproject.org/fedora/29"/>
|
|
|
|
</libosinfo:libosinfo>
|
|
|
|
</metadata>
|
|
|
|
<memory unit='KiB'>4194304</memory>
|
|
|
|
<currentMemory unit='KiB'>4194304</currentMemory>
|
|
|
|
<vcpu placement='static'>4</vcpu>
|
|
|
|
<os>
|
|
|
|
<type arch='aarch64' machine='virt'>hvm</type>
|
|
|
|
<loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader>
|
qemu: Move firmware selection from startup to postparse
Currently, firmware selection is performed as part of the
domain startup process. This mostly works fine, but there's a
significant downside to this approach: since the process is
affected by factors outside of libvirt's control, specifically
the contents of the various JSON firmware descriptors and
their names, it's pretty much impossible to guarantee that the
outcome is always going to be the same. It would only take an
edk2 update, or a change made by the local admin, to render a
domain unbootable or downgrade its boot security.
To avoid this, move firmware selection to the postparse phase.
This way it will only be performed once, when the domain is
first defined; subsequent boots will not need to go through
the process again, as all the paths that were picked during
firmware selection are recorded in the domain XML.
Care is taken to ensure that existing domains are handled
correctly, even if their firmware configuration can't be
successfully resolved. Failure to complete the firmware
selection process is only considered fatal when defining a
new domain; in all other cases the error will be reported
during startup, as is already the case today.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-24 17:01:48 +01:00
|
|
|
<nvram template='/usr/share/AAVMF/AAVMF_VARS.fd'>/some/user/nvram/path/guest_VARS.fd</nvram>
|
2019-06-12 12:25:28 +02:00
|
|
|
<boot dev='hd'/>
|
|
|
|
</os>
|
|
|
|
<features>
|
|
|
|
<acpi/>
|
|
|
|
<gic version='2'/>
|
|
|
|
</features>
|
2020-01-23 13:20:25 +01:00
|
|
|
<cpu mode='custom' match='exact' check='none'>
|
|
|
|
<model fallback='forbid'>cortex-a15</model>
|
|
|
|
</cpu>
|
2019-06-12 12:25:28 +02:00
|
|
|
<clock offset='utc'/>
|
|
|
|
<on_poweroff>destroy</on_poweroff>
|
|
|
|
<on_reboot>restart</on_reboot>
|
|
|
|
<on_crash>destroy</on_crash>
|
|
|
|
<devices>
|
|
|
|
<emulator>/usr/bin/qemu-system-aarch64</emulator>
|
|
|
|
<disk type='file' device='disk'>
|
|
|
|
<driver name='qemu' type='qcow2'/>
|
|
|
|
<source file='/var/lib/libvirt/images/guest.qcow2'/>
|
|
|
|
<target dev='vda' bus='virtio'/>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
|
|
|
|
</disk>
|
|
|
|
<controller type='usb' index='0' model='qemu-xhci' ports='15'>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
|
|
|
|
</controller>
|
|
|
|
<controller type='pci' index='0' model='pcie-root'/>
|
|
|
|
<controller type='virtio-serial' index='0'>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
|
|
|
|
</controller>
|
|
|
|
<controller type='pci' index='1' model='pcie-root-port'>
|
|
|
|
<model name='pcie-root-port'/>
|
|
|
|
<target chassis='1' port='0x8'/>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0' multifunction='on'/>
|
|
|
|
</controller>
|
|
|
|
<controller type='pci' index='2' model='pcie-root-port'>
|
|
|
|
<model name='pcie-root-port'/>
|
|
|
|
<target chassis='2' port='0x9'/>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
|
|
|
|
</controller>
|
|
|
|
<controller type='pci' index='3' model='pcie-root-port'>
|
|
|
|
<model name='pcie-root-port'/>
|
|
|
|
<target chassis='3' port='0xa'/>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
|
|
|
|
</controller>
|
|
|
|
<controller type='pci' index='4' model='pcie-root-port'>
|
|
|
|
<model name='pcie-root-port'/>
|
|
|
|
<target chassis='4' port='0xb'/>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x3'/>
|
|
|
|
</controller>
|
|
|
|
<controller type='pci' index='5' model='pcie-root-port'>
|
|
|
|
<model name='pcie-root-port'/>
|
|
|
|
<target chassis='5' port='0xc'/>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x4'/>
|
|
|
|
</controller>
|
|
|
|
<controller type='pci' index='6' model='pcie-root-port'>
|
|
|
|
<model name='pcie-root-port'/>
|
|
|
|
<target chassis='6' port='0xd'/>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x5'/>
|
|
|
|
</controller>
|
|
|
|
<controller type='pci' index='7' model='pcie-root-port'>
|
|
|
|
<model name='pcie-root-port'/>
|
|
|
|
<target chassis='7' port='0xe'/>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x6'/>
|
|
|
|
</controller>
|
|
|
|
<interface type='user'>
|
|
|
|
<mac address='52:54:00:09:a4:37'/>
|
|
|
|
<model type='virtio'/>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
|
|
|
|
</interface>
|
|
|
|
<serial type='pty'>
|
|
|
|
<target type='system-serial' port='0'>
|
|
|
|
<model name='pl011'/>
|
|
|
|
</target>
|
|
|
|
</serial>
|
|
|
|
<console type='pty'>
|
|
|
|
<target type='serial' port='0'/>
|
|
|
|
</console>
|
|
|
|
<channel type='unix'>
|
|
|
|
<target type='virtio' name='org.qemu.guest_agent.0'/>
|
|
|
|
<address type='virtio-serial' controller='0' bus='0' port='1'/>
|
|
|
|
</channel>
|
2021-02-24 14:24:10 +00:00
|
|
|
<audio id='1' type='none'/>
|
2019-06-12 12:25:28 +02:00
|
|
|
<memballoon model='virtio'>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
|
|
|
|
</memballoon>
|
|
|
|
<rng model='virtio'>
|
|
|
|
<backend model='random'>/dev/urandom</backend>
|
|
|
|
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
|
|
|
|
</rng>
|
|
|
|
</devices>
|
|
|
|
</domain>
|