mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-09-30 11:25:47 +00:00
qemu: Automatically add firmware type/features information
Even when the user is not taking advantage of firmware autoselection and instead manually providing all the necessary information, in most cases they're still going to use firmware builds that are provided by the OS vendor, are installed in standard paths and come with a corresponding firmware descriptor. Similarly, even when the user is not guiding the autoselection process by specifying the desired status of certain features and instead is relying on the system-level descriptor priority being set up correctly, libvirt will still ultimately decide to use a specific descriptor, which includes information about the firmware's features. In both these cases, take the additional information that were obtained from the firmware descriptor and reflect them back into the domain XML, where they can be conveniently inspected by the user and management applications alike. Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
Andrea Bolognani
parent
50d68c1d10
commit
24ad99d76d
@ -1011,6 +1011,25 @@ qemuFirmwareOSInterfaceTypeFromOsDefFirmware(virDomainOsDefFirmware fw)
|
||||
}
|
||||
|
||||
|
||||
static virDomainOsDefFirmware
|
||||
qemuFirmwareOSInterfaceTypeToOsDefFirmware(qemuFirmwareOSInterface interface)
|
||||
{
|
||||
switch (interface) {
|
||||
case QEMU_FIRMWARE_OS_INTERFACE_BIOS:
|
||||
return VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS;
|
||||
case QEMU_FIRMWARE_OS_INTERFACE_UEFI:
|
||||
return VIR_DOMAIN_OS_DEF_FIRMWARE_EFI;
|
||||
case QEMU_FIRMWARE_OS_INTERFACE_UBOOT:
|
||||
case QEMU_FIRMWARE_OS_INTERFACE_OPENFIRMWARE:
|
||||
case QEMU_FIRMWARE_OS_INTERFACE_NONE:
|
||||
case QEMU_FIRMWARE_OS_INTERFACE_LAST:
|
||||
break;
|
||||
}
|
||||
|
||||
return VIR_DOMAIN_OS_DEF_FIRMWARE_NONE;
|
||||
}
|
||||
|
||||
|
||||
static qemuFirmwareOSInterface
|
||||
qemuFirmwareOSInterfaceTypeFromOsDefLoaderType(virDomainLoader type)
|
||||
{
|
||||
@ -1071,6 +1090,46 @@ qemuFirmwareEnsureNVRAM(virDomainDef *def,
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* qemuFirmwareSetOsFeatures:
|
||||
* @def: domain definition
|
||||
* @secureBoot: whether the 'secure-boot' feature is enabled
|
||||
* @enrolledKeys: whether the 'enrolled-keys' feature is enabled
|
||||
*
|
||||
* Set firmware features for @def to match those declared by the JSON
|
||||
* descriptor that was found to match autoselection requirements.
|
||||
*/
|
||||
static void
|
||||
qemuFirmwareSetOsFeatures(virDomainDef *def,
|
||||
bool secureBoot,
|
||||
bool enrolledKeys)
|
||||
{
|
||||
int *features = def->os.firmwareFeatures;
|
||||
virDomainLoaderDef *loader = def->os.loader;
|
||||
|
||||
if (!features) {
|
||||
features = g_new0(int, VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_LAST);
|
||||
def->os.firmwareFeatures = features;
|
||||
}
|
||||
|
||||
features[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] = virTristateBoolFromBool(secureBoot);
|
||||
features[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] = virTristateBoolFromBool(enrolledKeys);
|
||||
|
||||
/* If the NVRAM template is blank at this point and we're not dealing
|
||||
* with a stateless firmware image, then it means that the NVRAM file
|
||||
* is not local. In this scenario we can't really make any assumptions
|
||||
* about its contents, so it's preferable to leave the state of the
|
||||
* enrolled-keys feature unspecified */
|
||||
if (loader &&
|
||||
loader->type == VIR_DOMAIN_LOADER_TYPE_PFLASH &&
|
||||
loader->stateless != VIR_TRISTATE_BOOL_YES &&
|
||||
!loader->nvramTemplate) {
|
||||
features[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] = VIR_TRISTATE_BOOL_ABSENT;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#define VIR_QEMU_FIRMWARE_AMD_SEV_ES_POLICY (1 << 2)
|
||||
|
||||
|
||||
@ -1294,6 +1353,8 @@ qemuFirmwareEnableFeaturesModern(virQEMUDriverConfig *cfg,
|
||||
const qemuFirmwareMappingMemory *memory = &fw->mapping.data.memory;
|
||||
virDomainLoaderDef *loader = NULL;
|
||||
virStorageFileFormat format;
|
||||
bool hasSecureBoot = false;
|
||||
bool hasEnrolledKeys = false;
|
||||
size_t i;
|
||||
|
||||
switch (fw->mapping.device) {
|
||||
@ -1368,20 +1429,39 @@ qemuFirmwareEnableFeaturesModern(virQEMUDriverConfig *cfg,
|
||||
def->os.loader->secure = VIR_TRISTATE_BOOL_YES;
|
||||
break;
|
||||
|
||||
case QEMU_FIRMWARE_FEATURE_NONE:
|
||||
case QEMU_FIRMWARE_FEATURE_SECURE_BOOT:
|
||||
hasSecureBoot = true;
|
||||
break;
|
||||
|
||||
case QEMU_FIRMWARE_FEATURE_ENROLLED_KEYS:
|
||||
hasEnrolledKeys = true;
|
||||
break;
|
||||
|
||||
case QEMU_FIRMWARE_FEATURE_ACPI_S3:
|
||||
case QEMU_FIRMWARE_FEATURE_ACPI_S4:
|
||||
case QEMU_FIRMWARE_FEATURE_AMD_SEV:
|
||||
case QEMU_FIRMWARE_FEATURE_AMD_SEV_ES:
|
||||
case QEMU_FIRMWARE_FEATURE_ENROLLED_KEYS:
|
||||
case QEMU_FIRMWARE_FEATURE_SECURE_BOOT:
|
||||
case QEMU_FIRMWARE_FEATURE_VERBOSE_DYNAMIC:
|
||||
case QEMU_FIRMWARE_FEATURE_VERBOSE_STATIC:
|
||||
case QEMU_FIRMWARE_FEATURE_NONE:
|
||||
case QEMU_FIRMWARE_FEATURE_LAST:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (!def->os.firmware) {
|
||||
/* If a firmware type for autoselection was not already present,
|
||||
* pick the first reasonable one from the descriptor list */
|
||||
for (i = 0; i < fw->ninterfaces; i++) {
|
||||
def->os.firmware = qemuFirmwareOSInterfaceTypeToOsDefFirmware(fw->interfaces[i]);
|
||||
if (def->os.firmware)
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (def->os.firmware) {
|
||||
qemuFirmwareSetOsFeatures(def, hasSecureBoot, hasEnrolledKeys);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='bios'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader type='rom' stateless='yes'>/usr/share/seabios/bios-256k.bin</loader>
|
||||
<boot dev='hd'/>
|
||||
</os>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='bios'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader type='rom'>/usr/share/seabios/bios-256k.bin</loader>
|
||||
<boot dev='hd'/>
|
||||
</os>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='aarch64' machine='virt-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader>
|
||||
<nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='aarch64' machine='virt-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/AAVMF/AAVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,9 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader>
|
||||
<nvram type='network' format='qcow2'>
|
||||
<source protocol='nbd' name='bar'>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.qcow2' format='qcow2'>/path/to/guest_VARS.qcow2</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash' format='qcow2'>/usr/share/OVMF/OVMF_CODE.qcow2</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' secure='no' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='yes' name='enrolled-keys'/>
|
||||
<feature enabled='yes' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -8,6 +8,7 @@
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='yes' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram>
|
||||
|
||||
@ -7,6 +7,7 @@
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd' type='file'>
|
||||
<source file='/path/to/guest_VARS.fd'/>
|
||||
|
||||
@ -6,6 +6,9 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram type='network'>
|
||||
<source protocol='iscsi' name='iqn.2013-07.com.example:iscsi-nopool'>
|
||||
|
||||
@ -6,6 +6,9 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram type='network'>
|
||||
<source protocol='nbd' name='bar'>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='yes' name='enrolled-keys'/>
|
||||
<feature enabled='yes' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/path/to/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -7,6 +7,7 @@
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='yes' name='enrolled-keys'/>
|
||||
<feature enabled='yes' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash' stateless='yes'>/usr/share/OVMF/OVMF.sev.fd</loader>
|
||||
<boot dev='hd'/>
|
||||
</os>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='yes' name='enrolled-keys'/>
|
||||
<feature enabled='yes' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='aarch64' machine='virt-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/AAVMF/AAVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='yes' name='enrolled-keys'/>
|
||||
<feature enabled='yes' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/path/to/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='yes' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='aarch64' machine='virt-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/AAVMF/AAVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd' type='file'>
|
||||
<source file='/path/to/guest_VARS.fd'/>
|
||||
|
||||
@ -4,8 +4,11 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram type='network'>
|
||||
<source protocol='iscsi' name='iqn.2013-07.com.example:iscsi-nopool'>
|
||||
|
||||
@ -4,8 +4,11 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram type='network'>
|
||||
<source protocol='nbd' name='bar'>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-q35-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='yes' name='enrolled-keys'/>
|
||||
<feature enabled='yes' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.secboot.fd'>/path/to/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -4,8 +4,12 @@
|
||||
<memory unit='KiB'>1048576</memory>
|
||||
<currentMemory unit='KiB'>1048576</currentMemory>
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os>
|
||||
<os firmware='efi'>
|
||||
<type arch='x86_64' machine='pc-i440fx-4.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
|
||||
<nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/path/to/guest_VARS.fd</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='aarch64' machine='virt-6.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader>
|
||||
<nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='aarch64' machine='virt-6.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader>
|
||||
<nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
@ -6,6 +6,10 @@
|
||||
<vcpu placement='static'>1</vcpu>
|
||||
<os firmware='efi'>
|
||||
<type arch='aarch64' machine='virt-6.0'>hvm</type>
|
||||
<firmware>
|
||||
<feature enabled='no' name='enrolled-keys'/>
|
||||
<feature enabled='no' name='secure-boot'/>
|
||||
</firmware>
|
||||
<loader readonly='yes' type='pflash' format='qcow2'>/usr/share/AAVMF/AAVMF_CODE.qcow2</loader>
|
||||
<nvram template='/usr/share/AAVMF/AAVMF_VARS.qcow2' format='qcow2'>/var/lib/libvirt/qemu/nvram/guest_VARS.qcow2</nvram>
|
||||
<boot dev='hd'/>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user