domain capabilities: Expose firmware auto selection feature

If a management application wants to use firmware auto selection
feature it can't currently know if the libvirtd it's talking to
support is or not. Moreover, it doesn't know which values that
are accepted for the @firmware attribute of <os/> when parsing
will allow successful start of the domain later, i.e. if the mgmt
application wants to use 'bios' whether there exists a FW
descriptor in the system that describes bios.

This commit then adds 'firmware' enum to <os/> element in
<domainCapabilities/> XML like this:

  <enum name='firmware'>
    <value>bios</value>
    <value>efi</value>
  </enum>

We can see both 'bios' and 'efi' listed which means that there
are descriptors for both found in the system (matched with the
machine type and architecture reported in the domain capabilities
earlier and not shown here).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
This commit is contained in:
Michal Privoznik 2019-04-04 12:42:14 +02:00
parent 9c0d73bf49
commit 5b9819eedc
28 changed files with 194 additions and 3 deletions

View File

@ -119,6 +119,10 @@
&lt;domainCapabilities&gt;
...
&lt;os supported='yes'&gt;
&lt;enum name='firmware'&gt;
&lt;value&gt;bios&lt;/value&gt;
&lt;value&gt;efi&lt;/value&gt;
&lt;/enum&gt;
&lt;loader supported='yes'&gt;
&lt;value&gt;/usr/share/OVMF/OVMF_CODE.fd&lt;/value&gt;
&lt;enum name='type'&gt;
@ -129,12 +133,26 @@
&lt;value&gt;yes&lt;/value&gt;
&lt;value&gt;no&lt;/value&gt;
&lt;/enum&gt;
&lt;enum name='secure'&gt;
&lt;value&gt;yes&lt;/value&gt;
&lt;value&gt;no&lt;/value&gt;
&lt;/enum&gt;
&lt;/loader&gt;
&lt;/os&gt;
...
&lt;domainCapabilities&gt;
</pre>
<p>The <code>firmware</code> enum corresponds to
<code>firmware</code> attribute of the <code>os</code> element.
Plain presence of this enum means that libvirt is capable of so
called firmware auto selection. The listed values then represent
accepted values for the domain attribute. Only values for which
there exists a firmware descriptor that matches machine type and
architecture are listed, i.e. those which won't cause a failure
on domain startup.
</p>
<p>For the <code>loader</code> element, the following can occur:</p>
<dl>
@ -152,6 +170,11 @@
<dt><code>readonly</code></dt>
<dd>Options for the <code>readonly</code> attribute of the
&lt;loader/&gt; element.</dd>
<dt><code>secure</code></dt>
<dd>Options for the <code>secure</code> attribute of the
&lt;loader/&gt; element. Note, that <code>yes</code> is listed
only if there is a firmware that supports it.</dd>
</dl>
<h3><a id="elementsCPU">CPU configuration</a></h3>

View File

@ -77,6 +77,7 @@
<element name='os'>
<interleave>
<ref name='supported'/>
<ref name='enum'/>
<optional>
<ref name='loader'/>
</optional>

View File

@ -415,6 +415,7 @@ virDomainCapsLoaderFormat(virBufferPtr buf,
virDomainCapsStringValuesFormat(buf, &loader->values);
ENUM_PROCESS(loader, type, virDomainLoaderTypeToString);
ENUM_PROCESS(loader, readonly, virTristateBoolTypeToString);
ENUM_PROCESS(loader, secure, virTristateBoolTypeToString);
FORMAT_EPILOGUE(loader);
}
@ -427,6 +428,8 @@ virDomainCapsOSFormat(virBufferPtr buf,
FORMAT_PROLOGUE(os);
ENUM_PROCESS(os, firmware, virDomainOsDefFirmwareTypeToString);
virDomainCapsLoaderFormat(buf, loader);
FORMAT_EPILOGUE(os);

View File

@ -52,12 +52,14 @@ struct _virDomainCapsLoader {
virDomainCapsStringValues values; /* Info about values for the element */
virDomainCapsEnum type; /* Info about virDomainLoader */
virDomainCapsEnum readonly; /* Info about readonly:virTristateBool */
virDomainCapsEnum secure; /* Info about secure:virTristateBool */
};
typedef struct _virDomainCapsOS virDomainCapsOS;
typedef virDomainCapsOS *virDomainCapsOSPtr;
struct _virDomainCapsOS {
virTristateBool supported;
virDomainCapsEnum firmware; /* Info about virDomainOsDefFirmware */
virDomainCapsLoader loader; /* Info about virDomainLoaderDef */
};

View File

@ -46,6 +46,7 @@
#include "qemu_capspriv.h"
#include "qemu_qapi.h"
#include "qemu_process.h"
#include "qemu_firmware.h"
#include <fcntl.h>
#include <sys/stat.h>
@ -4920,6 +4921,7 @@ virQEMUCapsGetPreferredMachine(virQEMUCapsPtr qemuCaps)
static int
virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader,
bool secure,
virFirmwarePtr *firmwares,
size_t nfirmwares)
{
@ -4928,6 +4930,7 @@ virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader,
capsLoader->supported = VIR_TRISTATE_BOOL_YES;
capsLoader->type.report = true;
capsLoader->readonly.report = true;
capsLoader->secure.report = true;
if (VIR_ALLOC_N(capsLoader->values.values, nfirmwares) < 0)
return -1;
@ -4956,19 +4959,42 @@ virQEMUCapsFillDomainLoaderCaps(virDomainCapsLoaderPtr capsLoader,
VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->readonly,
VIR_TRISTATE_BOOL_YES,
VIR_TRISTATE_BOOL_NO);
VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->secure,
VIR_TRISTATE_BOOL_NO);
if (secure)
VIR_DOMAIN_CAPS_ENUM_SET(capsLoader->secure,
VIR_TRISTATE_BOOL_YES);
return 0;
}
static int
virQEMUCapsFillDomainOSCaps(virDomainCapsOSPtr os,
const char *machine,
virArch arch,
bool privileged,
virFirmwarePtr *firmwares,
size_t nfirmwares)
{
virDomainCapsLoaderPtr capsLoader = &os->loader;
uint64_t autoFirmwares = 0;
bool secure = false;
os->supported = VIR_TRISTATE_BOOL_YES;
if (virQEMUCapsFillDomainLoaderCaps(capsLoader, firmwares, nfirmwares) < 0)
os->firmware.report = true;
if (qemuFirmwareGetSupported(machine, arch, privileged, &autoFirmwares, &secure) < 0)
return -1;
if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS))
VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_BIOS);
if (autoFirmwares & (1ULL << VIR_DOMAIN_OS_DEF_FIRMWARE_EFI))
VIR_DOMAIN_CAPS_ENUM_SET(os->firmware, VIR_DOMAIN_OS_DEF_FIRMWARE_EFI);
if (virQEMUCapsFillDomainLoaderCaps(capsLoader, secure, firmwares, nfirmwares) < 0)
return -1;
return 0;
}
@ -5298,6 +5324,7 @@ int
virQEMUCapsFillDomainCaps(virCapsPtr caps,
virDomainCapsPtr domCaps,
virQEMUCapsPtr qemuCaps,
bool privileged,
virFirmwarePtr *firmwares,
size_t nfirmwares)
{
@ -5324,7 +5351,11 @@ virQEMUCapsFillDomainCaps(virCapsPtr caps,
domCaps->genid = virTristateBoolFromBool(
virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VMGENID));
if (virQEMUCapsFillDomainOSCaps(os, firmwares, nfirmwares) < 0 ||
if (virQEMUCapsFillDomainOSCaps(os,
domCaps->machine,
domCaps->arch,
privileged,
firmwares, nfirmwares) < 0 ||
virQEMUCapsFillDomainCPUCaps(caps, qemuCaps, domCaps) < 0 ||
virQEMUCapsFillDomainIOThreadCaps(qemuCaps, domCaps) < 0 ||
virQEMUCapsFillDomainDeviceDiskCaps(qemuCaps,

View File

@ -632,6 +632,7 @@ int virQEMUCapsInitGuestFromBinary(virCapsPtr caps,
int virQEMUCapsFillDomainCaps(virCapsPtr caps,
virDomainCapsPtr domCaps,
virQEMUCapsPtr qemuCaps,
bool privileged,
virFirmwarePtr *firmwares,
size_t nfirmwares);

View File

@ -19857,6 +19857,7 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
goto cleanup;
if (virQEMUCapsFillDomainCaps(caps, domCaps, qemuCaps,
driver->privileged,
cfg->firmwares, cfg->nfirmwares) < 0)
goto cleanup;

View File

@ -1033,7 +1033,9 @@ domaincapsmock_la_LDFLAGS = $(MOCKLIBS_LDFLAGS)
domaincapsmock_la_LIBADD = $(MOCKLIBS_LIBS)
domaincapstest_SOURCES = \
domaincapstest.c testutils.h testutils.c
domaincapstest.c testutils.h testutils.c \
virfilewrapper.c virfilewrapper.h \
$(NULL)
domaincapstest_LDADD = $(LDADDS)
if WITH_QEMU

View File

@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='no'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,9 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +21,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,7 @@
<vcpu max='1024'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,7 @@
<vcpu max='248'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,9 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +21,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,7 @@
<vcpu max='1'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,7 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,7 @@
<vcpu max='248'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,7 @@
<vcpu max='248'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,10 @@
<vcpu max='288'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,10 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>yes</value>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,7 @@
<vcpu max='248'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'/>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +19,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -6,6 +6,10 @@
<vcpu max='255'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'>
<value>bios</value>
<value>efi</value>
</enum>
<loader supported='yes'>
<value>/usr/share/AAVMF/AAVMF_CODE.fd</value>
<value>/usr/share/AAVMF/AAVMF32_CODE.fd</value>
@ -18,6 +22,9 @@
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>

View File

@ -20,6 +20,8 @@
#include "testutils.h"
#include "domain_capabilities.h"
#include "virfilewrapper.h"
#include "configmake.h"
#define VIR_FROM_THIS VIR_FROM_NONE
@ -104,6 +106,7 @@ fillQemuCaps(virDomainCapsPtr domCaps,
goto cleanup;
if (virQEMUCapsFillDomainCaps(caps, domCaps, qemuCaps,
false,
cfg->firmwares,
cfg->nfirmwares) < 0)
goto cleanup;
@ -364,6 +367,13 @@ mymain(void)
#if WITH_QEMU
virFileWrapperAddPrefix(SYSCONFDIR "/qemu/firmware",
abs_srcdir "/qemufirmwaredata/etc/qemu/firmware");
virFileWrapperAddPrefix(PREFIX "/share/qemu/firmware",
abs_srcdir "/qemufirmwaredata/usr/share/qemu/firmware");
virFileWrapperAddPrefix("/home/user/.config/qemu/firmware",
abs_srcdir "/qemufirmwaredata/home/user/.config/qemu/firmware");
DO_TEST_QEMU("1.7.0", "caps_1.7.0",
"/usr/bin/qemu-system-x86_64", NULL,
"x86_64", VIR_DOMAIN_VIRT_KVM);
@ -441,6 +451,10 @@ mymain(void)
"x86_64", VIR_DOMAIN_VIRT_KVM);
virObjectUnref(cfg);
virFileWrapperRemovePrefix(SYSCONFDIR "/qemu/firmware");
virFileWrapperRemovePrefix(PREFIX "/share/qemu/firmware");
virFileWrapperRemovePrefix("/home/user/.config/qemu/firmware");
#endif /* WITH_QEMU */
#if WITH_LIBXL
@ -462,6 +476,8 @@ mymain(void)
DO_TEST_BHYVE("fbuf", "/usr/sbin/bhyve", &bhyve_caps, VIR_DOMAIN_VIRT_BHYVE);
#endif /* WITH_BHYVE */
virFileWrapperClearPrefixes();
return ret;
}