From 64c24800437ee372d228103291626705892c3ad9 Mon Sep 17 00:00:00 2001 From: Michal Privoznik Date: Wed, 13 Jul 2016 09:22:51 +0200 Subject: [PATCH] Introduce @secure attribute to os loader element This element will control secure boot implemented by some firmwares. If the firmware used in does support the feature we must tell it to the underlying hypervisor. However, we can't know whether loader does support it or not just by looking at the file. Therefore we have to have an attribute to the element where users can tell us whether the firmware is secure boot enabled or not. Signed-off-by: Michal Privoznik --- docs/formatdomain.html.in | 7 +++- docs/schemas/domaincommon.rng | 8 ++++ src/conf/domain_conf.c | 14 +++++++ src/conf/domain_conf.h | 1 + .../qemuxml2argv-bios-nvram-secure.xml | 41 +++++++++++++++++++ 5 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-bios-nvram-secure.xml diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index dabe604ec2..5acb3b9469 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -102,7 +102,7 @@ ... <os> <type>hvm</type> - <loader readonly='yes' type='rom'>/usr/lib/xen/boot/hvmloader</loader> + <loader readonly='yes' secure='no' type='rom'>/usr/lib/xen/boot/hvmloader</loader> <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/nvram/guest_VARS.fd</nvram> <boot dev='hd'/> <boot dev='cdrom'/> @@ -140,7 +140,10 @@ pflash. It tells the hypervisor where in the guest memory the file should be mapped. For instance, if the loader path points to an UEFI image, type should be - pflash. + pflash. Moreover, some firmwares may + implement the Secure boot feature. Attribute + secure can be used then to control it. + Since 2.1.0
nvram
Some UEFI firmwares may want to use a non-volatile memory to store some variables. In the host, this is represented as a file and the diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 5233766239..052f28c867 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -259,6 +259,14 @@ + + + + yes + no + + + diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 3d3e74ca2b..2500058622 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -15325,9 +15325,11 @@ virDomainLoaderDefParseXML(xmlNodePtr node, { int ret = -1; char *readonly_str = NULL; + char *secure_str = NULL; char *type_str = NULL; readonly_str = virXMLPropString(node, "readonly"); + secure_str = virXMLPropString(node, "secure"); type_str = virXMLPropString(node, "type"); loader->path = (char *) xmlNodeGetContent(node); @@ -15338,6 +15340,13 @@ virDomainLoaderDefParseXML(xmlNodePtr node, goto cleanup; } + if (secure_str && + (loader->secure = virTristateBoolTypeFromString(secure_str)) <= 0) { + virReportError(VIR_ERR_XML_DETAIL, + _("unknown secure value: %s"), secure_str); + goto cleanup; + } + if (type_str) { int type; if ((type = virDomainLoaderTypeFromString(type_str)) < 0) { @@ -15351,6 +15360,7 @@ virDomainLoaderDefParseXML(xmlNodePtr node, ret = 0; cleanup: VIR_FREE(readonly_str); + VIR_FREE(secure_str); VIR_FREE(type_str); return ret; } @@ -22551,6 +22561,7 @@ virDomainLoaderDefFormat(virBufferPtr buf, virDomainLoaderDefPtr loader) { const char *readonly = virTristateBoolTypeToString(loader->readonly); + const char *secure = virTristateBoolTypeToString(loader->secure); const char *type = virDomainLoaderTypeToString(loader->type); virBufferAddLit(buf, "readonly) virBufferAsprintf(buf, " readonly='%s'", readonly); + if (loader->secure) + virBufferAsprintf(buf, " secure='%s'", secure); + virBufferAsprintf(buf, " type='%s'>", type); virBufferEscapeString(buf, "%s\n", loader->path); diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index cea7d1d7d6..8b2672487d 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1735,6 +1735,7 @@ struct _virDomainLoaderDef { char *path; int readonly; /* enum virTristateBool */ virDomainLoader type; + int secure; /* enum virTristateBool */ char *nvram; /* path to non-volatile RAM */ char *templt; /* user override of path to master nvram */ }; diff --git a/tests/qemuxml2argvdata/qemuxml2argv-bios-nvram-secure.xml b/tests/qemuxml2argvdata/qemuxml2argv-bios-nvram-secure.xml new file mode 100644 index 0000000000..0ddddfe393 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-bios-nvram-secure.xml @@ -0,0 +1,41 @@ + + test-bios + 362d1fc1-df7d-193e-5c18-49a71bd1da66 + 1048576 + 1048576 + 1 + + hvm + /usr/share/OVMF/OVMF_CODE.secboot.fd + /usr/share/OVMF/OVMF_VARS.fd + + + + + + + + + destroy + restart + restart + + /usr/bin/qemu + + + +
+ + + + + + + + + + + + + +