mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 21:55:25 +00:00
conf: Move validation check out of postparse
The reason why it was in postparse in the first place was so that we could could automatically enable the secure-boot feature in some cases, but that no longer happens so we can finally move it to the proper location. Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
parent
6d0d416f41
commit
e493a2ed73
@ -93,16 +93,6 @@ virDomainDefPostParseMemory(virDomainDef *def,
|
||||
static int
|
||||
virDomainDefPostParseOs(virDomainDef *def)
|
||||
{
|
||||
if (def->os.firmwareFeatures &&
|
||||
def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] == VIR_TRISTATE_BOOL_YES) {
|
||||
|
||||
if (def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] == VIR_TRISTATE_BOOL_NO) {
|
||||
virReportError(VIR_ERR_XML_DETAIL, "%s",
|
||||
_("firmware feature 'enrolled-keys' cannot be enabled when firmware feature 'secure-boot' is disabled"));
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
if (!def->os.loader)
|
||||
return 0;
|
||||
|
||||
|
@ -1606,6 +1606,14 @@ virDomainDefOSValidate(const virDomainDef *def,
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (def->os.firmwareFeatures &&
|
||||
def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_ENROLLED_KEYS] == VIR_TRISTATE_BOOL_YES &&
|
||||
def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] == VIR_TRISTATE_BOOL_NO) {
|
||||
virReportError(VIR_ERR_XML_DETAIL, "%s",
|
||||
_("firmware feature 'enrolled-keys' cannot be enabled when firmware feature 'secure-boot' is disabled"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!loader)
|
||||
return 0;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user