mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 05:35:25 +00:00
d57630c282
The qemu driver does support qcow2 images for the firmware and nvram pflash devices, but we do not do the full backing chain setup for them as we don't expect that those images would actually have a backing store. We don't tell that to qemu though which theoretically can lead to qemu probing the backing store from the image itself. We don't want that for now. Deny qemu probing the backing store by installing a "terminator" empty virStorageSource as 'backingStore' for pflash and nvram. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
39 lines
1.9 KiB
Plaintext
39 lines
1.9 KiB
Plaintext
LC_ALL=C \
|
|
PATH=/bin \
|
|
HOME=/var/lib/libvirt/qemu/domain--1-guest \
|
|
USER=test \
|
|
LOGNAME=test \
|
|
XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-guest/.local/share \
|
|
XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-guest/.cache \
|
|
XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \
|
|
/usr/bin/qemu-system-x86_64 \
|
|
-name guest=guest,debug-threads=on \
|
|
-S \
|
|
-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-guest/master-key.aes"}' \
|
|
-blockdev '{"driver":"file","filename":"/usr/share/edk2/ovmf/OVMF_CODE_4M.secboot.qcow2","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \
|
|
-blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"qcow2","file":"libvirt-pflash0-storage","backing":null}' \
|
|
-blockdev '{"driver":"file","filename":"/path/to/guest_VARS.qcow2","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}' \
|
|
-blockdev '{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"qcow2","file":"libvirt-pflash1-storage","backing":null}' \
|
|
-machine pc-q35-4.0,usb=off,smm=on,dump-guest-core=off,memory-backend=pc.ram,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,acpi=on \
|
|
-accel kvm \
|
|
-cpu qemu64 \
|
|
-global driver=cfi.pflash01,property=secure,value=on \
|
|
-m size=1048576k \
|
|
-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":1073741824}' \
|
|
-overcommit mem-lock=off \
|
|
-smp 1,sockets=1,cores=1,threads=1 \
|
|
-uuid 63840878-0deb-4095-97e6-fc444d9bc9fa \
|
|
-display none \
|
|
-no-user-config \
|
|
-nodefaults \
|
|
-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \
|
|
-mon chardev=charmonitor,id=monitor,mode=control \
|
|
-rtc base=utc \
|
|
-no-shutdown \
|
|
-boot strict=on \
|
|
-audiodev '{"id":"audio1","driver":"none"}' \
|
|
-global ICH9-LPC.noreboot=off \
|
|
-watchdog-action reset \
|
|
-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \
|
|
-msg timestamp=on
|