Re: On the content of 'nvram' section in /etc/libvirt/qemu.conf

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/16/19 12:50 PM, Kashyap Chamarthy wrote:
> I learnt from Dan Berrangé that the 'nvram' section in
> `/etc/libvirt/qemu.conf` will now go away in light of all the work done
> in QEMU ('firmware.json', et al) and libvirt (the firmware
> auto-selection).  
> 
> But for my own education, can anyone confirm that the current content of
> 'nvram' is out of date in terms of mapping of OVMF binaries to their
> corresponding variable store ("VARS") files?
> 
> Let's see what I mean.
> 
> On my Fedora 29 box, in `/etc/libvirt/qemu.conf`, I see the following
> mapping of OVMF binaries to their correspoindg "VARS" file under the
> 'nvram' section:
> 
>     #nvram = [
>     #   "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd",
>     #   "/usr/share/OVMF/OVMF_CODE.secboot.fd:/usr/share/OVMF/OVMF_VARS.fd",
>     #   "/usr/share/AAVMF/AAVMF_CODE.fd:/usr/share/AAVMF/AAVMF_VARS.fd",
>     #   "/usr/share/AAVMF/AAVMF32_CODE.fd:/usr/share/AAVMF/AAVMF32_VARS.fd"
>     #]
>
> Now let's enumerate the content of 'edk2-ovmf' package:
> 
>     $> rpm -ql edk2-ovmf
>     /usr/share/OVMF
>     /usr/share/OVMF/OVMF_CODE.fd
>     /usr/share/OVMF/OVMF_CODE.secboot.fd
>     /usr/share/OVMF/OVMF_VARS.fd
>     /usr/share/OVMF/OVMF_VARS.secboot.fd
>     /usr/share/OVMF/UefiShell.iso
>     /usr/share/doc/edk2-ovmf
>     /usr/share/doc/edk2-ovmf/README
>     /usr/share/doc/edk2-ovmf/ovmf-whitepaper-c770f8c.txt
>     /usr/share/edk2
>     /usr/share/edk2/ovmf
>     /usr/share/edk2/ovmf/EnrollDefaultKeys.efi
>     /usr/share/edk2/ovmf/OVMF_CODE.fd
>     /usr/share/edk2/ovmf/OVMF_CODE.secboot.fd
>     /usr/share/edk2/ovmf/OVMF_VARS.fd
>     /usr/share/edk2/ovmf/OVMF_VARS.secboot.fd
>     /usr/share/edk2/ovmf/Shell.efi
>     /usr/share/edk2/ovmf/UefiShell.iso
>     /usr/share/licenses/edk2-ovmf
>     /usr/share/licenses/edk2-ovmf/LICENSE.openssl
>     /usr/share/licenses/edk2-ovmf/License.txt
> 
> There is the /usr/share/edk2/ovmf/OVMF_VARS.secboot.fd file (which comes
> with the default UEFI keys enrolled).
> 
> So, the mapping of OVMF binary to VARS file in the earlier mentioned
> 'nvram' section should have been:
> 
>     /usr/share/OVMF/OVMF_CODE.secboot.fd:/usr/share/edk2/ovmf/OVMF_VARS.secboot.fd
> 
> Yes?
> 

Unfortunately the qemu.conf comment is not authoritatize. I believe
that's the default value hardcoded in libvirt, but it can also be
changed with a build time flag, which we do for fedora. The spec file
has this change:

%if 0%{?fedora}
    # Nightly edk2.git-ovmf-x64

LOADERS="/usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd:/usr/share/edk2.git/ovmf-x64/OVMF_VARS-pure-efi.fd"
    # Nightly edk2.git-ovmf-ia32

LOADERS="$LOADERS:/usr/share/edk2.git/ovmf-ia32/OVMF_CODE-pure-efi.fd:/usr/share/edk2.git/ovmf-ia32/OVMF_VARS-pure-efi.fd"
    # Nightly edk2.git-aarch64

LOADERS="$LOADERS:/usr/share/edk2.git/aarch64/QEMU_EFI-pflash.raw:/usr/share/edk2.git/aarch64/vars-template-pflash.raw"
    # Nightly edk2.git-arm

LOADERS="$LOADERS:/usr/share/edk2.git/arm/QEMU_EFI-pflash.raw:/usr/share/edk2.git/arm/vars-template-pflash.raw"

    # Fedora edk2-ovmf

LOADERS="$LOADERS:/usr/share/edk2/ovmf/OVMF_CODE.fd:/usr/share/edk2/ovmf/OVMF_VARS.fd"
    # Fedora edk2-ovmf-ia32

LOADERS="$LOADERS:/usr/share/edk2/ovmf-ia32/OVMF_CODE.fd:/usr/share/edk2/ovmf-ia32/OVMF_VARS.fd"
    # Fedora edk2-aarch64

LOADERS="$LOADERS:/usr/share/edk2/aarch64/QEMU_EFI-pflash.raw:/usr/share/edk2/aarch64/vars-template-pflash.raw"
    # Fedora edk2-arm

LOADERS="$LOADERS:/usr/share/edk2/arm/QEMU_EFI-pflash.raw:/usr/share/edk2/arm/vars-template-pflash.raw"
    %define arg_loader_nvram --with-loader-nvram="$LOADERS"
%endif

So that's 8 pairs that we look for in fedora. That default commented out
value is probably what we use on RHEL with standard RHEL packaging

- Cole

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux