The loader 'type' is a property that is useful to filter on when selecting firmware. For example, with AMD SEV it is desirable to be able to request selecting of firmware without NVRAM using: <os firmware='efi'> <loader type='rom'/> </os> Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> --- docs/formatdomain.rst | 12 ++++++++++++ src/conf/domain_conf.c | 8 ++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index cd818c1ded..3c4ee70835 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -149,6 +149,16 @@ harddisk, cdrom, network) determining where to obtain/find the boot image. </os> ... + <!-- QEMU with automatic UEFI firmware suitable for AMD SEV, where + ROM is preferred over pflash when both are available --> + ... + <os firmware='efi'> + <type>hvm</type> + <loader type='rom'/> + <boot dev='hd'/> + </os> + ... + ``firmware`` The ``firmware`` attribute allows management applications to automatically fill ``<loader/>`` and ``<nvram/>`` elements and possibly enable some @@ -219,6 +229,8 @@ harddisk, cdrom, network) determining where to obtain/find the boot image. firmwares may implement the Secure boot feature. Some UEFI images intended for use with confidential computing environments like AMD SEV will disable persistence of variables, and would thus require ``type`` to be ``rom``. + If set, the ``type`` attribute will also influence what firmware path is + used when firmware auto-select is performed. :since:`Since 8.1.0`. Attribute ``secure`` can be used to tell the hypervisor that the firmware is capable of Secure Boot feature. It cannot be used to enable or disable the feature itself in the firmware. diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index a805f7f6a3..4f0d8e27cf 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -18044,10 +18044,6 @@ virDomainLoaderDefParseXML(xmlNodePtr node, &loader->readonly) < 0) return -1; - if (virXMLPropEnum(node, "type", virDomainLoaderTypeFromString, - VIR_XML_PROP_NONZERO, &loader->type) < 0) - return -1; - if (!(loader->path = virXMLNodeContentString(node))) return -1; @@ -18055,6 +18051,10 @@ virDomainLoaderDefParseXML(xmlNodePtr node, VIR_FREE(loader->path); } + if (virXMLPropEnum(node, "type", virDomainLoaderTypeFromString, + VIR_XML_PROP_NONZERO, &loader->type) < 0) + return -1; + if (virXMLPropTristateBool(node, "secure", VIR_XML_PROP_NONE, &loader->secure) < 0) return -1; -- 2.33.1