More information in the commit message for 11/15. Ideally this would make it into 9.2.0 along with the other changes to firmware selection I've made in this cycle[1]. [1] https://listman.redhat.com/archives/libvir-list/2023-February/237806.html Andrea Bolognani (15): tests: Rename a few firmware tests tests: Fix firmware-auto-efi-loader-path-nonstandard tests: Add firmware-auto-efi-loader-path tests: Add more tests for manual Secure Boot configuration tests: Fix firmware descriptor masking test qemu: Introduce qemuFirmwareMatchesPaths() qemu: Discard requires-smm firmware when loader.secure=no qemu: Always go through firmware autoselection conf: Remove some firmware validation checks conf: Don't format firmware type/features when migrating qemu: Don't drop firmware type/features information qemu: Automatically add firmware type/features information conf: Don't explicitly set the secure-boot feature conf: Move validation check out of postparse qemu: Move validation check out of postparse src/conf/domain_conf.c | 5 +- src/conf/domain_postparse.c | 16 -- src/conf/domain_validate.c | 42 +--- src/qemu/qemu_domain.c | 6 - src/qemu/qemu_firmware.c | 186 +++++++++++++----- src/qemu/qemu_validate.c | 6 + .../{60-ovmf-sb.json => 42-masked.json} | 0 .../usr/share/qemu/firmware/42-masked.json | 37 ++++ tests/qemufirmwaretest.c | 2 + ...to-efi-loader-insecure.x86_64-latest.args} | 0 ...auto-efi-loader-insecure.x86_64-latest.err | 1 - ...-loader-path-nonstandard.x86_64-latest.err | 1 + ...ware-auto-efi-loader-path-nonstandard.xml} | 2 +- ...e-auto-efi-loader-path.x86_64-latest.args} | 0 ...are-auto-efi-loader-path.x86_64-latest.err | 1 - .../firmware-auto-efi-loader-path.xml | 2 +- ...to-efi-no-enrolled-keys.x86_64-latest.args | 5 +- ...nual-efi-loader-no-path.x86_64-latest.err} | 0 ...=> firmware-manual-efi-loader-no-path.xml} | 0 ...nual-efi-loader-secure.x86_64-latest.args} | 0 ... => firmware-manual-efi-loader-secure.xml} | 0 ...l-efi-no-enrolled-keys.x86_64-latest.args} | 0 ... firmware-manual-efi-no-enrolled-keys.xml} | 2 +- ...-manual-efi-no-secboot.x86_64-latest.args} | 4 +- ...xml => firmware-manual-efi-no-secboot.xml} | 5 +- ...are-manual-efi-secboot.x86_64-latest.args} | 0 ...re.xml => firmware-manual-efi-secboot.xml} | 2 +- tests/qemuxml2argvtest.c | 12 +- ...ware-auto-bios-stateless.x86_64-latest.xml | 6 +- .../firmware-auto-bios.x86_64-latest.xml | 6 +- ...rmware-auto-efi-aarch64.aarch64-latest.xml | 6 +- ...e-auto-efi-enrolled-keys.x86_64-latest.xml | 6 +- ...-efi-format-loader-qcow2.x86_64-latest.xml | 6 +- ...o-efi-format-loader-raw.aarch64-latest.xml | 6 +- ...-nvram-qcow2-network-nbd.x86_64-latest.xml | 5 +- ...-format-nvram-qcow2-path.x86_64-latest.xml | 6 +- ...o-efi-format-nvram-qcow2.x86_64-latest.xml | 6 +- ...uto-efi-loader-insecure.x86_64-latest.xml} | 8 +- ...loader-path-nonstandard.x86_64-latest.xml} | 4 +- ...re-auto-efi-loader-path.x86_64-latest.xml} | 6 +- ...e-auto-efi-loader-secure.x86_64-latest.xml | 6 +- ...uto-efi-no-enrolled-keys.x86_64-latest.xml | 9 +- ...ware-auto-efi-no-secboot.x86_64-latest.xml | 6 +- ...ware-auto-efi-nvram-file.x86_64-latest.xml | 6 +- ...-efi-nvram-network-iscsi.x86_64-latest.xml | 5 +- ...to-efi-nvram-network-nbd.x86_64-latest.xml | 5 +- .../firmware-auto-efi-nvram.x86_64-latest.xml | 6 +- ...irmware-auto-efi-secboot.x86_64-latest.xml | 6 +- ...irmware-auto-efi-smm-off.x86_64-latest.xml | 6 +- ...mware-auto-efi-stateless.x86_64-latest.xml | 6 +- .../firmware-auto-efi.x86_64-latest.xml | 6 +- ...manual-efi-acpi-aarch64.aarch64-latest.xml | 6 +- ...ware-manual-efi-acpi-q35.x86_64-latest.xml | 6 +- ...anual-efi-loader-secure.x86_64-latest.xml} | 6 +- ...al-efi-no-enrolled-keys.x86_64-latest.xml} | 8 +- ...e-manual-efi-no-secboot.x86_64-latest.xml} | 6 +- ...nual-efi-noacpi-aarch64.aarch64-latest.xml | 6 +- ...re-manual-efi-nvram-file.x86_64-latest.xml | 6 +- ...-efi-nvram-network-iscsi.x86_64-latest.xml | 5 +- ...al-efi-nvram-network-nbd.x86_64-latest.xml | 5 +- ...anual-efi-nvram-template.x86_64-latest.xml | 6 +- ...ware-manual-efi-secboot.x86_64-latest.xml} | 6 +- .../firmware-manual-efi.x86_64-latest.xml | 6 +- .../pvpanic-pci-aarch64.aarch64-latest.xml | 6 +- ...-pci-no-address-aarch64.aarch64-latest.xml | 6 +- .../virtio-iommu-aarch64.aarch64-latest.xml | 6 +- tests/qemuxml2xmltest.c | 8 +- 67 files changed, 409 insertions(+), 164 deletions(-) rename tests/qemufirmwaredata/etc/qemu/firmware/{60-ovmf-sb.json => 42-masked.json} (100%) create mode 100644 tests/qemufirmwaredata/usr/share/qemu/firmware/42-masked.json copy tests/qemuxml2argvdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.args => firmware-auto-efi-loader-insecure.x86_64-latest.args} (100%) delete mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-insecure.x86_64-latest.err create mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-path-nonstandard.x86_64-latest.err copy tests/qemuxml2argvdata/{firmware-auto-efi-loader-path.xml => firmware-auto-efi-loader-path-nonstandard.xml} (86%) copy tests/qemuxml2argvdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.args => firmware-auto-efi-loader-path.x86_64-latest.args} (100%) delete mode 100644 tests/qemuxml2argvdata/firmware-auto-efi-loader-path.x86_64-latest.err rename tests/qemuxml2argvdata/{firmware-manual-efi-no-path.x86_64-latest.err => firmware-manual-efi-loader-no-path.x86_64-latest.err} (100%) rename tests/qemuxml2argvdata/{firmware-manual-efi-no-path.xml => firmware-manual-efi-loader-no-path.xml} (100%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.x86_64-latest.args => firmware-manual-efi-loader-secure.x86_64-latest.args} (100%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.xml => firmware-manual-efi-loader-secure.xml} (100%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.x86_64-latest.args => firmware-manual-efi-no-enrolled-keys.x86_64-latest.args} (100%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.xml => firmware-manual-efi-no-enrolled-keys.xml} (87%) copy tests/qemuxml2argvdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.args => firmware-manual-efi-no-secboot.x86_64-latest.args} (90%) copy tests/qemuxml2argvdata/{firmware-manual-efi-secure.xml => firmware-manual-efi-no-secboot.xml} (72%) rename tests/qemuxml2argvdata/{firmware-manual-efi-secure.x86_64-latest.args => firmware-manual-efi-secboot.x86_64-latest.args} (100%) rename tests/qemuxml2argvdata/{firmware-manual-efi-secure.xml => firmware-manual-efi-secboot.xml} (86%) copy tests/qemuxml2xmloutdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml => firmware-auto-efi-loader-insecure.x86_64-latest.xml} (82%) copy tests/qemuxml2xmloutdata/{firmware-auto-bios-stateless.x86_64-latest.xml => firmware-auto-efi-loader-path-nonstandard.x86_64-latest.xml} (92%) copy tests/qemuxml2xmloutdata/{firmware-auto-efi-no-enrolled-keys.x86_64-latest.xml => firmware-auto-efi-loader-path.x86_64-latest.xml} (89%) copy tests/qemuxml2xmloutdata/{firmware-manual-efi-secure.x86_64-latest.xml => firmware-manual-efi-loader-secure.x86_64-latest.xml} (89%) copy tests/qemuxml2xmloutdata/{firmware-manual-efi-secure.x86_64-latest.xml => firmware-manual-efi-no-enrolled-keys.x86_64-latest.xml} (83%) copy tests/qemuxml2xmloutdata/{firmware-manual-efi-acpi-q35.x86_64-latest.xml => firmware-manual-efi-no-secboot.x86_64-latest.xml} (89%) rename tests/qemuxml2xmloutdata/{firmware-manual-efi-secure.x86_64-latest.xml => firmware-manual-efi-secboot.x86_64-latest.xml} (89%) -- 2.39.2
