[libvirt PATCH 13/15] conf: Don't explicitly set the secure-boot feature

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Now that we're adding information obtained from the firmware
descriptor to the domain XML, this will happen automatically
whenever a firmware that has the enrolled-keys feature ends up
being selected.

Signed-off-by: Andrea Bolognani <abologna@xxxxxxxxxx>
---
 src/conf/domain_postparse.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/conf/domain_postparse.c b/src/conf/domain_postparse.c
index 22eb603b3b..79862a72cd 100644
--- a/src/conf/domain_postparse.c
+++ b/src/conf/domain_postparse.c
@@ -101,12 +101,6 @@ virDomainDefPostParseOs(virDomainDef *def)
                            _("firmware feature 'enrolled-keys' cannot be enabled when firmware feature 'secure-boot' is disabled"));
             return -1;
         }
-
-        /* For all non-broken firmware builds, enrolled-keys implies
-         * secure-boot, and having the Secure Boot keys in the NVRAM file
-         * when the firmware doesn't support the Secure Boot feature doesn't
-         * make sense anyway. Reflect this fact explicitly in the XML */
-        def->os.firmwareFeatures[VIR_DOMAIN_OS_DEF_FIRMWARE_FEATURE_SECURE_BOOT] = VIR_TRISTATE_BOOL_YES;
     }
 
     if (!def->os.loader)
-- 
2.39.2




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux