On Wed, Jul 08, 2020 at 07:53:22PM +0200, Domenico Panella wrote: > Hi, > I have a problem with virt-manager. > I'm building a edk2-ovmf package for Void Linux. > When i create a new virtual machine , i can't choice secure boot option from > combo box. The OVMF_CODE.secboot.fd is present but it isn't show. > What am i wrong? Hi, If I'm correct your are talking about virt-manager GUI where during installation you checked 'Customize configuration before install' and in the new window in 'Overview' you are trying to select 'Firmware'. That list of firmwares is provided by libvirt, you can use virsh to see what virt-manager gets from libvirt by using: virsh domcapabilities --machine q35 There you should be able to see the list of firmwares that libvirt knows about. In order to have functional secure boot you have to use Q35 machine type because the old i440fx doesn't support secure boot. The list will by default contain only firmwares installed by your distribution but it's possible to change it. The location where you should change it depends on libvirt version. libvirt 5.2.0 and older: You need to modify /etc/libvirt/qemu.conf file where you should look for 'nvram' option. libvirt 5.3.0 and newer: We switched to improved format of describing firmwares, it's no longer in qemu.conf file but we use json files. These are the location where libvirt looks for the firmware json files: - /usr/share/qemu/firmware/ - /etc/qemu/firmware/ And in case of session connection - $XDG_CONFIG_HOME/qemu/firmware or $HOME/.config/qemu/firmware/ The documentation for the json file is here [1]. I did some searching and it looks like that the edk2-ovmf package is not available on Void Linux but there is a pull request [2] to introduce that package. If you are involved in the pull request you need to make sure that the json files provided by edk2-ovmf package are in correct directory (it should be the /usr/share/qemu/firmware/). I also check QEMU package in Void Linux and it looks like they are building it incorrectly by using --datadir=/usr/lib. QEMU has its own edk2 firmwares and it is also providing json files for these firmwares but they are installed in /usr/lib/qemu/firmware/ so libvirt will not be able to find them. Pavel [1] <https://git.qemu.org/?p=qemu.git;a=blob;f=docs/interop/firmware.json;hb=HEAD> [2] <https://github.com/void-linux/void-packages/pull/17225>
Attachment:
signature.asc
Description: PGP signature