From nobody Sat May 4 23:39:14 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1564503148; cv=none; d=zoho.com; s=zohoarc; b=myvbuSgzZQNF8vOHQ+jGjZm4PD3oSEIShgS6USSRcWOrHpbB4kDbsq+yBkMUoVVX0ElG/1Ze9uVR0NvN8ANhITllxPp+dc3YBtA1VEEl9VPVMuppJQnbyG9mRb6agVi6aMwuHME9afiYC0lgKBCAPZxQYp/YN9kHASDLOTO05CU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1564503148; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To:ARC-Authentication-Results; bh=LARW6eNacdQhlJAWS+qX+Nlt45VfKX0hK3qDCwDRRqM=; b=hrZcSK0hQBs5i1W5sjCSdyq2Mi2lTEKIBP1Nm9UFz2wUU/7CnIfcYpg/N4mz4EFDGq3UlhbWtjYAabgoPEMofn6zBS/8wYWlQZqiDWBVVvm3w2cqEEnjI0RHOFeT66cSqcMDGJd6TGvl4sRWxQ0llYcOgAJ48a55KBfX+LK3FAU= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1564503148209309.82809362683133; Tue, 30 Jul 2019 09:12:28 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A6EF6E8CC0; Tue, 30 Jul 2019 16:12:23 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 737B95C1A1; Tue, 30 Jul 2019 16:12:23 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0892D19734; Tue, 30 Jul 2019 16:12:23 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6UGBSro025116 for ; Tue, 30 Jul 2019 12:11:28 -0400 Received: by smtp.corp.redhat.com (Postfix) id 7847D5C207; Tue, 30 Jul 2019 16:11:28 +0000 (UTC) Received: from paraplu.gentgrp.gent.be (ovpn-112-27.ams2.redhat.com [10.36.112.27]) by smtp.corp.redhat.com (Postfix) with ESMTP id 356885C1B5; Tue, 30 Jul 2019 16:11:22 +0000 (UTC) From: Kashyap Chamarthy To: libvir-list@redhat.com Date: Tue, 30 Jul 2019 18:11:19 +0200 Message-Id: <20190730161119.5260-1-kchamart@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Cc: mprivozn@redhat.com Subject: [libvirt] [PATCH] libvirt.spec.in: Add the Secure Boot-variant OVMF binaries X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 30 Jul 2019 16:12:25 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Currently the RPM spec doesn't add the 'secboot'-variant OVMF binaries (an unintentional omission, checking with Cole on #virt, OFTC) for 'x86_64' and 'ia32'. Add them. This way, getDomainCapabilities() will report all the OVMF binaries that are present on the system. E.g. on Fedora 29, if you only have the edk2-ovmf-20190308stable-1.fc29.noarch package installed, then running `virsh domcapabilities` will enumerate _both_ the OVMF binaries (instead of just the OVMF_CODE.fd): $> virsh getdomcapabilities ... /usr/share/edk2/ovmf/OVMF_CODE.fd /usr/share/edk2/ovmf/OVMF_CODE.secboot.fd ... ( Learnt this from a discussion with Michal Privoznik in this bug, comment#2: https://bugzilla.redhat.com/show_bug.cgi?id=3D1733940 -- RFE: Report firmware (FW) paths in domainCapabilities based on FW descriptor files ) Signed-off-by: Kashyap Chamarthy Reviewed-by: Cole Robinson --- I only did a cursory check on if I missed to add any other valid paths for other architectures. --- libvirt.spec.in | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index b13b863928..99950495a7 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1135,10 +1135,17 @@ exit 1 # Nightly edk2.git-arm LOADERS=3D"$LOADERS:/usr/share/edk2.git/arm/QEMU_EFI-pflash.raw:/usr/s= hare/edk2.git/arm/vars-template-pflash.raw" =20 - # Fedora edk2-ovmf + # Fedora edk2-ovmf, x86_64 LOADERS=3D"$LOADERS:/usr/share/edk2/ovmf/OVMF_CODE.fd:/usr/share/edk2/= ovmf/OVMF_VARS.fd" + # Fedora edk2-ovmf, x86_64, with Secure Boot + LOADERS=3D"$LOADERS:/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd:/usr/sha= re/edk2/ovmf/OVMF_VARS.secboot.fd" # Fedora edk2-ovmf-ia32 LOADERS=3D"$LOADERS:/usr/share/edk2/ovmf-ia32/OVMF_CODE.fd:/usr/share/= edk2/ovmf-ia32/OVMF_VARS.fd" + # Fedora edk2-ovmf-ia32, with Secure Boot. (NB: Unlike x86_64, for + # 'ia32', there is no secboot-variant "VARS" file (NVRAM template). + # So the NVRAM template for 'ovmf-ia32/OVMF_CODE.secboot.fd' is the + # same as the one for the non-secboot variant.) + LOADERS=3D"$LOADERS:/usr/share/edk2/ovmf-ia32/OVMF_CODE.secboot.fd:/us= r/share/edk2/ovmf-ia32/OVMF_VARS.fd" # Fedora edk2-aarch64 LOADERS=3D"$LOADERS:/usr/share/edk2/aarch64/QEMU_EFI-pflash.raw:/usr/s= hare/edk2/aarch64/vars-template-pflash.raw" # Fedora edk2-arm --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list