Changes from [v1]:

  * pick up Jim's test suite improvements;
  * squash in fixes for issues found during review;
  * add a few commits intented to spark further discussion around
    what the firmware descriptors should look like in the edk2
    package.

[v1] https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/RKQ3ANKDNJEFJSKQR4FMDU7PVHWYKYSF/

Andrea Bolognani (9):
  tests: Tweak descriptor for combined firmware
  tests: Minimize SEV tests
  tests: Add tests for SEV firmware selection
  qemu: Fix matching for stateless/combined firmware
  qemu: Fix matching for read/write firmware
  news: Update for firmware selection fixes
  DONOTMERGE update firmware data
  DONOTMERGE remove SEV features from non-SEV descriptors
  DONOTMERGE don't explicitly request stateless firmware for SEV

Jim Fehlig (1):
  tests: Improve AMD SEV-related tests

 NEWS.rst                                      |  5 ++
 src/qemu/qemu_firmware.c                      | 47 ++++++++++++++-----
 .../firmware/60-edk2-ovmf-x64-amdsev.json     |  1 -
 .../50-edk2-ovmf-4m-qcow2-x64-nosb.json       |  2 -
 .../51-edk2-ovmf-2m-raw-x64-nosb.json         |  2 -
 .../firmware/60-edk2-ovmf-x64-amdsev.json     |  3 +-
 .../firmware/60-edk2-ovmf-x64-amdsevsnp.json} | 14 +++---
 .../usr/share/qemu/firmware/90-combined.json  |  5 +-
 tests/qemufirmwaretest.c                      |  4 +-
 ...ware-auto-efi-rw-pflash.x86_64-latest.args | 36 ++++++++++++++
 ...mware-auto-efi-rw-pflash.x86_64-latest.err |  1 -
 ...mware-auto-efi-rw-pflash.x86_64-latest.xml |  6 ++-
 .../firmware-auto-efi-rw.x86_64-latest.args   | 36 ++++++++++++++
 .../firmware-auto-efi-rw.x86_64-latest.err    |  1 -
 .../firmware-auto-efi-rw.x86_64-latest.xml    |  6 ++-
 ...auto-efi-sev-snp.x86_64-latest+amdsev.args | 35 ++++++++++++++
 ...auto-efi-sev-snp.x86_64-latest+amdsev.xml} |  9 +++-
 .../firmware-auto-efi-sev-snp.xml             | 20 ++++++++
 ...are-auto-efi-sev.x86_64-latest+amdsev.args | 36 ++++++++++++++
 ...are-auto-efi-sev.x86_64-latest+amdsev.xml} |  9 +++-
 .../qemuxmlconfdata/firmware-auto-efi-sev.xml | 20 ++++++++
 ...urity-sev-direct.x86_64-latest+amdsev.args |  7 ++-
 ...curity-sev-direct.x86_64-latest+amdsev.xml | 19 +++-----
 ...nch-security-sev-direct.x86_64-latest.args |  7 ++-
 ...unch-security-sev-direct.x86_64-latest.xml | 19 +++-----
 .../launch-security-sev-direct.xml            | 19 +-------
 ...ng-platform-info.x86_64-latest+amdsev.args |  9 ++--
 ...ing-platform-info.x86_64-latest+amdsev.xml | 29 ++++++------
 ...nch-security-sev-missing-platform-info.xml | 25 +++-------
 ...security-sev-snp.x86_64-latest+amdsev.args | 11 +----
 ...-security-sev-snp.x86_64-latest+amdsev.xml | 29 +-----------
 ...launch-security-sev-snp.x86_64-latest.args | 11 +----
 .../launch-security-sev-snp.x86_64-latest.xml | 29 +-----------
 .../launch-security-sev-snp.xml               | 45 +-----------------
 ...nch-security-sev.x86_64-latest+amdsev.args |  9 ++--
 ...unch-security-sev.x86_64-latest+amdsev.xml | 29 ++++++------
 tests/qemuxmlconfdata/launch-security-sev.xml | 25 +++-------
 tests/qemuxmlconftest.c                       | 11 ++++-
 38 files changed, 352 insertions(+), 279 deletions(-)
 copy tests/qemufirmwaredata/{out/usr/share/qemu/firmware/60-edk2-ovmf-x64-amdsev.json => usr/share/qemu/firmware/60-edk2-ovmf-x64-amdsevsnp.json} (57%)
 create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-rw-pflash.x86_64-latest.args
 delete mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-rw-pflash.x86_64-latest.err
 create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-rw.x86_64-latest.args
 delete mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-rw.x86_64-latest.err
 create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-sev-snp.x86_64-latest+amdsev.args
 copy tests/qemuxmlconfdata/{firmware-auto-efi-rw-pflash.x86_64-latest.xml => firmware-auto-efi-sev-snp.x86_64-latest+amdsev.xml} (78%)
 create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-sev-snp.xml
 create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-sev.x86_64-latest+amdsev.args
 copy tests/qemuxmlconfdata/{firmware-auto-efi-rw-pflash.x86_64-latest.xml => firmware-auto-efi-sev.x86_64-latest+amdsev.xml} (77%)
 create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-sev.xml

-- 
2.51.0

Hi Andrea,

Is there anything I can do to help move this series forward? I think 8/10 can 
now be considered for merging, correct?

BTW, I'm fine with the patch order, based on your rational in 4/10

https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/PZEMOM474JUHWIIX3SOUITBHHTDBIVDN/

So my previous comments on patches 4 and 5 aren't really valid. Should I 
re-review those? Were you planning to spin another version which includes patch 8?

Regards,
Jim

On 8/25/25 10:19, Andrea Bolognani via Devel wrote:
> Changes from [v1]:
> 
>    * pick up Jim's test suite improvements;
>    * squash in fixes for issues found during review;
>    * add a few commits intented to spark further discussion around
>      what the firmware descriptors should look like in the edk2
>      package.
> 
> [v1] https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/RKQ3ANKDNJEFJSKQR4FMDU7PVHWYKYSF/
> 
> Andrea Bolognani (9):
>    tests: Tweak descriptor for combined firmware
>    tests: Minimize SEV tests
>    tests: Add tests for SEV firmware selection
>    qemu: Fix matching for stateless/combined firmware
>    qemu: Fix matching for read/write firmware
>    news: Update for firmware selection fixes
>    DONOTMERGE update firmware data
>    DONOTMERGE remove SEV features from non-SEV descriptors
>    DONOTMERGE don't explicitly request stateless firmware for SEV
> 
> Jim Fehlig (1):
>    tests: Improve AMD SEV-related tests
> 
>   NEWS.rst                                      |  5 ++
>   src/qemu/qemu_firmware.c                      | 47 ++++++++++++++-----
>   .../firmware/60-edk2-ovmf-x64-amdsev.json     |  1 -
>   .../50-edk2-ovmf-4m-qcow2-x64-nosb.json       |  2 -
>   .../51-edk2-ovmf-2m-raw-x64-nosb.json         |  2 -
>   .../firmware/60-edk2-ovmf-x64-amdsev.json     |  3 +-
>   .../firmware/60-edk2-ovmf-x64-amdsevsnp.json} | 14 +++---
>   .../usr/share/qemu/firmware/90-combined.json  |  5 +-
>   tests/qemufirmwaretest.c                      |  4 +-
>   ...ware-auto-efi-rw-pflash.x86_64-latest.args | 36 ++++++++++++++
>   ...mware-auto-efi-rw-pflash.x86_64-latest.err |  1 -
>   ...mware-auto-efi-rw-pflash.x86_64-latest.xml |  6 ++-
>   .../firmware-auto-efi-rw.x86_64-latest.args   | 36 ++++++++++++++
>   .../firmware-auto-efi-rw.x86_64-latest.err    |  1 -
>   .../firmware-auto-efi-rw.x86_64-latest.xml    |  6 ++-
>   ...auto-efi-sev-snp.x86_64-latest+amdsev.args | 35 ++++++++++++++
>   ...auto-efi-sev-snp.x86_64-latest+amdsev.xml} |  9 +++-
>   .../firmware-auto-efi-sev-snp.xml             | 20 ++++++++
>   ...are-auto-efi-sev.x86_64-latest+amdsev.args | 36 ++++++++++++++
>   ...are-auto-efi-sev.x86_64-latest+amdsev.xml} |  9 +++-
>   .../qemuxmlconfdata/firmware-auto-efi-sev.xml | 20 ++++++++
>   ...urity-sev-direct.x86_64-latest+amdsev.args |  7 ++-
>   ...curity-sev-direct.x86_64-latest+amdsev.xml | 19 +++-----
>   ...nch-security-sev-direct.x86_64-latest.args |  7 ++-
>   ...unch-security-sev-direct.x86_64-latest.xml | 19 +++-----
>   .../launch-security-sev-direct.xml            | 19 +-------
>   ...ng-platform-info.x86_64-latest+amdsev.args |  9 ++--
>   ...ing-platform-info.x86_64-latest+amdsev.xml | 29 ++++++------
>   ...nch-security-sev-missing-platform-info.xml | 25 +++-------
>   ...security-sev-snp.x86_64-latest+amdsev.args | 11 +----
>   ...-security-sev-snp.x86_64-latest+amdsev.xml | 29 +-----------
>   ...launch-security-sev-snp.x86_64-latest.args | 11 +----
>   .../launch-security-sev-snp.x86_64-latest.xml | 29 +-----------
>   .../launch-security-sev-snp.xml               | 45 +-----------------
>   ...nch-security-sev.x86_64-latest+amdsev.args |  9 ++--
>   ...unch-security-sev.x86_64-latest+amdsev.xml | 29 ++++++------
>   tests/qemuxmlconfdata/launch-security-sev.xml | 25 +++-------
>   tests/qemuxmlconftest.c                       | 11 ++++-
>   38 files changed, 352 insertions(+), 279 deletions(-)
>   copy tests/qemufirmwaredata/{out/usr/share/qemu/firmware/60-edk2-ovmf-x64-amdsev.json => usr/share/qemu/firmware/60-edk2-ovmf-x64-amdsevsnp.json} (57%)
>   create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-rw-pflash.x86_64-latest.args
>   delete mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-rw-pflash.x86_64-latest.err
>   create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-rw.x86_64-latest.args
>   delete mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-rw.x86_64-latest.err
>   create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-sev-snp.x86_64-latest+amdsev.args
>   copy tests/qemuxmlconfdata/{firmware-auto-efi-rw-pflash.x86_64-latest.xml => firmware-auto-efi-sev-snp.x86_64-latest+amdsev.xml} (78%)
>   create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-sev-snp.xml
>   create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-sev.x86_64-latest+amdsev.args
>   copy tests/qemuxmlconfdata/{firmware-auto-efi-rw-pflash.x86_64-latest.xml => firmware-auto-efi-sev.x86_64-latest+amdsev.xml} (77%)
>   create mode 100644 tests/qemuxmlconfdata/firmware-auto-efi-sev.xml
>

On Mon, Sep 08, 2025 at 04:00:06PM -0600, Jim Fehlig wrote:
> Hi Andrea,
>
> Is there anything I can do to help move this series forward? I think 8/10
> can now be considered for merging, correct?

Well, yes, but I'm not particularly keen on updating libvirt's test
suite when the status in the Fedora edk2 package is still in flux.
Especially since I would like that specific change to ultimately be
entirely reverted :) More on that below.

> BTW, I'm fine with the patch order, based on your rational in 4/10
>
> https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/PZEMOM474JUHWIIX3SOUITBHHTDBIVDN/
>
> So my previous comments on patches 4 and 5 aren't really valid. Should I
> re-review those?

Yes please! All the patches that are not marked as DONOTMERGE are
good to go as far as I'm concerned.

> Were you planning to spin another version which includes
> patch 8?

Not necessarily, but I have just opened

  https://src.fedoraproject.org/rpms/edk2/pull-request/14

which contains all the changes that I believe are necessary when it
comes to firmware descriptors.

I can maybe post a respin that includes all those changes, just to
show how things would look like if they landed. Would you find that
useful?

-- 
Andrea Bolognani / Red Hat / Virtualization

On Wed, Sep 10, 2025 at 08:21:17AM -0500, Andrea Bolognani wrote:
> On Mon, Sep 08, 2025 at 04:00:06PM -0600, Jim Fehlig wrote:
> > Were you planning to spin another version which includes
> > patch 8?
>
> Not necessarily, but I have just opened
>
>   https://src.fedoraproject.org/rpms/edk2/pull-request/14
>
> which contains all the changes that I believe are necessary when it
> comes to firmware descriptors.
>
> I can maybe post a respin that includes all those changes, just to
> show how things would look like if they landed. Would you find that
> useful?

... I've just gone ahead and done it :)

https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/5WIF4JTRRHPYQ7LBP7ZTIV7E44OYGYUD/

-- 
Andrea Bolognani / Red Hat / Virtualization