From nobody Tue Mar 3 04:54:29 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1771872530; cv=none; d=zohomail.com; s=zohoarc; b=QBFOt7vET8by2lI+vvBeedcDYpSwvO4rWDriMTJ1ac9OMNUjmoK3eU6ZWsbmbM9W7yPUL8yfXBR3W47wki/5TBNYSRzZvinlewHvL4vXYbwGqcGtAO9ifLMxLDsK8JnE17kpxvBKoomMVxj2zBina82JHp0f4su4nMjXaMDqXkI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1771872530; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id:Cc; bh=yhhr2Av9ghpENteYqOLr3B1t7+CcI5D9+h2d28qdQYo=; b=KvdKOFyUvkHdFfqUT+VA9LLH5DdVbfdHrR9RtvkpHypwZ9Cs5iPaWbRbIhNj9jEMyMAwDVxTK238o4HkjNLVCHZ5Df0j+RUiox+nBbN0FhyqlUkiAkELAbAqpiu/KibRqs438NdOS+7dg2au3hZ7ONb3q28xW6EllLgesIazuik= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1771872529997932.5128529877366; Mon, 23 Feb 2026 10:48:49 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 1A74241B29; Mon, 23 Feb 2026 13:48:49 -0500 (EST) Received: from [172.19.199.9] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 274F843EC1; Mon, 23 Feb 2026 13:35:33 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id E106041DE1; Mon, 23 Feb 2026 13:35:26 -0500 (EST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 1238141C2D for ; Mon, 23 Feb 2026 13:32:04 -0500 (EST) Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-591-0YwrLTEUPUOFyHS0ZLyIZA-1; Mon, 23 Feb 2026 13:32:03 -0500 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 5822718601C7 for ; Mon, 23 Feb 2026 18:31:57 +0000 (UTC) Received: from kinshicho.usersys.redhat.com (unknown [10.44.32.20]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 2BC3A1955D71 for ; Mon, 23 Feb 2026 18:31:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HELO_MISC_IP,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1771871524; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yhhr2Av9ghpENteYqOLr3B1t7+CcI5D9+h2d28qdQYo=; b=dkGDFoyJP6MTtV0gw1UdbvPxrIIKE0kKoEf4RZR35o8TPIBK3ez2G9hSrR9vT4t7RQAY16 daMMOQh8iw6awkCoXpE+blhuDU/NnxPbuBEx6EgWkB52auNzCUB7FWiLzti5A0Vn14KOUk nfNPgn1tDY+TXN6fyZN4CegnIft+Y0Y= X-MC-Unique: 0YwrLTEUPUOFyHS0ZLyIZA-1 X-Mimecast-MFC-AGG-ID: 0YwrLTEUPUOFyHS0ZLyIZA_1771871522 To: devel@lists.libvirt.org Subject: [PATCH v4 17/36] qemu_firmware: Split sanity check Date: Mon, 23 Feb 2026 19:31:00 +0100 Message-ID: <20260223183119.501349-18-abologna@redhat.com> In-Reply-To: <20260223183119.501349-1-abologna@redhat.com> References: <20260223183119.501349-1-abologna@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: MuyeYAOclgtMsEazuc97zjwyBVP9F9oGwwykeqFN0eE_1771871522 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-ID-Hash: N76GGHV6JM5UVURCCTWA725FRTTSVLQR X-Message-ID-Hash: N76GGHV6JM5UVURCCTWA725FRTTSVLQR X-MailFrom: abologna@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Andrea Bolognani via Devel Reply-To: Andrea Bolognani X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1771872530430158500 The two checks are semantically different, so it makes sense to perform them separately. We will soon extend the first one. While at it, start printing out the value of isConfidential. We could print the value of each firmware feature it's derived from, but that would make things unnecessarily verbose; at the same time, knowing that libvirt believes that the firmware build is targeting the confidential use case can be useful for debugging so it's worth including it. Signed-off-by: Andrea Bolognani Reviewed-by: Michal Privoznik Acked-by: Gerd Hoffmann Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_firmware.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 8b9b0d91ff..5c923b5a02 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1589,16 +1589,23 @@ qemuFirmwareSanityCheck(const qemuFirmware *fw, * VMs also don't support EFI variable storage in NVRAM, instead * the secureboot state is hardcoded to enabled. */ - if ((!isConfidential && - (supportsSecureBoot !=3D requiresSMM)) || - (hasEnrolledKeys && !supportsSecureBoot)) { + if (!isConfidential && + supportsSecureBoot !=3D requiresSMM) { VIR_WARN("Firmware description '%s' has invalid set of features: " - "%s =3D %d, %s =3D %d, %s =3D %d", + "%s =3D %d, %s =3D %d (isConfidential =3D %d)", filename, qemuFirmwareFeatureTypeToString(QEMU_FIRMWARE_FEATURE_REQ= UIRES_SMM), requiresSMM, qemuFirmwareFeatureTypeToString(QEMU_FIRMWARE_FEATURE_SEC= URE_BOOT), supportsSecureBoot, + isConfidential); + } + if (hasEnrolledKeys && !supportsSecureBoot) { + VIR_WARN("Firmware description '%s' has invalid set of features: " + "%s =3D %d, %s =3D %d", + filename, + qemuFirmwareFeatureTypeToString(QEMU_FIRMWARE_FEATURE_SEC= URE_BOOT), + supportsSecureBoot, qemuFirmwareFeatureTypeToString(QEMU_FIRMWARE_FEATURE_ENR= OLLED_KEYS), hasEnrolledKeys); } --=20 2.53.0