From nobody Mon Feb 9 04:45:09 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1654256939; cv=none; d=zohomail.com; s=zohoarc; b=JyCURJEz5rf5pxoVjR47/th3rfSfOAAZHPNR5RqYQKOTrBpDByNDlZXBYIaxNXFU78CHjLk22C8MTBLovovefQQZN2BNy4NwSVB+DnQxgYlXrUPL5gfRcPdzOgKUrGVlQs3rjq3WNy9fUutq6s0tT/OncnHnqudb87YqZNBCaqo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1654256939; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=0vkUx9dwyGRwgKvw0nsoSAwuTXviUAqaPIuAfw1+1p8=; b=evC/cK8DaeAvupsLWIFvscUEgxc6MvROIIePkc3WiJLmXjGnCO32g92R1wED/6uD/CO9nR0O6XwoxajlUqJ4sQLdrGLOj/kAPpr6LMhYa3I+hYX51bdYBoGJ23OAd3ADE1FS5i7HxFUSFU11EbigU6A6J8gduVYhmHbcjElhq2o= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1654256939890224.3625960991492; Fri, 3 Jun 2022 04:48:59 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-373-IQjRLF2zMIe3Cdo_LIaIiw-1; Fri, 03 Jun 2022 07:48:55 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0DC8480159B; Fri, 3 Jun 2022 11:48:53 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id ED4201730C; Fri, 3 Jun 2022 11:48:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D09E31947041; Fri, 3 Jun 2022 11:48:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D12411947052 for ; Fri, 3 Jun 2022 11:48:50 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id C2D6C40CFD0D; Fri, 3 Jun 2022 11:48:50 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.40.208.20]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1603840CFD0A; Fri, 3 Jun 2022 11:48:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1654256938; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=0vkUx9dwyGRwgKvw0nsoSAwuTXviUAqaPIuAfw1+1p8=; b=T1egfHdssE/JcwQQL9P5ZUWQcax6lQUCkLw3mgD4AJ6/rDqLH/0dFcq9dmOqQtw/UAu2Ak 9LIH67/xDY2sU/MLLyDmhgha7QZEYJw1eiFyDNlq6z9mk2WuMyp8KsY0K34jHZz0NhLUHq 2djCG/occ/HSFoIufhWzYT9YRpm56iU= X-MC-Unique: IQjRLF2zMIe3Cdo_LIaIiw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v4 03/13] conf: Convert def->os.loader->nvram a virStorageSource Date: Fri, 3 Jun 2022 13:48:35 +0200 Message-Id: <4cd687c19e702aad769b54374addd5e7e1d4bd56.1654256672.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.11.54.1 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Rohit Kumar Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1654256941444100001 Content-Type: text/plain; charset="utf-8" From: Rohit Kumar Currently, libvirt allows only local filepaths to specify the location of the 'nvram' image. Changing it to virStorageSource type will allow to support remote storage for nvram. Signed-off-by: Prerna Saxena Signed-off-by: Florian Schmidt Signed-off-by: Rohit Kumar Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/conf/domain_conf.c | 16 +++++++++++++--- src/conf/domain_conf.h | 2 +- src/qemu/qemu_cgroup.c | 3 ++- src/qemu/qemu_command.c | 2 +- src/qemu/qemu_domain.c | 10 +++++++--- src/qemu/qemu_driver.c | 5 +++-- src/qemu/qemu_firmware.c | 18 +++++++++++++----- src/qemu/qemu_namespace.c | 5 +++-- src/qemu/qemu_process.c | 5 +++-- src/security/security_dac.c | 6 ++++-- src/security/security_selinux.c | 6 ++++-- src/security/virt-aa-helper.c | 5 +++-- src/vbox/vbox_common.c | 3 ++- 13 files changed, 59 insertions(+), 27 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 5d0d436a40..252e34dd2a 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -3576,7 +3576,7 @@ virDomainLoaderDefFree(virDomainLoaderDef *loader) return; g_free(loader->path); - g_free(loader->nvram); + virObjectUnref(loader->nvram); g_free(loader->nvramTemplate); g_free(loader); } @@ -18340,6 +18340,7 @@ virDomainDefParseBootLoaderOptions(virDomainDef *de= f, { xmlNodePtr loader_node =3D virXPathNode("./os/loader[1]", ctxt); const bool fwAutoSelect =3D def->os.firmware !=3D VIR_DOMAIN_OS_DEF_FI= RMWARE_NONE; + g_autofree char *nvramPath =3D NULL; if (!loader_node) return 0; @@ -18351,7 +18352,13 @@ virDomainDefParseBootLoaderOptions(virDomainDef *d= ef, fwAutoSelect) < 0) return -1; - def->os.loader->nvram =3D virXPathString("string(./os/nvram[1])", ctxt= ); + if ((nvramPath =3D virXPathString("string(./os/nvram[1])", ctxt))) { + def->os.loader->nvram =3D virStorageSourceNew(); + def->os.loader->nvram->path =3D g_steal_pointer(&nvramPath); + def->os.loader->nvram->type =3D VIR_STORAGE_TYPE_FILE; + def->os.loader->nvram->format =3D VIR_STORAGE_FILE_RAW; + } + if (!fwAutoSelect) def->os.loader->nvramTemplate =3D virXPathString("string(./os/nvra= m[1]/@template)", ctxt); @@ -27118,7 +27125,10 @@ virDomainLoaderDefFormat(virBuffer *buf, virXMLFormatElementInternal(buf, "loader", &loaderAttrBuf, &loaderChil= dBuf, false, false); virBufferEscapeString(&nvramAttrBuf, " template=3D'%s'", loader->nvram= Template); - virBufferEscapeString(&nvramChildBuf, "%s", loader->nvram); + if (loader->nvram) { + if (loader->nvram->type =3D=3D VIR_STORAGE_TYPE_FILE) + virBufferEscapeString(&nvramChildBuf, "%s", loader->nvram->pat= h); + } virXMLFormatElementInternal(buf, "nvram", &nvramAttrBuf, &nvramChildBu= f, false, false); } diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index e7e0f24443..9ec81067c6 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2253,7 +2253,7 @@ struct _virDomainLoaderDef { virTristateBool readonly; virDomainLoader type; virTristateBool secure; - char *nvram; /* path to non-volatile RAM */ + virStorageSource *nvram; char *nvramTemplate; /* user override of path to master nvram */ }; diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index aa0c927578..64baed14e6 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -581,7 +581,8 @@ qemuSetupFirmwareCgroup(virDomainObj *vm) return -1; if (vm->def->os.loader->nvram && - qemuSetupImagePathCgroup(vm, vm->def->os.loader->nvram, false) < 0) + virStorageSourceIsLocalStorage(vm->def->os.loader->nvram) && + qemuSetupImagePathCgroup(vm, vm->def->os.loader->nvram->path, fals= e) < 0) return -1; return 0; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 7dc09fc101..952336bafc 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -9668,7 +9668,7 @@ qemuBuildDomainLoaderPflashCommandLine(virCommand *cm= d, if (loader->nvram) { virBufferAddLit(&buf, "file=3D"); - virQEMUBuildBufferEscapeComma(&buf, loader->nvram); + virQEMUBuildBufferEscapeComma(&buf, loader->nvram->path); virBufferAsprintf(&buf, ",if=3Dpflash,format=3Draw,unit=3D%d", uni= t); virCommandAddArg(cmd, "-drive"); diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 86dbf7cb01..1ee3cc3922 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4678,8 +4678,12 @@ qemuDomainDefPostParse(virDomainDef *def, } if (virDomainDefHasOldStyleROUEFI(def) && - !def->os.loader->nvram) - qemuDomainNVRAMPathFormat(cfg, def, &def->os.loader->nvram); + !def->os.loader->nvram) { + def->os.loader->nvram =3D virStorageSourceNew(); + def->os.loader->nvram->type =3D VIR_STORAGE_TYPE_FILE; + def->os.loader->nvram->format =3D VIR_STORAGE_FILE_RAW; + qemuDomainNVRAMPathFormat(cfg, def, &def->os.loader->nvram->path); + } if (qemuDomainDefAddDefaultDevices(driver, def, qemuCaps) < 0) return -1; @@ -11332,7 +11336,7 @@ qemuDomainInitializePflashStorageSource(virDomainOb= j *vm) pflash1 =3D virStorageSourceNew(); pflash1->type =3D VIR_STORAGE_TYPE_FILE; pflash1->format =3D VIR_STORAGE_FILE_RAW; - pflash1->path =3D g_strdup(def->os.loader->nvram); + pflash1->path =3D g_strdup(def->os.loader->nvram->path); pflash1->readonly =3D false; pflash1->nodeformat =3D g_strdup("libvirt-pflash1-format"); pflash1->nodestorage =3D g_strdup("libvirt-pflash1-storage"); diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 0c6645ed89..c32e3cc8fe 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -6731,8 +6731,9 @@ qemuDomainUndefineFlags(virDomainPtr dom, } } - if (vm->def->os.loader && vm->def->os.loader->nvram) { - nvram_path =3D g_strdup(vm->def->os.loader->nvram); + if (vm->def->os.loader && vm->def->os.loader->nvram && + virStorageSourceIsLocalStorage(vm->def->os.loader->nvram)) { + nvram_path =3D g_strdup(vm->def->os.loader->nvram->path); } else if (vm->def->os.firmware =3D=3D VIR_DOMAIN_OS_DEF_FIRMWARE_EFI)= { qemuDomainNVRAMPathFormat(cfg, vm->def, &nvram_path); } diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 51223faadf..dd4273f73a 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1192,13 +1192,17 @@ qemuFirmwareEnableFeatures(virQEMUDriver *driver, VIR_FREE(def->os.loader->nvramTemplate); def->os.loader->nvramTemplate =3D g_strdup(flash->nvram_template.f= ilename); - if (!def->os.loader->nvram) - qemuDomainNVRAMPathFormat(cfg, def, &def->os.loader->nvram); + if (!def->os.loader->nvram) { + def->os.loader->nvram =3D virStorageSourceNew(); + def->os.loader->nvram->type =3D VIR_STORAGE_TYPE_FILE; + def->os.loader->nvram->format =3D VIR_STORAGE_FILE_RAW; + qemuDomainNVRAMPathFormat(cfg, def, &def->os.loader->nvram->pa= th); + } VIR_DEBUG("decided on firmware '%s' template '%s' NVRAM '%s'", def->os.loader->path, def->os.loader->nvramTemplate, - def->os.loader->nvram); + def->os.loader->nvram->path); break; case QEMU_FIRMWARE_DEVICE_KERNEL: @@ -1364,8 +1368,12 @@ qemuFirmwareFillDomain(virQEMUDriver *driver, * its path in domain XML) but no template for NVRAM was * specified and the varstore doesn't exist ... */ if (!virDomainDefHasOldStyleROUEFI(def) || - def->os.loader->nvramTemplate || - (!reset_nvram && virFileExists(def->os.loader->nvram))) + def->os.loader->nvramTemplate) + return 0; + + if (!reset_nvram && def->os.loader->nvram && + virStorageSourceIsLocalStorage(def->os.loader->nvram) && + virFileExists(def->os.loader->nvram->path)) return 0; /* ... then we want to consult JSON FW descriptors first, diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index 23681b14a4..9e133587b7 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -572,8 +572,9 @@ qemuDomainSetupLoader(virDomainObj *vm, case VIR_DOMAIN_LOADER_TYPE_PFLASH: *paths =3D g_slist_prepend(*paths, g_strdup(loader->path)); - if (loader->nvram) - *paths =3D g_slist_prepend(*paths, g_strdup(loader->nvram)= ); + if (loader->nvram && + virStorageSourceIsLocalStorage(loader->nvram)) + *paths =3D g_slist_prepend(*paths, g_strdup(loader->nvram-= >path)); break; case VIR_DOMAIN_LOADER_TYPE_NONE: diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 1593ca7933..dab298085f 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -4400,7 +4400,8 @@ qemuPrepareNVRAM(virQEMUDriver *driver, struct qemuPrepareNVRAMHelperData data; if (!loader || !loader->nvram || - (virFileExists(loader->nvram) && !reset_nvram)) + !virStorageSourceIsLocalStorage(loader->nvram) || + (virFileExists(loader->nvram->path) && !reset_nvram)) return 0; master_nvram_path =3D loader->nvramTemplate; @@ -4432,7 +4433,7 @@ qemuPrepareNVRAM(virQEMUDriver *driver, data.srcFD =3D srcFD; data.srcPath =3D master_nvram_path; - if (virFileRewrite(loader->nvram, + if (virFileRewrite(loader->nvram->path, S_IRUSR | S_IWUSR, cfg->user, cfg->group, qemuPrepareNVRAMHelper, diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 69c462de8b..03661efda1 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1975,7 +1975,8 @@ virSecurityDACRestoreAllLabel(virSecurityManager *mgr, } if (def->os.loader && def->os.loader->nvram && - virSecurityDACRestoreFileLabel(mgr, def->os.loader->nvram) < 0) + virStorageSourceIsLocalStorage(def->os.loader->nvram) && + virSecurityDACRestoreFileLabel(mgr, def->os.loader->nvram->path) <= 0) rc =3D -1; if (def->os.kernel && @@ -2186,8 +2187,9 @@ virSecurityDACSetAllLabel(virSecurityManager *mgr, } if (def->os.loader && def->os.loader->nvram && + virStorageSourceIsLocalStorage(def->os.loader->nvram) && virSecurityDACSetOwnership(mgr, NULL, - def->os.loader->nvram, + def->os.loader->nvram->path, user, group, true) < 0) return -1; diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 6f02baf2ce..e026212b13 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -2806,7 +2806,8 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManager = *mgr, } if (def->os.loader && def->os.loader->nvram && - virSecuritySELinuxRestoreFileLabel(mgr, def->os.loader->nvram, tru= e) < 0) + virStorageSourceIsLocalStorage(def->os.loader->nvram) && + virSecuritySELinuxRestoreFileLabel(mgr, def->os.loader->nvram->pat= h, true) < 0) rc =3D -1; if (def->os.kernel && @@ -3212,8 +3213,9 @@ virSecuritySELinuxSetAllLabel(virSecurityManager *mgr, /* This is different than kernel or initrd. The nvram store * is really a disk, qemu can read and write to it. */ if (def->os.loader && def->os.loader->nvram && + virStorageSourceIsLocalStorage(def->os.loader->nvram) && secdef && secdef->imagelabel && - virSecuritySELinuxSetFilecon(mgr, def->os.loader->nvram, + virSecuritySELinuxSetFilecon(mgr, def->os.loader->nvram->path, secdef->imagelabel, true) < 0) return -1; diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 107f217246..2ddf293c2c 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -1006,8 +1006,9 @@ get_files(vahControl * ctl) if (vah_add_file(&buf, ctl->def->os.loader->path, "rk") !=3D 0) goto cleanup; - if (ctl->def->os.loader && ctl->def->os.loader->nvram) - if (vah_add_file(&buf, ctl->def->os.loader->nvram, "rwk") !=3D 0) + if (ctl->def->os.loader && ctl->def->os.loader->nvram && + virStorageSourceIsLocalStorage(ctl->def->os.loader->nvram)) + if (vah_add_file(&buf, ctl->def->os.loader->nvram->path, "rwk") != =3D 0) goto cleanup; for (i =3D 0; i < ctl->def->ngraphics; i++) { diff --git a/src/vbox/vbox_common.c b/src/vbox/vbox_common.c index 34e555644c..e249980195 100644 --- a/src/vbox/vbox_common.c +++ b/src/vbox/vbox_common.c @@ -992,7 +992,8 @@ vboxSetBootDeviceOrder(virDomainDef *def, struct _vboxD= river *data, VIR_DEBUG("def->os.loader->path %s", def->os.loader->path); VIR_DEBUG("def->os.loader->readonly %d", def->os.loader->readonly); VIR_DEBUG("def->os.loader->type %d", def->os.loader->type); - VIR_DEBUG("def->os.loader->nvram %s", def->os.loader->nvram); + if (def->os.loader->nvram) + VIR_DEBUG("def->os.loader->nvram->path %s", def->os.loader->nv= ram->path); } VIR_DEBUG("def->os.bootloader %s", def->os.bootloader); VIR_DEBUG("def->os.bootloaderArgs %s", def->os.bootloaderArgs); --=20 2.35.3