There are recommendations and limitations to the name of the
config blobs we need to follow [1].
Firstly, we don't want users to change any value only add new
blobs. This means, that the name must have "opt/" prefix and at
the same time must not begin with "opt/ovmf" nor "opt/org.qemu"
as these are reserved for OVMF or QEMU respectively.
Secondly, there is a limit (FW_CFG_MAX_FILE_PATH in qemu.git) of
56 characters for filename.
1: docs/specs/fw_cfg.txt from qemu.git
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
src/qemu/qemu_validate.c | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 584d1375b8..b1a81ab193 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -762,6 +762,33 @@ qemuValidateDefGetVcpuHotplugGranularity(const virDomainDef *def)
}
+static int
+qemuValidateDomainDefSysinfo(const virSysinfoDef *def,
+ virQEMUCapsPtr qemuCaps G_GNUC_UNUSED)
+{
+ size_t i;
+
+ for (i = 0; i < def->nfw_cfgs; i++) {
+ const virSysinfoFWCfgDef *f = &def->fw_cfgs[i];
+
+ if (!STRPREFIX(f->name, "opt/")) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Invalid firmware name"));
+ return -1;
+ }
+
+ if (STRPREFIX(f->name, "opt/ovmf/") ||
+ STRPREFIX(f->name, "opt/org.qemu/")) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("That firmware name is reserved"));
+ return -1;
+ }
+ }
+
+ return 0;
+}
+
+
int
qemuValidateDomainDef(const virDomainDef *def,
void *opaque)
@@ -978,6 +1005,11 @@ qemuValidateDomainDef(const virDomainDef *def,
}
}
+ for (i = 0; i < def->nsysinfo; i++) {
+ if (qemuValidateDomainDefSysinfo(def->sysinfo[i], qemuCaps) < 0)
+ return -1;
+ }
+
return 0;
}
--
2.26.2