From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Laszlo Ersek <lersek@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>,
Thomas Huth <thuth@redhat.com>, Peter Krempa <pkrempa@redhat.com>,
Michael Roth <mdroth@linux.vnet.ibm.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
libvir-list@redhat.com, Markus Armbruster <armbru@redhat.com>,
Kashyap Chamarthy <kchamart@redhat.com>,
qemu-devel@nongnu.org, Alexander Graf <agraf@suse.de>,
Gary Ching-Pang Lin <glin@suse.com>,
Gerd Hoffmann <kraxel@redhat.com>,
Michal Privoznik <mprivozn@redhat.com>,
David Gibson <dgibson@redhat.com>
Subject: Re: [Qemu-devel] [qemu RFC] qapi: add "firmware.json"
Date: Tue, 10 Apr 2018 12:03:57 +0100 [thread overview]
Message-ID: <20180410110357.GP5155@redhat.com> (raw)
In-Reply-To: <20180410102033.GL5155@redhat.com>
On Tue, Apr 10, 2018 at 11:20:33AM +0100, Daniel P. Berrangé wrote:
> On Sat, Apr 07, 2018 at 02:01:17AM +0200, Laszlo Ersek wrote:
> > Add a schema that describes the properties of virtual machine firmware.
> >
> > Each firmware executable installed on a host system should come with a
> > JSON file that conforms to this schema, and informs the management
> > applications about the firmware's properties.
> >
> > In addition, a configuration directory with symlinks to the JSON files
> > should exist, with the symlinks carefully named to reflect a priority
> > order. Management applications can then search this directory in priority
> > order for the first firmware executable that satisfies their search
> > criteria. The found JSON file provides the management layer with domain
> > configuration bits that are required to run the firmware binary.
> >
>
> > diff --git a/qapi/firmware.json b/qapi/firmware.json
> > new file mode 100644
> > index 000000000000..f267240f44dd
> > --- /dev/null
> > +++ b/qapi/firmware.json
>
> [snip]
>
> > +{ 'struct' : 'SystemFirmware',
> > + 'data' : { 'executable' : 'FirmwareFile',
> > + 'type' : 'SystemFirmwareType',
> > + 'targets' : [ 'str' ],
> > + 'sysfw-map' : 'FirmwareMapping',
> > + '*nvram-slots' : [ 'NVRAMSlot' ],
> > + '*supports-uefi-secure-boot' : 'bool',
> > + '*supports-amd-sev' : 'bool',
> > + '*supports-acpi-s3' : 'bool',
> > + '*supports-acpi-s4' : 'bool' } }
>
> Elsewhere in the thread I mentioned that I think we should try to use a
> union approach to isolate which information is relevant to "flash" loader
> format and which is relevant to "memory" and "kernel". To try to illustrate
> what I mean by that I've knocked up an alternative structure. I also
> incorporated the points about features & target/machine types. I've left
> out the read/write/etc fields, but they could be put back in at the
> relevant position
>
>
> { 'enum' : 'SystemFirmwareType',
> 'data' : [ 'bios', 'slof', 'uboot', 'uefi' ] }
>
> { 'enum' : 'SystemFirmwareDevice',
> 'data' : [ 'memory', 'kernel', 'flash' ] }
>
> { 'enum' : 'SystemFirmwareArchitecture',
> 'data': ['x86_64', 'i386', ..etc.. ] }
>
> { 'enum' : 'SystemFirmwareFeature',
> 'data': ['acpi-s3', 'acpi-s5', 'secure-boot', 'amd-sev' ]}
>
>
> ## Struct(s) for device==memory
>
> { 'struct': 'SystemFirmwareBinaryMemory',
> 'data': { 'pathname': 'str' } }
>
>
> ## Struct(s) for device==kernel
>
> { 'struct': 'SystemFirmwareBinaryKernel',
> 'data': { 'pathname': 'str' } }
>
>
> ## Struct(s) for device==flash
>
> { 'struct': 'SystemFirmwareBinaryFlashFile',
> 'data': { 'filename': 'str',
> 'format': 'BlockdevDriver' } }
>
> { 'struct': 'SystemFirmwareBinaryFlashCode',
> 'base': 'SystemFirmwareBinaryFlashFile' }
>
> { 'struct': 'SystemFirmwareBinaryFlashVars',
> 'base': 'SystemFirmwareBinaryFlashFile',
> 'data': { 'secure-boot-key-enroll': 'bool' } }
>
> { 'struct': 'SystemFirmwareBinaryFlash',
> 'data': { 'code': 'SystemFirmwareBinaryFlashCode',
> 'vars': ['SystemFirmwareBinaryFlashVars' ] } }
>
>
> ## Discriminated struct for different loading approaches
>
> { 'union': 'SystemFirmwareBinary',
> 'base': { 'device': 'SystemFirmwareDevice' },
> 'discriminator': 'device',
> 'data': { 'memory': 'SystemFirmwareBinaryMemory',
> 'kernel': 'SystemFirmwareBinaryKernel',
> 'flash': 'SystemFirmwareBinaryFlash' } }
>
>
>
> { 'struct' : 'SystemFirmwareTarget',
> 'data': { 'architecture': 'SystemFirmwareArchitecture',
> 'machines': [ 'str' ] } }
>
>
> { 'struct' : 'SystemFirmware',
> 'data' : {
> 'description' : 'str',
> 'type' : 'SystemFirmwareType',
> 'binary' : 'SystemFirmwareBinary',
> 'targets' : [ 'SystemFirmwareTarget' ],
> 'features' : ['SystemFirmwareFeature'] } }
>
>
>
> # Examples:
> #
> # {
> # 'description': 'SeaBIOS 256k',
> # 'type': 'bios',
> # 'binary': {
> # 'type': 'memory',
> # 'filename': '/path/to/seabios/rom-256k',
> # }
> # 'targets': {
> # 'x86_64': [ "pc", "q35"],
> # 'i386': [ "pc", "q35"],
> # }
> # 'features': ['acpi-s3', 'acpi-s5'],
> # }
> # {
> # 'description': 'SeaBIOS 128k',
> # 'type': 'bios',
> # 'binary': {
> # 'type': 'memory',
> # 'filename': '/path/to/seabios/rom-128k',
> # }
> # 'targets': {
> # 'x86_64': [ "isapc"],
> # 'i386': [ "isapc"],
> # }
> # 'features': [],
> # }
> # {
> # 'description': 'OVMF',
> # 'type': 'uefi'
> # 'binary': {
> # 'type': 'flash',
> # 'code': {
> # 'filename': '/usr/share/OVMF/OVMF_CODE.secboot.fd',
> # 'format': 'raw',
> # },
> # 'vars': [
> # {
> # 'filename': '/usr/share/OVMF/OVMF_VARS.fd',
> # 'format': 'raw',
> # 'secure=boot-key-enroll': false,
> # },
> # {
> # 'filename': '/usr/share/OVMF/OVMF_VARS.secboot.fd',
> # 'format': 'raw',
> # 'secure=boot-key-enroll': true,
> # }
It occurs to me that we are actually over-thinking things, by making it
possible to list a choice of vars files per firmware. We could remove this
special case by just having separate tpo level firmware entries and a main
feature flag to say if it is enrolled or not - see below example
> # ],
> # },
> # 'targets': {
> # 'x86_64': [ "q35"],
> # }
> # 'features': ['acpi-s3', 'acpi-s5', 'secure-boot'],
> # }
> #
{
'description': 'OVMF secboot',
'type': 'uefi'
'binary': {
'type': 'flash',
'code': {
'filename': '/usr/share/OVMF/OVMF_CODE.secboot.fd',
'format': 'raw',
},
'vars': {
'filename': '/usr/share/OVMF/OVMF_VARS.fd',
'format': 'raw',
},
},
'targets': {
'x86_64': [ "q35"],
}
'features': ['acpi-s3', 'acpi-s5', 'secure-boot'],
}
{
'description': 'OVMF secboot enrolled',
'type': 'uefi'
'binary': {
'type': 'flash',
'code': {
'filename': '/usr/share/OVMF/OVMF_CODE.secboot.fd',
'format': 'raw',
},
'vars': {
'filename': '/usr/share/OVMF/OVMF_VARS.secboot.fd',
'format': 'raw',
}
},
'targets': {
'x86_64': [ "q35"],
}
'features': ['acpi-s3', 'acpi-s5', 'secure-boot', "secure-boot-enrolled-keys"],
}
Avoiding recording the notion of secureboot enrollment against the VARs
files, means that you have more flexibility. One could just have a single
file containing both CODE+VARS, which is enrolled instead of separating
them.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2018-04-10 11:04 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-07 0:01 [Qemu-devel] [qemu RFC] qapi: add "firmware.json" Laszlo Ersek
2018-04-09 7:26 ` Thomas Huth
2018-04-09 8:19 ` Gerd Hoffmann
2018-04-09 16:50 ` Laszlo Ersek
2018-04-10 6:18 ` Gerd Hoffmann
2018-04-10 9:09 ` Laszlo Ersek
2018-04-10 7:33 ` Thomas Huth
2018-04-10 9:22 ` Laszlo Ersek
2018-04-10 9:32 ` Thomas Huth
2018-04-10 11:53 ` Laszlo Ersek
2018-04-10 9:09 ` Daniel P. Berrangé
2018-04-09 16:34 ` Laszlo Ersek
2018-04-10 5:59 ` Gerd Hoffmann
2018-04-10 9:07 ` Laszlo Ersek
2018-04-10 9:51 ` Gerd Hoffmann
2018-04-10 9:55 ` Daniel P. Berrangé
2018-04-10 12:04 ` Laszlo Ersek
2018-04-10 7:44 ` Thomas Huth
2018-04-10 8:57 ` Laszlo Ersek
2018-04-10 9:05 ` Daniel P. Berrangé
2018-04-10 9:19 ` Thomas Huth
2018-04-10 11:40 ` Laszlo Ersek
2018-04-09 8:08 ` Thomas Huth
2018-04-09 16:42 ` Laszlo Ersek
2018-04-10 6:27 ` Gerd Hoffmann
2018-04-10 9:16 ` Laszlo Ersek
2018-04-10 9:23 ` Daniel P. Berrangé
2018-04-10 10:09 ` Paolo Bonzini
2018-04-10 11:46 ` Laszlo Ersek
2018-04-10 9:26 ` Thomas Huth
2018-04-10 11:53 ` Laszlo Ersek
2018-04-10 9:34 ` Daniel P. Berrangé
2018-04-10 11:57 ` Laszlo Ersek
2018-04-09 8:26 ` Gerd Hoffmann
2018-04-09 16:53 ` Laszlo Ersek
2018-04-09 8:49 ` Daniel P. Berrangé
2018-04-09 17:57 ` Laszlo Ersek
2018-04-10 9:18 ` Daniel P. Berrangé
2018-04-10 11:27 ` Laszlo Ersek
2018-04-10 11:34 ` Daniel P. Berrangé
2018-04-10 11:44 ` Laszlo Ersek
2018-04-10 11:50 ` Daniel P. Berrangé
2018-04-10 11:48 ` Peter Maydell
2018-04-10 11:52 ` Daniel P. Berrangé
2018-04-10 10:20 ` Daniel P. Berrangé
2018-04-10 11:03 ` Daniel P. Berrangé [this message]
2018-04-10 11:37 ` Gerd Hoffmann
2018-04-10 12:12 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180410110357.GP5155@redhat.com \
--to=berrange@redhat.com \
--cc=agraf@suse.de \
--cc=ard.biesheuvel@linaro.org \
--cc=armbru@redhat.com \
--cc=dgibson@redhat.com \
--cc=glin@suse.com \
--cc=kchamart@redhat.com \
--cc=kraxel@redhat.com \
--cc=lersek@redhat.com \
--cc=libvir-list@redhat.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=mprivozn@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=pkrempa@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.