All of lore.kernel.org
 help / color / mirror / Atom feed
From: Laszlo Ersek <lersek@redhat.com>
To: Gerd Hoffmann <kraxel@redhat.com>
Cc: Kashyap Chamarthy <kchamart@redhat.com>,
	qemu-devel@nongnu.org, libvir-list@redhat.com,
	"Daniel P. Berrange" <berrange@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: Re: [Qemu-devel] [RFC] Defining firmware (OVMF, et al) metadata format & file
Date: Fri, 9 Mar 2018 16:18:45 +0100	[thread overview]
Message-ID: <88267dcb-2484-e9b9-19bf-7819403450d9@redhat.com> (raw)
In-Reply-To: <20180309142737.2qlsf6hhyayenmjl@sirius.home.kraxel.org>

On 03/09/18 15:27, Gerd Hoffmann wrote:
>   Hi,
> 
>> For OVMF (x86), I guess the initial set of properties should come from
>> the "-D FOO[=BAR]" build flags that OVMF currently supports. (The list
>> might grow or change incompatibly over time, so this is just a raw
>> starter idea.)
> 
>> (0) ARCH (one of IA32, IA32X64, X64) -- the bitnesses of the PEI and DXE
>> phases of the firmware.
>>
>> IA32 stands for "32-bit PEI and DXE". Such firmware is usable for
>> booting 32-bit OSes only, and runs on both qemu-system-i386 and
>> qemu-system-x86_64.
>>
>> IA32X64 stands for "32-bit PEI, 64-bit DXE". Needs qemu-system-x86_64
>> and runs 64-bit OSes only.
>>
>> X64 stands for "64-bit PEI and DXE". Needs qemu-system-x86_64 and runs
>> 64-bit OSes only.
> 
> I'd simply put that info the 'arch' bucket.  IA32 gets 'i386' (assuming
> we simply use qemu target names), IA32X64 + X64 get 'x86_64'.
> 
>> (1) SECURE_BOOT_ENABLE (boolean) -- whether the Secure Boot UEFI feature
>> is built into the firmware image.
> 
> Probably useful for upper management (above libvirt), for enabling
> secure boot key enrollment etc. in the UI.
> 
>> (2) SMM_REQUIRE (boolean) -- whether the SMM driver stack is included in
>> the firmware.
> 
> Needed (libvirt must enable smm).
> 
>> (3) HTTP_BOOT_ENABLE (boolean) -- whether UEFI HTTP boot is available in
>> the firmware image, in addition to the default PXE boot.
> 
>> (4) TLS_ENABLE (boolean) -- configurable independently of
>> HTTP_BOOT_ENABLE, but only really makes sense in combination.
> 
>> (5) NETWORK_IP6_ENABLE (boolean) -- determines whether IPv6 support is
>> available.
> 
> Do we actually need formal flags for these?  Which application would
> use them?
> 
> For humans this can go into the freeform "description" text field.
> 
>> (6) FD_SIZE_IN_KB (one of: 1024, 2048, 4096) -- the size of the combined
>> firmware image (executable portion and variable store together), in KB.
> 
> Hmm, dunno.  Might be useful as varstores are not portable between
> builds of different sizes, so libvirt could use this for sanity checks.
> 
>> (7) DEBUG_ON_SERIAL_PORT (boolean) -- whether OVMF sends its debug
>> messages to the QEMU debug IO port, or to the serial port.
> 
>> (8) SOURCE_DEBUG_ENABLE (boolean) -- whether OVMF includes the edk2
>> debug agent that allows it to be debugged from a proprietary debugger
>> program, likely connected via the emulated serial port.
> 
>> (9) CSM_ENABLE (boolean) -- whether OVMF includes traditional BIOS
>> support, by including the SeaBIOS Compatibility Support Module.
> 
> Same question as for 3+4+5: Do we really need those?
> 
>> Given that the SeaBIOS CSM itself can be built with various
>> configurations, it might make sense to list further properties when this
>> property is enabled.
> 
> I doubt this is useful, established practice is that people just use
> seabios directly instead if using the ovmf+csm combo.
> 
>> (10) E1000_ENABLE (boolean) -- whether OVMF includes the
>> non-redistributable, binary only E1000(E) UEFI driver module from Intel
>> (previously known as "PROEFI", more recently known as "BootUtil").
> 
>> (11) USE_OLD_SHELL (boolean) -- whether the UEFI shell implementation
>> built into OVMF is the old (EDK1 / EFI-1 style) shell which lives in a
>> separate repository, or the new (EDK2 / UEFI-2 style) shell which lives
>> within the edk2 project.
> 
>> (12) TOOLCHAIN (string): the edk2 toolchain identifier with which the
>> firmware was built.
> 
>> (13) TARGET (one of NOOPT, DEBUG, RELEASE) -- the target for which the
>> firmware image was built.
> 
> Same question as for 3+4+5+7+8+9: Do we really need those?

I can't judge that. To me all these flags are meaningful. It doesn't
hurt to keep them spelled out in the metadata; they don't take much
space, they are easy to ignore, and if someone searches for them, they
are there.

I'll offer an analogy. Sometimes it would be useful to know the full
kernel config used on a distro's Live or Installer ISO. Just today I got
a question off-list as to whether the aarch64 Fedora 28 Live iso has
CONFIG_ARM64_PMEM enabled or not. I have no clue, but this type of
question is not far from the domain of "libosinfo" (which basically
tells you what OS release has drivers for what devices). Is "libfwinfo"
such a stretch? Maybe. :)

So, whether this level of detail is useful to end-users and/or
management applications, I cannot tell; I just wanted to expose the
"current spectrum" (for OVMF and ArmVirtQemu) in reasonable detail.

Thanks
Laszlo

  reply	other threads:[~2018-03-09 15:19 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-03-07 14:49 [Qemu-devel] [RFC] Defining firmware (OVMF, et al) metadata format & file Kashyap Chamarthy
2018-03-07 15:18 ` Daniel P. Berrangé
2018-03-08  7:52   ` Gerd Hoffmann
2018-03-08 10:17     ` Daniel P. Berrangé
2018-04-06 17:28       ` Laszlo Ersek
2018-04-06 18:10         ` Eric Blake
2018-04-06 18:21           ` Laszlo Ersek
2018-04-09  9:02             ` Kashyap Chamarthy
2018-04-09 15:32               ` Laszlo Ersek
2018-03-09 10:02     ` Kashyap Chamarthy
2018-03-08  7:45 ` Gerd Hoffmann
2018-03-08 10:16   ` Daniel P. Berrangé
2018-03-08 11:10 ` Laszlo Ersek
2018-03-08 15:47   ` Daniel P. Berrangé
2018-03-08 20:47     ` Laszlo Ersek
2018-03-09 11:27       ` Kashyap Chamarthy
2018-03-09 15:09         ` Laszlo Ersek
2018-03-12 11:17       ` Daniel P. Berrangé
2018-03-09 14:27   ` Gerd Hoffmann
2018-03-09 15:18     ` Laszlo Ersek [this message]
2018-03-12 11:13       ` Daniel P. Berrangé

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=88267dcb-2484-e9b9-19bf-7819403450d9@redhat.com \
    --to=lersek@redhat.com \
    --cc=ard.biesheuvel@linaro.org \
    --cc=berrange@redhat.com \
    --cc=kchamart@redhat.com \
    --cc=kraxel@redhat.com \
    --cc=libvir-list@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.