Re: network boot always enabled with 0.15.0

[Gleb Natapov <gleb@redhat.com>]

On Thu, Aug 11, 2011 at 10:33:47AM +0000, Dietmar Maurer wrote:
> > > Also, I think the behavior was different with earlier versions.
> > Yes, it was. The behaviour changed when bootindex was introduced. I think it
> > should be easy to switch it back to what it was for -boot option, but -boot
> > is/should be deprecated in favor of bootindex anyway.
> > Implementing opt out from boot process for bootindex is doable but more
> > involving.
> 
> But I found no way to disable booting a network device using bootindex - you can 
> just set the order with that.
> 
Yes. It has to be implemented. Currently BIOS assigns default boot
priority for all devices that do not have bootindex specified. So
bootindex only influence the order in which BIOS will try devices
for booting. This way if you have 10 devices you want BIOS to try to boot
from in no particular order and one device that you want it to try first
you do not need to specify 11 bootindex parameters, but only one (or if
you do not care about the order you don't need to specify anything). We
can change BIOS to only boot from devices that has bootindex, but then
you will have to always specify it for all/most devices, or we can
add noboot device property, but that will require changes on qemu side
too.

> > > For example, if I set 'boot order=d' (boot from cdrom) and there is no cdrom in
> > the drive slot. Then the VM will boot from the network an our windows
> > installation server (RIS/WDS) will automatically trash all data on the VM disk.
> > That is quite dangerous.
> > >
> > One can argue that having such brokenly configured server in your network is
> > dangerous anyway. What about physical computer that can be trashed before
> > you even realize you had to disable network booting in the BIOS?
> 
> All hardware I know does not boot from network if I have disabled it - that's exactly the point!
With RIS/WDS server like above you may find out that you had to disable
network booting to later. I am not arguing that you can't disable network
booting on real HW, I am claiming that having such server in the network
is not good idea regardless.

> I want to disable network boot, so how can I do that?
> 
The only way you can do that currently is to use bios.bin from qemu-0.14.
The problem is mostly in the BIOS, not qemu.

--
			Gleb.