From: Markus Armbruster <armbru@redhat.com>
To: Gerd Hoffmann <kraxel@redhat.com>
Cc: qemu-devel@nongnu.org,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Eduardo Habkost" <eduardo@habkost.net>,
qemu-arm@nongnu.org, "Ard Biesheuvel" <ardb@kernel.org>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Thomas Huth" <thuth@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
"Peter Maydell" <peter.maydell@linaro.org>,
graf@amazon.com, "Eric Blake" <eblake@redhat.com>,
"Michael Roth" <michael.roth@amd.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>
Subject: Re: [PATCH v5 14/24] hw/uefi: add var-service-json.c + qapi for NV vars.
Date: Wed, 26 Feb 2025 06:43:34 +0100 [thread overview]
Message-ID: <87zfi95khl.fsf@pond.sub.org> (raw)
In-Reply-To: <20250225163031.1409078-15-kraxel@redhat.com> (Gerd Hoffmann's message of "Tue, 25 Feb 2025 17:30:18 +0100")
Gerd Hoffmann <kraxel@redhat.com> writes:
> Define qapi schema for the uefi variable store state.
>
> Use it and the generated visitor helper functions to store persistent
> (EFI_VARIABLE_NON_VOLATILE) variables in JSON format on disk.
>
> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
[...]
> diff --git a/qapi/meson.build b/qapi/meson.build
> index e7bc54e5d047..eadde4db307f 100644
> --- a/qapi/meson.build
> +++ b/qapi/meson.build
> @@ -65,6 +65,7 @@ if have_system
> 'pci',
> 'rocker',
> 'tpm',
> + 'uefi',
> ]
> endif
> if have_system or have_tools
> diff --git a/qapi/qapi-schema.json b/qapi/qapi-schema.json
> index b1581988e4eb..2877aff73d0c 100644
> --- a/qapi/qapi-schema.json
> +++ b/qapi/qapi-schema.json
> @@ -81,3 +81,4 @@
> { 'include': 'vfio.json' }
> { 'include': 'cryptodev.json' }
> { 'include': 'cxl.json' }
> +{ 'include': 'uefi.json' }
> diff --git a/qapi/uefi.json b/qapi/uefi.json
> new file mode 100644
> index 000000000000..c1dfa76b6eb2
> --- /dev/null
> +++ b/qapi/uefi.json
> @@ -0,0 +1,55 @@
> +# -*- Mode: Python -*-
> +# vim: filetype=python
> +#
> +
> +##
> +# = UEFI Variable Store
> +#
> +# The qemu efi variable store implementation (hw/uefi/) uses this to
> +# store non-volatile variables on disk.
> +##
> +
> +##
> +# @UefiVariable:
> +#
> +# UEFI Variable. Check the UEFI specifification for more detailed
> +# information on the fields.
> +#
> +# @guid: variable namespace GUID
> +#
> +# @name: variable name, in UTF-8 encoding.
> +#
> +# @attr: variable attributes.
> +#
> +# @data: variable value, encoded as hex string.
I understand this is a blob. We commonly use base64 for that. Why not
here?
> +#
> +# @time: variable modification time. EFI_TIME struct, encoded as hex
> +# string. Used only for authenticated variables, where the
> +# EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute bit
> +# is set.
> +#
> +# @digest: variable certificate digest. Used to verify the signature
> +# of updates for authenticated variables.
How to create and verify these digests will be obvious enough to users
of this interface?
> +#
> +# Since: 10.0
> +##
> +{ 'struct' : 'UefiVariable',
> + 'data' : { 'guid' : 'str',
> + 'name' : 'str',
> + 'attr' : 'int',
> + 'data' : 'str',
> + '*time' : 'str',
> + '*digest' : 'str'}}
> +
> +##
> +# @UefiVarStore:
> +#
> +# @version: currently allways 2
always
> +#
> +# @variables: list of UEFI variables
> +#
> +# Since: 10.0
> +##
> +{ 'struct' : 'UefiVarStore',
> + 'data' : { 'version' : 'int',
> + 'variables' : [ 'UefiVariable' ] }}
next prev parent reply other threads:[~2025-02-26 5:44 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-25 16:30 [PATCH v5 00/24] hw/uefi: add uefi variable service Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 01/24] Add support for etc/hardware-info fw_cfg file Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 02/24] hw/uefi: add include/hw/uefi/var-service-api.h Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 03/24] hw/uefi: add include/hw/uefi/var-service-edk2.h Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 04/24] hw/uefi: add include/hw/uefi/var-service.h Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 05/24] hw/uefi: add var-service-guid.c Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 06/24] hw/uefi: add var-service-utils.c Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 07/24] hw/uefi: add var-service-vars.c Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 08/24] hw/uefi: add var-service-auth.c Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 09/24] hw/uefi: add var-service-policy.c Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 10/24] hw/uefi: add var-service-core.c Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 11/24] hw/uefi: add var-service-pkcs7.c Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 12/24] hw/uefi: add var-service-pkcs7-stub.c Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 13/24] hw/uefi: add var-service-siglist.c Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 14/24] hw/uefi: add var-service-json.c + qapi for NV vars Gerd Hoffmann
2025-02-26 5:43 ` Markus Armbruster [this message]
2025-02-26 7:47 ` Gerd Hoffmann
2025-02-26 8:30 ` Markus Armbruster
2025-02-26 9:12 ` Gerd Hoffmann
2025-02-26 9:49 ` Markus Armbruster
2025-02-25 16:30 ` [PATCH v5 15/24] hw/uefi: add trace-events Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 16/24] hw/uefi: add UEFI_VARS to Kconfig Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 17/24] hw/uefi: add to meson Gerd Hoffmann
2025-03-20 5:40 ` Michael Tokarev
2025-02-25 16:30 ` [PATCH v5 18/24] hw/uefi: add uefi-vars-sysbus device Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 19/24] hw/uefi-vars-sysbus: qemu platform bus support Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 20/24] hw/uefi-vars-sysbus: add x64 variant Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 21/24] hw/uefi-vars-sysbus: allow for arm virt Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 22/24] hw/uefi-vars-sysbus: allow for pc and q35 Gerd Hoffmann
2025-02-25 16:30 ` [PATCH v5 23/24] hw/uefi: add MAINTAINERS entry Gerd Hoffmann
2025-03-20 7:42 ` Philippe Mathieu-Daudé
2025-02-25 16:30 ` [PATCH v5 24/24] docs: add uefi variable service documentation Gerd Hoffmann
2025-03-20 7:41 ` Philippe Mathieu-Daudé
2025-09-16 11:41 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zfi95khl.fsf@pond.sub.org \
--to=armbru@redhat.com \
--cc=ardb@kernel.org \
--cc=berrange@redhat.com \
--cc=eblake@redhat.com \
--cc=eduardo@habkost.net \
--cc=graf@amazon.com \
--cc=kraxel@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=michael.roth@amd.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.