From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Laszlo Ersek <lersek@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>,
Thomas Huth <thuth@redhat.com>, Peter Krempa <pkrempa@redhat.com>,
Michael Roth <mdroth@linux.vnet.ibm.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
libvir-list@redhat.com, Markus Armbruster <armbru@redhat.com>,
Kashyap Chamarthy <kchamart@redhat.com>,
qemu-devel@nongnu.org, Alexander Graf <agraf@suse.de>,
Gary Ching-Pang Lin <glin@suse.com>,
Gerd Hoffmann <kraxel@redhat.com>,
Michal Privoznik <mprivozn@redhat.com>,
David Gibson <dgibson@redhat.com>
Subject: Re: [Qemu-devel] [qemu RFC] qapi: add "firmware.json"
Date: Tue, 10 Apr 2018 12:03:57 +0100 [thread overview]
Message-ID: <20180410110357.GP5155@redhat.com> (raw)
In-Reply-To: <20180410102033.GL5155@redhat.com>
On Tue, Apr 10, 2018 at 11:20:33AM +0100, Daniel P. Berrangé wrote:
> On Sat, Apr 07, 2018 at 02:01:17AM +0200, Laszlo Ersek wrote:
> > Add a schema that describes the properties of virtual machine firmware.
> >
> > Each firmware executable installed on a host system should come with a
> > JSON file that conforms to this schema, and informs the management
> > applications about the firmware's properties.
> >
> > In addition, a configuration directory with symlinks to the JSON files
> > should exist, with the symlinks carefully named to reflect a priority
> > order. Management applications can then search this directory in priority
> > order for the first firmware executable that satisfies their search
> > criteria. The found JSON file provides the management layer with domain
> > configuration bits that are required to run the firmware binary.
> >
>
> > diff --git a/qapi/firmware.json b/qapi/firmware.json
> > new file mode 100644
> > index 000000000000..f267240f44dd
> > --- /dev/null
> > +++ b/qapi/firmware.json
>
> [snip]
>
> > +{ 'struct' : 'SystemFirmware',
> > + 'data' : { 'executable' : 'FirmwareFile',
> > + 'type' : 'SystemFirmwareType',
> > + 'targets' : [ 'str' ],
> > + 'sysfw-map' : 'FirmwareMapping',
> > + '*nvram-slots' : [ 'NVRAMSlot' ],
> > + '*supports-uefi-secure-boot' : 'bool',
> > + '*supports-amd-sev' : 'bool',
> > + '*supports-acpi-s3' : 'bool',
> > + '*supports-acpi-s4' : 'bool' } }
>
> Elsewhere in the thread I mentioned that I think we should try to use a
> union approach to isolate which information is relevant to "flash" loader
> format and which is relevant to "memory" and "kernel". To try to illustrate
> what I mean by that I've knocked up an alternative structure. I also
> incorporated the points about features & target/machine types. I've left
> out the read/write/etc fields, but they could be put back in at the
> relevant position
>
>
> { 'enum' : 'SystemFirmwareType',
> 'data' : [ 'bios', 'slof', 'uboot', 'uefi' ] }
>
> { 'enum' : 'SystemFirmwareDevice',
> 'data' : [ 'memory', 'kernel', 'flash' ] }
>
> { 'enum' : 'SystemFirmwareArchitecture',
> 'data': ['x86_64', 'i386', ..etc.. ] }
>
> { 'enum' : 'SystemFirmwareFeature',
> 'data': ['acpi-s3', 'acpi-s5', 'secure-boot', 'amd-sev' ]}
>
>
> ## Struct(s) for device==memory
>
> { 'struct': 'SystemFirmwareBinaryMemory',
> 'data': { 'pathname': 'str' } }
>
>
> ## Struct(s) for device==kernel
>
> { 'struct': 'SystemFirmwareBinaryKernel',
> 'data': { 'pathname': 'str' } }
>
>
> ## Struct(s) for device==flash
>
> { 'struct': 'SystemFirmwareBinaryFlashFile',
> 'data': { 'filename': 'str',
> 'format': 'BlockdevDriver' } }
>
> { 'struct': 'SystemFirmwareBinaryFlashCode',
> 'base': 'SystemFirmwareBinaryFlashFile' }
>
> { 'struct': 'SystemFirmwareBinaryFlashVars',
> 'base': 'SystemFirmwareBinaryFlashFile',
> 'data': { 'secure-boot-key-enroll': 'bool' } }
>
> { 'struct': 'SystemFirmwareBinaryFlash',
> 'data': { 'code': 'SystemFirmwareBinaryFlashCode',
> 'vars': ['SystemFirmwareBinaryFlashVars' ] } }
>
>
> ## Discriminated struct for different loading approaches
>
> { 'union': 'SystemFirmwareBinary',
> 'base': { 'device': 'SystemFirmwareDevice' },
> 'discriminator': 'device',
> 'data': { 'memory': 'SystemFirmwareBinaryMemory',
> 'kernel': 'SystemFirmwareBinaryKernel',
> 'flash': 'SystemFirmwareBinaryFlash' } }
>
>
>
> { 'struct' : 'SystemFirmwareTarget',
> 'data': { 'architecture': 'SystemFirmwareArchitecture',
> 'machines': [ 'str' ] } }
>
>
> { 'struct' : 'SystemFirmware',
> 'data' : {
> 'description' : 'str',
> 'type' : 'SystemFirmwareType',
> 'binary' : 'SystemFirmwareBinary',
> 'targets' : [ 'SystemFirmwareTarget' ],
> 'features' : ['SystemFirmwareFeature'] } }
>
>
>
> # Examples:
> #
> # {
> # 'description': 'SeaBIOS 256k',
> # 'type': 'bios',
> # 'binary': {
> # 'type': 'memory',
> # 'filename': '/path/to/seabios/rom-256k',
> # }
> # 'targets': {
> # 'x86_64': [ "pc", "q35"],
> # 'i386': [ "pc", "q35"],
> # }
> # 'features': ['acpi-s3', 'acpi-s5'],
> # }
> # {
> # 'description': 'SeaBIOS 128k',
> # 'type': 'bios',
> # 'binary': {
> # 'type': 'memory',
> # 'filename': '/path/to/seabios/rom-128k',
> # }
> # 'targets': {
> # 'x86_64': [ "isapc"],
> # 'i386': [ "isapc"],
> # }
> # 'features': [],
> # }
> # {
> # 'description': 'OVMF',
> # 'type': 'uefi'
> # 'binary': {
> # 'type': 'flash',
> # 'code': {
> # 'filename': '/usr/share/OVMF/OVMF_CODE.secboot.fd',
> # 'format': 'raw',
> # },
> # 'vars': [
> # {
> # 'filename': '/usr/share/OVMF/OVMF_VARS.fd',
> # 'format': 'raw',
> # 'secure=boot-key-enroll': false,
> # },
> # {
> # 'filename': '/usr/share/OVMF/OVMF_VARS.secboot.fd',
> # 'format': 'raw',
> # 'secure=boot-key-enroll': true,
> # }
It occurs to me that we are actually over-thinking things, by making it
possible to list a choice of vars files per firmware. We could remove this
special case by just having separate tpo level firmware entries and a main
feature flag to say if it is enrolled or not - see below example
> # ],
> # },
> # 'targets': {
> # 'x86_64': [ "q35"],
> # }
> # 'features': ['acpi-s3', 'acpi-s5', 'secure-boot'],
> # }
> #
{
'description': 'OVMF secboot',
'type': 'uefi'
'binary': {
'type': 'flash',
'code': {
'filename': '/usr/share/OVMF/OVMF_CODE.secboot.fd',
'format': 'raw',
},
'vars': {
'filename': '/usr/share/OVMF/OVMF_VARS.fd',
'format': 'raw',
},
},
'targets': {
'x86_64': [ "q35"],
}
'features': ['acpi-s3', 'acpi-s5', 'secure-boot'],
}
{
'description': 'OVMF secboot enrolled',
'type': 'uefi'
'binary': {
'type': 'flash',
'code': {
'filename': '/usr/share/OVMF/OVMF_CODE.secboot.fd',
'format': 'raw',
},
'vars': {
'filename': '/usr/share/OVMF/OVMF_VARS.secboot.fd',
'format': 'raw',
}
},
'targets': {
'x86_64': [ "q35"],
}
'features': ['acpi-s3', 'acpi-s5', 'secure-boot', "secure-boot-enrolled-keys"],
}
Avoiding recording the notion of secureboot enrollment against the VARs
files, means that you have more flexibility. One could just have a single
file containing both CODE+VARS, which is enrolled instead of separating
them.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2018-04-10 11:04 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-07 0:01 [Qemu-devel] [qemu RFC] qapi: add "firmware.json" Laszlo Ersek
2018-04-09 7:26 ` Thomas Huth
2018-04-09 8:19 ` Gerd Hoffmann
2018-04-09 16:50 ` Laszlo Ersek
2018-04-10 6:18 ` Gerd Hoffmann
2018-04-10 9:09 ` Laszlo Ersek
2018-04-10 7:33 ` Thomas Huth
2018-04-10 9:22 ` Laszlo Ersek
2018-04-10 9:32 ` Thomas Huth
2018-04-10 11:53 ` Laszlo Ersek
2018-04-10 9:09 ` Daniel P. Berrangé
2018-04-09 16:34 ` Laszlo Ersek
2018-04-10 5:59 ` Gerd Hoffmann
2018-04-10 9:07 ` Laszlo Ersek
2018-04-10 9:51 ` Gerd Hoffmann
2018-04-10 9:55 ` Daniel P. Berrangé
2018-04-10 12:04 ` Laszlo Ersek
2018-04-10 7:44 ` Thomas Huth
2018-04-10 8:57 ` Laszlo Ersek
2018-04-10 9:05 ` Daniel P. Berrangé
2018-04-10 9:19 ` Thomas Huth
2018-04-10 11:40 ` Laszlo Ersek
2018-04-09 8:08 ` Thomas Huth
2018-04-09 16:42 ` Laszlo Ersek
2018-04-10 6:27 ` Gerd Hoffmann
2018-04-10 9:16 ` Laszlo Ersek
2018-04-10 9:23 ` Daniel P. Berrangé
2018-04-10 10:09 ` Paolo Bonzini
2018-04-10 11:46 ` Laszlo Ersek
2018-04-10 9:26 ` Thomas Huth
2018-04-10 11:53 ` Laszlo Ersek
2018-04-10 9:34 ` Daniel P. Berrangé
2018-04-10 11:57 ` Laszlo Ersek
2018-04-09 8:26 ` Gerd Hoffmann
2018-04-09 16:53 ` Laszlo Ersek
2018-04-09 8:49 ` Daniel P. Berrangé
2018-04-09 17:57 ` Laszlo Ersek
2018-04-10 9:18 ` Daniel P. Berrangé
2018-04-10 11:27 ` Laszlo Ersek
2018-04-10 11:34 ` Daniel P. Berrangé
2018-04-10 11:44 ` Laszlo Ersek
2018-04-10 11:50 ` Daniel P. Berrangé
2018-04-10 11:48 ` Peter Maydell
2018-04-10 11:52 ` Daniel P. Berrangé
2018-04-10 10:20 ` Daniel P. Berrangé
2018-04-10 11:03 ` Daniel P. Berrangé [this message]
2018-04-10 11:37 ` Gerd Hoffmann
2018-04-10 12:12 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180410110357.GP5155@redhat.com \
--to=berrange@redhat.com \
--cc=agraf@suse.de \
--cc=ard.biesheuvel@linaro.org \
--cc=armbru@redhat.com \
--cc=dgibson@redhat.com \
--cc=glin@suse.com \
--cc=kchamart@redhat.com \
--cc=kraxel@redhat.com \
--cc=lersek@redhat.com \
--cc=libvir-list@redhat.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=mprivozn@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=pkrempa@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).