From: Laszlo Ersek <lersek@redhat.com>
To: "Daniel P. Berrangé" <berrange@redhat.com>,
"Gerd Hoffmann" <kraxel@redhat.com>
Cc: Thomas Huth <thuth@redhat.com>,
qemu-devel@nongnu.org, libvir-list@redhat.com,
Alexander Graf <agraf@suse.de>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
David Gibson <dgibson@redhat.com>, Eric Blake <eblake@redhat.com>,
Gary Ching-Pang Lin <glin@suse.com>,
Kashyap Chamarthy <kchamart@redhat.com>,
Markus Armbruster <armbru@redhat.com>,
Michael Roth <mdroth@linux.vnet.ibm.com>,
Michal Privoznik <mprivozn@redhat.com>,
Peter Krempa <pkrempa@redhat.com>,
Peter Maydell <peter.maydell@linaro.org>,
David Gibson <david@gibson.dropbear.id.au>,
Laurent Vivier <lvivier@redhat.com>,
Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Subject: Re: [Qemu-devel] [qemu RFC] qapi: add "firmware.json"
Date: Tue, 10 Apr 2018 14:04:04 +0200 [thread overview]
Message-ID: <f5635db3-4dbe-d1b5-1f2b-ffcb66f17243@redhat.com> (raw)
In-Reply-To: <20180410095500.GK5155@redhat.com>
On 04/10/18 11:55, Daniel P. Berrangé wrote:
> On Tue, Apr 10, 2018 at 11:51:31AM +0200, Gerd Hoffmann wrote:
>>>> Hmm, I'm wondering whenever it is useful to model things this way. It's
>>>> not like you can actually configure things for -bios seabios.rom or
>>>> -kernel uboot.elf. Only pflash allows to actually configure things, and
>>>> there are not that many useful combinations. The code needs
>>>> Read+Execute. Allowing Write could be useful in theory, to allow the
>>>> guest doing firmware updates. But I think nobody actually does that, so
>>>> in practice it is fixed. The varstore can have different permissions,
>>>> but it's only two useful combinations. Either allow access
>>>> unconditionally, or allow access in secure contect (aka smm) only.
>>>
>>> (I hope I understand your point right:)
>>>
>>> I'm also fine if we simply define a fixed (but extensible) set of
>>> mapping methods, basically a new enum type, that simply tells libvirtd
>>> what this firmware *is*. IOW, directly reference a mapping method we
>>> know libvirt implements, rather than give vague hints.
>>>
>>> This could repurpose SystemFirmwareType, but it should become more
>>> detailed. I'm thinking like:
>>> - ovmf: split files without requiring SMM
>>> - ovmf_smm: split files with SMM requirement
>>> - seabios: exactly that
>>> - ... other things others suggest.
>>
>> I wouldn't name them by firmware, that is misleading. Basically we have
>> three cases:
>>
>> (1) single firmware image (seabios, OVMF.fd, ...).
>> (2) split firmware image (OVMF_{CODE,VARS}.fd), where vars can be
>> writable unconditinally.
>> (3) split firmware image, where access to vars should be restricted
>> to smm mode.
>>
>> (2) + (3) requires pflash. (1) works with both pflash and -bios.
>
> A big chunk of the data in the schema looks specific to the pflash
> case, but this is not expressed except in the docs. Most of the time
> with QAPI when we have data that is only relevant in certain types,
> we use a discriminated union to describe it. It feels like a unioon
> approach could be better suited to this
I used a discriminated union specifically for pflash options in RFCv0,
which I didn't post. I felt that it wasn't flexible enough. :)
Laszlo
next prev parent reply other threads:[~2018-04-10 12:04 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-07 0:01 [Qemu-devel] [qemu RFC] qapi: add "firmware.json" Laszlo Ersek
2018-04-09 7:26 ` Thomas Huth
2018-04-09 8:19 ` Gerd Hoffmann
2018-04-09 16:50 ` Laszlo Ersek
2018-04-10 6:18 ` Gerd Hoffmann
2018-04-10 9:09 ` Laszlo Ersek
2018-04-10 7:33 ` Thomas Huth
2018-04-10 9:22 ` Laszlo Ersek
2018-04-10 9:32 ` Thomas Huth
2018-04-10 11:53 ` Laszlo Ersek
2018-04-10 9:09 ` Daniel P. Berrangé
2018-04-09 16:34 ` Laszlo Ersek
2018-04-10 5:59 ` Gerd Hoffmann
2018-04-10 9:07 ` Laszlo Ersek
2018-04-10 9:51 ` Gerd Hoffmann
2018-04-10 9:55 ` Daniel P. Berrangé
2018-04-10 12:04 ` Laszlo Ersek [this message]
2018-04-10 7:44 ` Thomas Huth
2018-04-10 8:57 ` Laszlo Ersek
2018-04-10 9:05 ` Daniel P. Berrangé
2018-04-10 9:19 ` Thomas Huth
2018-04-10 11:40 ` Laszlo Ersek
2018-04-09 8:08 ` Thomas Huth
2018-04-09 16:42 ` Laszlo Ersek
2018-04-10 6:27 ` Gerd Hoffmann
2018-04-10 9:16 ` Laszlo Ersek
2018-04-10 9:23 ` Daniel P. Berrangé
2018-04-10 10:09 ` Paolo Bonzini
2018-04-10 11:46 ` Laszlo Ersek
2018-04-10 9:26 ` Thomas Huth
2018-04-10 11:53 ` Laszlo Ersek
2018-04-10 9:34 ` Daniel P. Berrangé
2018-04-10 11:57 ` Laszlo Ersek
2018-04-09 8:26 ` Gerd Hoffmann
2018-04-09 16:53 ` Laszlo Ersek
2018-04-09 8:49 ` Daniel P. Berrangé
2018-04-09 17:57 ` Laszlo Ersek
2018-04-10 9:18 ` Daniel P. Berrangé
2018-04-10 11:27 ` Laszlo Ersek
2018-04-10 11:34 ` Daniel P. Berrangé
2018-04-10 11:44 ` Laszlo Ersek
2018-04-10 11:50 ` Daniel P. Berrangé
2018-04-10 11:48 ` Peter Maydell
2018-04-10 11:52 ` Daniel P. Berrangé
2018-04-10 10:20 ` Daniel P. Berrangé
2018-04-10 11:03 ` Daniel P. Berrangé
2018-04-10 11:37 ` Gerd Hoffmann
2018-04-10 12:12 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f5635db3-4dbe-d1b5-1f2b-ffcb66f17243@redhat.com \
--to=lersek@redhat.com \
--cc=agraf@suse.de \
--cc=ard.biesheuvel@linaro.org \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=david@gibson.dropbear.id.au \
--cc=dgibson@redhat.com \
--cc=eblake@redhat.com \
--cc=glin@suse.com \
--cc=kchamart@redhat.com \
--cc=kraxel@redhat.com \
--cc=libvir-list@redhat.com \
--cc=lvivier@redhat.com \
--cc=mark.cave-ayland@ilande.co.uk \
--cc=mdroth@linux.vnet.ibm.com \
--cc=mprivozn@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=pkrempa@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).