rpms / libvirt

Clone
Source Code
GIT

Blame SOURCES/libvirt-Introduce-secure-attribute-to-os-loader-element.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale
  1.   6ae9edf51dbaf8fc23661dd156b7b59c316b75e2
  2.   SOURCES
  3.   libvirt-Introduce-secure-attribute-to-os-loader-element.patch
Blob History Raw
6ae9ed 
From 8d9b2ba3738c9447c1cdea9ea1b81eee3ffe00f4 Mon Sep 17 00:00:00 2001
6ae9ed 
Message-Id: <8d9b2ba3738c9447c1cdea9ea1b81eee3ffe00f4@dist-git>
6ae9ed 
From: Michal Privoznik <mprivozn@redhat.com>
6ae9ed 
Date: Fri, 5 Aug 2016 14:35:26 +0200
6ae9ed 
Subject: [PATCH] Introduce @secure attribute to os loader element
6ae9ed
6ae9ed 
https://bugzilla.redhat.com/show_bug.cgi?id=1304483
6ae9ed
6ae9ed 
This element will control secure boot implemented by some
6ae9ed 
firmwares. If the firmware used in <loader/> does support the
6ae9ed 
feature we must tell it to the underlying hypervisor. However, we
6ae9ed 
can't know whether loader does support it or not just by looking
6ae9ed 
at the file. Therefore we have to have an attribute to the
6ae9ed 
element where users can tell us whether the firmware is secure
6ae9ed 
boot enabled or not.
6ae9ed
6ae9ed 
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
6ae9ed 
(cherry picked from commit 64c24800437ee372d228103291626705892c3ad9)
6ae9ed 
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
6ae9ed 
---
6ae9ed 
 docs/formatdomain.html.in                          |  7 ++--
6ae9ed 
 docs/schemas/domaincommon.rng                      |  8 +++++
6ae9ed 
 src/conf/domain_conf.c                             | 14 ++++++++
6ae9ed 
 src/conf/domain_conf.h                             |  1 +
6ae9ed 
 .../qemuxml2argv-bios-nvram-secure.xml             | 41 ++++++++++++++++++++++
6ae9ed 
 5 files changed, 69 insertions(+), 2 deletions(-)
6ae9ed 
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-bios-nvram-secure.xml
6ae9ed
6ae9ed 
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
6ae9ed 
index 4d4d601..c2e261d 100644
6ae9ed 
--- a/docs/formatdomain.html.in
6ae9ed 
+++ b/docs/formatdomain.html.in
6ae9ed 
@@ -102,7 +102,7 @@
6ae9ed 
   ...
6ae9ed 
   <os>
6ae9ed 
     <type>hvm</type>
6ae9ed 
-    <loader readonly='yes' type='rom'>/usr/lib/xen/boot/hvmloader</loader>
6ae9ed 
+    <loader readonly='yes' secure='no' type='rom'>/usr/lib/xen/boot/hvmloader</loader>
6ae9ed 
     <nvram template='/usr/share/OVMF/OVMF_VARS.fd'>/var/lib/libvirt/nvram/guest_VARS.fd</nvram>
6ae9ed 
     <boot dev='hd'/>
6ae9ed 
     <boot dev='cdrom'/>
6ae9ed 
@@ -140,7 +140,10 @@
6ae9ed 
         pflash. It tells the hypervisor where in the guest
6ae9ed 
         memory the file should be mapped.  For instance, if the loader
6ae9ed 
         path points to an UEFI image, type should be
6ae9ed 
-        pflash.
6ae9ed 
+        pflash. Moreover, some firmwares may
6ae9ed 
+        implement the Secure boot feature. Attribute
6ae9ed 
+        secure can be used then to control it.
6ae9ed 
+        Since 2.1.0
6ae9ed 
       
nvram
6ae9ed 
       
Some UEFI firmwares may want to use a non-volatile memory to store
6ae9ed 
         some variables. In the host, this is represented as a file and the
6ae9ed 
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
6ae9ed 
index 3960a98..497597c 100644
6ae9ed 
--- a/docs/schemas/domaincommon.rng
6ae9ed 
+++ b/docs/schemas/domaincommon.rng
6ae9ed 
@@ -260,6 +260,14 @@
6ae9ed 
               </attribute>
6ae9ed 
             </optional>
6ae9ed 
             <optional>
6ae9ed 
+              <attribute name="secure">
6ae9ed 
+                <choice>
6ae9ed 
+                  <value>yes</value>
6ae9ed 
+                  <value>no</value>
6ae9ed 
+                </choice>
6ae9ed 
+              </attribute>
6ae9ed 
+            </optional>
6ae9ed 
+            <optional>
6ae9ed 
               <attribute name="type">
6ae9ed 
                 <choice>
6ae9ed 
                   <value>rom</value>
6ae9ed 
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
6ae9ed 
index c02c821..715ca2b 100644
6ae9ed 
--- a/src/conf/domain_conf.c
6ae9ed 
+++ b/src/conf/domain_conf.c
6ae9ed 
@@ -15371,9 +15371,11 @@ virDomainLoaderDefParseXML(xmlNodePtr node,
6ae9ed 
 {
6ae9ed 
     int ret = -1;
6ae9ed 
     char *readonly_str = NULL;
6ae9ed 
+    char *secure_str = NULL;
6ae9ed 
     char *type_str = NULL;
6ae9ed
6ae9ed 
     readonly_str = virXMLPropString(node, "readonly");
6ae9ed 
+    secure_str = virXMLPropString(node, "secure");
6ae9ed 
     type_str = virXMLPropString(node, "type");
6ae9ed 
     loader->path = (char *) xmlNodeGetContent(node);
6ae9ed
6ae9ed 
@@ -15384,6 +15386,13 @@ virDomainLoaderDefParseXML(xmlNodePtr node,
6ae9ed 
         goto cleanup;
6ae9ed 
     }
6ae9ed
6ae9ed 
+    if (secure_str &&
6ae9ed 
+        (loader->secure = virTristateBoolTypeFromString(secure_str)) <= 0) {
6ae9ed 
+        virReportError(VIR_ERR_XML_DETAIL,
6ae9ed 
+                       _("unknown secure value: %s"), secure_str);
6ae9ed 
+        goto cleanup;
6ae9ed 
+    }
6ae9ed 
+
6ae9ed 
     if (type_str) {
6ae9ed 
         int type;
6ae9ed 
         if ((type = virDomainLoaderTypeFromString(type_str)) < 0) {
6ae9ed 
@@ -15397,6 +15406,7 @@ virDomainLoaderDefParseXML(xmlNodePtr node,
6ae9ed 
     ret = 0;
6ae9ed 
  cleanup:
6ae9ed 
     VIR_FREE(readonly_str);
6ae9ed 
+    VIR_FREE(secure_str);
6ae9ed 
     VIR_FREE(type_str);
6ae9ed 
     return ret;
6ae9ed 
 }
6ae9ed 
@@ -22512,6 +22522,7 @@ virDomainLoaderDefFormat(virBufferPtr buf,
6ae9ed 
                          virDomainLoaderDefPtr loader)
6ae9ed 
 {
6ae9ed 
     const char *readonly = virTristateBoolTypeToString(loader->readonly);
6ae9ed 
+    const char *secure = virTristateBoolTypeToString(loader->secure);
6ae9ed 
     const char *type = virDomainLoaderTypeToString(loader->type);
6ae9ed
6ae9ed 
     virBufferAddLit(buf, "
6ae9ed 
@@ -22519,6 +22530,9 @@ virDomainLoaderDefFormat(virBufferPtr buf,
6ae9ed 
     if (loader->readonly)
6ae9ed 
         virBufferAsprintf(buf, " readonly='%s'", readonly);
6ae9ed
6ae9ed 
+    if (loader->secure)
6ae9ed 
+        virBufferAsprintf(buf, " secure='%s'", secure);
6ae9ed 
+
6ae9ed 
     virBufferAsprintf(buf, " type='%s'>", type);
6ae9ed
6ae9ed 
     virBufferEscapeString(buf, "%s</loader>\n", loader->path);
6ae9ed 
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
6ae9ed 
index 88b0122..6eed30e 100644
6ae9ed 
--- a/src/conf/domain_conf.h
6ae9ed 
+++ b/src/conf/domain_conf.h
6ae9ed 
@@ -1731,6 +1731,7 @@ struct _virDomainLoaderDef {
6ae9ed 
     char *path;
6ae9ed 
     int readonly;   /* enum virTristateBool */
6ae9ed 
     virDomainLoader type;
6ae9ed 
+    int secure;     /* enum virTristateBool */
6ae9ed 
     char *nvram;    /* path to non-volatile RAM */
6ae9ed 
     char *templt;   /* user override of path to master nvram */
6ae9ed 
 };
6ae9ed 
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-bios-nvram-secure.xml b/tests/qemuxml2argvdata/qemuxml2argv-bios-nvram-secure.xml
6ae9ed 
new file mode 100644
6ae9ed 
index 0000000..0ddddfe3
6ae9ed 
--- /dev/null
6ae9ed 
+++ b/tests/qemuxml2argvdata/qemuxml2argv-bios-nvram-secure.xml
6ae9ed 
@@ -0,0 +1,41 @@
6ae9ed 
+<domain type='qemu'>
6ae9ed 
+  <name>test-bios</name>
6ae9ed 
+  <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid>
6ae9ed 
+  <memory unit='KiB'>1048576</memory>
6ae9ed 
+  <currentMemory unit='KiB'>1048576</currentMemory>
6ae9ed 
+  <vcpu placement='static'>1</vcpu>
6ae9ed 
+  <os>
6ae9ed 
+    <type arch='x86_64' machine='pc-q35-2.5'>hvm</type>
6ae9ed 
+    <loader readonly='yes' secure='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.secboot.fd</loader>
6ae9ed 
+    <nvram>/usr/share/OVMF/OVMF_VARS.fd</nvram>
6ae9ed 
+    <boot dev='hd'/>
6ae9ed 
+    <bootmenu enable='yes'/>
6ae9ed 
+  </os>
6ae9ed 
+  <features>
6ae9ed 
+    <acpi/>
6ae9ed 
+    <smm state='on'/>
6ae9ed 
+  </features>
6ae9ed 
+  <clock offset='utc'/>
6ae9ed 
+  <on_poweroff>destroy</on_poweroff>
6ae9ed 
+  <on_reboot>restart</on_reboot>
6ae9ed 
+  <on_crash>restart</on_crash>
6ae9ed 
+  <devices>
6ae9ed 
+    <emulator>/usr/bin/qemu</emulator>
6ae9ed 
+    <disk type='block' device='disk'>
6ae9ed 
+      <source dev='/dev/HostVG/QEMUGuest1'/>
6ae9ed 
+      <target dev='sda' bus='scsi'/>
6ae9ed 
+      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
6ae9ed 
+    </disk>
6ae9ed 
+    <controller type='scsi' index='0'/>
6ae9ed 
+    <controller type='pci' index='0' model='pcie-root'/>
6ae9ed 
+    <serial type='pty'>
6ae9ed 
+      <target port='0'/>
6ae9ed 
+    </serial>
6ae9ed 
+    <console type='pty'>
6ae9ed 
+      <target type='serial' port='0'/>
6ae9ed 
+    </console>
6ae9ed 
+    <input type='mouse' bus='ps2'/>
6ae9ed 
+    <input type='keyboard' bus='ps2'/>
6ae9ed 
+    <memballoon model='virtio'/>
6ae9ed 
+  </devices>
6ae9ed 
+</domain>
6ae9ed 
--
6ae9ed 
2.9.2
6ae9ed

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation