[libvirt] On the content of 'nvram' section in /etc/libvirt/qemu.conf
Kashyap Chamarthy
kchamart at redhat.com
Tue Apr 16 16:50:49 UTC 2019
I learnt from Dan Berrangé that the 'nvram' section in
`/etc/libvirt/qemu.conf` will now go away in light of all the work done
in QEMU ('firmware.json', et al) and libvirt (the firmware
auto-selection).
But for my own education, can anyone confirm that the current content of
'nvram' is out of date in terms of mapping of OVMF binaries to their
corresponding variable store ("VARS") files?
Let's see what I mean.
On my Fedora 29 box, in `/etc/libvirt/qemu.conf`, I see the following
mapping of OVMF binaries to their correspoindg "VARS" file under the
'nvram' section:
#nvram = [
# "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd",
# "/usr/share/OVMF/OVMF_CODE.secboot.fd:/usr/share/OVMF/OVMF_VARS.fd",
# "/usr/share/AAVMF/AAVMF_CODE.fd:/usr/share/AAVMF/AAVMF_VARS.fd",
# "/usr/share/AAVMF/AAVMF32_CODE.fd:/usr/share/AAVMF/AAVMF32_VARS.fd"
#]
Now let's enumerate the content of 'edk2-ovmf' package:
$> rpm -ql edk2-ovmf
/usr/share/OVMF
/usr/share/OVMF/OVMF_CODE.fd
/usr/share/OVMF/OVMF_CODE.secboot.fd
/usr/share/OVMF/OVMF_VARS.fd
/usr/share/OVMF/OVMF_VARS.secboot.fd
/usr/share/OVMF/UefiShell.iso
/usr/share/doc/edk2-ovmf
/usr/share/doc/edk2-ovmf/README
/usr/share/doc/edk2-ovmf/ovmf-whitepaper-c770f8c.txt
/usr/share/edk2
/usr/share/edk2/ovmf
/usr/share/edk2/ovmf/EnrollDefaultKeys.efi
/usr/share/edk2/ovmf/OVMF_CODE.fd
/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd
/usr/share/edk2/ovmf/OVMF_VARS.fd
/usr/share/edk2/ovmf/OVMF_VARS.secboot.fd
/usr/share/edk2/ovmf/Shell.efi
/usr/share/edk2/ovmf/UefiShell.iso
/usr/share/licenses/edk2-ovmf
/usr/share/licenses/edk2-ovmf/LICENSE.openssl
/usr/share/licenses/edk2-ovmf/License.txt
There is the /usr/share/edk2/ovmf/OVMF_VARS.secboot.fd file (which comes
with the default UEFI keys enrolled).
So, the mapping of OVMF binary to VARS file in the earlier mentioned
'nvram' section should have been:
/usr/share/OVMF/OVMF_CODE.secboot.fd:/usr/share/edk2/ovmf/OVMF_VARS.secboot.fd
Yes?
--
/kashyap
More information about the libvir-list
mailing list