[PATCH v4 08/13] qemu: validate: Reject virStorageSource features we don't want to support with nvram

Peter Krempa pkrempa at redhat.com
Fri Jun 3 11:48:40 UTC 2022 

From: Rohit Kumar <rohit.kumar3 at nutanix.com>

Signed-off-by: Prerna Saxena <prerna.saxena at nutanix.com>
Signed-off-by: Florian Schmidt <flosch at nutanix.com>
Signed-off-by: Rohit Kumar <rohit.kumar3 at nutanix.com>
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
 src/qemu/qemu_validate.c | 108 ++++++++++++++++++++++++++++++---------
 1 file changed, 84 insertions(+), 24 deletions(-)

diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 9b6245e6d7..48b7d08684 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -568,35 +568,95 @@ qemuValidateDomainDefPM(const virDomainDef *def,


 static int
-qemuValidateDomainDefBoot(const virDomainDef *def)
+qemuValidateDomainDefNvram(const virDomainDef *def,
+                           virQEMUCaps *qemuCaps)
 {
-    if (def->os.loader &&
-        def->os.loader->secure == VIR_TRISTATE_BOOL_YES) {
-        /* These are the QEMU implementation limitations. But we
-         * have to live with them for now. */
+    virStorageSource *src = def->os.loader->nvram;

-        if (!qemuDomainIsQ35(def)) {
-            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                           _("Secure boot is supported with q35 machine types only"));
-            return -1;
-        }
+    if (!src)
+        return 0;

-        /* Now, technically it is possible to have secure boot on
-         * 32bits too, but that would require some -cpu xxx magic
-         * too. Not worth it unless we are explicitly asked. */
-        if (def->os.arch != VIR_ARCH_X86_64) {
-            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                           _("Secure boot is supported for x86_64 architecture only"));
-            return -1;
+    switch (src->type) {
+    case VIR_STORAGE_TYPE_FILE:
+    case VIR_STORAGE_TYPE_BLOCK:
+    case VIR_STORAGE_TYPE_NETWORK:
+        break;
+
+    case VIR_STORAGE_TYPE_DIR:
+    case VIR_STORAGE_TYPE_VOLUME:
+    case VIR_STORAGE_TYPE_NVME:
+    case VIR_STORAGE_TYPE_VHOST_USER:
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("unsupported nvram disk type '%s'"),
+                       virStorageTypeToString(src->type));
+        return -1;
+
+    case VIR_STORAGE_TYPE_NONE:
+    case VIR_STORAGE_TYPE_LAST:
+        virReportEnumRangeError(virStorageType, src->type);
+        return -1;
+    }
+
+    if (src->sliceStorage) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                        _("slices are not supported with NVRAM"));
+        return -1;
+    }
+
+    if (src->pr) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                        _("persistent reservations are not supported with NVRAM"));
+        return -1;
+    }
+
+    if (src->backingStore) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                        _("backingStore is not supported with NVRAM"));
+        return -1;
+    }
+
+    if (qemuDomainValidateStorageSource(src, qemuCaps, false) < 0)
+        return -1;
+
+    return 0;
+}
+
+
+static int
+qemuValidateDomainDefBoot(const virDomainDef *def,
+                          virQEMUCaps *qemuCaps)
+{
+    if (def->os.loader) {
+        if (def->os.loader->secure == VIR_TRISTATE_BOOL_YES) {
+            /* These are the QEMU implementation limitations. But we
+             * have to live with them for now. */
+
+            if (!qemuDomainIsQ35(def)) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("Secure boot is supported with q35 machine types only"));
+                return -1;
+            }
+
+            /* Now, technically it is possible to have secure boot on
+             * 32bits too, but that would require some -cpu xxx magic
+             * too. Not worth it unless we are explicitly asked. */
+            if (def->os.arch != VIR_ARCH_X86_64) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("Secure boot is supported for x86_64 architecture only"));
+                return -1;
+            }
+
+            /* SMM will be enabled by qemuFirmwareFillDomain() if needed. */
+            if (def->os.firmware == VIR_DOMAIN_OS_DEF_FIRMWARE_NONE &&
+                def->features[VIR_DOMAIN_FEATURE_SMM] != VIR_TRISTATE_SWITCH_ON) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("Secure boot requires SMM feature enabled"));
+                return -1;
+            }
         }

-        /* SMM will be enabled by qemuFirmwareFillDomain() if needed. */
-        if (def->os.firmware == VIR_DOMAIN_OS_DEF_FIRMWARE_NONE &&
-            def->features[VIR_DOMAIN_FEATURE_SMM] != VIR_TRISTATE_SWITCH_ON) {
-            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-                           _("Secure boot requires SMM feature enabled"));
+        if (qemuValidateDomainDefNvram(def, qemuCaps) < 0)
             return -1;
-        }
     }

     return 0;
@@ -1174,7 +1234,7 @@ qemuValidateDomainDef(const virDomainDef *def,
     if (qemuValidateDomainDefPM(def, qemuCaps) < 0)
         return -1;

-    if (qemuValidateDomainDefBoot(def) < 0)
+    if (qemuValidateDomainDefBoot(def, qemuCaps) < 0)
         return -1;

     if (qemuValidateDomainVCpuTopology(def, qemuCaps) < 0)
-- 
2.35.3

More information about the libvir-list mailing list