The following changes since commit c079d3a31e45093286c65f8ca5350beb3a4404a9:
Merge tag 'pull-10.1-rc0-maintainer-140725-1' of
https://gitlab.com/stsquad/qemu into staging (2025-07-15 00:12:07 -0400)
are available in the Git repository at:
https://gitlab.com/kraxel/qemu.git tags/display-2025
.
Signed-off-by: Shaoqin Huang
Message-ID: <20250717100941.2230408-3-shahu...@redhat.com>
Reviewed-by: Zhao Liu
Signed-off-by: Gerd Hoffmann
---
hw/vfio/pci.h | 10 +-
hw/vfio/types.h | 21 +
2 files changed, 22 insertions(+), 9 deletions(-)
create mode 100644 h
Liu
Reviewed-by: Eric Auger
Signed-off-by: Shaoqin Huang
Message-ID: <20250717100941.2230408-4-shahu...@redhat.com>
Signed-off-by: Gerd Hoffmann
---
hw/core/machine.c | 2 ++
hw/display/ramfb-standalone.c | 2 +-
hw/i386/microvm.c | 3 +++
hw/i386/pc_piix
viewed-by: Eric Auger
Signed-off-by: Shaoqin Huang
Message-ID: <20250717100941.2230408-2-shahu...@redhat.com>
Signed-off-by: Gerd Hoffmann
---
hw/vfio/pci.h | 1 +
include/hw/display/ramfb.h| 2 +-
hw/display/ramfb-standalone.c | 5 -
hw/display/ramfb-stubs.c
On Wed, Jul 09, 2025 at 03:34:20PM +0200, Philippe Mathieu-Daudé wrote:
> Hi Gerd,
>
> On 9/7/25 14:30, Gerd Hoffmann wrote:
> > Implement a ConfidentialGuestSupportClass for non-confidential VMs.
> > This allows the igvm support code work without sev/tdx.
>
> Is thi
object is present.
TODO: Implement proper reset.
- re-initialize memory regions from igvm file content.
- load initial register state (if present).
Usage:
qemu-system-x86_64 \
-object nocc,id=nocc0 \
-machine confidential-guest-support=nocc0
Signed-off-by: Gerd Hoffmann
---
target
On Wed, Jul 02, 2025 at 05:28:01PM +0800, Shaoqin Huang wrote:
> Hi Eric,
>
> On 7/2/25 5:08 PM, Eric Auger wrote:
> >
> >
> > On 7/2/25 10:56 AM, Shaoqin Huang wrote:
> > > Set the "use-legacy-x86-rom" property to false by default, and only set
> > > it to true on x86 since only x86 will need i
Hi,
> > If those machine types need to set it to true. I think they can set it
> > after they have this property.
> nope it does not work like that. In case we really need to take care of
> this, this must be handled by compats.
ramfb is a sysbus device so it can only used for machine types whe
Hi,
> As you've said in comment
> https://bugzilla.redhat.com/show_bug.cgi?id=1322713#c6
> it's strange that patch causes issues at all, especially with
> '-smp 1' as in reproducer.
>
> Also repeated with -smp x>1, it still worked fine.
>
> Perhaps issue was elsewhere after all.
Yea, looks pr
Hi,
> Gerd mentioned this in the relevant bz:
>
> Note: root cause for the initrd issue noted in comment 5 is seabios
> running into problems with ehci -> io errors -> corrupted initrd.
> Sometimes it doesn't boot at all, probably in case the io errors
> happen t
Hi,
> > I'm asking because if QEMU drops the commit I mentioned above, then I
> > guess EDK2 CSM AHCI detection will break. That would be a regression.
It was broken before too, so we are "only" missing a fix,
for a rather esoteric use case.
And it could very well be that this fix is not neede
Hi,
> I didn't fix it. GitLab's mirror operation is still failing. Your
> suggestion of force pushing should fix it, but I want to understand
> why a commit was lost first.
>
> The issue is that QEMU's mirror and upstream have diverged. The
> following commit is only in QEMU's mirror repo:
>
>
HID devices by storing them in a linked list
Daniel Verkamp (3):
vbe: Add VBE 2.0+ OemData field to struct vbe_info
vgasrc: round up save/restore size
vbe: implement function 09h (get/set palette data)
Daniil Tatianin (1):
pciinit: don't misalign large BARs
Gerd Hoffma
.0 release
----
Gerd Hoffmann (2):
seabios: update submodule to 1.17.0
seabios: update binaries to 1.17.0
pc-bios/bios-256k.bin | Bin 262144 -> 262144 bytes
pc-bios/bios-microvm.bin | Bin 131072 -> 131072 bytes
Hi,
> $ qemu-system-aarch64 -machine virt -cpu max -device ati-vga
> qemu-system-aarch64: -device ati-vga: failed to find romfile "vgabios-ati.bin"
> $ qemu-system-aarch64 -machine virt -cpu max -device cirrus-vga
> qemu-system-aarch64: -device cirrus-vga: failed to find romfile
> "vgabios-ci
Hi,
> > Now the ramfb will load the vgabios-ramfb.bin unconditionally, but only
> > the x86 need the vgabios-ramfb.bin, this can cause that when use the
> > release package on arm64 it can't find the vgabios-ramfb.bin.
> Simpler to directly pass the ROM path instead of using a boolean,
> so boa
Hi,
> > If we do want to mention the editors we should probably also mention b4.
>
> Can do if somebody contributes a suitable configuration snippet.
Nothing to configure ;)
Simplest usage is 'b4 shazam $msgid' and b4 will go fetch the complete
thread from lore.kernel.org, collect all the rev
Hi,
> I do believe QEMU's current implementation is also in conformance to the spec,
> as the reset process itself is done instantly in QEMU.
Yes, that is fine spec-wise. The problem is the seabios driver which
doesn't wait until the hardware signals completion.
> I don't know if it's worth i
> Hi Gerd,
>
> Are there any plans to update the SeaBIOS firmware in QEMU soon? In
> particular someone has asked me off-list about one of my previous ESP series
> which depends upon having an updated SeaBIOS firmware.
Plan is to update to 0.17.0 as soon as it is released. Which is delayed
a bit
ing because
> ui info propagating to guest not considering scale.
>
> PATCH 8 and 9 align fixed-scale mode behavior in gtk-gl-area and gtk-egl with
> other implementations by adding appropriate padding to the window to preserve
> the scale.
Series:
Acked-by: Gerd Hoffmann
take care,
Gerd
On Sun, May 11, 2025 at 03:33:11PM +0800, Weifeng Liu wrote:
> The existence of multiple scaling factors forces us to deal with various
> coordinate systems and this would be confusing. It would be beneficial
> to define the concepts clearly and use consistent representation for
> variables in diff
On Thu, Apr 10, 2025 at 12:01:18PM +0530, Ani Sinha wrote:
>
>
> > On 9 Apr 2025, at 11:51 AM, Gerd Hoffman wrote:
> >
> > Hi,
> >
> >>> The chicken-and-egg problem arises if you go for hashing and want embed
> >>> the igvm file in the UKI.
> >>
> >> I don't really see how signing the IGVM f
Reviewed-by: Daniel P. Berrangé
Signed-off-by: Gerd Hoffmann
Message-ID: <20250319141159.1461621-7-kra...@redhat.com>
---
docs/interop/firmware.json | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/docs/interop/firmware.json b/docs/interop/firmware.json
v3 changes:
- rename firmware.json flag, more verbose documentation.
- add support for riscv and loongarch.
Gerd Hoffmann (6):
hw/uefi: flush variable store to disk in post load
hw/uefi: fix error handling in uefi_vars_json_save
hw/uefi: fix error handling in uefi_vars_json_load
hw/uefi
Gerd Hoffmann (6):
hw/uefi: flush variable store to disk in post load
hw/uefi: fix error handling in uefi_vars_json_save
hw/uefi: fix error handling in uefi_vars_json_load
hw/uefi-vars-sysbus: allow for riscv virt
hw/uefi-vars
Make live migration more robust. Commit 4c0cfc72b31a ("pflash_cfi01:
write flash contents to bdrv on incoming migration") elaborates in
detail on the motivation.
Cc: Peter Krempa
Reviewed-by: Peter Krempa
Signed-off-by: Gerd Hoffmann
Message-ID: <20250319141159.1461621-2-kra.
Allow the device being added to riscv virt VMs.
Reviewed-by: Daniel Henrique Barboza
Reviewed-by: Daniel P. Berrangé
Signed-off-by: Gerd Hoffmann
Message-ID: <20250319141159.1461621-5-kra...@redhat.com>
---
hw/riscv/virt.c | 2 ++
hw/uefi/Kconfig | 2 +-
2 files changed, 3 insertions
Catch lseek errors. Return on errors.
Use autoptr for the GString to simplify cleanup.
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Gerd Hoffmann
Message-ID: <20250319141159.1461621-3-kra...@redhat.com>
---
hw/uefi/var-service-json.c | 15 +++
1 file changed, 11 inse
Allow the device being added to loongarch virt VMs.
Reviewed-by: Daniel P. Berrangé
Signed-off-by: Gerd Hoffmann
Message-ID: <20250319141159.1461621-6-kra...@redhat.com>
---
hw/loongarch/virt.c | 2 ++
hw/uefi/Kconfig | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --gi
Catch lseek errors. Return on read errors.
Fixes: CID 1593154
Fixes: CID 1593157
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Gerd Hoffmann
Message-ID: <20250319141159.1461621-4-kra...@redhat.com>
---
hw/uefi/var-service-json.c | 9 -
1 file changed, 8 insertions(+), 1 de
On Wed, Mar 19, 2025 at 11:37:40AM +, Daniel P. Berrangé wrote:
> > > > +# @qemu-vars: The firmware expects qemu to provide an efi variable
> > > > +# store, via "uefi-vars-sysbus" or "uefi-vars-x64" device.
>
> I wonder if 'qemu-vars' is the right name here ? It feels like the
>
Catch lseek errors. Return on read errors.
Fixes: CID 1593154
Fixes: CID 1593157
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-json.c | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/hw/uefi/var-service-json.c b/hw/uefi/var-service-json.c
index f1c20a6b8c1e
Allow the device being added to loongarch virt VMs.
Signed-off-by: Gerd Hoffmann
---
hw/loongarch/virt.c | 2 ++
hw/uefi/Kconfig | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/loongarch/virt.c b/hw/loongarch/virt.c
index a5840ff96857..b6f5f6a3b546 100644
--- a/hw
Catch lseek errors. Return on errors.
Use autoptr for the GString to simplify cleanup.
Signed-off-by: Gerd Hoffmann
Reviewed-by: Philippe Mathieu-Daudé
---
hw/uefi/var-service-json.c | 15 +++
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/hw/uefi/var-service
Signed-off-by: Gerd Hoffmann
---
docs/interop/firmware.json | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/docs/interop/firmware.json b/docs/interop/firmware.json
index 57f55f6c5455..745d21d82232 100644
--- a/docs/interop/firmware.json
+++ b/docs/interop
Catch lseek errors. Return on read errors.
Fixes: CID 1593154
Fixes: CID 1593157
Signed-off-by: Gerd Hoffmann
Reviewed-by: Philippe Mathieu-Daudé
---
hw/uefi/var-service-json.c | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/hw/uefi/var-service-json.c b/hw/uefi/var
Make live migration more robust. Commit 4c0cfc72b31a ("pflash_cfi01:
write flash contents to bdrv on incoming migration") elaborates in
detail on the motivation.
Cc: Peter Krempa
Signed-off-by: Gerd Hoffmann
Reviewed-by: Peter Krempa
---
hw/uefi/var-service-core.c | 1 +
1 file
Allow the device being added to riscv virt VMs.
Signed-off-by: Gerd Hoffmann
---
hw/riscv/virt.c | 2 ++
hw/uefi/Kconfig | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
index dae46f4733cd..e517002fdfc7 100644
--- a/hw/riscv/virt.c
+++ b/hw
Hi,
> > > > There is 'stateless' already for 'firmware image in r/o flash'.
> > >
> > > What's the behaviour of UEFI if build with JSON vars support, but without
> > > QEMU providing any JSON vars backend ?
> >
> > It will panic.
>
> In that case, we must not reuse 'stateless' with such build
On Wed, Mar 19, 2025 at 11:27:41AM +, Daniel P. Berrangé wrote:
> On Tue, Mar 04, 2025 at 01:48:04PM +0100, Gerd Hoffmann wrote:
> > diff --git a/hw/uefi/Kconfig b/hw/uefi/Kconfig
> > new file mode 100644
> > index ..ca6c2bc46a96
> > --- /dev/nul
Signed-off-by: Gerd Hoffmann
---
docs/interop/firmware.json | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/docs/interop/firmware.json b/docs/interop/firmware.json
index 57f55f6c5455..76df1043dae9 100644
--- a/docs/interop/firmware.json
+++ b/docs/interop/firmware.json
On Wed, Mar 19, 2025 at 10:18:08AM +, Peter Maydell wrote:
> On Wed, 19 Mar 2025 at 08:29, Gerd Hoffmann wrote:
> > qemu_create() works only once in case libvirt hands us a
> > file handle instead of a filename.
>
> If we have to work on a filehandle, we have the probl
On Wed, Mar 19, 2025 at 11:07:05AM +, Daniel P. Berrangé wrote:
> On Wed, Mar 19, 2025 at 12:01:51PM +0100, Gerd Hoffmann wrote:
> > Signed-off-by: Gerd Hoffmann
> > ---
> > docs/interop/firmware.json | 5 -
> > 1 file changed, 4 insertions(+), 1 deletion(-)
Catch lseek errors. Return on errors.
Use autoptr for the GString to simplify cleanup.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-json.c | 15 +++
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/hw/uefi/var-service-json.c b/hw/uefi/var-service-json.c
index
Makes live migration more robust. Commit 4c0cfc72b31a ("pflash_cfi01:
write flash contents to bdrv on incoming migration") elaborates in
detail on the motivation.
Cc: Peter Krempa
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-core.c | 1 +
1 file changed, 1 insertion(+)
di
Gerd Hoffmann (4):
hw/uefi: flush variable store to disk in post load
hw/uefi: fix error handling in uefi_vars_json_save
hw/uefi: fix error handling in uefi_vars_json_load
docs/firmware: add feature flag for qemu variable store
hw/uefi/var-service-core.c | 1 +
hw/uefi/var-service
Hi,
> Hi; Coverity points out some problems in this code
> (CID 1593154, 1593157):
I'll send fixes later today.
> Do we absolutely need to be operating on a continuously open
> filedescriptor here rather than a filename? If we could make
> these functions use uv->jsonfile each time then we cou
Makes live migration more robust. Commit 4c0cfc72b31a ("pflash_cfi01:
write flash contents to bdrv on incoming migration") elaborates in
detail on the motivation.
Cc: Peter Krempa
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-core.c | 1 +
1 file changed, 1 insertion(+)
di
Hi,
> As a heads up, I believe we have a similar problem with a few of the CXL IDs.
> The root port and type 3 device both use Intel IDs that were not reserved
> for this purpose. VID=0x8086, DID=0x7075 and DID=0x0d93
Essentially we have two kinds of PCI devices in qemu.
* The ones which try
Define qapi schema for the uefi variable store state.
Use it and the generated visitor helper functions to store persistent
(EFI_VARIABLE_NON_VOLATILE) variables in JSON format on disk.
Acked-by: Markus Armbruster
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-15-
Add UEFI_VARS config option, enable by default for x86_64 and aarch64.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-17-kra...@redhat.com>
---
hw/Kconfig | 1 +
hw/uefi/Kconfig | 3 +++
2 files changed, 4 insertions(+)
create mode 100644 hw/uefi/Kconfig
diff --gi
This is the uefi variable service (EfiSmmVariableProtocol), providing
functions for listing, reading and updating variables.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-8-kra...@redhat.com>
---
hw/uefi/var-service-vars.c | 725 +
Add trace events for debugging and trouble shooting.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-16-kra...@redhat.com>
---
hw/uefi/trace-events | 17 +
1 file changed, 17 insertions(+)
create mode 100644 hw/uefi/trace-events
diff --git a/hw/uefi
This implements pkcs7 signature verification using gnutls.
Needed to check authenticated variable updates.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-12-kra...@redhat.com>
---
hw/uefi/var-service-pkcs7.c | 436
1 file change
Wire up uefi-vars in the build system.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-18-kra...@redhat.com>
---
hw/meson.build | 1 +
hw/uefi/meson.build | 19 +++
meson.build | 1 +
3 files changed, 21 insertions(+)
diff --git a/hw/meson
update rules being specified in the UEFI
specification.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-9-kra...@redhat.com>
---
hw/uefi/var-service-auth.c | 361 +
1 file changed, 361 insertions(+)
create mode 100644 hw/uefi/var-service-auth.c
Functions to serialize and de-serialize EFI signature databases. This
is needed to merge signature databases (happens in practice when
appending dbx updates) and also to extract the certificates for
pkcs7 signature verification.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409
Allow the device being added to aarch64 virt VMs.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-22-kra...@redhat.com>
---
hw/arm/virt.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index ee69081ef421..904c698b1406 100644
--- a/
: Gerd Hoffmann
Message-ID: <20250225163031.1409078-21-kra...@redhat.com>
---
hw/uefi/var-service-sysbus.c | 32
1 file changed, 32 insertions(+)
diff --git a/hw/uefi/var-service-sysbus.c b/hw/uefi/var-service-sysbus.c
index 28572981c2af..97da8672ee95 100644
--
Allow the device being added to x86_64 pc and q35 VMs.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-23-kra...@redhat.com>
---
hw/i386/pc_piix.c | 2 ++
hw/i386/pc_q35.c | 2 ++
2 files changed, 4 insertions(+)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
Add utility functions. Helpers for UEFI (ucs2) string handling.
Helpers for readable trace messages. Compare UEFI time stamps.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-7-kra...@redhat.com>
---
hw/uefi/var-service-utils.c | 241 +
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-25-kra...@redhat.com>
---
docs/devel/index-internals.rst | 1 +
docs/devel/uefi-vars.rst | 68 ++
hw/uefi/LIMITATIONS.md | 7
3 files changed, 76 insertions(+)
creat
pkcs7 stub which is used in case gnutls is not available.
It throws EFI_WRITE_PROTECTED errors unconditionally, so all
authenticated variables are readonly for the guest.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-13-kra...@redhat.com>
---
hw/uefi/var-service-pkcs7-
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-24-kra...@redhat.com>
---
MAINTAINERS | 6 ++
1 file changed, 6 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 2e7fc6fa912a..27cdfbebddef 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2820,6 +2820,12 @@ F: h
Add state structs and function declarations for the uefi-vars device.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-5-kra...@redhat.com>
---
include/hw/uefi/var-service.h | 191 ++
1 file changed, 191 insertions(+)
create mode 100644 i
Implement variable policies (Edk2VariablePolicyProtocol).
This EFI protocol allows to define restrictions for variables.
It also allows to lock down variables (disallow write access).
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-10-kra...@redhat.com>
---
hw/uefi/var-s
This adds sysbus bindings for the variable service.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-19-kra...@redhat.com>
---
hw/uefi/var-service-sysbus.c | 91
hw/uefi/meson.build | 3 +-
2 files changed, 93 insertions
Add and register function to create an device tree entry when
the device is added to the qemu platform bus.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-20-kra...@redhat.com>
---
hw/core/sysbus-fdt.c | 24
hw/uefi/var-service-sysbus.
This file defines the register interface of the uefi-vars device.
It's only a handful of registers: magic value, command and status
registers, location and size of the communication buffer.
Reviewed-by: Laszlo Ersek
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.14090
This is the core code for guest <-> host communication. This accepts
request messages from the guest, dispatches them to the service called,
and sends back the response message.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-11-kra...@redhat.com>
---
hw/uefi
2bc10b15deb4b29391628e10b18701bfbcf4be17:
docs: add uefi variable service documentation (2025-03-04 12:07:05 +0100)
- add uefi variable store support
Gerd Hoffmann (24):
Add
A bunch of #defines and structs copied over from edk2,
mostly needed to decode and encode the messages in the
communication buffer.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-4-kra...@redhat.com>
---
include/hw/uefi/var-service-edk2.h | 227 ++
entries.
This patch adds the infrastructure to add entries to the file and an
entry struct for simple devices (HARDWARE_INFO_SIMPLE_DEVICE) which have
an mmio address only.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-2-kra...@redhat.com>
---
include/hw/uefi/hardware-
Add variables for a bunch of UEFI GUIDs we will need.
Signed-off-by: Gerd Hoffmann
Message-ID: <20250225163031.1409078-6-kra...@redhat.com>
---
hw/uefi/var-service-guid.c | 99 ++
1 file changed, 99 insertions(+)
create mode 100644 hw/uefi/var-service-
t; ovmf is supported before calling ovmf parsing code. Hence, this change
> introduces an api ovmf_supported() that returns true wnen ovmf is enabled
> and false otherwise. Ovmf parsing code is only called after checking if ovmf
> is supported.
>
> Signed-off-by: Ani Sinha
Reviewed-by: Gerd Hoffmann
take care,
Gerd
les for all currently supported
> platforms. Patch 11/17 contains information on how to generate an IGVM file
> using this tool.
Looks good to me overall, although I don't know SEV good enough to
review these changes in detail.
Acked-by: Gerd Hoffmann
take care,
Gerd
On Thu, Feb 27, 2025 at 02:29:29PM +, Roy Hopkins wrote:
> Create an enum entry within FirmwareDevice for 'igvm' to describe that
> an IGVM file can be used to map firmware into memory as an alternative
> to pre-existing firmware devices.
>
> Signed-off-by: Roy Hopkins
> Acked-by: Michael S.
On Thu, Feb 27, 2025 at 01:44:07PM +, Roy Hopkins wrote:
> The IGVM loader can be used to configure both confidential and
> non-confidential guests.
For non-confidential guests the initial register state is not loaded.
https://github.com/coconut-svsm/qemu/pull/17 has a somewhat hackish fix.
t
ios-tables-test, LoongArch64 support is added
> and some basic ACPI tables is added here. It passes with command
> make check-qtest-loongarch64 with the result:
> qtest-loongarch64/bios-tables-test OK 29.52s 4 subtests passed
UEFI bits look good to me.
Acked-by: Gerd Hoffmann
take care,
Gerd
his is mostly refactoring work. No functional changes. CI pipeline does not
> break with this change.
>
> 1) https://pretalx.com/kvm-forum-2024/talk/HJSKRQ/
>
> Signed-off-by: Ani Sinha
Reviewed-by: Gerd Hoffmann
Hi,
> +void set_ovmf_flash_parsed_false(void);
Hmm, the name literally says what the function does, but gives little
background on what is going on. I think something along the lines of
'invalidate_ovmf_metadate' or 'firmware_update_notify' would be better.
Otherwise looks good to me.
take c
Gerd
- cut here ---
commit 3d2ef31cbd70f4637330fe8d8418befd907899c4
Author: Gerd Hoffmann
Date: Wed Feb 26 09:07:10 2025 +0100
[fixup] qapi docs
diff --git a/qapi/uefi.json b/qapi/uefi.json
index c1dfa76b6eb2..bdfcabe1df4d 100644
--- a/qapi/uefi.json
+++ b/qapi/uefi.
Hi,
> > +# @data: variable value, encoded as hex string.
>
> I understand this is a blob. We commonly use base64 for that. Why not
> here?
It's an existing format already supported by other tools. Guess I
should add that to the preamble.
> > +# @digest: variable certificate digest. Used t
update rules being specified in the UEFI
specification.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-auth.c | 361 +
1 file changed, 361 insertions(+)
create mode 100644 hw/uefi/var-service-auth.c
diff --git a/hw/uefi/var-service-auth.c b/hw/uefi/var-s
Add utility functions. Helpers for UEFI (ucs2) string handling.
Helpers for readable trace messages. Compare UEFI time stamps.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-utils.c | 241
1 file changed, 241 insertions(+)
create mode 100644 hw/uefi
This file defines the register interface of the uefi-vars device.
It's only a handful of registers: magic value, command and status
registers, location and size of the communication buffer.
Signed-off-by: Gerd Hoffmann
Reviewed-by: Laszlo Ersek
---
include/hw/uefi/var-service-api.h
This adds sysbus bindings for the variable service.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-sysbus.c | 91
hw/uefi/meson.build | 3 +-
2 files changed, 93 insertions(+), 1 deletion(-)
create mode 100644 hw/uefi/var-service-sysbus.c
Define qapi schema for the uefi variable store state.
Use it and the generated visitor helper functions to store persistent
(EFI_VARIABLE_NON_VOLATILE) variables in JSON format on disk.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-json.c | 243
: Gerd Hoffmann
---
hw/uefi/var-service-sysbus.c | 32
1 file changed, 32 insertions(+)
diff --git a/hw/uefi/var-service-sysbus.c b/hw/uefi/var-service-sysbus.c
index 28572981c2af..97da8672ee95 100644
--- a/hw/uefi/var-service-sysbus.c
+++ b/hw/uefi/var-service
Add trace events for debugging and trouble shooting.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/trace-events | 17 +
1 file changed, 17 insertions(+)
create mode 100644 hw/uefi/trace-events
diff --git a/hw/uefi/trace-events b/hw/uefi/trace-events
new file mode 100644
index
Wire up uefi-vars in the build system.
Signed-off-by: Gerd Hoffmann
---
hw/meson.build | 1 +
hw/uefi/meson.build | 19 +++
meson.build | 1 +
3 files changed, 21 insertions(+)
diff --git a/hw/meson.build b/hw/meson.build
index b827c82c5d7b..138f5d59e178 100644
Add variables for a bunch of UEFI GUIDs we will need.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-guid.c | 99 ++
1 file changed, 99 insertions(+)
create mode 100644 hw/uefi/var-service-guid.c
diff --git a/hw/uefi/var-service-guid.c b/hw/uefi/var
rdware-info for device discovery on x64.
- add pio transfer mode support.
v3 changes:
- switch sysbus device variant to use the qemu platform bus.
- misc minor changes.
v2 changes:
- fully implement authenticated variables.
- various cleanups and fixes.
enjoy & take care,
Gerd
Gerd H
This is the uefi variable service (EfiSmmVariableProtocol), providing
functions for listing, reading and updating variables.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-vars.c | 725 +
1 file changed, 725 insertions(+)
create mode 100644 hw/uefi/var
Add UEFI_VARS config option, enable by default for x86_64 and aarch64.
Signed-off-by: Gerd Hoffmann
---
hw/Kconfig | 1 +
hw/uefi/Kconfig | 3 +++
2 files changed, 4 insertions(+)
create mode 100644 hw/uefi/Kconfig
diff --git a/hw/Kconfig b/hw/Kconfig
index 1b4e9bb07f7d..c4dfe2e7af7c
Add and register function to create an device tree entry when
the device is added to the qemu platform bus.
Signed-off-by: Gerd Hoffmann
---
hw/core/sysbus-fdt.c | 24
hw/uefi/var-service-sysbus.c | 1 +
2 files changed, 25 insertions(+)
diff --git a/hw/core
Implement variable policies (Edk2VariablePolicyProtocol).
This EFI protocol allows to define restrictions for variables.
It also allows to lock down variables (disallow write access).
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-policy.c | 370 +++
1
This is the core code for guest <-> host communication. This accepts
request messages from the guest, dispatches them to the service called,
and sends back the response message.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-core.c | 321 +
Allow the device being added to x86_64 pc and q35 VMs.
Signed-off-by: Gerd Hoffmann
---
hw/i386/pc_piix.c | 2 ++
hw/i386/pc_q35.c | 2 ++
2 files changed, 4 insertions(+)
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 04d2957adcd7..6c91e2d29298 100644
--- a/hw/i386/pc_piix.c
+++ b
pkcs7 stub which is used in case gnutls is not available.
It throws EFI_WRITE_PROTECTED errors unconditionally, so all
authenticated variables are readonly for the guest.
Signed-off-by: Gerd Hoffmann
---
hw/uefi/var-service-pkcs7-stub.c | 16
1 file changed, 16 insertions
1 - 100 of 9579 matches
Mail list logo
