Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

lxd/instance/drivers/driver_qemu: force 4MB UEFI firmware in snap #12515

Merged
merged 2 commits into from
Nov 21, 2023
Merged

lxd/instance/drivers/driver_qemu: force 4MB UEFI firmware in snap #12515

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
449e8ff
lxd/instance/drivers/driver_qemu: factor out config volume mounting f…
mihalicyn Nov 21, 2023
ac76c1c
lxd/instance/drivers/driver_qemu: force 4MB UEFI firmware in snap
mihalicyn Nov 21, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 27 additions & 9 deletions lxd/instance/drivers/driver_qemu.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1926,15 +1926,9 @@ func (d *qemu) architectureSupportsUEFI(arch int) bool {
}

func (d *qemu) setupNvram() error {
d.logger.Debug("Generating NVRAM")

// Mount the instance's config volume.
_, err := d.mount()
if err != nil {
return err
}
var err error

defer func() { _ = d.unmount() }()
d.logger.Debug("Generating NVRAM")

// Cleanup existing variables.
for _, firmwares := range [][]ovmfFirmware{ovmfGenericFirmwares, ovmfSecurebootFirmwares, ovmfCSMFirmwares} {
Expand Down Expand Up @@ -2888,6 +2882,17 @@ func (d *qemu) generateQemuConfigFile(cpuInfo *cpuTopology, mountInfo *storagePo
return "", nil, fmt.Errorf("Unable to locate matching firmware: %+v", firmwares)
}

// As 2MB firmware was deprecated in the LXD snap we have to regenerate NVRAM for VMs which used the 2MB one.
if shared.InSnap() && !strings.Contains(ovmfCode, "4MB") {
mihalicyn marked this conversation as resolved.
Show resolved Hide resolved
err = d.setupNvram()
if err != nil {
return "", nil, err
}

// force to use a 4MB firmware
ovmfCode = firmwares[0].code
}

driveFirmwareOpts := qemuDriveFirmwareOpts{
roPath: filepath.Join(d.ovmfPath(), ovmfCode),
nvramPath: fmt.Sprintf("/dev/fd/%d", d.addFileDescriptor(fdFiles, nvRAMFile)),
Expand Down Expand Up @@ -5283,6 +5288,19 @@ func (d *qemu) Update(args db.InstanceArgs, userRequested bool) error {
}

if d.architectureSupportsUEFI(d.architecture) && (shared.ValueInSlice("security.secureboot", changedConfig) || shared.ValueInSlice("security.csm", changedConfig)) {
// setupNvram() requires instance's config volume to be mounted.
// The easiest way to detect that is to check if instance is running.
// TODO: extend storage API to be able to check if volume is already mounted?
if !isRunning {
// Mount the instance's config volume.
_, err := d.mount()
if err != nil {
return err
}

defer func() { _ = d.unmount() }()
}

// Re-generate the NVRAM.
err = d.setupNvram()
if err != nil {
Expand Down Expand Up @@ -8027,7 +8045,7 @@ func (d *qemu) checkFeatures(hostArch int, qemuPath string) (map[string]any, err
}

if d.architectureSupportsUEFI(hostArch) {
qemuArgs = append(qemuArgs, "-drive", fmt.Sprintf("if=pflash,format=raw,readonly=on,file=%s", filepath.Join(d.ovmfPath(), "OVMF_CODE.fd")))
qemuArgs = append(qemuArgs, "-drive", fmt.Sprintf("if=pflash,format=raw,readonly=on,file=%s", filepath.Join(d.ovmfPath(), ovmfGenericFirmwares[0].code)))
}

var stderr bytes.Buffer
Expand Down
Loading