From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id 26DB51FF165
	for <inbox@lore.proxmox.com>; Thu, 14 Aug 2025 13:12:28 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id A687310189;
	Thu, 14 Aug 2025 13:14:06 +0200 (CEST)
From: Fiona Ebner <f.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Thu, 14 Aug 2025 13:13:46 +0200
Message-ID: <20250814111358.235632-1-f.ebner@proxmox.com>
X-Mailer: git-send-email 2.47.2
MIME-Version: 1.0
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1755170009807
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.023 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: [pve-devel] [PATCH docs] qm: ovmf: mention that an RNG device is
 required for PXE boot
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

The restriction was added with an update to the EDK2 packages for
Proxmox VE 8.4. The issue was mentioned in the known issues section,
but should also be mentioned in the docs as requested here:
https://bugzilla.proxmox.com/show_bug.cgi?id=2767#c5

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
 qm.adoc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/qm.adoc b/qm.adoc
index 55633fb..f798043 100644
--- a/qm.adoc
+++ b/qm.adoc
@@ -1136,6 +1136,10 @@ you need to set the client resolution in the OVMF menu (which you can reach
 with a press of the ESC button during boot), or you have to choose
 SPICE as the display type.
 
+When using OVMF with PXE boot, you have to add an xref:qm_virtio_rng[RNG device]
+to the VM. For security reasons, the OVMF firmware disables PXE boot for guests
+without a random number generator.
+
 [[qm_tpm]]
 Trusted Platform Module (TPM)
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-- 
2.47.2



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel