From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id 9807D1FF185
	for <inbox@lore.proxmox.com>; Mon, 23 Jun 2025 17:46:25 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 2AB4A16A97;
	Mon, 23 Jun 2025 17:45:41 +0200 (CEST)
From: Fiona Ebner <f.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Mon, 23 Jun 2025 17:44:21 +0200
Message-ID: <20250623154433.449277-12-f.ebner@proxmox.com>
X-Mailer: git-send-email 2.47.2
In-Reply-To: <20250623154433.449277-1-f.ebner@proxmox.com>
References: <20250623154433.449277-1-f.ebner@proxmox.com>
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.030 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: [pve-devel] [PATCH qemu-server 11/15] ovmf: add support for using
 blockdev
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

Co-developed-by: Alexandre Derumier <alexandre.derumier@groupe-cyllene.com>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
 src/PVE/QemuServer/OVMF.pm | 53 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)

diff --git a/src/PVE/QemuServer/OVMF.pm b/src/PVE/QemuServer/OVMF.pm
index 70c626a5..5c0d8b53 100644
--- a/src/PVE/QemuServer/OVMF.pm
+++ b/src/PVE/QemuServer/OVMF.pm
@@ -3,10 +3,13 @@ package PVE::QemuServer::OVMF;
 use strict;
 use warnings;
 
+use JSON qw(to_json);
+
 use PVE::RESTEnvironment qw(log_warn);
 use PVE::Storage;
 use PVE::Tools;
 
+use PVE::QemuServer::Blockdev;
 use PVE::QemuServer::Drive qw(checked_volume_format drive_is_read_only parse_drive print_drive);
 use PVE::QemuServer::CPUConfig qw(get_amd_sev_type get_cpu_bitness);
 use PVE::QemuServer::Helpers;
@@ -159,6 +162,56 @@ sub create_efidisk($$$$$$$$) {
     return ($volid, $size / 1024);
 }
 
+my sub generate_ovmf_blockdev {
+    my ($conf, $storecfg, $vmid, $arch, $q35) = @_;
+
+    my $drive = $conf->{efidisk0} ? parse_drive('efidisk0', $conf->{efidisk0}) : undef;
+
+    my $amd_sev_type = get_amd_sev_type($conf);
+    die "Attempting to configure SEV-SNP with pflash devices instead of using `-bios`\n"
+        if $amd_sev_type && $amd_sev_type eq 'snp';
+
+    my ($ovmf_code, $ovmf_vars) = get_ovmf_files($arch, $drive, $q35, $amd_sev_type);
+
+    my $ovmf_code_blockdev = {
+        driver => 'raw',
+        file => { driver => 'file', filename => "$ovmf_code" },
+        'node-name' => 'pflash0',
+    };
+
+    my $format;
+
+    if ($drive) {
+        my ($storeid, $volname) = PVE::Storage::parse_volume_id($drive->{file}, 1);
+        $format = $drive->{format};
+        if ($storeid) {
+            $format //= checked_volume_format($storecfg, $drive->{file});
+        } elsif (!defined($format)) {
+            die "efidisk format must be specified\n";
+        }
+    } else {
+        log_warn("no efidisk configured! Using temporary efivars disk.");
+        my $path = "/tmp/$vmid-ovmf.fd";
+        PVE::Tools::file_copy($ovmf_vars, $path, -s $ovmf_vars);
+        $drive = { file => $path };
+        $format = 'raw';
+    }
+
+    my $extra_blockdev_options = {};
+    # extra protection for templates, but SATA and IDE don't support it..
+    $extra_blockdev_options->{'read-only'} = 1 if drive_is_read_only($conf, $drive);
+
+    $extra_blockdev_options->{size} = -s $ovmf_vars if $format eq 'raw';
+
+    my $throttle_group = PVE::QemuServer::Blockdev::generate_throttle_group($drive);
+
+    my $ovmf_vars_blockdev = PVE::QemuServer::Blockdev::generate_drive_blockdev(
+        $storecfg, $drive, $extra_blockdev_options,
+    );
+
+    return ($ovmf_code_blockdev, $ovmf_vars_blockdev, $throttle_group);
+}
+
 sub print_ovmf_commandline {
     my ($conf, $storecfg, $vmid, $arch, $q35, $version_guard, $forcecpu) = @_;
 
-- 
2.47.2



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel