Bug 2227350
| Summary: | Tell libvirt to use the 4m version of OVMF_VARS. Fixing problem updating the DBX list. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Villy Kruse <ppywlkiqletw> |
| Component: | qemu | Assignee: | Fedora Virtualization Maintainers <virt-maint> |
| Status: | NEW --- | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 37 | CC: | berrange, cfergeau, crobinso, mcascell, pbonzini, philmd, rjones, virt-maint |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
When installing the latest DBX list, it fails because the size of OVMF-VARS is too small. the edk2-ovmf does provide a bigger OVMF-VARS in the directory /usr/share/edk2/ovmf-4m. The specification for selecting the OVMF version is controlled by files in the directory /usr/share/qemu/firmware provided by the qemu project. Currently it does not provide the ovmf-4m version. I created the file /usr/share/qemu/firmware/20-edk2-ovmf-x64-sb-4m-enrolled.json as a copy of /usr/share/qemu/firmware/30-edk2-ovmf-x64-sb-enrolled.json with the following differences --- /usr/share/qemu/firmware/20-edk2-ovmf-x64-sb-4m-enrolled.json 2023-07-28 16:06:57.046773014 +0200 +++ /usr/share/qemu/firmware/30-edk2-ovmf-x64-sb-enrolled.json 2023-06-26 02:00:00.000000000 +0200 @@ -6,11 +6,11 @@ "mapping": { "device": "flash", "executable": { - "filename": "/usr/share/edk2/ovmf-4m/OVMF_CODE.secboot.fd", + "filename": "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd", "format": "raw" }, "nvram-template": { - "filename": "/usr/share/edk2/ovmf-4m/OVMF_VARS.secboot.fd", + "filename": "/usr/share/edk2/ovmf/OVMF_VARS.secboot.fd", "format": "raw" } }, With that in place I can create a new VM and I can update the dbx list without problems Reproducible: Always