RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2149971 - ERROR loader attribute 'readonly' cannot be specified when firmware autoselection is enabled
Summary: ERROR loader attribute 'readonly' cannot be specified when firmware autoselec...
Keywords:
Status: CLOSED DUPLICATE of bug 2112154
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: virt-manager
Version: 9.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jonathon Jongsma
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-12-01 13:38 UTC by Jiri Kortus
Modified: 2023-01-31 16:04 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-01-31 16:04:29 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-141035 0 None None None 2022-12-01 13:40:51 UTC

Description Jiri Kortus 2022-12-01 13:38:12 UTC 
Description of problem:
Running virt-install with parameters aiming to boot from CD-ROM in UEFI mode with custom loader in read-only mode fails with the following error message:

ERROR loader attribute 'readonly' cannot be specified when firmware autoselection is enabled

The actual command used was 'virt-install --os-variant rhel9-unknown --arch x86_64 --cdrom /root/installer.iso --boot uefi,loader=/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd,loader_ro=yes,loader_type=pflash,nvram_template=/usr/share/edk2/ovmf/OVMF_VARS.fd --name rtttest --memory 2048 --disk size=10 --network network=netboot,mac=00:11:22:33:44:55'.

The same command worked fine for me on RHEL-9.1 with virt-install-4.0.0-1.el9.

Version-Release number of selected component (if applicable):
virt-install-4.1.0-1.el9

How reproducible:
Always.

Steps to Reproduce:
1. Run virt-install with '--boot=uefi,loader=...,loader_ro=yes' and some other installation/boot source (--cdrom ...)

Actual results:
ERROR loader attribute 'readonly' cannot be specified when firmware autoselection is enabled

Expected results:
No errors.

Additional info:
I guess this is a special case and in the end I found out I can probably get by just fine without specifying the loader -- with only '--boot=uefi' (the remaining --boot parameters were probably some relics and probably were needed for the test in the past). However, as mentioned earlier, this combination worked fine in previous versions of virt-install and I guess there should be some way to boot from regular (cdrom, pxe, ...) source in UEFI mode with a custom firmware where the read-only mode might still make sense.
Comment 1 Jaroslav Suchanek 2022-12-05 12:30:56 UTC 
Andrea, any hint what might have changed?
Comment 2 Andrea Bolognani 2022-12-05 15:16:44 UTC 
(In reply to Jiri Kortus from comment #0)
> Description of problem:
> Running virt-install with parameters aiming to boot from CD-ROM in UEFI mode
> with custom loader in read-only mode fails with the following error message:
>
> ERROR loader attribute 'readonly' cannot be specified when firmware
> autoselection is enabled

Hi Jiri,

the behavior you're seeing is the intended one. It was changed on
purpose with

  commit de2a338dcebde096d4806e43702513284607db8f
  Author: Andrea Bolognani <abologna>
  Date:   Wed Jun 15 12:00:58 2022 +0200

    conf: Validate firmware configuration more thoroughly
    
    Generally speaking, when firmware autoselection is in use we
    don't want any information to be provided manually. There are
    two exceptions:
    
      * we still want the path to the NVRAM file to be customizable;
    
      * using <loader secure='yes'/> was how you would ask for a
        firmware that implements the Secure Boot feature in the
        original approach to firmware autoselection, so we want to
        keep that working.
    
    Anything else should result in a descriptive error.
    
    Resolves: https://gitlab.com/libvirt/libvirt/-/issues/327
    Signed-off-by: Andrea Bolognani <abologna>
    Reviewed-by: Michal Privoznik <mprivozn>

and surrounding commits, all of which are included in libvirt 8.6.0.  

Basically, libvirt supports two different ways of selecting firmware:
autoselection, where the firmware is automatically picked based on
requested features (if any), and manual mode, where all information
about the firmware are provided explicitly by the user.

In virt-install terms, these correspond to

  --boot uefi

and

  --boot loader=...,loader_ro=...,loader_type=...,nvram_template=...

respectively.

Up until the commit mentioned above, libvirt would allow mixing the
two, which would often result in confusing behaviors. Now, the two
are more clearly separated and mixing them results in an error.

> I guess this is a special case and in the end I found out I can probably get
> by just fine without specifying the loader -- with only '--boot=uefi' (the
> remaining --boot parameters were probably some relics and probably were
> needed for the test in the past).

Correct.

> However, as mentioned earlier, this
> combination worked fine in previous versions of virt-install and I guess
> there should be some way to boot from regular (cdrom, pxe, ...) source in
> UEFI mode with a custom firmware where the read-only mode might still make
> sense.

This is still possible: simply omit the 'uefi' token and you will
switch to manual firmware selection mode, where all the other
attributes are accepted and, indeed, expected.


Cole, do you think it would make sense to validate this upfront in
virt-manager and provide a nicer, more actionable error message?  I'm
thinking of something along the lines of

  Conflicting firmware selection request detected.

  Use either '--boot uefi' for firmware autoselection or '--boot
  loader=...,loader_ro=...,loader_type=...,nvram_template=... for
  manual firmware selection.
Comment 3 Jiri Kortus 2022-12-07 13:47:00 UTC 
Hi Andrea,

thank you for the clarification, now it makes more sense to me. A nicer, more descriptive error message would definitely be beneficial. I guess there may be uses like mine (with --boot uefi,loader=...,... for historical reasons) where the users will face the same error 'out of the blue' after they update virt-manager and such a hint might be useful.

Thank you,
Jirka
Comment 4 Cole Robinson 2022-12-12 16:58:00 UTC 
I generally don't like adding those types of checks to virt-install. Maybe in the future libvirt re-allows overriding one of those values when firmware=efi is used, and now our virt-install check will block legitimate usage. Or another new property is added to libvirt XML, which is also incompatible with firmware=efi, and we forget to update the list in our validation check, so the error message is inaccurate.

The libvirt error message is descriptive enough IMO, so I don't think we need to change anything in virt-install. Unless we get a lot of reports about it, like if that `--boot` line is copied from man page or some common blog post etc.
Comment 5 Andrea Bolognani 2022-12-12 18:29:16 UTC 
(In reply to Cole Robinson from comment #4)
> I generally don't like adding those types of checks to virt-install. Maybe
> in the future libvirt re-allows overriding one of those values when
> firmware=efi is used, and now our virt-install check will block legitimate
> usage. Or another new property is added to libvirt XML, which is also
> incompatible with firmware=efi, and we forget to update the list in our
> validation check, so the error message is inaccurate.

Fair enough.

> The libvirt error message is descriptive enough IMO, so I don't think we
> need to change anything in virt-install. Unless we get a lot of reports
> about it, like if that `--boot` line is copied from man page or some common
> blog post etc.

This is what the relevant section of the manual page for virt-install
currently looks like:

  ``--boot uefi``
      Configure the VM to boot from UEFI. In order for virt-install to know the
      correct UEFI parameters, libvirt needs to be advertising known UEFI binaries
      via domcapabilities XML, so this will likely only work if using properly
      configured distro packages.

  ``--boot loader=/.../OVMF_CODE.fd,loader.readonly=yes,loader.type=pflash,nvram.template=/.../OVMF_VARS.fd,loader_secure=no``
      Specify that the virtual machine use the custom OVMF binary as boot firmware,
      mapped as a virtual flash chip. In addition, request that libvirt instantiate
      the VM-specific UEFI varstore from the custom "/.../OVMF_VARS.fd" varstore
      template. This is the recommended UEFI setup, and should be used if
      --boot uefi doesn't know about your UEFI binaries. If your UEFI firmware
      supports Secure boot feature you can enable it via loader_secure.

I think it could be reworked to be more in line with current best
practices. The fact that it claims that specifying the various bits
manually is the recommended configuration is especially inaccurate
these days: firmware autoselection is definitely the way to go for
the vast majority of users at this point.

Interestingly, I had suggested making changes to this documentation a
few months back[1] but never followed through O:-) Let me prepare a
patch real quick.


[1] https://bugzilla.redhat.com/show_bug.cgi?id=2112154#c11
Comment 6 Andrea Bolognani 2022-12-12 18:50:21 UTC 
(In reply to Andrea Bolognani from comment #5)
> Interestingly, I had suggested making changes to this documentation a
> few months back[1] but never followed through O:-) Let me prepare a
> patch real quick.

https://github.com/virt-manager/virt-manager/pull/467
Comment 7 Jonathon Jongsma 2023-01-31 16:04:29 UTC 
Since the root issue is the same, closing this as a duplicate

*** This bug has been marked as a duplicate of bug 2112154 ***
Note You need to log in before you can comment on or make changes to this bug.