On 8/20/25 09:24, Andrea Bolognani wrote:
On Tue, Aug 19, 2025 at 04:09:28PM -0600, Jim Fehlig via Devel wrote:
On 8/13/25 09:01, Andrea Bolognani wrote:
Stressing again the fact that I know very little about SEV and its
variants, my impression is that generally speaking stateless firmware
is preferred for the use case; however in Fedora the descriptors for
"regular" edk2 builds with no Secure Boot[2] advertise support for
the "amd-sev" and "amd-sev-es" firmware features, and since they sort
before the SEV-specific builds[3] libvirt will pick them up unless
you specifically ask for the firmware to be stateless.
Not sure if the best way to get out of this situation is to shuffle
the descriptors around, drop the SEV-specific features from other
descriptors, or tweak the libvirt algorithm so that it will prefer
stateless firmware for SEV unless told otherwise.
My WIP series drops the SEV features from the incompatible descriptors.
That feels premature. I'm okay with going in that direction, but it's
not a change that we should make to the libvirt test suite before
reaching an agreement and having the change applied to the edk2
package. The libvirt test suite is intended to match the real life
behavior as closely as possible.
I will be off the remainder of the week, but can tidy the series and post a
V1 next week if there's interest.
AFAICT you've made no code change other than squashing in the fixup
that I had provided shortly after posting v1. Did I miss something?
No, you didn't miss anything. Poor choice of wording on my part. Instead of
"I've been working on a series..." it would have been clearer to say "I've been
assembling a series...". Afterall, 4 of the 6 patches are yours :-).
Your patch updating the SEV(-ES) tests to use q35 and UEFI looks
reasonable from a quick look. I'll take a closer one and report back.
Overall it doesn't IMO make sense for you to post a series off that
branch. I can pick up your test suite changes, squash in my fix and
post v2 next week.
Agree it's better for you to continue with your series :-). I was just trying to
help move this along while I had some free cycles.
Regards,
Jim
