On 12/29/25 00:40, Andrea Bolognani via Devel wrote: > This series makes it possible to use Secure Boot with aarch64 VMs. > > https://issues.redhat.com/browse/RHEL-82645 > > It needs a prerequisite series[1] to be applied first. > > Note that, while I consider the entire series to be ready for review, > there are two patches that are marked as DONOTMERGE: that's because > they respectively implement support for a JSON firmware descriptor > syntax extension that has not yet been approved, and import into the > tree firmware descriptor that are not yet part of the Fedora edk2 > package. The latter depends on the former, of course, for which > patches have been posted[2] to the QEMU mailing list. > > [1] > https://lists.libvirt.org/archives/list/[email protected]/thread/N2ETTZ3WI5RWXGJG7DW5YYMZ7UGDYMHA/ > [2] https://mail.gnu.org/archive/html/qemu-devel/2025-12/msg03462.html > > Andrea Bolognani (29): > schemas: Drop pflashFormat > schemas: Introduce firmware(Loader|Nvram)Formats > schemas: Allow JSON format for NVRAM > conf: Introduce VIR_STORAGE_FILE_JSON > conf: Allow JSON format for NVRAM in the parser > qemu_firmware: Rename qemuFirmwareFlashFile to qemuFirmwareFile > qemu_firmware: Use qemuFirmwareFile in qemuFirmwareMappingMemory > DONOTMERGE: qemu_firmware: Support extended syntax for ROM firmware > descriptors > qemu_firmware: Report NVRAM template path for ROMs > qemu_firmware: Fill in more information for ROMs > qemu_firmware: Don't skip EnsureNVRAM() for ROMs > qemu_firmware: Parse host-uefi-vars firmware feature > qemu_firmware: Split sanity check > qemu_firmware: Consider host-uefi-vars feature in sanity check > tests: Add firmware-manual-efi-qemuvars-q35 > tests: Add firmware-manual-efi-qemuvars-aarch64 > tests: Add firmware-manual-efi-qemuvars-nvram-network-nbd > tests: Add firmware-auto-efi-enrolled-keys-aarch64 > tests: Add firmware-auto-efi-format-nvram-json > qemu_capabilities: Introduce QEMU_CAPS_DEVICE_UEFI_VARS > qemu: Validate presence of uefi-vars device > qemu: Don't allow remote locations for JSON format NVRAM > qemu_firmware: Generate correct name for JSON format NVRAM > qemu_firmware: Update matching logic for ROMs > qemu_firmware: Require host-uefi-vars feature for JSON NVRAM > qemu_firmware: Allow JSON format for NVRAM > DONOTMERGE: tests: Add firmware descriptors for uefi-vars builds > qemu_command: Use uefi-vars device where appropriate > news: Document support for uefi-vars device and firmwares
> 52 files changed, 824 insertions(+), 111 deletions(-) Once QEMU part is merged then you have my: Reviewed-by: Michal Privoznik <[email protected]> Michal
