[PATCH v1 01/24] Add -boot-certificates /path/dir:/path/file option in QEMU command line

Thu, 10 Apr 2025 10:57:15 -0700 

The `-boot-certificates /path/dir:/path/file` option is implemented
to provide path to either a directory or a single certificate.

Multiple paths can be delineated using a colon.

Signed-off-by: Zhuoying Cai <zy...@linux.ibm.com>
---
 qemu-options.hx | 11 +++++++++++
 system/vl.c     | 22 ++++++++++++++++++++++
 2 files changed, 33 insertions(+)

diff --git a/qemu-options.hx b/qemu-options.hx
index dc694a99a3..b460c63490 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1251,6 +1251,17 @@ SRST
     Set system UUID.
 ERST
 
+DEF("boot-certificates", HAS_ARG, QEMU_OPTION_boot_certificates,
+    "-boot-certificates /path/directory:/path/file\n"
+    "                  Provide a path to a directory or a boot certificate.\n"
+    "                  A colon may be used to delineate multiple paths.\n",
+    QEMU_ARCH_S390X)
+SRST
+``-boot-certificates /path/directory:/path/file``
+    Provide a path to a directory or a boot certificate.
+    A colon may be used to delineate multiple paths.
+ERST
+
 DEFHEADING()
 
 DEFHEADING(Block device options:)
diff --git a/system/vl.c b/system/vl.c
index ec93988a03..bd6197c887 100644
--- a/system/vl.c
+++ b/system/vl.c
@@ -510,6 +510,20 @@ static QemuOptsList qemu_action_opts = {
     },
 };
 
+static QemuOptsList qemu_boot_certificates_opts = {
+    .name = "boot-certificates",
+    .implied_opt_name = "boot-certificates",
+    .merge_lists = true,
+    .head = QTAILQ_HEAD_INITIALIZER(qemu_boot_certificates_opts.head),
+    .desc = {
+       {
+           .name = "boot-certificates",
+           .type = QEMU_OPT_STRING,
+       },
+        { /* end of list */}
+    },
+};
+
 const char *qemu_get_vm_name(void)
 {
     return qemu_name;
@@ -2879,6 +2893,7 @@ void qemu_init(int argc, char **argv)
     qemu_add_opts(&qemu_semihosting_config_opts);
     qemu_add_opts(&qemu_fw_cfg_opts);
     qemu_add_opts(&qemu_action_opts);
+    qemu_add_opts(&qemu_boot_certificates_opts);
     qemu_add_run_with_opts();
     module_call_init(MODULE_INIT_OPTS);
 
@@ -3024,6 +3039,13 @@ void qemu_init(int argc, char **argv)
             case QEMU_OPTION_boot:
                 machine_parse_property_opt(qemu_find_opts("boot-opts"), 
"boot", optarg);
                 break;
+            case QEMU_OPTION_boot_certificates:
+                opts = 
qemu_opts_parse_noisily(qemu_find_opts("boot-certificates"),
+                                               optarg, true);
+                if (!opts) {
+                    exit(1);
+                }
+                break;
             case QEMU_OPTION_fda:
             case QEMU_OPTION_fdb:
                 drive_add(IF_FLOPPY, popt->index - QEMU_OPTION_fda,
-- 
2.49.0

Reply via email to