On Fri, Nov 1, 2013 at 1:40 AM, Laszlo Ersek <ler...@redhat.com> wrote: > On 10/28/13 22:27, Jordan Justen wrote: >> https://github.com/jljusten/edk2.git ovmf-nvvars-v1 >> >> This series implements support for QEMU's emulated >> system flash. >> >> This allows for persistent UEFI non-volatile variables. >> >> Previously we attemptedto emulate non-volatile >> variables in a few ways, but each of them would fail >> in particular situations. >> >> To use: >> * QEMU version 1.1 or newer is required without KVM >> * KVM support requires Linux 3.7 and QEMU 1.6 >> * Run QEMU with -pflash OVMF.fd instead of -L or -bios >> or use OvmfPkg/build.sh --enable-flash qemu ... > > That means that persistent variables will be written back to OVMF.fd > (also in accordance with patch 3/8), doesn't it? > > Would it be possible, in general, to split off the variable storage, and > keep OVMF.fd read-only, and continue to specify it with -bios?
Yes, OVMF could support this. > Because, if OVMF.fd is read/write on the host filesystem, and > non-volatile variables are written into it, then: > > - With N guests that want to have independent sets of variables, the > user needs N copies of OVMF.fd. That per se is not a big problem, but > > - Upgrading OVMF to a newer build, while preserving each guest's > variables is (a) messy -- needs fiddling with the guts of the > preexistent OVMF.fd files, (b) an O(n) operation -- each guest's copy > needs to be updated separately. True. Although, I do hope to have a flash update program for OVMF. (If for no other reason, then as an EDK II sample.) And, there was some feedback on this a while ago from Anthony: http://lists.nongnu.org/archive/html/qemu-devel/2011-07/msg02507.html > A separate, per-guest, "data only" flash, and a read-only-as-before OVMF > binary would be more flexible for Linux distributions. > > I'm not suggesting that it should be done in this series, I'm just > asking about the possibility. (For example I have no idea what happens > on a physical host to someone's NvVars when the UEFI BIOS is reflashed > to a newer build.) It would take a change to QEMU. Right now you have -bios for a ROM or -pflash for a flash. There were some discussions on QEMU devel about how you might let a user support more than one firmware device. As you could imagine, supporting anything more complicated than -bios/-pflash looks really horrible on the qemu command line. -Jordan ------------------------------------------------------------------------------ Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
