> -----Original Message----- > From: Pavel Hrdina <phrd...@redhat.com> > Sent: Friday, June 18, 2021 8:34 PM > To: Duan, Zhenzhong <zhenzhong.d...@intel.com> > Cc: libvir-list@redhat.com; Yamahata, Isaku <isaku.yamah...@intel.com>; > Tian, Jun J <jun.j.t...@intel.com>; Qiang, Chenyi <chenyi.qi...@intel.com> > Subject: Re: [RFC PATCH 5/7] qemu: add support to TDVF firmware loader > > On Fri, Jun 18, 2021 at 04:50:50PM +0800, Zhenzhong Duan wrote: > > TDX guest need a specific firmware TDVF to bootup, add a new element > > in TrustDomain element for that purpose, like below: > > > > <TrustDomain type='tdx'> > > <policy>0x0001</policy> > > <loader>/path/to/TDVF-binary</loader> > > </TrustDomain> > > Looking into QEMU patches and if I understand it correctly this loader is > supposed to be used instead of UEFI or BIOS? Yes.
> If that's true I don't think it > should be here as we already have XML bits to specify VM loader. > > We could use something like this: > > <os> > <loader type='generic'>/path/to/TDVF-binary</loader> > </os> > > Currently supported types are: > > - `rom` which is translated to > > -bios /path/to/bios.bin > > - `pflash` which is translated to > > -drive file=/path/to/uefi.fd,if=pflash,format=raw,... > > And we could add a new type called 'generic', 'device', 'binary' or something > else which would be translated to: > > -device loader,file=/path/to/TDVF-binary,... > Thanks for your suggestion, the main reason is I see only TDX guest using firmware in such a special way, So I move <loader> in TDX specific element <TrustDomain>. I'll change to <os>.<loader> if you think it's better. Thanks Zhenzhong