Merge pull request xapi-project#3728 from edwintorok/uefi-merge

Uefi merge

Author: edwintorok

ocaml/doc/vm-lifecycle.md

@@ -44,3 +44,7 @@ When using HVM booting, `HVM_boot_policy` and `HVM_boot_params` specify the boot
 handling.  Only one policy is currently defined, "BIOS order".  In this case,
 `HVM_boot_params` should contain one key-value pair "order" = "N" where N is the
 string that will be passed to QEMU.
+Optionally `HVM_boot_params` can contain another key-value pair "firmware"
+with values "bios" or "uefi" (default is "bios" if absent).
+By default Secure Boot is not enabled, it can be enabled when "uefi" is enabled by setting
+`VM.platform["secureboot"]` to true.

ocaml/idl/datamodel_common.ml

@@ -8,7 +8,7 @@ open Datamodel_roles
               When introducing a new release, bump the schema minor version to the next hundred
               to leave a gap for potential hotfixes needing to increment the schema version.*)
 let schema_major_vsn = 5
-let schema_minor_vsn = 203
+let schema_minor_vsn = 300
 
 (* Historical schema versions just in case this is useful later *)
 let rio_schema_major_vsn = 5
@@ -86,6 +86,9 @@ let jura_release_schema_minor_vsn = 134
 let kolkata_release_schema_major_vsn = 5
 let kolkata_release_schema_minor_vsn = 142
 
+let lima_release_schema_major_vsn = 5
+let lima_release_schema_minor_vsn = 203
+
 (* List of tech-preview releases. Fields in these releases are not guaranteed to be retained when
  * upgrading to a full release. *)
 let tech_preview_releases = [

ocaml/idl/datamodel_types.ml

@@ -60,6 +60,7 @@ let rel_inverness = "inverness"
 let rel_jura = "jura"
 let rel_kolkata = "kolkata"
 let rel_lima = "lima"
+let rel_naples = "naples"
 
 type api_release = {
   code_name: string option;
@@ -210,6 +211,11 @@ let release_order_full = [{
      version_major = 2;
      version_minor = 11;
      branding   = "XenServer 7.6";
+   }; {
+     code_name     = Some rel_naples;
+     version_major = 2;
+     version_minor = 12;
+     branding      = "Unreleased"
    };
   ]
 (* When you add a new release, use the version number of the latest release,

ocaml/idl/datamodel_vm.ml

@@ -887,6 +887,31 @@ let power_behaviour =
       ~allowed_roles:_R_VM_ADMIN
       ()
 
+  let remove_from_NVRAM = call ~flags:[`Session]
+      ~name:"remove_from_NVRAM"
+      ~lifecycle:[Prototyped, rel_naples, ""]
+      ~params:[Ref _vm, "self", "The VM";
+               String, "key", "The key"]
+      ~allowed_roles:_R_VM_ADMIN
+      ()
+
+  let add_to_NVRAM = call ~flags:[`Session]
+      ~name:"add_to_NVRAM"
+      ~lifecycle:[Prototyped, rel_naples, ""]
+      ~params:[Ref _vm, "self", "The VM";
+               String, "key", "The key";
+               String, "value", "The value"]
+      ~allowed_roles:_R_VM_ADMIN
+      ()
+
+  let set_NVRAM = call ~flags:[`Session]
+      ~name:"set_NVRAM"
+      ~lifecycle:[Prototyped, rel_naples, ""]
+      ~params:[Ref _vm, "self", "The VM";
+               Map(String, String), "value", "The value"]
+      ~allowed_roles:_R_VM_ADMIN
+      ()
+
   let send_sysrq = call
       ~name:"send_sysrq"
       ~in_product_since:rel_rio
@@ -1164,6 +1189,7 @@ let power_behaviour =
               "changing_shadow_memory_live", "Changing the shadow memory for a running VM.";
               "changing_VCPUs", "Changing VCPU settings for a halted VM.";
               "changing_VCPUs_live", "Changing VCPU settings for a running VM.";
+              "changing_NVRAM", "Changing NVRAM for a halted VM.";
               "assert_operation_valid", "";
               "data_source_op", "Add, remove, query or list data sources";
               "update_allowed_operations", "";
@@ -1223,6 +1249,15 @@ let set_HVM_boot_policy = call ~flags:[`Session]
   ~allowed_roles:_R_VM_ADMIN
   ()
 
+let set_NVRAM_EFI_variables = call ~flags:[`Session]
+  ~name:"set_NVRAM_EFI_variables"
+  ~lifecycle:[Prototyped, rel_naples, ""]
+  ~params:[Ref _vm, "self", "The VM";
+           String, "value", "The value"]
+  ~hide_from_docs:true
+  ~allowed_roles:_R_LOCAL_ROOT_ONLY
+  ()
+
   (** VM (or 'guest') configuration: *)
   let t =
     create_obj ~in_db:true ~in_product_since:rel_rio ~in_oss_since:oss_since_303 ~internal_deprecated_since:None ~persist:PersistEverything ~gen_constructor_destructor:true ~name:_vm ~descr:"A virtual machine (or 'guest')."
@@ -1243,6 +1278,9 @@ let set_HVM_boot_policy = call ~flags:[`Session]
                   pool_migrate; pool_migrate_complete;
                   set_vcpus_number_live;
                   add_to_VCPUs_params_live;
+                  set_NVRAM;
+                  add_to_NVRAM;
+                  remove_from_NVRAM;
                   set_ha_restart_priority;  (* updates the allowed-operations of the VM *)
                   set_ha_always_run;        (* updates the allowed-operations of the VM *)
                   compute_memory_overhead;
@@ -1301,6 +1339,7 @@ let set_HVM_boot_policy = call ~flags:[`Session]
                   set_actions_after_crash;
                   set_domain_type;
                   set_HVM_boot_policy;
+                  set_NVRAM_EFI_variables;
                 ]
       ~contents:
         ([ uid _vm;
@@ -1400,6 +1439,10 @@ let set_HVM_boot_policy = call ~flags:[`Session]
                Published, rel_kolkata, "The field is now valid"
              ]
            ~default_value:(Some (VEnum "unspecified")) "domain_type" "The type of domain that will be created when the VM is started";
+
+           field ~lifecycle:[Prototyped, rel_naples, ""] ~qualifier:StaticRO ~ty:(Map(String, String)) "NVRAM"
+             ~default_value:(Some (VMap []))
+             "initial value for guest NVRAM (containing UEFI variables, etc). Cannot be changed while the VM is running";
          ])
       ()
 

ocaml/tests/test_common.ml

@@ -94,13 +94,13 @@ let make_vm ~__context ?(name_label="name_label") ?(name_description="descriptio
     ?(shutdown_delay=0L) ?(order=0L) ?(suspend_SR=Ref.null) ?(version=0L)
     ?(generation_id="0:0") ?(hardware_platform_version=0L)
     ?(has_vendor_device=false) ?(has_vendor_device=false) ?(reference_label="")
-    ?(domain_type=`hvm) () =
+    ?(domain_type=`hvm) ?(nVRAM=[]) () =
   Xapi_vm.create ~__context ~name_label ~name_description ~user_version ~is_a_template
     ~affinity ~memory_target ~memory_static_max ~memory_dynamic_max ~memory_dynamic_min
     ~memory_static_min ~vCPUs_params ~vCPUs_max ~vCPUs_at_startup ~actions_after_shutdown
     ~actions_after_reboot ~actions_after_crash ~pV_bootloader ~pV_kernel ~pV_ramdisk
     ~pV_args ~pV_bootloader_args ~pV_legacy_args ~hVM_boot_policy ~hVM_boot_params
-    ~hVM_shadow_multiplier ~platform ~pCI_bus ~other_config ~xenstore_data ~recommendations
+    ~hVM_shadow_multiplier ~platform ~nVRAM ~pCI_bus ~other_config ~xenstore_data ~recommendations
     ~ha_always_run ~ha_restart_priority ~tags ~blocked_operations ~protection_policy
     ~is_snapshot_from_vmpp ~appliance ~start_delay ~shutdown_delay ~order ~suspend_SR
     ~snapshot_schedule ~is_vmss_snapshot

ocaml/tests/test_platformdata.ml

@@ -16,22 +16,29 @@ open Stdext
 open OUnit
 open Test_highlevel
 
+let firmware_type_printer v =
+  v |> Rpcmarshal.marshal Xenops_types.Vm.typ_of_firmware_type
+  |> Jsonrpc.to_string
+
+let uefi = Xenops_types.Vm.Uefi Xenops_types.Nvram_uefi_variables.default_t
+
 module SanityCheck = Generic.Make(struct
     module Io = struct
-      type input_t = ((string * string) list * bool * int64 * int64 * [ `hvm | `pv | `pv_in_pvh ])
+      type input_t = ((string * string) list * Xenops_types.Vm.firmware_type option * bool * int64 * int64 * [ `hvm | `pv | `pv_in_pvh ])
       type output_t = (exn, (string * string) list) Either.t
 
-      let string_of_input_t (platformdata, filter, vcpu_max, vcpu_startup, domain_type) =
-        Printf.sprintf "(platformdata = %s, filter_out_unknowns = %b, vcpu_max = %Ld,
+      let string_of_input_t (platformdata, firmware, filter, vcpu_max, vcpu_startup, domain_type) =
+        Printf.sprintf "(platformdata = %s, firmware = %s, filter_out_unknowns = %b, vcpu_max = %Ld,
           vcpu_at_startup = %Ld, domain_type = %s)"
           (platformdata |> Test_printers.(assoc_list string string))
+          (firmware |> Test_printers.option firmware_type_printer)
           (filter) (vcpu_max) (vcpu_startup) (Record_util.domain_type_to_string domain_type)
 
       let string_of_output_t = Test_printers.(either exn (assoc_list string string))
     end
 
-    let transform (platformdata, filter_out_unknowns, vcpu_max, vcpu_at_startup, domain_type) =
-      try Either.Right (Vm_platform.sanity_check ~platformdata ~vcpu_max
+    let transform (platformdata, firmware, filter_out_unknowns, vcpu_max, vcpu_at_startup, domain_type) =
+      try Either.Right (Vm_platform.sanity_check ~platformdata ?firmware ~vcpu_max
         ~vcpu_at_startup ~domain_type ~filter_out_unknowns)
       with e -> Either.Left e
 
@@ -40,33 +47,38 @@ module SanityCheck = Generic.Make(struct
         "usb", "true";
         "usb_tablet", "true";
       ] in
+      let make_firmware_ok dm firmware =
+        ((["device-model", dm], firmware, false, 0L, 0L, `hvm),
+         Either.Right (usb_defaults @ ["device-model", dm]))
+      in
+      let open Xenops_interface.Vm in
       [
         (* Check that we can filter out unknown platform flags. *)
         (([
             "nonsense", "abc";
             "pae", "true";
             "whatever", "def";
             "viridian", "true";
-          ], true, 0L, 0L, `pv),
+          ], None, true, 0L, 0L, `pv),
          Either.Right (usb_defaults @
                        [
                          "pae", "true";
                          "viridian", "true";
                        ]));
         (* Check that usb and usb_tablet are turned on by default. *)
-        (([], false, 0L, 0L, `pv),
+        (([], None, false, 0L, 0L, `pv),
          Either.Right (usb_defaults));
         (* Check that an invalid tsc_mode gets filtered out. *)
-        ((["tsc_mode", "17";], false, 0L, 0L, `pv),
+        ((["tsc_mode", "17";], None, false, 0L, 0L, `pv),
          Either.right (usb_defaults));
         (* Check that an invalid parallel port gets filtered out. *)
-        ((["parallel", "/dev/random"], false, 0L, 0L, `pv),
+        ((["parallel", "/dev/random"], None, false, 0L, 0L, `pv),
          Either.Right (usb_defaults));
         (* Check that we can't set usb_tablet to true if usb is false. *)
         (([
             "usb", "false";
             "usb_tablet", "true";
-          ], false, 0L, 0L, `pv),
+          ], None, false, 0L, 0L, `pv),
          Either.Right ([
              "usb", "false";
              "usb_tablet", "false";
@@ -75,13 +87,13 @@ module SanityCheck = Generic.Make(struct
         (([
             "usb", "false";
             "usb_tablet", "false";
-          ], false, 0L, 0L, `pv),
+          ], None, false, 0L, 0L, `pv),
          Either.Right ([
              "usb", "false";
              "usb_tablet", "false";
            ]));
         (* Check that we can disable the parallel port. *)
-        ((["parallel", "none"], false, 0L, 0L, `pv),
+        ((["parallel", "none"], None, false, 0L, 0L, `pv),
          Either.Right (usb_defaults @
                        ["parallel", "none"]));
         (* Check that a set of valid fields is unchanged (apart from
@@ -94,7 +106,7 @@ module SanityCheck = Generic.Make(struct
             "tsc_mode", "2";
             "viridian", "true";
             "usb", "true";
-          ], false, 0L, 0L, `pv),
+          ], None, false, 0L, 0L, `pv),
          Either.Right ([
              "usb", "true";
              "usb_tablet", "false";
@@ -109,7 +121,7 @@ module SanityCheck = Generic.Make(struct
             "pae", "true";
             "parallel", "/dev/parport0";
             "tsc_mode", "blah";
-          ], false, 0L, 0L, `pv),
+          ], None, false, 0L, 0L, `pv),
          Either.Right (usb_defaults @
                        [
                          "pae", "true";
@@ -118,33 +130,48 @@ module SanityCheck = Generic.Make(struct
         (* Check VCPUs configuration - hvm success scenario*)
         (([
             "cores-per-socket", "3";
-          ], false, 6L, 6L, `hvm),
+          ], None, false, 6L, 6L, `hvm),
          Either.Right (usb_defaults @
                        [
                          "cores-per-socket", "3";
                        ]));
         (* Check VCPUs configuration - pvm success scenario*)
         (([
             "cores-per-socket", "3";
-          ], false, 0L, 0L, `pv),
+          ], None, false, 0L, 0L, `pv),
          Either.Right (usb_defaults @
                        [
                          "cores-per-socket", "3";
                        ]));
         (* Check VCPUs configuration - hvm failure scenario*)
         (([
             "cores-per-socket", "4";
-          ], false, 6L, 6L, `hvm),
+          ], None, false, 6L, 6L, `hvm),
          Either.Left (Api_errors.Server_error(Api_errors.invalid_value,
                                               ["platform:cores-per-socket";
                                                "VCPUs_max must be a multiple of this field"])));
         (* Check VCPUs configuration - hvm failure scenario*)
         (([
             "cores-per-socket", "abc";
-          ], false, 6L, 5L, `hvm),
+          ], None, false, 6L, 5L, `hvm),
          Either.Left(Api_errors.Server_error(Api_errors.invalid_value,
                                              ["platform:cores-per-socket";
                                               "value = abc is not a valid int"])));
+
+        (* Check BIOS configuration - qemu trad *)
+        make_firmware_ok "qemu-trad" (Some Bios);
+        make_firmware_ok "qemu-upstream" (Some Bios);
+        make_firmware_ok "qemu-upstream-compat" (Some Bios);
+
+        (* Check UEFI configuration - qemu upstream *)
+        make_firmware_ok "qemu-upstream" (Some uefi);
+        make_firmware_ok "qemu-upstream-compat" (Some uefi);
+
+        (* Check UEFI configuration - qemu-trad incompatibility *)
+        (([ "device-model", "qemu-trad" ], Some uefi, false, 0L, 0L, `hvm),
+         Either.Left(Api_errors.Server_error(Api_errors.invalid_value,
+                                             ["platform:device-model";
+                                              "UEFI boot is not supported with qemu-trad"])));
       ]
   end)
 

ocaml/tests/test_vm_check_operation_error.ml

@@ -11,6 +11,7 @@ let all_vm_operations =
   ; `changing_shadow_memory
   ; `changing_shadow_memory_live
   ; `changing_static_range
+  ; `changing_NVRAM
   ; `checkpoint
   ; `clean_reboot
   ; `clean_shutdown

ocaml/xapi/cli_operations.ml

@@ -1694,6 +1694,7 @@ let vm_create printer rpc session_id params =
       ~hardware_platform_version:0L
       ~has_vendor_device:false ~reference_label:""
       ~domain_type:`unspecified
+      ~nVRAM:[]
   in
   let uuid=Client.VM.get_uuid rpc session_id vm in
   printer (Cli_printer.PList [uuid])

ocaml/xapi/create_misc.ml

@@ -276,6 +276,7 @@ and create_domain_zero_record ~__context ~domain_zero_ref (host_info: host_info)
     ~has_vendor_device:false
     ~requires_reboot:false ~reference_label:""
     ~domain_type:Xapi_globs.domain_zero_domain_type
+    ~nVRAM:[]
   ;
   ensure_domain_zero_metrics_record ~__context ~domain_zero_ref host_info;
   Db.Host.set_control_domain ~__context ~self:localhost ~value:domain_zero_ref;

ocaml/xapi/import_xva.ml

@@ -99,6 +99,7 @@ let make __context rpc session_id srid (vms, vdis) =
             ~generation_id:""
             ~hardware_platform_version:0L
             ~has_vendor_device:false ~reference_label:""
+            ~nVRAM:[]
         in
 
         TaskHelper.operate_on_db_task ~__context