Comment 1 SpanKY 2016-03-28 20:49:52 UTC

what exactly is it you're asking for here ?  a new ebuild for the UEFI roms ?
i don't see any changes required for qemu itself.

A useflag for the qemu ebuild that grabs the ovmf / uefi binaries and installs them where qemu/libvirt look for them.

Comment 3 SpanKY 2016-03-28 21:36:11 UTC

(In reply to Michael Jones from comment #2)

we don't generally add USE flags whose only purpose is to install packages that can get used at runtime via command line switches.

looks like adding a new ebuild that builds/installs OVMF binaries is sufficient.

I'm fine with that. Thank you for taking a look at it.

Comment 5 Doug Goldstein (RETIRED) 2016-03-29 16:19:52 UTC

(In reply to SpanKY from comment #3)
> (In reply to Michael Jones from comment #2)
> 
> we don't generally add USE flags whose only purpose is to install packages
> that can get used at runtime via command line switches.
> 
> looks like adding a new ebuild that builds/installs OVMF binaries is
> sufficient.

This has been on my radar for a while now but there were some pieces missing a while back and I've been busy but this is exactly what we need to do. Similarly to the change in the SeaBIOS build to make the 128k and 256k BIOS... tangent I know.

I just configured my system to use the OVMF roms from TianoCore for Qemu / LibVirt.

One detail of note is that, by default, libvirt doesn't know about the existance of the OVMF package. So a user who simply installs the firmware won't be able to start using them right away. Instead, the system admin would need to change the nvram variable in /etc/libvirt/qemu.conf.

A sample ebuild installing a binary very of the ovmf firmware, from some kind persons nightly build machine:

EAPI=5

inherit eutils rpm

BUILD="0-${PV}.b2125.g1f8f4e3"
MY_PN=${PN/-/.}
DESCRIPTION="TianoCore EDK2 OVMF Binary images by Gerd Hoffman"
HOMEPAGE=""
SRC_URI="https://www.kraxel.org/repos/jenkins/edk2/${MY_PN}-${BUILD}.noarch.rpm"
LICENSE="as-is"
SLOT="0"
KEYWORDS="amd64"
IUSE=""

DEPEND="${DEPEND}"
RDEPEND=""

S="${WORKDIR}"
RESTRICT="strip"


src_install() {

	# Removing links of file we don't need, we just want the OVF image
	rm -rfv "${S}"/usr/share/edk2.git/ovmf-x64/*.bin
	rm -rfv "${S}"/usr/share/edk2.git/ovmf-x64/*.rom

	insinto /usr/share
	doins -r "${S}"/usr/share/*
}





A snippet of my /etc/libvirt/qemu.conf file, for the nvram variable:

# Location of master nvram file
#
# When a domain is configured to use UEFI instead of standard
# BIOS it may use a separate storage for UEFI variables. If
# that's the case libvirt creates the variable store per domain
# using this master file as image. Each UEFI firmware can,
# however, have different variables store. Therefore the nvram is
# a list of strings when a single item is in form of:
#   ${PATH_TO_UEFI_FW}:${PATH_TO_UEFI_VARS}.
# Later, when libvirt creates per domain variable store, this list is
# searched for the master image. The UEFI firmware can be called
# differently for different guest architectures. For instance, it's OVMF
# for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default
# follows this scheme.
#nvram = [
#   "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd",
#   "/usr/share/AAVMF/AAVMF_CODE.fd:/usr/share/AAVMF/AAVMF_VARS.fd"
#]

nvram = [
   "/usr/share/edk2.git/ovmf-x64/OVMF_CODE-need-smm.fd:/usr/share/edk2.git/ovmf-x64/OVMF_VARS-need-smm.fd",
   "/usr/share/edk2.git/ovmf-x64/OVMF_CODE-pure-efi.fd:/usr/share/edk2.git/ovmf-x64/OVMF_VARS-pure-efi.fd",
   "/usr/share/edk2.git/ovmf-x64/OVMF_CODE-with-csm.fd:/usr/share/edk2.git/ovmf-x64/OVMF_VARS-with-csm.fd"
]




Restarting libvirtd, and reconnecting with Virt-Manager allowed me to create a new virtual machine with the UEFI firmware.

Created attachment 445678 [details]
ebuild for sys-firmware/edk2-ovmf

I use this ebuild in my overlay. It can not be built with hardened toolchains, and it can be patched to be built but I'm to lazy to update the patch. Instead I'm using hardnednopie gcc profile with this specific package.