Ubuntu
qemu package

Code review comment for ~paelzer/ubuntu/+source/qemu:lp-1830243-secure-boot-toleration-disco

  1. Git
  2. lp:~paelzer/ubuntu/+source/qemu
  3. lp-1830243-secure-boot-toleration-disco
  4. Merge into ubuntu/disco-devel
Revision history for this message
Rafael David Tinoco (rafaeldtinoco) wrote :

Alright, sorry for the delay in this review, I wanted to have all my environment ready and now I do.

All my templates use external vmlinuz and initrd images, so I created a similar one to IPL from /dev/vda after zipl has burned stages in MBR: (kguest is eoan fully updated, latest s390-tools):

[inaddy@kguest:~]$ sudo zipl -V
Using config file '/etc/zipl.conf'
Target device information
  Device..........................: fc:00
  Device name.....................: vda
  Device driver name..............: virtblk
  Type............................: disk device
  Disk layout.....................: SCSI disk layout
  Geometry - start................: 0
  File system block size..........: 4096
  Physical block size.............: 512
  Device size in physical blocks..: 62914560
Building bootmap in '/boot'
Adding IPL section 'ubuntu' (default)
  initial ramdisk...: /boot/initrd.img-5.2.0-1-generic
  signature for.....: /lib/s390-tools/stage3.bin
  kernel image......: /boot/vmlinuz-5.2.0-1-generic
  signature for.....: /boot/vmlinuz-5.2.0-1-generic
  kernel parmline...: 'root=LABEL=KGUEST noresume apparmor=0 net.ifnames=0 crashkernel=196M'
  component address:
    heap area.......: 0x00002000-0x00005fff
    stack area......: 0x0000f000-0x0000ffff
    internal loader.: 0x0000a000-0x0000efff
    parameters......: 0x00009000-0x000091ff
    kernel image....: 0x00010000-0x004b8fff
    parmline........: 0x004ba000-0x004ba1ff
    initial ramdisk.: 0x004c0000-0x0125ddff
Preparing boot device: vda (0000).
Detected plain SCSI partition.
Writing SCSI master boot record.
Syncing disks...
Done.

----

Later I IPLed tihs guest in a lxc Eoan container:

2019-07-11 02:02:39.781+0000: starting up libvirt version: 5.4.0, package: 0ubuntu3 (Marc Deslauriers <email address hidden> Tue, 02 Jul 2019 08:08:33 -0400), qemu version: 4.0.0Debian 1:4.0+dfsg-0ubuntu1, kernel: 5.0.0-21-generic, hostname: lqemueoan
LC_ALL=C \
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
HOME=/var/lib/libvirt/qemu/domain-2-kguesttest \
XDG_DATA_HOME=/var/lib/libvirt/qemu/domain-2-kguesttest/.local/share \
XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain-2-kguesttest/.cache \
XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain-2-kguesttest/.config \
QEMU_AUDIO_DRV=none \
/usr/bin/qemu-system-s390x \
-name guest=kguesttest,debug-threads=on \
-S \
-object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-2-kguesttest/master-key.aes \
-machine s390-ccw-virtio-2.12,accel=kvm,usb=off,dump-guest-core=off \
-m 4096 \
-overcommit mem-lock=off \
-smp 4,sockets=4,cores=1,threads=1 \
-uuid 82d7e011-3300-4e1d-b4f0-e29ecf548e1f \
-display none \
-no-user-config \
-nodefaults \
-chardev socket,id=charmonitor,fd=22,server,nowait \
-mon chardev=charmonitor,id=monitor,mode=control \
-rtc base=utc \
-no-shutdown \
-boot strict=on \
-drive file=/var/lib/libvirt/images/kguest/disk01.ext4.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 \
-device virtio-blk-ccw,scsi=off,devno=fe.0.0000,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 \
-fsdev local,security_model=passthrough,id=fsdev-fs0,path=/home/inaddy \
-device virtio-9p-ccw,id=fs0,fsdev=fsdev-fs0,mount_tag=inaddy,devno=fe.0.0002 \
-fsdev local,security_model=passthrough,id=fsdev-fs1,path=/home/inaddy/work \
-device virtio-9p-ccw,id=fs1,fsdev=fsdev-fs1,mount_tag=work,devno=fe.0.0003 \
-fsdev local,security_model=passthrough,id=fsdev-fs2,path=/root \
-device virtio-9p-ccw,id=fs2,fsdev=fsdev-fs2,mount_tag=root,devno=fe.0.0004 \
-fsdev local,security_model=passthrough,id=fsdev-fs3,path=/var/lib/libvirt/images \
-device virtio-9p-ccw,id=fs3,fsdev=fsdev-fs3,mount_tag=images,devno=fe.0.0005 \
-fsdev local,security_model=passthrough,id=fsdev-fs4,path=/etc/libvirt/qemu \
-device virtio-9p-ccw,id=fs4,fsdev=fsdev-fs4,mount_tag=qemu,devno=fe.0.0006 \
-netdev tap,fd=25,id=hostnet0 \
-device virtio-net-ccw,netdev=hostnet0,id=net0,mac=52:54:00:50:2c:98,devno=fe.0.0001 \
-chardev pty,id=charconsole0 \
-device sclpconsole,chardev=charconsole0,id=console0 \
-device virtio-balloon-ccw,id=balloon0,devno=fe.0.0007 \
-sandbox off \
-msg timestamp=on
2019-07-11 02:02:39.781+0000: Domain id=2 is tainted: high-privileges
char device redirected to /dev/pts/5 (label charconsole0)
2019-07-11T02:03:59.982300Z qemu-system-s390x: terminating on signal 15 from pid 260 (/usr/sbin/libvirtd)
2019-07-11 02:04:00.375+0000: shutting down, reason=shutdown

And it worked good because of your last Eoan merge.

When trying in Disco I got:

...
2019-07-11 02:02:06.249+0000: Domain id=1 is tainted: high-privileges
char device redirected to /dev/pts/5 (label charconsole0)
2019-07-11 02:02:06.362+0000: panic s390: core='0' psw-mask='0x0002000180000000' psw-addr='0x0000000000000000' reason='disabled-wait'

« Back to merge proposal