eve icon indicating copy to clipboard operation
eve copied to clipboard
verified publisher icon lf-edge

[WIP] EVE Custom EFI App to change UEFI setings

Open shjala opened this issue 1 year ago • 5 comments

The idea is to not have pre-cooked OVMF_VARS files for different UEFI settings, but to have EFI application to run and manipulate the settings to our liking before booting the guest VMs.

The EVE part is janky and hacky, I will fix that in time, right now I'm more interested to know if this is viable option or not, so @rene @eriknordmark @OhmSpectator @rucoder comments are welcomed.

This is how it works :

  1. Run qemu with only option to boot into the UEFI shell and run the EFI app, this is needed because I can't trust how UEFI is creating the boot order so we need a way to guarantee that our app gets a chance to run.
  2. Run the efi app, change the settings, we can feed custom config to the app as smbios OEM strings.
  3. Running the efi app will change the boot order in the OVMF_VARS.fd so when EVE is launching the VM (using the OVMF_VARS cooked in 2), it will continue to boot into the UEFI shell even if there is nothing to run (no efi.img passed to qemu)
  4. To fix this we run the qemu with the efi app present but this time efi app tries all the boot options until it finds an option that boots successfully.

Efi app is simple and uses gnu-efi.

shjala avatar Oct 04 '24 15:10 shjala

@shjala I do not really understand how SMBIOS custom string may affect EFI variable. Could you point me to a spec?

rucoder avatar Oct 08 '24 12:10 rucoder

@shjala I do not really understand how SMBIOS custom string may affect EFI variable. Could you point me to a spec?

It won't, I read the SMBIOS custom string in my EFI application, if it is one of the pre-defined config values I parse it and then apply it.

shjala avatar Oct 08 '24 13:10 shjala

Reminder to add this too https://github.com/lf-edge/eve-api/pull/71

shjala avatar Nov 13 '24 19:11 shjala

@shjala , I think the approach of having an EFI app is fine, I have only one concern: in case user enters in the BIOS setup and change the resolution manually to something different from the cloud config, it won't work, so we need to have a disclaimer about that in the docs.... Maybe as a long term solution, I would consider change OVMF to fetch the config directly from our API... what do you think? Too much efforts? Worth of it?

rene avatar Dec 10 '24 10:12 rene

Also, please, keep in mind that eventually we will need to have this support for arm64 as well....

rene avatar Dec 10 '24 10:12 rene