movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 13:40:28 +03:00
Code Activity

OVMF: Add test with secure boot enabled

Browse source 
Co-authored-by: Arthur Gautier <arthur.gautier@arista.com>
This commit is contained in:
Shea Levy 2024-02-04 08:28:30 -05:00
parent 4673ad7254
commit 9188bb5186
No known key found for this signature in database
GPG key ID: 5C0BD6957D86FE27
4 changed files with 37 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
nixos/modules/virtualisation/qemu-vm.nix
View file

@ -877,9 +877,11 @@ in
type = types.package;
default = (pkgs.OVMF.override {
secureBoot = cfg.useSecureBoot;
systemManagementModeRequired = cfg.useSecureBoot;
}).fd;
defaultText = ''(pkgs.OVMF.override {
secureBoot = cfg.useSecureBoot;
systemManagementModeRequired = cfg.useSecureBoot;
}).fd'';
description =
lib.mdDoc "OVMF firmware package, defaults to OVMF configured with secure boot if needed.";
@ -1183,6 +1185,10 @@ in
"-tpmdev emulator,id=tpm_dev_0,chardev=chrtpm"
"-device ${cfg.tpm.deviceModel},tpmdev=tpm_dev_0"
])
(mkIf (cfg.efi.OVMF.systemManagementModeRequired or false) [
"-machine" "q35,smm=on"
"-global" "driver=cfi.pflash01,property=secure,value=on"
])
];
virtualisation.qemu.drives = mkMerge [