From b4dc647557785720652fa44d58c7515187553495 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= Date: Fri, 4 Jun 2021 11:47:45 +0200 Subject: [PATCH] template: mark efidisk as read-only MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit otherwise backups of templates using UEFI fail with storages like LVM thin, where the volumes are not writable. disk controllers like IDE and SATA that don't support being read-only are still broken for UEFI. Signed-off-by: Fabian Grünbichler [ drop the readonly=off when not required, resolve merger conflict from Dominik's EFI disk cache mode fix ] Signed-off-by: Thomas Lamprecht --- PVE/QemuServer.pm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm index d89c3be8..2f0b2e8e 100644 --- a/PVE/QemuServer.pm +++ b/PVE/QemuServer.pm @@ -3291,6 +3291,7 @@ sub config_to_command { die "uefi base image '$ovmf_code' not found\n" if ! -f $ovmf_code; my ($path, $format); + my $read_only_str = ''; if (my $efidisk = $conf->{efidisk0}) { my $d = parse_drive('efidisk0', $efidisk); my ($storeid, $volname) = PVE::Storage::parse_volume_id($d->{file}, 1); @@ -3306,6 +3307,8 @@ sub config_to_command { die "efidisk format must be specified\n" if !defined($format); } + + $read_only_str = ',readonly=on' if drive_is_read_only($conf, $d); } else { warn "no efidisk configured! Using temporary efivars disk.\n"; $path = "/tmp/$vmid-ovmf.fd"; @@ -3323,7 +3326,7 @@ sub config_to_command { my $cache = $path =~ m/^rbd:/ ? ',cache=writeback' : ''; push @$cmd, '-drive', "if=pflash,unit=0,format=raw,readonly=on,file=$ovmf_code"; - push @$cmd, '-drive', "if=pflash,unit=1$cache,format=$format,id=drive-efidisk0$size_str,file=$path"; + push @$cmd, '-drive', "if=pflash,unit=1$cache,format=$format,id=drive-efidisk0$size_str,file=${path}${read_only_str}"; } # load q35 config