From d6f57017bdbb26e55615289f3d428cdbedb8e4fa Mon Sep 17 00:00:00 2001
From: Arif Ali <arif.ali@canonical.com>
Date: Sun, 3 Jan 2021 12:15:12 +0000
Subject: [PATCH] Add uefi and a test secureboot option

---
 configs/default.config |  9 ++++++---
 manage-maas-nodes.sh   | 21 +++++++++++++++++----
 2 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/configs/default.config b/configs/default.config
index 6bc9e7e..ae414f3 100644
--- a/configs/default.config
+++ b/configs/default.config
@@ -9,9 +9,12 @@ storage_path="/var/lib/libvirt/maas-images"
 # Node prefix for all the nodes except for juju
 compute="maas-node"
 
-# The BIOS type you want to use for the VMs
-# Valid values "legacy", "uefi"
-bios_type=uefi
+# To enable or disable uEFI for VMs
+enable_uefi="true"
+
+# To enable secureboot for VMs
+# This in-advertantly enables uEFI
+enable_secureboot="false"
 
 # Juju node count and definition
 juju_count=1
diff --git a/manage-maas-nodes.sh b/manage-maas-nodes.sh
index 590182a..8fb4ca3 100755
--- a/manage-maas-nodes.sh
+++ b/manage-maas-nodes.sh
@@ -236,6 +236,7 @@ build_vms() {
         # virt-install
         macaddr=()
         network_spec=""
+        extra_args=""
 
         # Based on the type of network we are using we will assign variables
         # such that this can be either bridge or network type
@@ -305,6 +306,21 @@ build_vms() {
             continue
         fi
 
+        # For testing and WIP/POC
+        if [[ ${enable_secureboot} == "true" ]] ; then
+            extra_args+=" --boot loader_secure=yes"
+            #extra_args+=" --boot loader=/usr/share/OVMF/OVMF_CODE.secboot.fd"
+            #extra_args+=" --boot nvram_template=/usr/share/OVMF/OVMF_VARS.fd"
+            #extra_args+=" --boot loader_ro=yes"
+            #extra_args+=" --boot loader_type=pflash"
+            extra_args+=" --machine q35"
+            extra_args+=" --features smm=on"
+            enable_uefi="true"
+        fi
+
+        # Flags required to enable uEFI
+        [[ ${enable_uefi} == "true" ]] && extra_args+=" --boot uefi"
+
         # Creates the VM with all the attributes given
         virt-install -v --noautoconsole   \
             --print-xml                   \
@@ -319,15 +335,12 @@ build_vms() {
             --graphics spice,clipboard_copypaste=no,mouse_mode=client,filetransfer_enable=off \
             --cpu host-passthrough,cache.mode=passthrough  \
             --controller "$stg_bus",model=virtio-scsi,index=0  \
-            $disk_spec \
+            $extra_args $disk_spec \
             $network_spec > "$virt_node.xml" &&
 
         # Create the Vm based on the XML file defined in the above command
         virsh define "$virt_node.xml"
 
-        # Start the VM
-        #virsh start "$virt_node" &
-
         # Call the maas_add_node function, this will add the node to MAAS
         maas_add_node ${virt_node} ${macaddr[0]} ${node_type} &