From nobody Tue Nov 26 01:48:31 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 207.211.31.81 as permitted sender) client-ip=207.211.31.81;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=fail(p=none dis=none)  header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589379126; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Ut2HA+tinozWldI+9LF5Ud2DlpY+qU27/NLZ5BZeqmH+P1LFbi1uhlbbKMOrwu+jfqlC0Gdquddkut58LXLD2TcucctsnhVslw9/Ewu44U9FISgIdMJAg1NzxzWbtA/Rg8eB9VvVN3zEYlSuoszMTalQxBEIX5dJIocv6lpTFK0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1589379126;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=TR1jjpgqIoJDPwvEcF7HpYpLRRq/yeh06yHJ5P7EKXc=;
	b=Uu1756h+NgN0roBismLc9bZFk2r2aPPojDQQ8wf/HtjksSbJ+Dz7LHfaRn2KR/+gC6oMlj8hKz3147inej9yvkFT8NxIywn+SLaWv32pVTK9Z7PhwZ1EZBN7Ky39iAo/RcYFLLJijoQFGi1iONj7riiPcWVVmjwTkNKbBQJ7VFs=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=fail header.from=<danielhb413@gmail.com> (p=none dis=none)
 header.from=<danielhb413@gmail.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com
 [207.211.31.81]) by mx.zohomail.com
	with SMTPS id 1589379126207985.088284400665;
 Wed, 13 May 2020 07:12:06 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-109-lNH-WEwlNmm04CpaHi61nw-1; Wed, 13 May 2020 10:12:02 -0400
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7246C1009446;
	Wed, 13 May 2020 14:11:57 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 530FC61547;
	Wed, 13 May 2020 14:11:57 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 249634CAA7;
	Wed, 13 May 2020 14:11:57 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
	[10.11.54.6])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 04DEB182026893 for <libvir-list@listman.util.phx.redhat.com>;
	Wed, 13 May 2020 10:11:01 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 8DB742144B36; Wed, 13 May 2020 14:11:01 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
	(mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 75FA8217B43D
	for <libvir-list@redhat.com>; Wed, 13 May 2020 14:11:01 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com
 [205.139.110.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 69D7D916119
	for <libvir-list@redhat.com>; Wed, 13 May 2020 14:10:59 +0000 (UTC)
Received: from mail-qk1-f196.google.com (mail-qk1-f196.google.com
	[209.85.222.196]) (Using TLS) by relay.mimecast.com with ESMTP id
	us-mta-466-IA1Mf3EHMgCzYWE-s__iSw-1; Wed, 13 May 2020 10:10:56 -0400
Received: by mail-qk1-f196.google.com with SMTP id 190so11857298qki.1
	for <libvir-list@redhat.com>; Wed, 13 May 2020 07:10:56 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
	by smtp.gmail.com with ESMTPSA id
	y28sm9906755qtc.62.2020.05.13.07.10.53
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Wed, 13 May 2020 07:10:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1589379124;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=TR1jjpgqIoJDPwvEcF7HpYpLRRq/yeh06yHJ5P7EKXc=;
	b=KLYxvNV1A1sytmvnpB2MCeHeu4hwD//UYu/pGt1tYz6yDT/TJXGqkNOrmGcZ4viPK9bJIj
	9X548DJKICQY+oZJQUx8Uq0IZYZdXmvAcK/tYQqy90SInUnTxjc1jrGAsp7RJCAx7CWJFH
	gEZr4WEzsP5M85aZD/y20Ccjj2k/V+0=
X-MC-Unique: lNH-WEwlNmm04CpaHi61nw-1
X-MC-Unique: IA1Mf3EHMgCzYWE-s__iSw-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references:mime-version:content-transfer-encoding;
	bh=TR1jjpgqIoJDPwvEcF7HpYpLRRq/yeh06yHJ5P7EKXc=;
	b=IYTpsNBtwK8B6OqI546nahaKPyti7gnG1FwPpOq0d9drfW0mfMGSxVcXapgop/z7nc
	+2x83+PIpxLKqHKvLZwn3r0MoFXgs5Hlt/9QNQH7oJdMfsLsrMTIJP3OKVWfuz9RdcCZ
	m95ipggNgKlq4CMZNJ3qZe1nupBF/Jb+KUaxNuvpXAHmvp2kRDKXfmMCkFJiVeoPeNtx
	HAaop/lxoDWnWUQBZ7nsYWDLg2uyct6bwh06IPZU//3FhOOBzZCNR96p3xeVOLqhMQac
	1bWpBoT9U2e4kYYSxyvyr0yg4p32xPl6IA2G87gnF07WgBNrvrxuTtRPpKs0YDydnAHa
	sbLQ==
X-Gm-Message-State: AGi0PuZ4q5uq50scXqn/jB1Y9baK8FqlEhLatvo9F1LnWUk1anWXGh0i
	vw/+EZqZXjGpNFAvQYaK6mKufJ2EDwg=
X-Google-Smtp-Source: 
 APiQypKpCvykWK/wyuHJIjogfn3t6HsQKzAm1zgQppyasoQaRe1sD/HSA8CyiNJ9d2FlCFfHg6eTcw==
X-Received: by 2002:a37:e4c:: with SMTP id 73mr16804250qko.66.1589379055448;
	Wed, 13 May 2020 07:10:55 -0700 (PDT)
From: Daniel Henrique Barboza <danielhb413@gmail.com>
To: libvir-list@redhat.com
Subject: [PATCH v2 3/8] conf, qemu: adding 'tpmproxy' in domain definition
Date: Wed, 13 May 2020 11:10:34 -0300
Message-Id: <20200513141040.2580726-4-danielhb413@gmail.com>
In-Reply-To: <20200513141040.2580726-1-danielhb413@gmail.com>
References: <20200513141040.2580726-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza <danielhb413@gmail.com>, stefanb@linux.ibm.com,
	david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"

A TPM Proxy device can coexist with a regular TPM. The TPM Proxy
is also always a 'passthrough' device of the 'spapr-tpm-proxy'
model.

This patch adds a pointer to this device in the domain definition
called 'tpmproxy'. This pointer is handled like the existing
'tpm' pointer of the VIR_DOMAIN_TPM_TYPE_PASSTHROUGH type.
Cgroup, DAC/SELinux and qemu validation code was adapted to handle
this new domain device.

XML functions to parse and format this new device from/to XML
will be added in the next patch, together with the logic that
will guarantee the assumptions made in the first paragraph.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
---
 src/conf/domain_audit.c         |  3 +++
 src/conf/domain_conf.c          | 18 ++++++++++++++++++
 src/conf/domain_conf.h          |  2 ++
 src/qemu/qemu_cgroup.c          | 12 +++++++++---
 src/qemu/qemu_domain.c          |  9 +++++----
 src/qemu/qemu_validate.c        | 12 ++++++++++++
 src/security/security_dac.c     | 14 ++++++++++++++
 src/security/security_selinux.c | 11 +++++++++++
 8 files changed, 74 insertions(+), 7 deletions(-)

diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 1b0abb21a0..4575f66e45 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -824,6 +824,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *rea=
son, bool success)
     if (vm->def->tpm)
         virDomainAuditTPM(vm, vm->def->tpm, "start", true);
=20
+    if (vm->def->tpmproxy)
+        virDomainAuditTPM(vm, vm->def->tpmproxy, "start", true);
+
     for (i =3D 0; i < vm->def->nshmems; i++)
         virDomainAuditShmem(vm, vm->def->shmems[i], "start", true);
=20
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index c201fc901d..01a32f62d1 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1165,6 +1165,7 @@ VIR_ENUM_IMPL(virDomainTPMModel,
               "tpm-tis",
               "tpm-crb",
               "tpm-spapr",
+              "spapr-tpm-proxy",
 );
=20
 VIR_ENUM_IMPL(virDomainTPMBackend,
@@ -3480,6 +3481,7 @@ void virDomainDefFree(virDomainDefPtr def)
     VIR_FREE(def->mems);
=20
     virDomainTPMDefFree(def->tpm);
+    virDomainTPMDefFree(def->tpmproxy);
=20
     for (i =3D 0; i < def->npanics; i++)
         virDomainPanicDefFree(def->panics[i]);
@@ -4318,6 +4320,12 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr d=
ef,
         if ((rc =3D cb(def, &device, &def->tpm->info, opaque)) !=3D 0)
             return rc;
     }
+    if (def->tpmproxy) {
+        device.type =3D VIR_DOMAIN_DEVICE_TPM;
+        device.data.tpm =3D def->tpmproxy;
+        if ((rc =3D cb(def, &device, &def->tpmproxy->info, opaque)) !=3D 0)
+            return rc;
+    }
     device.type =3D VIR_DOMAIN_DEVICE_PANIC;
     for (i =3D 0; i < def->npanics; i++) {
         device.data.panic =3D def->panics[i];
@@ -24344,6 +24352,16 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPtr=
 src,
         goto error;
     }
=20
+    if (src->tpmproxy && dst->tpmproxy) {
+        if (!virDomainTPMDefCheckABIStability(src->tpmproxy, dst->tpmproxy=
))
+            goto error;
+    } else if (src->tpmproxy || dst->tpmproxy) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                       _("Either both target and source domains or none of=
 "
+                         "them must have TPM Proxy device present"));
+        goto error;
+    }
+
     if (src->nmems !=3D dst->nmems) {
         virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                        _("Target domain memory device count %zu "
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index ddc75d8de2..8f178ade34 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1293,6 +1293,7 @@ typedef enum {
     VIR_DOMAIN_TPM_MODEL_TIS,
     VIR_DOMAIN_TPM_MODEL_CRB,
     VIR_DOMAIN_TPM_MODEL_SPAPR,
+    VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY,
=20
     VIR_DOMAIN_TPM_MODEL_LAST
 } virDomainTPMModel;
@@ -2628,6 +2629,7 @@ struct _virDomainDef {
     virDomainMemballoonDefPtr memballoon;
     virDomainNVRAMDefPtr nvram;
     virDomainTPMDefPtr tpm;
+    virDomainTPMDefPtr tpmproxy;
     virCPUDefPtr cpu;
     virSysinfoDefPtr sysinfo;
     virDomainRedirFilterDefPtr redirfilter;
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index 2e019b64af..2ed4341655 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -333,10 +333,13 @@ qemuSetupChardevCgroupCB(virDomainDefPtr def G_GNUC_U=
NUSED,
=20
=20
 static int
-qemuSetupTPMCgroup(virDomainObjPtr vm)
+qemuSetupTPMCgroup(virDomainObjPtr vm,
+                   virDomainTPMDefPtr dev)
 {
     int ret =3D 0;
-    virDomainTPMDefPtr dev =3D vm->def->tpm;
+
+    if (!dev)
+        return 0;
=20
     switch (dev->type) {
     case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
@@ -806,7 +809,10 @@ qemuSetupDevicesCgroup(virDomainObjPtr vm)
                                vm) < 0)
         return -1;
=20
-    if (vm->def->tpm && qemuSetupTPMCgroup(vm) < 0)
+    if (qemuSetupTPMCgroup(vm, vm->def->tpm) < 0)
+        return -1;
+
+    if (qemuSetupTPMCgroup(vm, vm->def->tpmproxy) < 0)
         return -1;
=20
     for (i =3D 0; i < vm->def->nhostdevs; i++) {
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index a1b250fd0b..a344f8a0e6 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -11574,11 +11574,9 @@ qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr =
cfg G_GNUC_UNUSED,
=20
 static int
 qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED,
-                   virDomainObjPtr vm,
+                   virDomainTPMDefPtr dev,
                    const struct qemuDomainCreateDeviceData *data)
 {
-    virDomainTPMDefPtr dev =3D vm->def->tpm;
-
     if (!dev)
         return 0;
=20
@@ -11823,7 +11821,10 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cf=
g,
     if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0)
         goto cleanup;
=20
-    if (qemuDomainSetupTPM(cfg, vm, &data) < 0)
+    if (qemuDomainSetupTPM(cfg, vm->def->tpm, &data) < 0)
+        goto cleanup;
+
+    if (qemuDomainSetupTPM(cfg, vm->def->tpmproxy, &data) < 0)
         goto cleanup;
=20
     if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0)
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 584d1375b8..7210be3532 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -3602,6 +3602,7 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
     case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
         if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_TPM_PASSTHROUGH))
             goto no_support;
+
         break;
=20
     case VIR_DOMAIN_TPM_TYPE_EMULATOR:
@@ -3623,6 +3624,17 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
     case VIR_DOMAIN_TPM_MODEL_SPAPR:
         flag =3D QEMU_CAPS_DEVICE_TPM_SPAPR;
         break;
+    case VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY:
+        if (!ARCH_IS_PPC64(def->os.arch)) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("TPM Proxy model %s is only available for "
+                             "PPC64 guests"),
+                          virDomainTPMModelTypeToString(tpm->model));
+            return -1;
+        }
+
+        flag =3D QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY;
+        break;
     case VIR_DOMAIN_TPM_MODEL_LAST:
     default:
         virReportEnumRangeError(virDomainTPMModel, tpm->model);
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index bdc2d7edf3..e0542d2839 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1980,6 +1980,13 @@ virSecurityDACRestoreAllLabel(virSecurityManagerPtr =
mgr,
             rc =3D -1;
     }
=20
+    if (def->tpmproxy) {
+        if (virSecurityDACRestoreTPMFileLabel(mgr,
+                                              def,
+                                              def->tpmproxy) < 0)
+            rc =3D -1;
+    }
+
     if (def->sev) {
         if (virSecurityDACRestoreSEVLabel(mgr, def) < 0)
             rc =3D -1;
@@ -2159,6 +2166,13 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr,
             return -1;
     }
=20
+    if (def->tpmproxy) {
+        if (virSecurityDACSetTPMFileLabel(mgr,
+                                          def,
+                                          def->tpmproxy) < 0)
+            return -1;
+    }
+
     if (def->sev) {
         if (virSecurityDACSetSEVLabel(mgr, def) < 0)
             return -1;
diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index 9a929debe1..e80d43c0a7 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2763,6 +2763,12 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManager=
Ptr mgr,
             rc =3D -1;
     }
=20
+    if (def->tpmproxy) {
+        if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def,
+                                                     def->tpmproxy) < 0)
+            rc =3D -1;
+    }
+
     struct _virSecuritySELinuxChardevCallbackData chardevData =3D {
         .mgr =3D mgr,
         .chardevStdioLogd =3D chardevStdioLogd
@@ -3171,6 +3177,11 @@ virSecuritySELinuxSetAllLabel(virSecurityManagerPtr =
mgr,
             return -1;
     }
=20
+    if (def->tpmproxy) {
+        if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpmproxy) < 0)
+            return -1;
+    }
+
     struct _virSecuritySELinuxChardevCallbackData chardevData =3D {
         .mgr =3D mgr,
         .chardevStdioLogd =3D chardevStdioLogd
--=20
2.26.2