From nobody Thu Apr 25 15:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398286; cv=none; d=zohomail.com; s=zohoarc; b=KvQ4Zb9FazeXsRGKDycaQRCmihRidacG7EJSLjVv6ypsQC1k40WTlYQspykJs1OIvdwqgJV4Y7/bynROBaIbUHd5bQm7NdA+EzMQQyXHYr2wbNRDYIYHcviGuba18d3MpFJDx//aN0M6SELGbF3ozt7IMS5v1Kw2Tl9AkeE8Z7Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398286; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=IV+Q+U0CvRGut12xzbs5YX4QzOLPv3yApYVhkukzz+M=; b=Gi8KYmMDYXNyuPv28zRgMV47KlAS7j+el3si0uYnD1TG4Sk7spnppSGJPXPrPHKPY9ttgWLs8PMHpHzBVA2eC47J+9HEfAkPkkEEPnWVvPkNH6aZMpxUQ+5D1MKr6zJPw/nhvRqDV48oALKV9mAycFko/yeJhkHyU3RP9yqJwQc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1589398286346913.4093534047414; Wed, 13 May 2020 12:31:26 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-474-OLXVZzV7OGC54EA9YqC5-g-1; Wed, 13 May 2020 15:31:22 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2165E107ACF4; Wed, 13 May 2020 19:31:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F15FB60C84; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C38021809563; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJVAES021922 for ; Wed, 13 May 2020 15:31:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id E07E242AD3; Wed, 13 May 2020 19:31:09 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DA99F115E0B for ; Wed, 13 May 2020 19:31:07 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 840AA101A526 for ; Wed, 13 May 2020 19:31:07 +0000 (UTC) Received: from mail-qv1-f65.google.com (mail-qv1-f65.google.com [209.85.219.65]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-424-568-Zas7PA6GOeo0RBnKTw-1; Wed, 13 May 2020 15:31:02 -0400 Received: by mail-qv1-f65.google.com with SMTP id di6so483395qvb.10 for ; Wed, 13 May 2020 12:31:02 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398285; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=IV+Q+U0CvRGut12xzbs5YX4QzOLPv3yApYVhkukzz+M=; b=WODajYsJpzYxmcTqjDCIrmxo4TXUkVV+8/K6mFWygFmUm3IpVXClsXOEuUqSSJFgwm6aZY +Pyy5D07nDbCq4AHjyQgzDLiThq8Y/Nd/xeAeE+jfTazxPx8zAypVauaXA33M5pu23dkjy QyZKxcGYJmXrIHR/hFBvwm4PdhLtlgo= X-MC-Unique: OLXVZzV7OGC54EA9YqC5-g-1 X-MC-Unique: 568-Zas7PA6GOeo0RBnKTw-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=IV+Q+U0CvRGut12xzbs5YX4QzOLPv3yApYVhkukzz+M=; b=EyVrsYFkY7AZU9tbR0W+Lj7rKOH8+YJLkvIzQiIpjFYUV28I2ggiMa66HBEajKiUDD OMbhCc8HVEVy0p431iTJxXXadkw+UnbsR6ysPtWtKxfaNvY5wEcgjDRgxOf3XPb58qyB /bf/G9QFNifUw4NJv0Ht24TjJEEcfYXRNKgMBY3JtXJS4pT01aeNV6Y17GwCwSp9wL1G F3OLDyUOl8ubzvKueHZYspS9qamyb0l1ngxIDQQAHEUpxgTSwiLq5uKUElouk+n+wGMX 01EzfcSnzOIU9iWxfQcmz3zIjwgnes3PYwKmzfNOvm6KBL6XHlNQxE8BAMITLPfqXTBQ Di/A== X-Gm-Message-State: AOAM533k0ZPYUlGgfdVO8J5KIFaalYx1FM47M6lDACz2zBLJI1dz1D9H KyxyBuGpft/jI9WctZKL4+N+kZx0 X-Google-Smtp-Source: ABdhPJxqfmgqFH8t+ahu+bckSeDVe+t2CeMb5fE1L7wWsZFVh2JqVs8YQy2Wqa/m3ZHSPdGw22nUVA== X-Received: by 2002:ad4:556a:: with SMTP id w10mr1294588qvy.100.1589398261523; Wed, 13 May 2020 12:31:01 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 1/9] docs: documentation and schema for the new TPM Proxy model Date: Wed, 13 May 2020 16:30:36 -0300 Message-Id: <20200513193044.3401170-2-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" QEMU 4.1.0 introduced a new device type called TPM Proxy, currently implemented by PPC64 guests via a new virtual device called 'spapr-tpm-proxy' (see QEMU 0fb6bd073230 for more info). The TPM Proxy device interacts with a TPM Resource Manager, a host device capable of multiplexing the host TPM with multiple processes. This allows multiple guests to access some TPM features at the same time. Note that this mode of operation does not provide full TPM features to be available for the guest - for that case the guest still needs to assign a vTPM device (tpm-spapr for PPC64 guests). Although redundant, there is currently no technical limitation for a guest to assign both a vTPM and a TPM Proxy at the same time. This patch adds documentation and schema for a new TPM model type called 'spapr-tpm-proxy' that creates this new TPM Proxy device. This model is valid only for the 'passthrough' backend. An example of a TPM Proxy device connected to a TPM Resource Manager '/dev/tpmrm0' will look like this: Signed-off-by: Daniel Henrique Barboza Reviewed-by: Stefan Berger --- docs/formatdomain.html.in | 18 +++++++++++++++++- docs/schemas/domaincommon.rng | 1 + 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 23eb029234..15a92aa4f4 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -8792,6 +8792,17 @@ qemu-kvm -net nic,model=3D? /dev/null backend device is a TPM 2.0. Since 6.1.0, pSeries guests on PPC64 are supported and the default is tpm-spapr. + + Since 6.4.0, a new model called + spapr-tpm-proxy was added for pSeries guests. This = model + only works with the 'passthrough' backend. It creates a TPM Proxy + device that communicates with an existing TPM Resource Manager i= n the host, + for example /dev/tpmrm0, enabling the guest to run in secure vir= tual machine + mode with the help of an Ultravisor. Adding a TPM Proxy to a pSe= ries guest + brings no security benefits unless the guest is running on a PPC= 64 host that + has an Ultravisor and a TPM Resource Manager. Only one TPM Proxy= device is + allowed per guest, but a TPM Proxy device can be added together = with + other TPM devices.

backend
@@ -8804,7 +8815,7 @@ qemu-kvm -net nic,model=3D? /dev/null
passthrough

- Use the host's TPM device. + Use the host's TPM or TPM Resource Manager device.

This backend type requires exclusive access to a TPM device = on @@ -8812,6 +8823,11 @@ qemu-kvm -net nic,model=3D? /dev/null qualified file name is specified by path attribute of the source element. If no file name is specified th= en /dev/tpm0 is automatically used. + + Since 6.4.0, when choosing the + spapr-tpm-proxy model, the file name specified = is + expected to be a TPM Resource Manager device, e.g. + /dev/tpmrm0.

diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 9d60b090f3..50860419c3 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -4610,6 +4610,7 @@ tpm-tis tpm-crb tpm-spapr + spapr-tpm-proxy --=20 2.26.2 From nobody Thu Apr 25 15:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398282; cv=none; d=zohomail.com; s=zohoarc; b=AlejemK2z4IvEEPCqexNJQcI8eOEhNwlSyeHGBLSOLGn4ghlaNqXikbAjaSAgQKOoZVY/NChto216tE7s+KHZun+C+cvjNx+6fSLwFWTVqE33PjZNRJoe7BFBQhaPSm5td7arWt4bWRibhqDvBMhSxiD/vt04zFclRMxIZRtaao= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398282; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=vRUaZZEnHN1eeDkhQOMTwTXA5NE/HD02rJq8NfOYpb0=; b=SNNL1H+NXZQhy+xfvop51mHG3VLvesASVuHdQy5rB5Gs+QTw2lV72faxShtDPrccwFYDpRvuYPCxc2sd6b0r8fn2HO92gyEB0mWTtyJlvL/1TGK3ppNq/VzuKo6yNKL1J3Zr5ViZyxi+yp9DA46q2k7woOdr1KoeISz3aj+EeE0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1589398282348109.41400161637534; Wed, 13 May 2020 12:31:22 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-480-zwlY68DuOGWDiLvOuhcbyA-1; Wed, 13 May 2020 15:31:18 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 49984801504; Wed, 13 May 2020 19:31:13 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D4C3560C87; Wed, 13 May 2020 19:31:11 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 729164CA95; Wed, 13 May 2020 19:31:11 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJV80a021912 for ; Wed, 13 May 2020 15:31:08 -0400 Received: by smtp.corp.redhat.com (Postfix) id 91E65104FA97; Wed, 13 May 2020 19:31:08 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 81272104FAA5 for ; Wed, 13 May 2020 19:31:06 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2461B8007C8 for ; Wed, 13 May 2020 19:31:06 +0000 (UTC) Received: from mail-qv1-f67.google.com (mail-qv1-f67.google.com [209.85.219.67]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-195-w0mrKAR8P3uvxg3wi5Kw7Q-1; Wed, 13 May 2020 15:31:04 -0400 Received: by mail-qv1-f67.google.com with SMTP id 59so471565qva.13 for ; Wed, 13 May 2020 12:31:03 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398281; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=vRUaZZEnHN1eeDkhQOMTwTXA5NE/HD02rJq8NfOYpb0=; b=W6lPD76LiMBvuvW0Q3IlnxYadhT0DqJaWgd5ZIoGw6oRZzhyiidZF1+24vr4KFJjp2QT3a daLN/vEHxIyxanETgOHVBD/fHqzENnGdOu+P2U2Hl84//Yde2BZjfQ/5v2/hY/O7WPVoDB n/iyXL3dpetrGO5fYIreE2Nxm1kVEB0= X-MC-Unique: zwlY68DuOGWDiLvOuhcbyA-1 X-MC-Unique: w0mrKAR8P3uvxg3wi5Kw7Q-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=vRUaZZEnHN1eeDkhQOMTwTXA5NE/HD02rJq8NfOYpb0=; b=kq2QkY4MDWhP501c0T2wbSM2v/4RFC8FOA08h+U0bjWL3j6glD0u8Fa+vMqTXGDvw+ N/z6l+YZ0Pr7A0MqRWhRlH6RvsaIO5mMz4MUmX0b9JeUgfmQ+8y5uO++Elo/z7hhxOx4 J+fDnXhTOHst0IgOZT4Ghl7V9baklZAIswObj4ApG7tafc8iCqzvikBzrewCBH1ggtx0 k3PcYPsvX63lBdK3xf6AElvZ7ZCK1Ov2p3d/dyiq49hiaiMISG4QGjE8wyeBmairTmJn 2btY0m2+4ewffyapXMKFhZRJyLnZJR1vuYE2maUTJ9jz2Nx+B/47d8/JWf/vvE2x9+ZT dzsg== X-Gm-Message-State: AOAM533DQwkYHADcSDjFk7YuC8mibtFnrbL8RGVaV530Syp42gAgqmB2 s9OYQ0uT7GRiDGKE/2CsaCzO4xM1 X-Google-Smtp-Source: ABdhPJxvUKfUQDGpsdkDgiHq5o9DHW5F5FqVr1cXQawr5pF5dlAkD3woeQsKaB4sFTbVIkou91mzJQ== X-Received: by 2002:ad4:42c7:: with SMTP id f7mr1241934qvr.127.1589398263122; Wed, 13 May 2020 12:31:03 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 2/9] qemu: Extend QEMU capabilities with 'spapr-tpm-proxy' Date: Wed, 13 May 2020 16:30:37 -0300 Message-Id: <20200513193044.3401170-3-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Expose the TPM Proxy support for PPC64 guests by creating a new cap called QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY. This device is part of the machinery the guest need to orchestrate with the PPC64 Ultravisor the transition to the Secure VM (SVM) mode. Inside QEMU, this device will be used with the H_TPM_COMM hypercall to connect with the TPM Resource Manager, enabling the guest to open and close TPM sessions with the host TPM. Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_capabilities.c | 4 ++++ src/qemu/qemu_capabilities.h | 3 +++ tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + 4 files changed, 9 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 7e711f22f8..d0d8b1ebf5 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -582,6 +582,9 @@ VIR_ENUM_IMPL(virQEMUCaps, "tcg", "virtio-blk-pci.scsi.default.disabled", "pvscsi", + + /* 370 */ + "spapr-tpm-proxy", ); =20 =20 @@ -1304,6 +1307,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "vhost-user-fs-device", QEMU_CAPS_DEVICE_VHOST_USER_FS }, { "tcg-accel", QEMU_CAPS_TCG }, { "pvscsi", QEMU_CAPS_SCSI_PVSCSI }, + { "spapr-tpm-proxy", QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY }, }; =20 =20 diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 6bfc7386e3..fa22856e12 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -564,6 +564,9 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ QEMU_CAPS_VIRTIO_BLK_SCSI_DEFAULT_DISABLED, /* virtio-blk-pci.scsi dis= abled by default */ QEMU_CAPS_SCSI_PVSCSI, /* -device pvscsi */ =20 + /* 370 */ + QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY, /* -device spapr-tpm-proxy */ + QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; =20 diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_4.2.0.ppc64.xml index a68786ddc8..9df68ebfc1 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml @@ -185,6 +185,7 @@ + 4001050 0 42900242 diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_5.0.0.ppc64.xml index c8cc07d954..77f51fe4d8 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml @@ -201,6 +201,7 @@ + 5000000 0 42900241 --=20 2.26.2 From nobody Thu Apr 25 15:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398286; cv=none; d=zohomail.com; s=zohoarc; b=N1aOyrloA4DOIY3uCbqGJN+0xEgq++YTu5OXV5cQBIx3Kzh3PKA/2WODQawZrXMiUQKqjOT2B8mWfFfuGYH+jqLWakVLOB6wtUOlqfF0voDXCtrd9NMPfxt/fqJKIkZomkiIAiqn+GMlat1k13Ttt/kpXI3yUKLCTHMt03ln200= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398286; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=TR1jjpgqIoJDPwvEcF7HpYpLRRq/yeh06yHJ5P7EKXc=; b=HzXO4qTwEal9uoEJGo5+FnHwEtH/+k2lX18FKjvnmTcbifLEMemOZH+lIvyZj/OtsCBvKWkPPGypIBRWhRitzpxdxBj25Uao+Kdi8Ys6LFBJLJLZ88fyVOyBwc5YRhid8hyN2S2GkffuYLai/HswJdmuJyhWNmJ/EfVKALwGCUM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1589398286591655.9346030676973; Wed, 13 May 2020 12:31:26 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-453-UQFi7kJxPbmKz2Y2v6bmnA-1; Wed, 13 May 2020 15:31:21 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 858B4107ACF9; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5DD5910013D9; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2DBE64E561; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJVBcW021931 for ; Wed, 13 May 2020 15:31:12 -0400 Received: by smtp.corp.redhat.com (Postfix) id AD6612029F71; Wed, 13 May 2020 19:31:11 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 66E822018296 for ; Wed, 13 May 2020 19:31:08 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0FAC5811E77 for ; Wed, 13 May 2020 19:31:08 +0000 (UTC) Received: from mail-qv1-f68.google.com (mail-qv1-f68.google.com [209.85.219.68]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-6--nphccmaNcONlRVqvWgvoQ-1; Wed, 13 May 2020 15:31:05 -0400 Received: by mail-qv1-f68.google.com with SMTP id ee19so476121qvb.11 for ; Wed, 13 May 2020 12:31:05 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398285; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=TR1jjpgqIoJDPwvEcF7HpYpLRRq/yeh06yHJ5P7EKXc=; b=MZzXFgyTeKnas5zqMFqktw5t2zzuFw3ib8dDzQi8KsKGkKiJQlQxmot9IAMiPK4S41RkBa bJg/3Br4KRerB1T5fVjIJLd9qSbvgNeiaPno4meqgOc6t5zeEtw6JjHKpibK/6iQVneZIv nUIQrQM18K1Wb6wESUSk1Bg2SrJUVTI= X-MC-Unique: UQFi7kJxPbmKz2Y2v6bmnA-1 X-MC-Unique: -nphccmaNcONlRVqvWgvoQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=TR1jjpgqIoJDPwvEcF7HpYpLRRq/yeh06yHJ5P7EKXc=; b=Pqm8iooEdi95ZVNpLtvY5IC0DzLifNFm1kgPrn1XahPNf11sU4eqmwDTStrcu69CU9 gK8f0+0WyVPhZ2kj3RqOiVLgeRLi4Evfm2JoDW3e6Ep1SqdPVFbW9jKqfYHVEG/3Q4NW gMAvK5bOuuq6jFv9dnFyH6Kjbp3BrMjm/CCJ+gPCD2l2KZuVjW2DFzSEyEOnCfNmDBWj e3cXkV9psQAUfDuHXbEMCs6mzv+5haNIedF/jSo9jC3CpR+5cSfPK+peqTRPwNtaxB4s Y2q3YZ5SEdoF+VPUJR3djDd+k/+0zCbZVIPUjS51Wzd7wK3h1naZRGCnSgxXOP/sNfzV VBqQ== X-Gm-Message-State: AOAM531yVsV0DdY1tKldAPT8OU5u/++mCxmARdxCTQAXHu2Ky/t7keGt Woq4ZGoaMyXzKzajLbiXrTucEedj X-Google-Smtp-Source: ABdhPJxlheUXjTey/67w3P6X6tW7KiiAKXVS5Z8beruI2gkfLAgxYN3IBEwI6AYEX+PMgU05Ih++oA== X-Received: by 2002:ad4:58af:: with SMTP id ea15mr1247997qvb.47.1589398264695; Wed, 13 May 2020 12:31:04 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 3/9] conf, qemu: adding 'tpmproxy' in domain definition Date: Wed, 13 May 2020 16:30:38 -0300 Message-Id: <20200513193044.3401170-4-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" A TPM Proxy device can coexist with a regular TPM. The TPM Proxy is also always a 'passthrough' device of the 'spapr-tpm-proxy' model. This patch adds a pointer to this device in the domain definition called 'tpmproxy'. This pointer is handled like the existing 'tpm' pointer of the VIR_DOMAIN_TPM_TYPE_PASSTHROUGH type. Cgroup, DAC/SELinux and qemu validation code was adapted to handle this new domain device. XML functions to parse and format this new device from/to XML will be added in the next patch, together with the logic that will guarantee the assumptions made in the first paragraph. Signed-off-by: Daniel Henrique Barboza Reviewed-by: Stefan Berger --- src/conf/domain_audit.c | 3 +++ src/conf/domain_conf.c | 18 ++++++++++++++++++ src/conf/domain_conf.h | 2 ++ src/qemu/qemu_cgroup.c | 12 +++++++++--- src/qemu/qemu_domain.c | 9 +++++---- src/qemu/qemu_validate.c | 12 ++++++++++++ src/security/security_dac.c | 14 ++++++++++++++ src/security/security_selinux.c | 11 +++++++++++ 8 files changed, 74 insertions(+), 7 deletions(-) diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c index 1b0abb21a0..4575f66e45 100644 --- a/src/conf/domain_audit.c +++ b/src/conf/domain_audit.c @@ -824,6 +824,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *rea= son, bool success) if (vm->def->tpm) virDomainAuditTPM(vm, vm->def->tpm, "start", true); =20 + if (vm->def->tpmproxy) + virDomainAuditTPM(vm, vm->def->tpmproxy, "start", true); + for (i =3D 0; i < vm->def->nshmems; i++) virDomainAuditShmem(vm, vm->def->shmems[i], "start", true); =20 diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index c201fc901d..01a32f62d1 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1165,6 +1165,7 @@ VIR_ENUM_IMPL(virDomainTPMModel, "tpm-tis", "tpm-crb", "tpm-spapr", + "spapr-tpm-proxy", ); =20 VIR_ENUM_IMPL(virDomainTPMBackend, @@ -3480,6 +3481,7 @@ void virDomainDefFree(virDomainDefPtr def) VIR_FREE(def->mems); =20 virDomainTPMDefFree(def->tpm); + virDomainTPMDefFree(def->tpmproxy); =20 for (i =3D 0; i < def->npanics; i++) virDomainPanicDefFree(def->panics[i]); @@ -4318,6 +4320,12 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr d= ef, if ((rc =3D cb(def, &device, &def->tpm->info, opaque)) !=3D 0) return rc; } + if (def->tpmproxy) { + device.type =3D VIR_DOMAIN_DEVICE_TPM; + device.data.tpm =3D def->tpmproxy; + if ((rc =3D cb(def, &device, &def->tpmproxy->info, opaque)) !=3D 0) + return rc; + } device.type =3D VIR_DOMAIN_DEVICE_PANIC; for (i =3D 0; i < def->npanics; i++) { device.data.panic =3D def->panics[i]; @@ -24344,6 +24352,16 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPtr= src, goto error; } =20 + if (src->tpmproxy && dst->tpmproxy) { + if (!virDomainTPMDefCheckABIStability(src->tpmproxy, dst->tpmproxy= )) + goto error; + } else if (src->tpmproxy || dst->tpmproxy) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Either both target and source domains or none of= " + "them must have TPM Proxy device present")); + goto error; + } + if (src->nmems !=3D dst->nmems) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Target domain memory device count %zu " diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index ddc75d8de2..8f178ade34 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1293,6 +1293,7 @@ typedef enum { VIR_DOMAIN_TPM_MODEL_TIS, VIR_DOMAIN_TPM_MODEL_CRB, VIR_DOMAIN_TPM_MODEL_SPAPR, + VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY, =20 VIR_DOMAIN_TPM_MODEL_LAST } virDomainTPMModel; @@ -2628,6 +2629,7 @@ struct _virDomainDef { virDomainMemballoonDefPtr memballoon; virDomainNVRAMDefPtr nvram; virDomainTPMDefPtr tpm; + virDomainTPMDefPtr tpmproxy; virCPUDefPtr cpu; virSysinfoDefPtr sysinfo; virDomainRedirFilterDefPtr redirfilter; diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 2e019b64af..2ed4341655 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -333,10 +333,13 @@ qemuSetupChardevCgroupCB(virDomainDefPtr def G_GNUC_U= NUSED, =20 =20 static int -qemuSetupTPMCgroup(virDomainObjPtr vm) +qemuSetupTPMCgroup(virDomainObjPtr vm, + virDomainTPMDefPtr dev) { int ret =3D 0; - virDomainTPMDefPtr dev =3D vm->def->tpm; + + if (!dev) + return 0; =20 switch (dev->type) { case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: @@ -806,7 +809,10 @@ qemuSetupDevicesCgroup(virDomainObjPtr vm) vm) < 0) return -1; =20 - if (vm->def->tpm && qemuSetupTPMCgroup(vm) < 0) + if (qemuSetupTPMCgroup(vm, vm->def->tpm) < 0) + return -1; + + if (qemuSetupTPMCgroup(vm, vm->def->tpmproxy) < 0) return -1; =20 for (i =3D 0; i < vm->def->nhostdevs; i++) { diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index a1b250fd0b..a344f8a0e6 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -11574,11 +11574,9 @@ qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr = cfg G_GNUC_UNUSED, =20 static int qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, + virDomainTPMDefPtr dev, const struct qemuDomainCreateDeviceData *data) { - virDomainTPMDefPtr dev =3D vm->def->tpm; - if (!dev) return 0; =20 @@ -11823,7 +11821,10 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cf= g, if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupTPM(cfg, vm, &data) < 0) + if (qemuDomainSetupTPM(cfg, vm->def->tpm, &data) < 0) + goto cleanup; + + if (qemuDomainSetupTPM(cfg, vm->def->tpmproxy, &data) < 0) goto cleanup; =20 if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0) diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 584d1375b8..7210be3532 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -3602,6 +3602,7 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm, case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_TPM_PASSTHROUGH)) goto no_support; + break; =20 case VIR_DOMAIN_TPM_TYPE_EMULATOR: @@ -3623,6 +3624,17 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm, case VIR_DOMAIN_TPM_MODEL_SPAPR: flag =3D QEMU_CAPS_DEVICE_TPM_SPAPR; break; + case VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY: + if (!ARCH_IS_PPC64(def->os.arch)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("TPM Proxy model %s is only available for " + "PPC64 guests"), + virDomainTPMModelTypeToString(tpm->model)); + return -1; + } + + flag =3D QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY; + break; case VIR_DOMAIN_TPM_MODEL_LAST: default: virReportEnumRangeError(virDomainTPMModel, tpm->model); diff --git a/src/security/security_dac.c b/src/security/security_dac.c index bdc2d7edf3..e0542d2839 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1980,6 +1980,13 @@ virSecurityDACRestoreAllLabel(virSecurityManagerPtr = mgr, rc =3D -1; } =20 + if (def->tpmproxy) { + if (virSecurityDACRestoreTPMFileLabel(mgr, + def, + def->tpmproxy) < 0) + rc =3D -1; + } + if (def->sev) { if (virSecurityDACRestoreSEVLabel(mgr, def) < 0) rc =3D -1; @@ -2159,6 +2166,13 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr, return -1; } =20 + if (def->tpmproxy) { + if (virSecurityDACSetTPMFileLabel(mgr, + def, + def->tpmproxy) < 0) + return -1; + } + if (def->sev) { if (virSecurityDACSetSEVLabel(mgr, def) < 0) return -1; diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 9a929debe1..e80d43c0a7 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -2763,6 +2763,12 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManager= Ptr mgr, rc =3D -1; } =20 + if (def->tpmproxy) { + if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, + def->tpmproxy) < 0) + rc =3D -1; + } + struct _virSecuritySELinuxChardevCallbackData chardevData =3D { .mgr =3D mgr, .chardevStdioLogd =3D chardevStdioLogd @@ -3171,6 +3177,11 @@ virSecuritySELinuxSetAllLabel(virSecurityManagerPtr = mgr, return -1; } =20 + if (def->tpmproxy) { + if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpmproxy) < 0) + return -1; + } + struct _virSecuritySELinuxChardevCallbackData chardevData =3D { .mgr =3D mgr, .chardevStdioLogd =3D chardevStdioLogd --=20 2.26.2 From nobody Thu Apr 25 15:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398287; cv=none; d=zohomail.com; s=zohoarc; b=nsGzSocyak3IirA7R9NwdE3WTglO7JE4r9pHdpDG++fTk4i+wNyWwqqjzBwBp/gva8dRfcHX8y7/YTVsDHVny/8O148DOYmrnonqxfKDkNHrzzdee+ng6niAEOrXN9bFeqNHYVTRLY3hGb45nEjf2ZB4yj0Jtz9lI0w23O2Fa/Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398287; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=nPYRQ7jObmPc5UxjJMA5oQTzuNj/FuCNxknRvxyEZe8=; b=PB44/Cid3NBxI1c5gxb8BjJ3k60dBvLdtjSO64THVdD4fvrrDEmD7FnWJS2MKryjNj4fHUb9cEsDfngJgVGJ33p6YqFZ8dTo4oPtF6laZRQeA+Pl9lzMHSYJGsw8IqCDyofXrwn3AWxUgOXwmGb8BhqXePuOJxclSjeuz8UES84= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1589398287840285.2769755445279; Wed, 13 May 2020 12:31:27 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-263-jSv1R97_PdWER4b3WkOjLA-1; Wed, 13 May 2020 15:31:23 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 661EB19067E8; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 461B761F50; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 18F424E44C; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJVC6A021952 for ; Wed, 13 May 2020 15:31:13 -0400 Received: by smtp.corp.redhat.com (Postfix) id D47312156A4F; Wed, 13 May 2020 19:31:12 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B41DD2156A4B for ; Wed, 13 May 2020 19:31:09 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AC687916103 for ; Wed, 13 May 2020 19:31:09 +0000 (UTC) Received: from mail-qv1-f45.google.com (mail-qv1-f45.google.com [209.85.219.45]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-259-i0ACn0uDPJ-Yn48aWRcSkQ-1; Wed, 13 May 2020 15:31:07 -0400 Received: by mail-qv1-f45.google.com with SMTP id z5so503779qvw.4 for ; Wed, 13 May 2020 12:31:06 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398285; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=nPYRQ7jObmPc5UxjJMA5oQTzuNj/FuCNxknRvxyEZe8=; b=gaJ6zuh72MzQI99NU+egPCJHPujRmpewGl+oR/4nCqVSBTvLXF5Vr6zMRsgd3Aw33cBcWi /O70OO/Ta5grgTBNmrAjoIarhdDgxggfkBnLK0Okh2eQjkEdECyOTWdDTXmgOAVSwCItUX je94d+FQTPg22WlFM/jc3FjvstIUHMk= X-MC-Unique: jSv1R97_PdWER4b3WkOjLA-1 X-MC-Unique: i0ACn0uDPJ-Yn48aWRcSkQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nPYRQ7jObmPc5UxjJMA5oQTzuNj/FuCNxknRvxyEZe8=; b=MnTLxHCL8sqjiArfyO6bl6H9DxgXy8PMoTJZy5uoBsnwpZUsOY+iU64iLVnWqTPfWR mM/enQ8StGbBOFuqjU4LxqiOc/fXeGF9Zff8nG0WsVLwZUDRglrOLXWwuY/cXLkfcau+ W6wScq8MTsM1I7PCjq6DdFqjfxXKE2zVKW8bTM02nt2AdEaMH3uulgwCao5w/+4v9Cyy lwqDa1wb4QfFTSDOuqru3gRCPw3JMCmF0Zq2hh8BD3sMQ+Nmd6yV/V0JK6Mqmzu9tdU6 tZVNWkiR5IKeFQbHREz9cmeZuOpudgkaCYTGGC7M8wGN1gxVDM7mKuJvYPBYLTdH5cAM I7CQ== X-Gm-Message-State: AOAM531qI2hHNH4bxeuN1BRiXfifUOHY6Mk75V4eLv6tX1ack4nDzpIA LqtGzSADCkvPZFQuEHu2fbaLJmwQ X-Google-Smtp-Source: ABdhPJy9nuyimtV1C9l9q7o1DTyhuYPqGi1ATE2Iv1ctTBOTTKR7uYxQEv+RfTkSVNylZnXHb/Jg2g== X-Received: by 2002:ad4:4f01:: with SMTP id fb1mr1305778qvb.162.1589398266348; Wed, 13 May 2020 12:31:06 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 4/9] conf, domain: register AUTOPTR_CLEANUP_FUNC for virDomainTPMDef Date: Wed, 13 May 2020 16:30:39 -0300 Message-Id: <20200513193044.3401170-5-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Next patch will make use of g_autoptr() with virDomainTPMDefPtr. Signed-off-by: Daniel Henrique Barboza Reviewed-by: Stefan Berger --- src/conf/domain_conf.h | 1 + 1 file changed, 1 insertion(+) diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 8f178ade34..60dbba3b19 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -3028,6 +3028,7 @@ virDomainDeviceInfoPtr virDomainDeviceGetInfo(virDoma= inDeviceDefPtr device); void virDomainDeviceSetData(virDomainDeviceDefPtr device, void *devicedata); void virDomainTPMDefFree(virDomainTPMDefPtr def); +G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainTPMDef, virDomainTPMDefFree); =20 typedef int (*virDomainDeviceInfoCallback)(virDomainDefPtr def, virDomainDeviceDefPtr dev, --=20 2.26.2 From nobody Thu Apr 25 15:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398290; cv=none; d=zohomail.com; s=zohoarc; b=OptGlzySE33S2oqJeJKH5QiiTCwuZSaYiVvuGiB/qygRXpKGAbtJEp+xZ7be6rvCrGWUFAhS9mSVhZx+Iw0p9v17bfGiab96JUqJAwO+dUMk/QyVclSY6TBNJMKmlDqcIz/d8AOOEnDCLAqzLLN8Dv4fwCDY2IGh2G9FHTOCZqo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398290; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=fwqHS031BTNY7s5ufY/ZvRXz9rN+Kl+ohGbdD+LkgfY=; b=mZDeh1x15Wl0pphlaPIdr5JeICpio2EvL+wiwOf2m095LBb419Bq7WfEzxqyGK4eXb86FL7veuPc5cvmPxoDAAY1M6Rp3o+cv3TIsvUsCJBPrIY6nC3YgSlfa3vbz9vshY70iXCYf8YYq/zuiSsq9YgoRG4FTgV54H1s5nbjMv8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1589398290740530.87171149891; Wed, 13 May 2020 12:31:30 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-117-yaReqeJ8Pn2D8yBZaQXrxA-1; Wed, 13 May 2020 15:31:27 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7988B80B730; Wed, 13 May 2020 19:31:19 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5B02E7529E; Wed, 13 May 2020 19:31:19 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2D8754E981; Wed, 13 May 2020 19:31:19 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJVCVC021938 for ; Wed, 13 May 2020 15:31:12 -0400 Received: by smtp.corp.redhat.com (Postfix) id 11E331182E4; Wed, 13 May 2020 19:31:12 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 934771108F9 for ; Wed, 13 May 2020 19:31:11 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 52E5818A6660 for ; Wed, 13 May 2020 19:31:11 +0000 (UTC) Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com [209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-309-dEYTQ0GmMmiedqZOvlf0sQ-1; Wed, 13 May 2020 15:31:08 -0400 Received: by mail-qt1-f194.google.com with SMTP id 4so845781qtb.4 for ; Wed, 13 May 2020 12:31:08 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398289; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=fwqHS031BTNY7s5ufY/ZvRXz9rN+Kl+ohGbdD+LkgfY=; b=YBrCMm0IHY6Z5zgo5pxZvncK3UOkAmO4vQ8PV2/eoU4ThstQTZjSwPZopBRM7c+pZYynN1 t+fIR0875S2W8mx5cyTx18I/A2tY2lncCd6CSwS8lH/3dhyxQzu0FatKkfpmPMkt09W0xD QLGnB5V+Nk1vAPH2NP9EokWruy19BtI= X-MC-Unique: yaReqeJ8Pn2D8yBZaQXrxA-1 X-MC-Unique: dEYTQ0GmMmiedqZOvlf0sQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=fwqHS031BTNY7s5ufY/ZvRXz9rN+Kl+ohGbdD+LkgfY=; b=Wt0NXyVidIP8Rw5OmMNygZJ+tTeseJObyW0XSEGg212gSta2vKhL5kPx71RII7yvFD GsaGiz8qnj1uEiuqcyHAO28DfdvwUkBzuJZ5J/O6pL1i2hIyEY1e4GTBqjfdvr42mUnb YPwBx54e9A/6Ym6p66gtkdV+u/az04tXAFeimG7G/BebK3Vs5fDTpN9SaFhkWexlfzNi A0pGI6+pCH9hb93a6K6hSgwbWcIgD7WP60vbMcLGZ8cI1mKKfPG+C1Eqa8YByV94ls+K XhaFWpe7EdTyOvLyxvlzK+ld7vOJcnUtRKc21UZkGGqz2DNz/NZqQb16c9kxfVGgSQyJ cyUA== X-Gm-Message-State: AOAM531R86fTeyQtHmxEIgIVmXSAqnXoUQ8D4AhD3gYhWUUwCwvOLhHA AbIzYkEM80Iz9TFaTH6dWBH2k/gd X-Google-Smtp-Source: ABdhPJzLTeVosJ7Kz3rzZWnUAfW/yg0PEZEL/k3A9iZ6qo8OGCBfsD5N0bqUnVgQUJQzSLyG+mvWng== X-Received: by 2002:ac8:46d3:: with SMTP id h19mr754398qto.133.1589398267953; Wed, 13 May 2020 12:31:07 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 5/9] domain_conf.c: XML parsing for VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY Date: Wed, 13 May 2020 16:30:40 -0300 Message-Id: <20200513193044.3401170-6-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Aside from trivial XML parsing/format changes, this patch adds additional rules for TPM device support to better accomodate all the available scenarios with the new TPM Proxy. The changes make no impact to existing domains. This means that the scenario of a domain with a single TPM device is still supported in the same way. The restriction of multiple TPM devices got alleviated to allow a TPM Proxy device to be added together with a TPM device in the same domain. All other combinations are still forbidden. To summarize, after this patch, the following combinations in the same domain are valid: - a single TPM device - a single TPM Proxy device - a single TPM + single TPM Proxy devices These combinations in the same domain are NOT allowed: - 2 or more TPM devices - 2 or more TPM Proxy devices Signed-off-by: Daniel Henrique Barboza Reviewed-by: Stefan Berger --- src/conf/domain_conf.c | 45 ++++++++++++++++++++++++++++++++++++++---- 1 file changed, 41 insertions(+), 4 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 01a32f62d1..8164cd58c9 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -13730,6 +13730,14 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlo= pt, goto error; } =20 + /* TPM Proxy devices have 'passthrough' backend */ + if (def->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY && + def->type !=3D VIR_DOMAIN_TPM_TYPE_PASSTHROUGH) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("'Passthrough' backend is required for TPM Proxy = devices")); + goto error; + } + if (virDomainDeviceInfoParseXML(xmlopt, node, &def->info, flags) < 0) goto error; =20 @@ -21972,15 +21980,39 @@ virDomainDefParseXML(xmlDocPtr xml, if ((n =3D virXPathNodeSet("./devices/tpm", ctxt, &nodes)) < 0) goto error; =20 - if (n > 1) { + if (n > 2) { virReportError(VIR_ERR_XML_ERROR, "%s", - _("only a single TPM device is supported")); + _("a maximum of two TPM devices is supported, one o= f " + "them being a TPM Proxy device")); goto error; } =20 if (n > 0) { - if (!(def->tpm =3D virDomainTPMDefParseXML(xmlopt, nodes[0], ctxt,= flags))) - goto error; + for (i =3D 0; i < n; i++) { + g_autoptr(virDomainTPMDef) dev =3D NULL; + + if (!(dev =3D virDomainTPMDefParseXML(xmlopt, nodes[i], ctxt, = flags))) + goto error; + + /* TPM Proxy devices must be held in def->tpmproxy. Error + * out if there's a TPM Proxy declared already */ + if (dev->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) { + if (def->tpmproxy) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("only a single TPM Proxy device is su= pported")); + goto error; + } + def->tpmproxy =3D g_steal_pointer(&dev); + } else { + /* all other TPM devices goes to def->tpm */ + if (def->tpm) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("only a single TPM non-proxy device i= s supported")); + goto error; + } + def->tpm =3D g_steal_pointer(&dev); + } + } } VIR_FREE(nodes); =20 @@ -29807,6 +29839,11 @@ virDomainDefFormatInternalSetRootName(virDomainDef= Ptr def, goto error; } =20 + if (def->tpmproxy) { + if (virDomainTPMDefFormat(buf, def->tpmproxy, flags) < 0) + goto error; + } + for (n =3D 0; n < def->ngraphics; n++) { if (virDomainGraphicsDefFormat(buf, def->graphics[n], flags) < 0) goto error; --=20 2.26.2 From nobody Thu Apr 25 15:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398290; cv=none; d=zohomail.com; s=zohoarc; b=ayRoLxSAxOPl2qCgbtVEeevrj5y5nJ4WNdGhLbd5xasCnbAB6XkgyikpsNqmNmXY+N0oyonGOgu4vqa2hTAiatrm+bhIIK3Yc5unrvX3ske34b8QsVtF2+wMuPw3nhKHZIJgFOGgbP6cAaWFwd3TZ2lT5ttG8iuKlO7rS90hC28= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398290; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FNUZL+BS8RKzH6s1+PuA+bk0G5PLxN4ipkfz+6ANIMw=; b=NexurSxPcjyYu9P5ZxeAJ434JsnuDwFkgel0KHgfYh5OrGaCuPD1caTk8+iX3KEF/h/JmXuxYWHWtNXMchgITnZ/YJePakxDTH5rvj8nEQz3iFhN/3huhYa2ptXiSX8twM13fzZ3uuABZdB8c+bQC1rxovmI5o+QXLKQRGuDZCk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1589398290761783.6494687440221; Wed, 13 May 2020 12:31:30 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-201-000Lg1KdNIOUsxnglBrWkw-1; Wed, 13 May 2020 15:31:26 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A03978018AD; Wed, 13 May 2020 19:31:18 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 81D685D9E8; Wed, 13 May 2020 19:31:18 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 545094E588; Wed, 13 May 2020 19:31:18 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJVGka021983 for ; Wed, 13 May 2020 15:31:16 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5D8FA2156A4F; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 29C222156A2D for ; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E8D0E8007AC for ; Wed, 13 May 2020 19:31:15 +0000 (UTC) Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com [209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-202-ekvMUy3kMeCd88TKSTE6nQ-1; Wed, 13 May 2020 15:31:11 -0400 Received: by mail-qt1-f194.google.com with SMTP id c24so826250qtw.7 for ; Wed, 13 May 2020 12:31:11 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398289; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=FNUZL+BS8RKzH6s1+PuA+bk0G5PLxN4ipkfz+6ANIMw=; b=hnLGFWoSR76dimqNlKtVPF8GChmXayI0NwLZI9xQjoLhYoPLSDX+bYbbdSrSNx99mrdLyN woIv8h0NYx4Zhl0taPDuWKAKQpzs4mXnD1C5++wtfcENENCQWWYCiss503rUoBLjNOghfl Ai2aCq5vlsJKJ766s0j32SW5ZbdoUcY= X-MC-Unique: 000Lg1KdNIOUsxnglBrWkw-1 X-MC-Unique: ekvMUy3kMeCd88TKSTE6nQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=FNUZL+BS8RKzH6s1+PuA+bk0G5PLxN4ipkfz+6ANIMw=; b=G6fYs0rb+BOnsO2Xifvruzje4Lu4KRdYNwl56GHWEXAGp5LbSV7iU6J5mYcMVmWo4i gXhcWG8JApWw1vbXSiPyRnH5Uot7LUN3GLfCYDLosRUfQfnTQ1ZsgccT2y7tM3HRlC8L dpiKi2AD7oCR8rIbOo+B0FML1hlumyBM+qdUSKWsM8yytLM4Oba1unx4ePWhCWDIZYHQ ooDVPi0Urr7V1t93UH5hjxCbx3sZUdSY2fDWERAJ2EH1fmNilTPb7V3xUSVbVafe8Y+W 42nvz11OlLvm+qb+aTz6ZQN7vTFyyLUp9TgCT+oXtEFyV8tZJqpR+HbICZM8kjeba6Yq m+yQ== X-Gm-Message-State: AOAM533D3kS7UwX5vO73RxhnJlvx2YAAStxo3H0mtb+KF7t7buJcrW5t +cKQs1mPz2a7+P6YUuScNzP2ZUQq X-Google-Smtp-Source: ABdhPJxH0rLKnxpwurMmiuaqtsPWPD9PtWf4eYWXj75i5FyK+dmHPNpnYHfqkK0MddMlgvCGDX/Ocg== X-Received: by 2002:ac8:1622:: with SMTP id p31mr735654qtj.256.1589398270034; Wed, 13 May 2020 12:31:10 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 6/9] tests: add XML schema tests for the TPM Proxy device Date: Wed, 13 May 2020 16:30:41 -0300 Message-Id: <20200513193044.3401170-7-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" This tests aims to exercise how a TPM Proxy device can be added in the domain, either alone or with a regular TPM device. It also ensures that we do not allow bogus scenarios to slip by. Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- tests/qemuxml2argvdata/ppc64-tpm-double.xml | 34 ++++++++++++++ .../ppc64-tpmproxy-double.xml | 38 +++++++++++++++ .../ppc64-tpmproxy-single.xml | 33 +++++++++++++ .../ppc64-tpmproxy-with-tpm.xml | 36 +++++++++++++++ tests/qemuxml2argvtest.c | 12 +++++ .../ppc64-tpmproxy-single.ppc64-latest.xml | 42 +++++++++++++++++ .../ppc64-tpmproxy-with-tpm.ppc64-latest.xml | 46 +++++++++++++++++++ tests/qemuxml2xmltest.c | 2 + 8 files changed, 243 insertions(+) create mode 100644 tests/qemuxml2argvdata/ppc64-tpm-double.xml create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-la= test.xml create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-= latest.xml diff --git a/tests/qemuxml2argvdata/ppc64-tpm-double.xml b/tests/qemuxml2ar= gvdata/ppc64-tpm-double.xml new file mode 100644 index 0000000000..8730547a4d --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpm-double.xml @@ -0,0 +1,34 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + + +
+ + + diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml b/tests/qemux= ml2argvdata/ppc64-tpmproxy-double.xml new file mode 100644 index 0000000000..12abda509e --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml @@ -0,0 +1,38 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + + + + + + +
+ + + diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml b/tests/qemux= ml2argvdata/ppc64-tpmproxy-single.xml new file mode 100644 index 0000000000..729a2cdf28 --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml @@ -0,0 +1,33 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + +
+ + + diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml b/tests/qem= uxml2argvdata/ppc64-tpmproxy-with-tpm.xml new file mode 100644 index 0000000000..a61ec9845c --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml @@ -0,0 +1,36 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + + + + +
+ + + diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 43e76956cc..ba82da5f4b 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -2966,6 +2966,18 @@ mymain(void) QEMU_CAPS_NEC_USB_XHCI, QEMU_CAPS_DEVICE_QEMU_XHCI); =20 + DO_TEST_PARSE_ERROR("ppc64-tpmproxy-double", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_PCI_OHCI, + QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, + QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY); + + DO_TEST_PARSE_ERROR("ppc64-tpm-double", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_PCI_OHCI, + QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, + QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY); + DO_TEST("aarch64-usb-controller-qemu-xhci", QEMU_CAPS_OBJECT_GPEX, QEMU_CAPS_NEC_USB_XHCI, diff --git a/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xm= l b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml new file mode 100644 index 0000000000..4e0e5f24b8 --- /dev/null +++ b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml @@ -0,0 +1,42 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + + POWER9 + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + + + + + +
+ + + + diff --git a/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.= xml b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml new file mode 100644 index 0000000000..2e0dab4b33 --- /dev/null +++ b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml @@ -0,0 +1,46 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + + POWER9 + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + +
+ + + + + + + +
+ + + + diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 033f81013e..8360d5eeca 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -609,6 +609,8 @@ mymain(void) DO_TEST("controller-usb-order", QEMU_CAPS_PIIX_DISABLE_S3, QEMU_CAPS_PIIX_DISABLE_S4); + DO_TEST_CAPS_ARCH_LATEST("ppc64-tpmproxy-single", "ppc64"); + DO_TEST_CAPS_ARCH_LATEST("ppc64-tpmproxy-with-tpm", "ppc64"); =20 DO_TEST_FULL("seclabel-dynamic-baselabel", WHEN_INACTIVE, ARG_QEMU_CAPS, NONE); --=20 2.26.2 From nobody Thu Apr 25 15:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398294; cv=none; d=zohomail.com; s=zohoarc; b=UVj9Sr1PGMLZKpZFRj5HTBz1SZCICWg+SQg8Q+pcOWl6+CNsH4oEKFmcq7A9wjiSoreRbrFSIizdGwPEmx+7A+XLFA9bqrgTIpleOzA+ID6AhI1T4vNX70dq7O+pTWnjFsfpS0WjsP8dUwj35ejMynkovRFk1rk8wWT8Cf8331M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398294; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ottAuIn2CbWBl3kn7u9cYTFgeJbktR9EGkOFwpBx640=; b=GF8YhH+7XCS88gSdQh4puiETysaXmCzLhd3su3pdgIsGsevtZleDj5vXiB9o65LPxfD5hCpcN+PByll6/AsHkpWuNf6mzTdoCbi4fxUU7nk45aS2FNuVohicb8gNlOrbzp9tsXecJ+Q9InfNaS3c8UUuAEjBVKwfmZj41vrymz8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1589398294194460.563888076131; Wed, 13 May 2020 12:31:34 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-499-JAs_VGGvPeqLykqZto5mPA-1; Wed, 13 May 2020 15:31:29 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 46922108BD0C; Wed, 13 May 2020 19:31:19 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 28AC35D9F3; Wed, 13 May 2020 19:31:19 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id EB3C41800431; Wed, 13 May 2020 19:31:18 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJVFk7021969 for ; Wed, 13 May 2020 15:31:15 -0400 Received: by smtp.corp.redhat.com (Postfix) id 3929E42AD6; Wed, 13 May 2020 19:31:15 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 27ED642ADC for ; Wed, 13 May 2020 19:31:15 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A002F833B49 for ; Wed, 13 May 2020 19:31:14 +0000 (UTC) Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com [209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-511-v7aR0d7qMp2JP5QEXqbQpQ-1; Wed, 13 May 2020 15:31:12 -0400 Received: by mail-qt1-f194.google.com with SMTP id l1so835289qtp.6 for ; Wed, 13 May 2020 12:31:12 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398293; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ottAuIn2CbWBl3kn7u9cYTFgeJbktR9EGkOFwpBx640=; b=GKyMB+iMgLfOoj7e0GxSI52I7HPQLQBFFCFyPDOJZwo3kmjbMfFluQOni/cjqCA1qfjzSg rFSa19KDtG/teD5yeca2kir4+CitYbljZ1iht9vKJyMarq2CaSrJBKRTLWBB3wTeQ+IVdL TuNztKrENsJBUdujeEfxUMcwTn1TStw= X-MC-Unique: JAs_VGGvPeqLykqZto5mPA-1 X-MC-Unique: v7aR0d7qMp2JP5QEXqbQpQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ottAuIn2CbWBl3kn7u9cYTFgeJbktR9EGkOFwpBx640=; b=sdVss9l0llvjQP3fgm3dwYYIkB/xyAihbRamRD1X9lLe0inju8Ubods9TbK6ylqurc wnuK2HwSP8uypR8qf8Yb2bLx+06EFWfIQCFZ2cZMpaFJJWgXcN2gZX3XnSghBOxK4ejo YcYmTQykU9k9uQRCJq2WoXmn/vwNtXm9xgFRrNkK8Ldrb81JbSLN7FbtBjFTkwj9cDcZ 1ulO4swuL02tWCqJqatR6qi0ZYSvIVt6ufwLaGAlVprxJcMvUBRlRRu3ThVzWb75Twlh t1DXxAuscnZld4mQak4fiChQ60i2R1RjX1fJu2Peq22G15yUkEtGdTUpc73ts36VDBcy j70Q== X-Gm-Message-State: AOAM5326SfKJY2FEOSmye29aqJ2iFAFQbongt0MUFDGbml3YQLCJlfNc UzB8hkgtzitc6USkTKAoxMokMffc X-Google-Smtp-Source: ABdhPJxFeK604BM2WrYujD4yhtO2/h7vMqz1u0PvWk9mZxXQFdEMM7lT4KznTEgT356a7Vx/OExAVw== X-Received: by 2002:ac8:120a:: with SMTP id x10mr743800qti.127.1589398271583; Wed, 13 May 2020 12:31:11 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 7/9] qemu: build command line for the TPM Proxy device Date: Wed, 13 May 2020 16:30:42 -0300 Message-Id: <20200513193044.3401170-8-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" This patch wraps it up all the wiring done in previous patches, enabling a PPC64 guest to launch a guest using a TPM Proxy device. Note that device validation is already being done in qemu_validate.c, qemuValidateDomainDeviceDefTPM(), on domain define time. We don't need to verify QEMU capabilities for this device again inside qemu_command.c. Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- src/qemu/qemu_alias.c | 16 ++++++++++++++++ src/qemu/qemu_command.c | 21 +++++++++++++++++++++ 2 files changed, 37 insertions(+) diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c index b0ea62af39..08fe5aa501 100644 --- a/src/qemu/qemu_alias.c +++ b/src/qemu/qemu_alias.c @@ -413,6 +413,18 @@ qemuAssignDeviceTPMAlias(virDomainTPMDefPtr tpm, } =20 =20 +static int +qemuAssignDeviceTPMProxyAlias(virDomainTPMDefPtr tpmproxy, + int idx) +{ + if (tpmproxy->info.alias) + return 0; + + tpmproxy->info.alias =3D g_strdup_printf("tpmproxy%d", idx); + return 0; +} + + int qemuAssignDeviceRedirdevAlias(virDomainDefPtr def, virDomainRedirdevDefPtr redirdev, @@ -673,6 +685,10 @@ qemuAssignDeviceAliases(virDomainDefPtr def, virQEMUCa= psPtr qemuCaps) if (qemuAssignDeviceTPMAlias(def->tpm, 0) < 0) return -1; } + if (def->tpmproxy) { + if (qemuAssignDeviceTPMProxyAlias(def->tpmproxy, 0) < 0) + return -1; + } for (i =3D 0; i < def->nmems; i++) { if (qemuAssignDeviceMemoryAlias(NULL, def->mems[i], false) < 0) return -1; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index bfe70ed228..0b97db7388 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -8981,6 +8981,24 @@ qemuBuildTPMCommandLine(virCommandPtr cmd, return 0; } =20 +static int +qemuBuildTPMProxyCommandLine(virCommandPtr cmd, + const virDomainDef *def) +{ + const virDomainTPMDef *tpmproxy =3D def->tpmproxy; + + if (!tpmproxy) + return 0; + + virCommandAddArg(cmd, "-device"); + virCommandAddArgFormat(cmd, "%s,id=3D%s,host-path=3D%s", + virDomainTPMModelTypeToString(tpmproxy->model), + tpmproxy->info.alias, + tpmproxy->data.passthrough.source.data.file.pat= h); + + return 0; +} + static int qemuBuildSEVCommandLine(virDomainObjPtr vm, virCommandPtr cmd, virDomainSEVDefPtr sev) @@ -9662,6 +9680,9 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, if (qemuBuildTPMCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 + if (qemuBuildTPMProxyCommandLine(cmd, def) < 0) + return NULL; + if (qemuBuildInputCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 --=20 2.26.2 From nobody Thu Apr 25 15:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398293; cv=none; d=zohomail.com; s=zohoarc; b=fizkhrOhUmgRqCtwuTczLelmPXUk1hWyXjQR9f8Cvm42PTvgNukYLAQu3q5V60GjwGd9jCv4HEJVvjiO0Vl6k/0ZZHIW6FdTzJYM1eftzU8z3I5krrMKw1RZnAChu2tccsRJPM/xw4+m67pW0pf8mEy2lRh6CImRtMnTXhsDTVs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398293; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=iau7ok2g16JB63aZQzxM1z4U4NANaXu+3Z1+b6bFl5o=; b=TlzsU/GZ9AnL9dBDY1Ud1/ChedBVAUvvtEzvxg6vMQlQ//QdU7/EGXm8n6eFZBu3ZGRUYxR/KVbnBbP48zQZhij4qxZJhmzqUY+P3/dqt2XjhP92ohBES383qn1fSt7ryTBq6vEwNcXQk7i5Iydn7ArvDRu99+yAfe4ObVLcsjU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 15893982936389.271924321604843; Wed, 13 May 2020 12:31:33 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-488-6BzbYhsmOWqr10kYu42DpA-1; Wed, 13 May 2020 15:31:29 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A57D3107B276; Wed, 13 May 2020 19:31:21 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 873005C1D6; Wed, 13 May 2020 19:31:21 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 573661806B0D; Wed, 13 May 2020 19:31:21 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJVHjf021988 for ; Wed, 13 May 2020 15:31:17 -0400 Received: by smtp.corp.redhat.com (Postfix) id 16F7C2156A4A; Wed, 13 May 2020 19:31:17 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 019AF2156A52 for ; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AECEC101A525 for ; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from mail-qv1-f67.google.com (mail-qv1-f67.google.com [209.85.219.67]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-390--xwxigbhMzSW5K0FB0HUig-1; Wed, 13 May 2020 15:31:14 -0400 Received: by mail-qv1-f67.google.com with SMTP id z5so503955qvw.4 for ; Wed, 13 May 2020 12:31:13 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398292; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=iau7ok2g16JB63aZQzxM1z4U4NANaXu+3Z1+b6bFl5o=; b=aEt6R+nROnxwBW+Tv+WSt2Zbyx/oCr/UFgqA3MtyvIFdy8g8MOz6/GFlkhSkXhNmx/oHTm f/ZXLsN/48jjvn+suaov0DxCWyixiaih+upk5naUv78SlEF86/D49kz0HhHz8j9JPiNg7n B04j+Mx8GJ0MAiK34QSeq6LvKzVqCrI= X-MC-Unique: 6BzbYhsmOWqr10kYu42DpA-1 X-MC-Unique: -xwxigbhMzSW5K0FB0HUig-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=iau7ok2g16JB63aZQzxM1z4U4NANaXu+3Z1+b6bFl5o=; b=MMTuMcbULJ0vGs+V7vtOk5T4VOr1xJli7EZCtKfXkmAam/uaPmCoiYy3pbafXO9m9p Y/B9U/fui/sjkiKFQRqy/mHFvGGYODIksWyIKgzvwu64b6JkYH7gQVMiA+95+89YeRMt 64EcOl2nil2OrX4HCHVqLfpjnRWdQrF8l3P41/9EmdZpgUzWNQ/76gDMcg1wqCQQAjUy 4gpoVtKMP+lVncKMZ2L/Jx6ay+ymDvuazr7E+MwVApSh8rzhinEXjXlu7d0VuxAPvAyd PhVd/Ho5u+8qoQ1h3qGOFVqNulwZA07dy0aNIJueh2x8CwNaOv20V8/vGkAnBoZqGAoz S1eg== X-Gm-Message-State: AOAM530m3End5yAppiUDUNIupBYURmVKoeNPTpPtEqdFIpHUC9OUI2ug AWHhN2ZEEhFLIEGMNJPeISTA3c5a X-Google-Smtp-Source: ABdhPJznguaYGWZEpz7M5TwAMygw8An83R90CegqhTJjGVKB9iRylQPzopYF85bBLzGF+Ks6gw5wBQ== X-Received: by 2002:a05:6214:122e:: with SMTP id p14mr1250794qvv.168.1589398273290; Wed, 13 May 2020 12:31:13 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 8/9] tests/qemuxml2argvtest.c: add TPM Proxy command line tests Date: Wed, 13 May 2020 16:30:43 -0300 Message-Id: <20200513193044.3401170-9-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Add tests for both supported scenarios: a single TPM Proxy and a TPM Proxy with a regular TPM device in the same domain. Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- .../ppc64-tpmproxy-single.ppc64-latest.args | 34 +++++++++++++++++ .../ppc64-tpmproxy-with-tpm.ppc64-latest.args | 37 +++++++++++++++++++ tests/qemuxml2argvtest.c | 3 ++ 3 files changed, 74 insertions(+) create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-late= st.args create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-la= test.args diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args= b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args new file mode 100644 index 0000000000..f606cee16b --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args @@ -0,0 +1,34 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/tmp/lib/domain--1-QEMUGuest1 \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-ppc64 \ +-name guest=3DQEMUGuest1,debug-threads=3Don \ +-S \ +-object secret,id=3DmasterKey0,format=3Draw,\ +file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ +-machine pseries,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \ +-cpu POWER9 \ +-m 256 \ +-overcommit mem-lock=3Doff \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-boot strict=3Don \ +-device pci-ohci,id=3Dusb,bus=3Dpci.0,addr=3D0x1 \ +-device spapr-tpm-proxy,id=3Dtpmproxy0,host-path=3D/dev/tpmrm0 \ +-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x6 \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\ +resourcecontrol=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.ar= gs b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args new file mode 100644 index 0000000000..9908cd78e0 --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args @@ -0,0 +1,37 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/tmp/lib/domain--1-QEMUGuest1 \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-ppc64 \ +-name guest=3DQEMUGuest1,debug-threads=3Don \ +-S \ +-object secret,id=3DmasterKey0,format=3Draw,\ +file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ +-machine pseries,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \ +-cpu POWER9 \ +-m 256 \ +-overcommit mem-lock=3Doff \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-boot strict=3Don \ +-device pci-ohci,id=3Dusb,bus=3Dpci.0,addr=3D0x1 \ +-tpmdev emulator,id=3Dtpm-tpm0,chardev=3Dchrtpm \ +-chardev socket,id=3Dchrtpm,path=3D/dev/test \ +-device tpm-spapr,tpmdev=3Dtpm-tpm0,id=3Dtpm0,reg=3D0x00004000 \ +-device spapr-tpm-proxy,id=3Dtpmproxy0,host-path=3D/dev/tpmrm0 \ +-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x6 \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\ +resourcecontrol=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index ba82da5f4b..6a57a4910d 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -2978,6 +2978,9 @@ mymain(void) QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY); =20 + DO_TEST_CAPS_LATEST_PPC64("ppc64-tpmproxy-single"); + DO_TEST_CAPS_LATEST_PPC64("ppc64-tpmproxy-with-tpm"); + DO_TEST("aarch64-usb-controller-qemu-xhci", QEMU_CAPS_OBJECT_GPEX, QEMU_CAPS_NEC_USB_XHCI, --=20 2.26.2 From nobody Thu Apr 25 15:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398295; cv=none; d=zohomail.com; s=zohoarc; b=BSl6/DEzL/NrKBRPjPfZV+Nm9hxXGMfeeGlLN+PuZ0CiHTXTLJ3kWZAB2BS8INzfm+8uy/K0lzM3FmvcZCrak1l7n+ZrbT/R2ZSF8E3wMc+2aO2sehbpy/UwfBNqGzMYpdRmG34dyfrI8qcQVjVLSzmZXjBCYhf8WpGUna7XFkI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398295; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=+MA3/crOaYHgW7lF1/6Lcn7pWzmM+lsdA0o8wV6daIk=; b=AwT4nnJpAmw9GqRpxK3W7iFn9kZqL53aBQUqvd5jH2H9OM0EE33ODqWwpS7fEjM776ANoNEWd/7RhVwm/epFtM+Ty7vNmyeZUkOlINzeRz/xtWyEIa8eU2YK7n74wCEyBOi8d+dyvKkNQYZnotq3nKsW3Gqyu2R5t1+CgvlEhBI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 158939829559276.73525254858362; Wed, 13 May 2020 12:31:35 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-72-I061jNkFO0aLmF0G_-wj-g-1; Wed, 13 May 2020 15:31:31 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 20219460; Wed, 13 May 2020 19:31:22 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F307A5C6DB; Wed, 13 May 2020 19:31:21 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C3BA54E986; Wed, 13 May 2020 19:31:21 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJVKsU022008 for ; Wed, 13 May 2020 15:31:20 -0400 Received: by smtp.corp.redhat.com (Postfix) id EC6CA104FA94; Wed, 13 May 2020 19:31:19 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E3246104FAA6 for ; Wed, 13 May 2020 19:31:19 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C0238811768 for ; Wed, 13 May 2020 19:31:19 +0000 (UTC) Received: from mail-qt1-f196.google.com (mail-qt1-f196.google.com [209.85.160.196]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-80-6kNBMXOMMaGAe571ao-ypQ-1; Wed, 13 May 2020 15:31:15 -0400 Received: by mail-qt1-f196.google.com with SMTP id h26so821959qtu.8 for ; Wed, 13 May 2020 12:31:15 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398294; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=+MA3/crOaYHgW7lF1/6Lcn7pWzmM+lsdA0o8wV6daIk=; b=a8D+Vf+2idLGLH53Gk7FngVr1k9szRkmdrjGeBsI9jcl4UCnn20cOMJWW4Qqm27XCAA8BR wowxUwBLhgo+zz1iaXJt7A0U1AtuPDXt96AcC/64tb4Oj8+tf8bxuGjDQvEyiTfDuECQtM pJ9n8iJE40mlPH2XdwtTIrKTdCF4p7g= X-MC-Unique: I061jNkFO0aLmF0G_-wj-g-1 X-MC-Unique: 6kNBMXOMMaGAe571ao-ypQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+MA3/crOaYHgW7lF1/6Lcn7pWzmM+lsdA0o8wV6daIk=; b=M6qtPM10ytyvkhSjCQt7g6NDNciX2IZOhseoMki7JeprndFYG8/p2CMRRz5Rfzt23B aZtywj0KVHnFnTxOmWJpBwN38WZZNwYOAhtgXaN+cJIgHPLKzPAlcEBrE+tWbrZteBsO Avo/3LC7Tt6/IoyZ/b22AgscN01i7P9Tfi4B4ArLcaQaGKJUN8EKi4jQ+8Idka14Yjej hRZmG79BfnuNz2F/hhu3M7PQKzwzY/NAIfaSpM7qfhP79EfqmTzjRMc5xotnZszvYQSs hQXcIK2oqdjgfPQVnPmaYMbsqYwpPl3kzwas7CZYDRt8MqjsanqadhU7SWb1JP4HHvCl EXqQ== X-Gm-Message-State: AOAM531glZfN9LSAon7F39nwKubdOTE9RyqeyEUvmrwoAuaQZ8X491+r Gjr0AEO1cLCtlOyn7j5Ai5H+yhyW X-Google-Smtp-Source: ABdhPJzbjkRQnIg3ufVBR3/AAuyIkujBF/IpnqKPS2ZxVgqro3HVU+Q9PZ9s69MpxKn4ueplunmXUA== X-Received: by 2002:aed:3fab:: with SMTP id s40mr776893qth.140.1589398275011; Wed, 13 May 2020 12:31:15 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 9/9] docs/news.xml: update for the new TPM Proxy device Date: Wed, 13 May 2020 16:30:44 -0300 Message-Id: <20200513193044.3401170-10-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Signed-off-by: Daniel Henrique Barboza Reviewed-by: Stefan Berger --- docs/news.xml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/docs/news.xml b/docs/news.xml index 4cef804aac..c22a0f0a18 100644 --- a/docs/news.xml +++ b/docs/news.xml @@ -44,6 +44,23 @@
+ + + qemu: add TPM Proxy device support + + + libvirt can now create guests using a new device type called + "TPM Proxy". The TPM Proxy connects to a TPM Resource Manager + present in the host, enabling the guest to run in secure virtual + machine mode with the help of an Ultravisor. Adding a TPM Proxy = to + a pSeries guest brings no security benefits unless the guest is + running on a PPC64 host that has Ultravisor and TPM Resource Man= ager + support. Only one TPM Proxy is allowed per guest. A guest using + a TPM Proxy device can instantiate another TPM device at the same + time. This device is supported only for pSeries guests via the n= ew + 'spapr-tpm-proxy' model of the TPM 'passthrough' backend. + +
--=20 2.26.2