From nobody Thu Apr 25 15:56:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.120 as permitted sender) client-ip=205.139.110.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589398286; cv=none;
d=zohomail.com; s=zohoarc;
b=KvQ4Zb9FazeXsRGKDycaQRCmihRidacG7EJSLjVv6ypsQC1k40WTlYQspykJs1OIvdwqgJV4Y7/bynROBaIbUHd5bQm7NdA+EzMQQyXHYr2wbNRDYIYHcviGuba18d3MpFJDx//aN0M6SELGbF3ozt7IMS5v1Kw2Tl9AkeE8Z7Y=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1589398286;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=IV+Q+U0CvRGut12xzbs5YX4QzOLPv3yApYVhkukzz+M=;
b=Gi8KYmMDYXNyuPv28zRgMV47KlAS7j+el3si0uYnD1TG4Sk7spnppSGJPXPrPHKPY9ttgWLs8PMHpHzBVA2eC47J+9HEfAkPkkEEPnWVvPkNH6aZMpxUQ+5D1MKr6zJPw/nhvRqDV48oALKV9mAycFko/yeJhkHyU3RP9yqJwQc=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120]) by mx.zohomail.com
with SMTPS id 1589398286346913.4093534047414;
Wed, 13 May 2020 12:31:26 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-474-OLXVZzV7OGC54EA9YqC5-g-1; Wed, 13 May 2020 15:31:22 -0400
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
[10.5.11.12])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2165E107ACF4;
Wed, 13 May 2020 19:31:17 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id F15FB60C84;
Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id C38021809563;
Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
[10.11.54.5])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 04DJVAES021922 for ;
Wed, 13 May 2020 15:31:10 -0400
Received: by smtp.corp.redhat.com (Postfix)
id E07E242AD3; Wed, 13 May 2020 19:31:09 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id DA99F115E0B
for ; Wed, 13 May 2020 19:31:07 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com
[205.139.110.61])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 840AA101A526
for ; Wed, 13 May 2020 19:31:07 +0000 (UTC)
Received: from mail-qv1-f65.google.com (mail-qv1-f65.google.com
[209.85.219.65]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-424-568-Zas7PA6GOeo0RBnKTw-1; Wed, 13 May 2020 15:31:02 -0400
Received: by mail-qv1-f65.google.com with SMTP id di6so483395qvb.10
for ; Wed, 13 May 2020 12:31:02 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.00
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 May 2020 12:31:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1589398285;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=IV+Q+U0CvRGut12xzbs5YX4QzOLPv3yApYVhkukzz+M=;
b=WODajYsJpzYxmcTqjDCIrmxo4TXUkVV+8/K6mFWygFmUm3IpVXClsXOEuUqSSJFgwm6aZY
+Pyy5D07nDbCq4AHjyQgzDLiThq8Y/Nd/xeAeE+jfTazxPx8zAypVauaXA33M5pu23dkjy
QyZKxcGYJmXrIHR/hFBvwm4PdhLtlgo=
X-MC-Unique: OLXVZzV7OGC54EA9YqC5-g-1
X-MC-Unique: 568-Zas7PA6GOeo0RBnKTw-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=IV+Q+U0CvRGut12xzbs5YX4QzOLPv3yApYVhkukzz+M=;
b=EyVrsYFkY7AZU9tbR0W+Lj7rKOH8+YJLkvIzQiIpjFYUV28I2ggiMa66HBEajKiUDD
OMbhCc8HVEVy0p431iTJxXXadkw+UnbsR6ysPtWtKxfaNvY5wEcgjDRgxOf3XPb58qyB
/bf/G9QFNifUw4NJv0Ht24TjJEEcfYXRNKgMBY3JtXJS4pT01aeNV6Y17GwCwSp9wL1G
F3OLDyUOl8ubzvKueHZYspS9qamyb0l1ngxIDQQAHEUpxgTSwiLq5uKUElouk+n+wGMX
01EzfcSnzOIU9iWxfQcmz3zIjwgnes3PYwKmzfNOvm6KBL6XHlNQxE8BAMITLPfqXTBQ
Di/A==
X-Gm-Message-State: AOAM533k0ZPYUlGgfdVO8J5KIFaalYx1FM47M6lDACz2zBLJI1dz1D9H
KyxyBuGpft/jI9WctZKL4+N+kZx0
X-Google-Smtp-Source:
ABdhPJxqfmgqFH8t+ahu+bckSeDVe+t2CeMb5fE1L7wWsZFVh2JqVs8YQy2Wqa/m3ZHSPdGw22nUVA==
X-Received: by 2002:ad4:556a:: with SMTP id w10mr1294588qvy.100.1589398261523;
Wed, 13 May 2020 12:31:01 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v3 1/9] docs: documentation and schema for the new TPM Proxy
model
Date: Wed, 13 May 2020 16:30:36 -0300
Message-Id: <20200513193044.3401170-2-danielhb413@gmail.com>
In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com>
References: <20200513193044.3401170-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
QEMU 4.1.0 introduced a new device type called TPM Proxy, currently
implemented by PPC64 guests via a new virtual device called
'spapr-tpm-proxy' (see QEMU 0fb6bd073230 for more info).
The TPM Proxy device interacts with a TPM Resource Manager, a host
device capable of multiplexing the host TPM with multiple processes.
This allows multiple guests to access some TPM features at the
same time. Note that this mode of operation does not provide
full TPM features to be available for the guest - for that case
the guest still needs to assign a vTPM device (tpm-spapr for
PPC64 guests). Although redundant, there is currently no technical
limitation for a guest to assign both a vTPM and a TPM Proxy at the
same time.
This patch adds documentation and schema for a new TPM model
type called 'spapr-tpm-proxy' that creates this new TPM Proxy
device. This model is valid only for the 'passthrough' backend.
An example of a TPM Proxy device connected to a TPM Resource Manager
'/dev/tpmrm0' will look like this:
Signed-off-by: Daniel Henrique Barboza
Reviewed-by: Stefan Berger
---
docs/formatdomain.html.in | 18 +++++++++++++++++-
docs/schemas/domaincommon.rng | 1 +
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 23eb029234..15a92aa4f4 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -8792,6 +8792,17 @@ qemu-kvm -net nic,model=3D? /dev/null
backend device is a TPM 2.0. Since 6.1.0=
span>,
pSeries guests on PPC64 are supported and the default is
tpm-spapr
.
+
+ Since 6.4.0, a new model called
+ spapr-tpm-proxy
was added for pSeries guests. This =
model
+ only works with the 'passthrough' backend. It creates a TPM Proxy
+ device that communicates with an existing TPM Resource Manager i=
n the host,
+ for example /dev/tpmrm0, enabling the guest to run in secure vir=
tual machine
+ mode with the help of an Ultravisor. Adding a TPM Proxy to a pSe=
ries guest
+ brings no security benefits unless the guest is running on a PPC=
64 host that
+ has an Ultravisor and a TPM Resource Manager. Only one TPM Proxy=
device is
+ allowed per guest, but a TPM Proxy device can be added together =
with
+ other TPM devices.
backend
@@ -8804,7 +8815,7 @@ qemu-kvm -net nic,model=3D? /dev/null
passthrough
- Use the host's TPM device.
+ Use the host's TPM or TPM Resource Manager device.
This backend type requires exclusive access to a TPM device =
on
@@ -8812,6 +8823,11 @@ qemu-kvm -net nic,model=3D? /dev/null
qualified file name is specified by path attribute of the
source
element. If no file name is specified th=
en
/dev/tpm0 is automatically used.
+
+ Since 6.4.0, when choosing the
+ spapr-tpm-proxy
model, the file name specified =
is
+ expected to be a TPM Resource Manager device, e.g.
+ /dev/tpmrm0.
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 9d60b090f3..50860419c3 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -4610,6 +4610,7 @@
tpm-tis
tpm-crb
tpm-spapr
+ spapr-tpm-proxy
--=20
2.26.2
From nobody Thu Apr 25 15:56:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.61 as permitted sender) client-ip=205.139.110.61;
envelope-from=libvir-list-bounces@redhat.com;
helo=us-smtp-delivery-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589398282; cv=none;
d=zohomail.com; s=zohoarc;
b=AlejemK2z4IvEEPCqexNJQcI8eOEhNwlSyeHGBLSOLGn4ghlaNqXikbAjaSAgQKOoZVY/NChto216tE7s+KHZun+C+cvjNx+6fSLwFWTVqE33PjZNRJoe7BFBQhaPSm5td7arWt4bWRibhqDvBMhSxiD/vt04zFclRMxIZRtaao=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1589398282;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=vRUaZZEnHN1eeDkhQOMTwTXA5NE/HD02rJq8NfOYpb0=;
b=SNNL1H+NXZQhy+xfvop51mHG3VLvesASVuHdQy5rB5Gs+QTw2lV72faxShtDPrccwFYDpRvuYPCxc2sd6b0r8fn2HO92gyEB0mWTtyJlvL/1TGK3ppNq/VzuKo6yNKL1J3Zr5ViZyxi+yp9DA46q2k7woOdr1KoeISz3aj+EeE0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com
[205.139.110.61]) by mx.zohomail.com
with SMTPS id 1589398282348109.41400161637534;
Wed, 13 May 2020 12:31:22 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-480-zwlY68DuOGWDiLvOuhcbyA-1; Wed, 13 May 2020 15:31:18 -0400
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
[10.5.11.12])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 49984801504;
Wed, 13 May 2020 19:31:13 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id D4C3560C87;
Wed, 13 May 2020 19:31:11 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 729164CA95;
Wed, 13 May 2020 19:31:11 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com
[10.11.54.3])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 04DJV80a021912 for ;
Wed, 13 May 2020 15:31:08 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 91E65104FA97; Wed, 13 May 2020 19:31:08 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 81272104FAA5
for ; Wed, 13 May 2020 19:31:06 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2461B8007C8
for ; Wed, 13 May 2020 19:31:06 +0000 (UTC)
Received: from mail-qv1-f67.google.com (mail-qv1-f67.google.com
[209.85.219.67]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-195-w0mrKAR8P3uvxg3wi5Kw7Q-1; Wed, 13 May 2020 15:31:04 -0400
Received: by mail-qv1-f67.google.com with SMTP id 59so471565qva.13
for ; Wed, 13 May 2020 12:31:03 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.01
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 May 2020 12:31:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1589398281;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=vRUaZZEnHN1eeDkhQOMTwTXA5NE/HD02rJq8NfOYpb0=;
b=W6lPD76LiMBvuvW0Q3IlnxYadhT0DqJaWgd5ZIoGw6oRZzhyiidZF1+24vr4KFJjp2QT3a
daLN/vEHxIyxanETgOHVBD/fHqzENnGdOu+P2U2Hl84//Yde2BZjfQ/5v2/hY/O7WPVoDB
n/iyXL3dpetrGO5fYIreE2Nxm1kVEB0=
X-MC-Unique: zwlY68DuOGWDiLvOuhcbyA-1
X-MC-Unique: w0mrKAR8P3uvxg3wi5Kw7Q-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=vRUaZZEnHN1eeDkhQOMTwTXA5NE/HD02rJq8NfOYpb0=;
b=kq2QkY4MDWhP501c0T2wbSM2v/4RFC8FOA08h+U0bjWL3j6glD0u8Fa+vMqTXGDvw+
N/z6l+YZ0Pr7A0MqRWhRlH6RvsaIO5mMz4MUmX0b9JeUgfmQ+8y5uO++Elo/z7hhxOx4
J+fDnXhTOHst0IgOZT4Ghl7V9baklZAIswObj4ApG7tafc8iCqzvikBzrewCBH1ggtx0
k3PcYPsvX63lBdK3xf6AElvZ7ZCK1Ov2p3d/dyiq49hiaiMISG4QGjE8wyeBmairTmJn
2btY0m2+4ewffyapXMKFhZRJyLnZJR1vuYE2maUTJ9jz2Nx+B/47d8/JWf/vvE2x9+ZT
dzsg==
X-Gm-Message-State: AOAM533DQwkYHADcSDjFk7YuC8mibtFnrbL8RGVaV530Syp42gAgqmB2
s9OYQ0uT7GRiDGKE/2CsaCzO4xM1
X-Google-Smtp-Source:
ABdhPJxvUKfUQDGpsdkDgiHq5o9DHW5F5FqVr1cXQawr5pF5dlAkD3woeQsKaB4sFTbVIkou91mzJQ==
X-Received: by 2002:ad4:42c7:: with SMTP id f7mr1241934qvr.127.1589398263122;
Wed, 13 May 2020 12:31:03 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v3 2/9] qemu: Extend QEMU capabilities with 'spapr-tpm-proxy'
Date: Wed, 13 May 2020 16:30:37 -0300
Message-Id: <20200513193044.3401170-3-danielhb413@gmail.com>
In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com>
References: <20200513193044.3401170-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
Expose the TPM Proxy support for PPC64 guests by creating a new
cap called QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY.
This device is part of the machinery the guest need to orchestrate
with the PPC64 Ultravisor the transition to the Secure VM (SVM)
mode. Inside QEMU, this device will be used with the H_TPM_COMM
hypercall to connect with the TPM Resource Manager, enabling
the guest to open and close TPM sessions with the host TPM.
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
Reviewed-by: J=C3=A1n Tomko
---
src/qemu/qemu_capabilities.c | 4 ++++
src/qemu/qemu_capabilities.h | 3 +++
tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 +
4 files changed, 9 insertions(+)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 7e711f22f8..d0d8b1ebf5 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -582,6 +582,9 @@ VIR_ENUM_IMPL(virQEMUCaps,
"tcg",
"virtio-blk-pci.scsi.default.disabled",
"pvscsi",
+
+ /* 370 */
+ "spapr-tpm-proxy",
);
=20
=20
@@ -1304,6 +1307,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[=
] =3D {
{ "vhost-user-fs-device", QEMU_CAPS_DEVICE_VHOST_USER_FS },
{ "tcg-accel", QEMU_CAPS_TCG },
{ "pvscsi", QEMU_CAPS_SCSI_PVSCSI },
+ { "spapr-tpm-proxy", QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY },
};
=20
=20
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 6bfc7386e3..fa22856e12 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -564,6 +564,9 @@ typedef enum { /* virQEMUCapsFlags grouping marker for =
syntax-check */
QEMU_CAPS_VIRTIO_BLK_SCSI_DEFAULT_DISABLED, /* virtio-blk-pci.scsi dis=
abled by default */
QEMU_CAPS_SCSI_PVSCSI, /* -device pvscsi */
=20
+ /* 370 */
+ QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY, /* -device spapr-tpm-proxy */
+
QEMU_CAPS_LAST /* this must always be the last item */
} virQEMUCapsFlags;
=20
diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemuca=
pabilitiesdata/caps_4.2.0.ppc64.xml
index a68786ddc8..9df68ebfc1 100644
--- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml
+++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml
@@ -185,6 +185,7 @@
+
4001050
0
42900242
diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemuca=
pabilitiesdata/caps_5.0.0.ppc64.xml
index c8cc07d954..77f51fe4d8 100644
--- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml
+++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml
@@ -201,6 +201,7 @@
+
5000000
0
42900241
--=20
2.26.2
From nobody Thu Apr 25 15:56:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.120 as permitted sender) client-ip=207.211.31.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589398286; cv=none;
d=zohomail.com; s=zohoarc;
b=N1aOyrloA4DOIY3uCbqGJN+0xEgq++YTu5OXV5cQBIx3Kzh3PKA/2WODQawZrXMiUQKqjOT2B8mWfFfuGYH+jqLWakVLOB6wtUOlqfF0voDXCtrd9NMPfxt/fqJKIkZomkiIAiqn+GMlat1k13Ttt/kpXI3yUKLCTHMt03ln200=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1589398286;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=TR1jjpgqIoJDPwvEcF7HpYpLRRq/yeh06yHJ5P7EKXc=;
b=HzXO4qTwEal9uoEJGo5+FnHwEtH/+k2lX18FKjvnmTcbifLEMemOZH+lIvyZj/OtsCBvKWkPPGypIBRWhRitzpxdxBj25Uao+Kdi8Ys6LFBJLJLZ88fyVOyBwc5YRhid8hyN2S2GkffuYLai/HswJdmuJyhWNmJ/EfVKALwGCUM=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120]) by mx.zohomail.com
with SMTPS id 1589398286591655.9346030676973;
Wed, 13 May 2020 12:31:26 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-453-UQFi7kJxPbmKz2Y2v6bmnA-1; Wed, 13 May 2020 15:31:21 -0400
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
[10.5.11.22])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 858B4107ACF9;
Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 5DD5910013D9;
Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2DBE64E561;
Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
[10.11.54.4])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 04DJVBcW021931 for ;
Wed, 13 May 2020 15:31:12 -0400
Received: by smtp.corp.redhat.com (Postfix)
id AD6612029F71; Wed, 13 May 2020 19:31:11 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 66E822018296
for ; Wed, 13 May 2020 19:31:08 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com
[205.139.110.61])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0FAC5811E77
for ; Wed, 13 May 2020 19:31:08 +0000 (UTC)
Received: from mail-qv1-f68.google.com (mail-qv1-f68.google.com
[209.85.219.68]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-6--nphccmaNcONlRVqvWgvoQ-1; Wed, 13 May 2020 15:31:05 -0400
Received: by mail-qv1-f68.google.com with SMTP id ee19so476121qvb.11
for ; Wed, 13 May 2020 12:31:05 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.03
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 May 2020 12:31:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1589398285;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=TR1jjpgqIoJDPwvEcF7HpYpLRRq/yeh06yHJ5P7EKXc=;
b=MZzXFgyTeKnas5zqMFqktw5t2zzuFw3ib8dDzQi8KsKGkKiJQlQxmot9IAMiPK4S41RkBa
bJg/3Br4KRerB1T5fVjIJLd9qSbvgNeiaPno4meqgOc6t5zeEtw6JjHKpibK/6iQVneZIv
nUIQrQM18K1Wb6wESUSk1Bg2SrJUVTI=
X-MC-Unique: UQFi7kJxPbmKz2Y2v6bmnA-1
X-MC-Unique: -nphccmaNcONlRVqvWgvoQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=TR1jjpgqIoJDPwvEcF7HpYpLRRq/yeh06yHJ5P7EKXc=;
b=Pqm8iooEdi95ZVNpLtvY5IC0DzLifNFm1kgPrn1XahPNf11sU4eqmwDTStrcu69CU9
gK8f0+0WyVPhZ2kj3RqOiVLgeRLi4Evfm2JoDW3e6Ep1SqdPVFbW9jKqfYHVEG/3Q4NW
gMAvK5bOuuq6jFv9dnFyH6Kjbp3BrMjm/CCJ+gPCD2l2KZuVjW2DFzSEyEOnCfNmDBWj
e3cXkV9psQAUfDuHXbEMCs6mzv+5haNIedF/jSo9jC3CpR+5cSfPK+peqTRPwNtaxB4s
Y2q3YZ5SEdoF+VPUJR3djDd+k/+0zCbZVIPUjS51Wzd7wK3h1naZRGCnSgxXOP/sNfzV
VBqQ==
X-Gm-Message-State: AOAM531yVsV0DdY1tKldAPT8OU5u/++mCxmARdxCTQAXHu2Ky/t7keGt
Woq4ZGoaMyXzKzajLbiXrTucEedj
X-Google-Smtp-Source:
ABdhPJxlheUXjTey/67w3P6X6tW7KiiAKXVS5Z8beruI2gkfLAgxYN3IBEwI6AYEX+PMgU05Ih++oA==
X-Received: by 2002:ad4:58af:: with SMTP id ea15mr1247997qvb.47.1589398264695;
Wed, 13 May 2020 12:31:04 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v3 3/9] conf, qemu: adding 'tpmproxy' in domain definition
Date: Wed, 13 May 2020 16:30:38 -0300
Message-Id: <20200513193044.3401170-4-danielhb413@gmail.com>
In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com>
References: <20200513193044.3401170-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
A TPM Proxy device can coexist with a regular TPM. The TPM Proxy
is also always a 'passthrough' device of the 'spapr-tpm-proxy'
model.
This patch adds a pointer to this device in the domain definition
called 'tpmproxy'. This pointer is handled like the existing
'tpm' pointer of the VIR_DOMAIN_TPM_TYPE_PASSTHROUGH type.
Cgroup, DAC/SELinux and qemu validation code was adapted to handle
this new domain device.
XML functions to parse and format this new device from/to XML
will be added in the next patch, together with the logic that
will guarantee the assumptions made in the first paragraph.
Signed-off-by: Daniel Henrique Barboza
Reviewed-by: Stefan Berger
---
src/conf/domain_audit.c | 3 +++
src/conf/domain_conf.c | 18 ++++++++++++++++++
src/conf/domain_conf.h | 2 ++
src/qemu/qemu_cgroup.c | 12 +++++++++---
src/qemu/qemu_domain.c | 9 +++++----
src/qemu/qemu_validate.c | 12 ++++++++++++
src/security/security_dac.c | 14 ++++++++++++++
src/security/security_selinux.c | 11 +++++++++++
8 files changed, 74 insertions(+), 7 deletions(-)
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 1b0abb21a0..4575f66e45 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -824,6 +824,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *rea=
son, bool success)
if (vm->def->tpm)
virDomainAuditTPM(vm, vm->def->tpm, "start", true);
=20
+ if (vm->def->tpmproxy)
+ virDomainAuditTPM(vm, vm->def->tpmproxy, "start", true);
+
for (i =3D 0; i < vm->def->nshmems; i++)
virDomainAuditShmem(vm, vm->def->shmems[i], "start", true);
=20
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index c201fc901d..01a32f62d1 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1165,6 +1165,7 @@ VIR_ENUM_IMPL(virDomainTPMModel,
"tpm-tis",
"tpm-crb",
"tpm-spapr",
+ "spapr-tpm-proxy",
);
=20
VIR_ENUM_IMPL(virDomainTPMBackend,
@@ -3480,6 +3481,7 @@ void virDomainDefFree(virDomainDefPtr def)
VIR_FREE(def->mems);
=20
virDomainTPMDefFree(def->tpm);
+ virDomainTPMDefFree(def->tpmproxy);
=20
for (i =3D 0; i < def->npanics; i++)
virDomainPanicDefFree(def->panics[i]);
@@ -4318,6 +4320,12 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr d=
ef,
if ((rc =3D cb(def, &device, &def->tpm->info, opaque)) !=3D 0)
return rc;
}
+ if (def->tpmproxy) {
+ device.type =3D VIR_DOMAIN_DEVICE_TPM;
+ device.data.tpm =3D def->tpmproxy;
+ if ((rc =3D cb(def, &device, &def->tpmproxy->info, opaque)) !=3D 0)
+ return rc;
+ }
device.type =3D VIR_DOMAIN_DEVICE_PANIC;
for (i =3D 0; i < def->npanics; i++) {
device.data.panic =3D def->panics[i];
@@ -24344,6 +24352,16 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPtr=
src,
goto error;
}
=20
+ if (src->tpmproxy && dst->tpmproxy) {
+ if (!virDomainTPMDefCheckABIStability(src->tpmproxy, dst->tpmproxy=
))
+ goto error;
+ } else if (src->tpmproxy || dst->tpmproxy) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Either both target and source domains or none of=
"
+ "them must have TPM Proxy device present"));
+ goto error;
+ }
+
if (src->nmems !=3D dst->nmems) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Target domain memory device count %zu "
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index ddc75d8de2..8f178ade34 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1293,6 +1293,7 @@ typedef enum {
VIR_DOMAIN_TPM_MODEL_TIS,
VIR_DOMAIN_TPM_MODEL_CRB,
VIR_DOMAIN_TPM_MODEL_SPAPR,
+ VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY,
=20
VIR_DOMAIN_TPM_MODEL_LAST
} virDomainTPMModel;
@@ -2628,6 +2629,7 @@ struct _virDomainDef {
virDomainMemballoonDefPtr memballoon;
virDomainNVRAMDefPtr nvram;
virDomainTPMDefPtr tpm;
+ virDomainTPMDefPtr tpmproxy;
virCPUDefPtr cpu;
virSysinfoDefPtr sysinfo;
virDomainRedirFilterDefPtr redirfilter;
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index 2e019b64af..2ed4341655 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -333,10 +333,13 @@ qemuSetupChardevCgroupCB(virDomainDefPtr def G_GNUC_U=
NUSED,
=20
=20
static int
-qemuSetupTPMCgroup(virDomainObjPtr vm)
+qemuSetupTPMCgroup(virDomainObjPtr vm,
+ virDomainTPMDefPtr dev)
{
int ret =3D 0;
- virDomainTPMDefPtr dev =3D vm->def->tpm;
+
+ if (!dev)
+ return 0;
=20
switch (dev->type) {
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
@@ -806,7 +809,10 @@ qemuSetupDevicesCgroup(virDomainObjPtr vm)
vm) < 0)
return -1;
=20
- if (vm->def->tpm && qemuSetupTPMCgroup(vm) < 0)
+ if (qemuSetupTPMCgroup(vm, vm->def->tpm) < 0)
+ return -1;
+
+ if (qemuSetupTPMCgroup(vm, vm->def->tpmproxy) < 0)
return -1;
=20
for (i =3D 0; i < vm->def->nhostdevs; i++) {
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index a1b250fd0b..a344f8a0e6 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -11574,11 +11574,9 @@ qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr =
cfg G_GNUC_UNUSED,
=20
static int
qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED,
- virDomainObjPtr vm,
+ virDomainTPMDefPtr dev,
const struct qemuDomainCreateDeviceData *data)
{
- virDomainTPMDefPtr dev =3D vm->def->tpm;
-
if (!dev)
return 0;
=20
@@ -11823,7 +11821,10 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cf=
g,
if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0)
goto cleanup;
=20
- if (qemuDomainSetupTPM(cfg, vm, &data) < 0)
+ if (qemuDomainSetupTPM(cfg, vm->def->tpm, &data) < 0)
+ goto cleanup;
+
+ if (qemuDomainSetupTPM(cfg, vm->def->tpmproxy, &data) < 0)
goto cleanup;
=20
if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0)
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 584d1375b8..7210be3532 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -3602,6 +3602,7 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_TPM_PASSTHROUGH))
goto no_support;
+
break;
=20
case VIR_DOMAIN_TPM_TYPE_EMULATOR:
@@ -3623,6 +3624,17 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
case VIR_DOMAIN_TPM_MODEL_SPAPR:
flag =3D QEMU_CAPS_DEVICE_TPM_SPAPR;
break;
+ case VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY:
+ if (!ARCH_IS_PPC64(def->os.arch)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("TPM Proxy model %s is only available for "
+ "PPC64 guests"),
+ virDomainTPMModelTypeToString(tpm->model));
+ return -1;
+ }
+
+ flag =3D QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY;
+ break;
case VIR_DOMAIN_TPM_MODEL_LAST:
default:
virReportEnumRangeError(virDomainTPMModel, tpm->model);
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index bdc2d7edf3..e0542d2839 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1980,6 +1980,13 @@ virSecurityDACRestoreAllLabel(virSecurityManagerPtr =
mgr,
rc =3D -1;
}
=20
+ if (def->tpmproxy) {
+ if (virSecurityDACRestoreTPMFileLabel(mgr,
+ def,
+ def->tpmproxy) < 0)
+ rc =3D -1;
+ }
+
if (def->sev) {
if (virSecurityDACRestoreSEVLabel(mgr, def) < 0)
rc =3D -1;
@@ -2159,6 +2166,13 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr,
return -1;
}
=20
+ if (def->tpmproxy) {
+ if (virSecurityDACSetTPMFileLabel(mgr,
+ def,
+ def->tpmproxy) < 0)
+ return -1;
+ }
+
if (def->sev) {
if (virSecurityDACSetSEVLabel(mgr, def) < 0)
return -1;
diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index 9a929debe1..e80d43c0a7 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2763,6 +2763,12 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManager=
Ptr mgr,
rc =3D -1;
}
=20
+ if (def->tpmproxy) {
+ if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def,
+ def->tpmproxy) < 0)
+ rc =3D -1;
+ }
+
struct _virSecuritySELinuxChardevCallbackData chardevData =3D {
.mgr =3D mgr,
.chardevStdioLogd =3D chardevStdioLogd
@@ -3171,6 +3177,11 @@ virSecuritySELinuxSetAllLabel(virSecurityManagerPtr =
mgr,
return -1;
}
=20
+ if (def->tpmproxy) {
+ if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpmproxy) < 0)
+ return -1;
+ }
+
struct _virSecuritySELinuxChardevCallbackData chardevData =3D {
.mgr =3D mgr,
.chardevStdioLogd =3D chardevStdioLogd
--=20
2.26.2
From nobody Thu Apr 25 15:56:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.81 as permitted sender) client-ip=207.211.31.81;
envelope-from=libvir-list-bounces@redhat.com;
helo=us-smtp-delivery-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589398287; cv=none;
d=zohomail.com; s=zohoarc;
b=nsGzSocyak3IirA7R9NwdE3WTglO7JE4r9pHdpDG++fTk4i+wNyWwqqjzBwBp/gva8dRfcHX8y7/YTVsDHVny/8O148DOYmrnonqxfKDkNHrzzdee+ng6niAEOrXN9bFeqNHYVTRLY3hGb45nEjf2ZB4yj0Jtz9lI0w23O2Fa/Q=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1589398287;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=nPYRQ7jObmPc5UxjJMA5oQTzuNj/FuCNxknRvxyEZe8=;
b=PB44/Cid3NBxI1c5gxb8BjJ3k60dBvLdtjSO64THVdD4fvrrDEmD7FnWJS2MKryjNj4fHUb9cEsDfngJgVGJ33p6YqFZ8dTo4oPtF6laZRQeA+Pl9lzMHSYJGsw8IqCDyofXrwn3AWxUgOXwmGb8BhqXePuOJxclSjeuz8UES84=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com
[207.211.31.81]) by mx.zohomail.com
with SMTPS id 1589398287840285.2769755445279;
Wed, 13 May 2020 12:31:27 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-263-jSv1R97_PdWER4b3WkOjLA-1; Wed, 13 May 2020 15:31:23 -0400
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
[10.5.11.15])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 661EB19067E8;
Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 461B761F50;
Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 18F424E44C;
Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
[10.11.54.6])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 04DJVC6A021952 for ;
Wed, 13 May 2020 15:31:13 -0400
Received: by smtp.corp.redhat.com (Postfix)
id D47312156A4F; Wed, 13 May 2020 19:31:12 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17])
by smtp.corp.redhat.com (Postfix) with ESMTPS id B41DD2156A4B
for ; Wed, 13 May 2020 19:31:09 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AC687916103
for ; Wed, 13 May 2020 19:31:09 +0000 (UTC)
Received: from mail-qv1-f45.google.com (mail-qv1-f45.google.com
[209.85.219.45]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-259-i0ACn0uDPJ-Yn48aWRcSkQ-1; Wed, 13 May 2020 15:31:07 -0400
Received: by mail-qv1-f45.google.com with SMTP id z5so503779qvw.4
for ; Wed, 13 May 2020 12:31:06 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.04
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 May 2020 12:31:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1589398285;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=nPYRQ7jObmPc5UxjJMA5oQTzuNj/FuCNxknRvxyEZe8=;
b=gaJ6zuh72MzQI99NU+egPCJHPujRmpewGl+oR/4nCqVSBTvLXF5Vr6zMRsgd3Aw33cBcWi
/O70OO/Ta5grgTBNmrAjoIarhdDgxggfkBnLK0Okh2eQjkEdECyOTWdDTXmgOAVSwCItUX
je94d+FQTPg22WlFM/jc3FjvstIUHMk=
X-MC-Unique: jSv1R97_PdWER4b3WkOjLA-1
X-MC-Unique: i0ACn0uDPJ-Yn48aWRcSkQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=nPYRQ7jObmPc5UxjJMA5oQTzuNj/FuCNxknRvxyEZe8=;
b=MnTLxHCL8sqjiArfyO6bl6H9DxgXy8PMoTJZy5uoBsnwpZUsOY+iU64iLVnWqTPfWR
mM/enQ8StGbBOFuqjU4LxqiOc/fXeGF9Zff8nG0WsVLwZUDRglrOLXWwuY/cXLkfcau+
W6wScq8MTsM1I7PCjq6DdFqjfxXKE2zVKW8bTM02nt2AdEaMH3uulgwCao5w/+4v9Cyy
lwqDa1wb4QfFTSDOuqru3gRCPw3JMCmF0Zq2hh8BD3sMQ+Nmd6yV/V0JK6Mqmzu9tdU6
tZVNWkiR5IKeFQbHREz9cmeZuOpudgkaCYTGGC7M8wGN1gxVDM7mKuJvYPBYLTdH5cAM
I7CQ==
X-Gm-Message-State: AOAM531qI2hHNH4bxeuN1BRiXfifUOHY6Mk75V4eLv6tX1ack4nDzpIA
LqtGzSADCkvPZFQuEHu2fbaLJmwQ
X-Google-Smtp-Source:
ABdhPJy9nuyimtV1C9l9q7o1DTyhuYPqGi1ATE2Iv1ctTBOTTKR7uYxQEv+RfTkSVNylZnXHb/Jg2g==
X-Received: by 2002:ad4:4f01:: with SMTP id fb1mr1305778qvb.162.1589398266348;
Wed, 13 May 2020 12:31:06 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v3 4/9] conf,
domain: register AUTOPTR_CLEANUP_FUNC for virDomainTPMDef
Date: Wed, 13 May 2020 16:30:39 -0300
Message-Id: <20200513193044.3401170-5-danielhb413@gmail.com>
In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com>
References: <20200513193044.3401170-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
Next patch will make use of g_autoptr() with virDomainTPMDefPtr.
Signed-off-by: Daniel Henrique Barboza
Reviewed-by: Stefan Berger
---
src/conf/domain_conf.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 8f178ade34..60dbba3b19 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -3028,6 +3028,7 @@ virDomainDeviceInfoPtr virDomainDeviceGetInfo(virDoma=
inDeviceDefPtr device);
void virDomainDeviceSetData(virDomainDeviceDefPtr device,
void *devicedata);
void virDomainTPMDefFree(virDomainTPMDefPtr def);
+G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainTPMDef, virDomainTPMDefFree);
=20
typedef int (*virDomainDeviceInfoCallback)(virDomainDefPtr def,
virDomainDeviceDefPtr dev,
--=20
2.26.2
From nobody Thu Apr 25 15:56:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.120 as permitted sender) client-ip=207.211.31.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589398290; cv=none;
d=zohomail.com; s=zohoarc;
b=OptGlzySE33S2oqJeJKH5QiiTCwuZSaYiVvuGiB/qygRXpKGAbtJEp+xZ7be6rvCrGWUFAhS9mSVhZx+Iw0p9v17bfGiab96JUqJAwO+dUMk/QyVclSY6TBNJMKmlDqcIz/d8AOOEnDCLAqzLLN8Dv4fwCDY2IGh2G9FHTOCZqo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1589398290;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=fwqHS031BTNY7s5ufY/ZvRXz9rN+Kl+ohGbdD+LkgfY=;
b=mZDeh1x15Wl0pphlaPIdr5JeICpio2EvL+wiwOf2m095LBb419Bq7WfEzxqyGK4eXb86FL7veuPc5cvmPxoDAAY1M6Rp3o+cv3TIsvUsCJBPrIY6nC3YgSlfa3vbz9vshY70iXCYf8YYq/zuiSsq9YgoRG4FTgV54H1s5nbjMv8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120]) by mx.zohomail.com
with SMTPS id 1589398290740530.87171149891;
Wed, 13 May 2020 12:31:30 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-117-yaReqeJ8Pn2D8yBZaQXrxA-1; Wed, 13 May 2020 15:31:27 -0400
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
[10.5.11.11])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7988B80B730;
Wed, 13 May 2020 19:31:19 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 5B02E7529E;
Wed, 13 May 2020 19:31:19 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2D8754E981;
Wed, 13 May 2020 19:31:19 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
[10.11.54.5])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 04DJVCVC021938 for ;
Wed, 13 May 2020 15:31:12 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 11E331182E4; Wed, 13 May 2020 19:31:12 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 934771108F9
for ; Wed, 13 May 2020 19:31:11 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 52E5818A6660
for ; Wed, 13 May 2020 19:31:11 +0000 (UTC)
Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com
[209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-309-dEYTQ0GmMmiedqZOvlf0sQ-1; Wed, 13 May 2020 15:31:08 -0400
Received: by mail-qt1-f194.google.com with SMTP id 4so845781qtb.4
for ; Wed, 13 May 2020 12:31:08 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.06
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 May 2020 12:31:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1589398289;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=fwqHS031BTNY7s5ufY/ZvRXz9rN+Kl+ohGbdD+LkgfY=;
b=YBrCMm0IHY6Z5zgo5pxZvncK3UOkAmO4vQ8PV2/eoU4ThstQTZjSwPZopBRM7c+pZYynN1
t+fIR0875S2W8mx5cyTx18I/A2tY2lncCd6CSwS8lH/3dhyxQzu0FatKkfpmPMkt09W0xD
QLGnB5V+Nk1vAPH2NP9EokWruy19BtI=
X-MC-Unique: yaReqeJ8Pn2D8yBZaQXrxA-1
X-MC-Unique: dEYTQ0GmMmiedqZOvlf0sQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=fwqHS031BTNY7s5ufY/ZvRXz9rN+Kl+ohGbdD+LkgfY=;
b=Wt0NXyVidIP8Rw5OmMNygZJ+tTeseJObyW0XSEGg212gSta2vKhL5kPx71RII7yvFD
GsaGiz8qnj1uEiuqcyHAO28DfdvwUkBzuJZ5J/O6pL1i2hIyEY1e4GTBqjfdvr42mUnb
YPwBx54e9A/6Ym6p66gtkdV+u/az04tXAFeimG7G/BebK3Vs5fDTpN9SaFhkWexlfzNi
A0pGI6+pCH9hb93a6K6hSgwbWcIgD7WP60vbMcLGZ8cI1mKKfPG+C1Eqa8YByV94ls+K
XhaFWpe7EdTyOvLyxvlzK+ld7vOJcnUtRKc21UZkGGqz2DNz/NZqQb16c9kxfVGgSQyJ
cyUA==
X-Gm-Message-State: AOAM531R86fTeyQtHmxEIgIVmXSAqnXoUQ8D4AhD3gYhWUUwCwvOLhHA
AbIzYkEM80Iz9TFaTH6dWBH2k/gd
X-Google-Smtp-Source:
ABdhPJzLTeVosJ7Kz3rzZWnUAfW/yg0PEZEL/k3A9iZ6qo8OGCBfsD5N0bqUnVgQUJQzSLyG+mvWng==
X-Received: by 2002:ac8:46d3:: with SMTP id h19mr754398qto.133.1589398267953;
Wed, 13 May 2020 12:31:07 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v3 5/9] domain_conf.c: XML parsing for
VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY
Date: Wed, 13 May 2020 16:30:40 -0300
Message-Id: <20200513193044.3401170-6-danielhb413@gmail.com>
In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com>
References: <20200513193044.3401170-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
Aside from trivial XML parsing/format changes, this patch adds
additional rules for TPM device support to better accomodate
all the available scenarios with the new TPM Proxy.
The changes make no impact to existing domains. This means that
the scenario of a domain with a single TPM device is still
supported in the same way. The restriction of multiple TPM devices
got alleviated to allow a TPM Proxy device to be added together
with a TPM device in the same domain. All other combinations
are still forbidden.
To summarize, after this patch, the following combinations in the same
domain are valid:
- a single TPM device
- a single TPM Proxy device
- a single TPM + single TPM Proxy devices
These combinations in the same domain are NOT allowed:
- 2 or more TPM devices
- 2 or more TPM Proxy devices
Signed-off-by: Daniel Henrique Barboza
Reviewed-by: Stefan Berger
---
src/conf/domain_conf.c | 45 ++++++++++++++++++++++++++++++++++++++----
1 file changed, 41 insertions(+), 4 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 01a32f62d1..8164cd58c9 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -13730,6 +13730,14 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlo=
pt,
goto error;
}
=20
+ /* TPM Proxy devices have 'passthrough' backend */
+ if (def->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY &&
+ def->type !=3D VIR_DOMAIN_TPM_TYPE_PASSTHROUGH) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("'Passthrough' backend is required for TPM Proxy =
devices"));
+ goto error;
+ }
+
if (virDomainDeviceInfoParseXML(xmlopt, node, &def->info, flags) < 0)
goto error;
=20
@@ -21972,15 +21980,39 @@ virDomainDefParseXML(xmlDocPtr xml,
if ((n =3D virXPathNodeSet("./devices/tpm", ctxt, &nodes)) < 0)
goto error;
=20
- if (n > 1) {
+ if (n > 2) {
virReportError(VIR_ERR_XML_ERROR, "%s",
- _("only a single TPM device is supported"));
+ _("a maximum of two TPM devices is supported, one o=
f "
+ "them being a TPM Proxy device"));
goto error;
}
=20
if (n > 0) {
- if (!(def->tpm =3D virDomainTPMDefParseXML(xmlopt, nodes[0], ctxt,=
flags)))
- goto error;
+ for (i =3D 0; i < n; i++) {
+ g_autoptr(virDomainTPMDef) dev =3D NULL;
+
+ if (!(dev =3D virDomainTPMDefParseXML(xmlopt, nodes[i], ctxt, =
flags)))
+ goto error;
+
+ /* TPM Proxy devices must be held in def->tpmproxy. Error
+ * out if there's a TPM Proxy declared already */
+ if (dev->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) {
+ if (def->tpmproxy) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("only a single TPM Proxy device is su=
pported"));
+ goto error;
+ }
+ def->tpmproxy =3D g_steal_pointer(&dev);
+ } else {
+ /* all other TPM devices goes to def->tpm */
+ if (def->tpm) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("only a single TPM non-proxy device i=
s supported"));
+ goto error;
+ }
+ def->tpm =3D g_steal_pointer(&dev);
+ }
+ }
}
VIR_FREE(nodes);
=20
@@ -29807,6 +29839,11 @@ virDomainDefFormatInternalSetRootName(virDomainDef=
Ptr def,
goto error;
}
=20
+ if (def->tpmproxy) {
+ if (virDomainTPMDefFormat(buf, def->tpmproxy, flags) < 0)
+ goto error;
+ }
+
for (n =3D 0; n < def->ngraphics; n++) {
if (virDomainGraphicsDefFormat(buf, def->graphics[n], flags) < 0)
goto error;
--=20
2.26.2
From nobody Thu Apr 25 15:56:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.120 as permitted sender) client-ip=207.211.31.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589398290; cv=none;
d=zohomail.com; s=zohoarc;
b=ayRoLxSAxOPl2qCgbtVEeevrj5y5nJ4WNdGhLbd5xasCnbAB6XkgyikpsNqmNmXY+N0oyonGOgu4vqa2hTAiatrm+bhIIK3Yc5unrvX3ske34b8QsVtF2+wMuPw3nhKHZIJgFOGgbP6cAaWFwd3TZ2lT5ttG8iuKlO7rS90hC28=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1589398290;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=FNUZL+BS8RKzH6s1+PuA+bk0G5PLxN4ipkfz+6ANIMw=;
b=NexurSxPcjyYu9P5ZxeAJ434JsnuDwFkgel0KHgfYh5OrGaCuPD1caTk8+iX3KEF/h/JmXuxYWHWtNXMchgITnZ/YJePakxDTH5rvj8nEQz3iFhN/3huhYa2ptXiSX8twM13fzZ3uuABZdB8c+bQC1rxovmI5o+QXLKQRGuDZCk=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120]) by mx.zohomail.com
with SMTPS id 1589398290761783.6494687440221;
Wed, 13 May 2020 12:31:30 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-201-000Lg1KdNIOUsxnglBrWkw-1; Wed, 13 May 2020 15:31:26 -0400
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
[10.5.11.14])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A03978018AD;
Wed, 13 May 2020 19:31:18 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 81D685D9E8;
Wed, 13 May 2020 19:31:18 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 545094E588;
Wed, 13 May 2020 19:31:18 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
[10.11.54.6])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 04DJVGka021983 for ;
Wed, 13 May 2020 15:31:16 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 5D8FA2156A4F; Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 29C222156A2D
for ; Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com
[205.139.110.61])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E8D0E8007AC
for ; Wed, 13 May 2020 19:31:15 +0000 (UTC)
Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com
[209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-202-ekvMUy3kMeCd88TKSTE6nQ-1; Wed, 13 May 2020 15:31:11 -0400
Received: by mail-qt1-f194.google.com with SMTP id c24so826250qtw.7
for ; Wed, 13 May 2020 12:31:11 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.08
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 May 2020 12:31:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1589398289;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=FNUZL+BS8RKzH6s1+PuA+bk0G5PLxN4ipkfz+6ANIMw=;
b=hnLGFWoSR76dimqNlKtVPF8GChmXayI0NwLZI9xQjoLhYoPLSDX+bYbbdSrSNx99mrdLyN
woIv8h0NYx4Zhl0taPDuWKAKQpzs4mXnD1C5++wtfcENENCQWWYCiss503rUoBLjNOghfl
Ai2aCq5vlsJKJ766s0j32SW5ZbdoUcY=
X-MC-Unique: 000Lg1KdNIOUsxnglBrWkw-1
X-MC-Unique: ekvMUy3kMeCd88TKSTE6nQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=FNUZL+BS8RKzH6s1+PuA+bk0G5PLxN4ipkfz+6ANIMw=;
b=G6fYs0rb+BOnsO2Xifvruzje4Lu4KRdYNwl56GHWEXAGp5LbSV7iU6J5mYcMVmWo4i
gXhcWG8JApWw1vbXSiPyRnH5Uot7LUN3GLfCYDLosRUfQfnTQ1ZsgccT2y7tM3HRlC8L
dpiKi2AD7oCR8rIbOo+B0FML1hlumyBM+qdUSKWsM8yytLM4Oba1unx4ePWhCWDIZYHQ
ooDVPi0Urr7V1t93UH5hjxCbx3sZUdSY2fDWERAJ2EH1fmNilTPb7V3xUSVbVafe8Y+W
42nvz11OlLvm+qb+aTz6ZQN7vTFyyLUp9TgCT+oXtEFyV8tZJqpR+HbICZM8kjeba6Yq
m+yQ==
X-Gm-Message-State: AOAM533D3kS7UwX5vO73RxhnJlvx2YAAStxo3H0mtb+KF7t7buJcrW5t
+cKQs1mPz2a7+P6YUuScNzP2ZUQq
X-Google-Smtp-Source:
ABdhPJxH0rLKnxpwurMmiuaqtsPWPD9PtWf4eYWXj75i5FyK+dmHPNpnYHfqkK0MddMlgvCGDX/Ocg==
X-Received: by 2002:ac8:1622:: with SMTP id p31mr735654qtj.256.1589398270034;
Wed, 13 May 2020 12:31:10 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v3 6/9] tests: add XML schema tests for the TPM Proxy device
Date: Wed, 13 May 2020 16:30:41 -0300
Message-Id: <20200513193044.3401170-7-danielhb413@gmail.com>
In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com>
References: <20200513193044.3401170-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
This tests aims to exercise how a TPM Proxy device can be
added in the domain, either alone or with a regular TPM
device. It also ensures that we do not allow bogus scenarios
to slip by.
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
tests/qemuxml2argvdata/ppc64-tpm-double.xml | 34 ++++++++++++++
.../ppc64-tpmproxy-double.xml | 38 +++++++++++++++
.../ppc64-tpmproxy-single.xml | 33 +++++++++++++
.../ppc64-tpmproxy-with-tpm.xml | 36 +++++++++++++++
tests/qemuxml2argvtest.c | 12 +++++
.../ppc64-tpmproxy-single.ppc64-latest.xml | 42 +++++++++++++++++
.../ppc64-tpmproxy-with-tpm.ppc64-latest.xml | 46 +++++++++++++++++++
tests/qemuxml2xmltest.c | 2 +
8 files changed, 243 insertions(+)
create mode 100644 tests/qemuxml2argvdata/ppc64-tpm-double.xml
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml
create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-la=
test.xml
create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-=
latest.xml
diff --git a/tests/qemuxml2argvdata/ppc64-tpm-double.xml b/tests/qemuxml2ar=
gvdata/ppc64-tpm-double.xml
new file mode 100644
index 0000000000..8730547a4d
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpm-double.xml
@@ -0,0 +1,34 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml b/tests/qemux=
ml2argvdata/ppc64-tpmproxy-double.xml
new file mode 100644
index 0000000000..12abda509e
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml
@@ -0,0 +1,38 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml b/tests/qemux=
ml2argvdata/ppc64-tpmproxy-single.xml
new file mode 100644
index 0000000000..729a2cdf28
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml
@@ -0,0 +1,33 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml b/tests/qem=
uxml2argvdata/ppc64-tpmproxy-with-tpm.xml
new file mode 100644
index 0000000000..a61ec9845c
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml
@@ -0,0 +1,36 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 43e76956cc..ba82da5f4b 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -2966,6 +2966,18 @@ mymain(void)
QEMU_CAPS_NEC_USB_XHCI,
QEMU_CAPS_DEVICE_QEMU_XHCI);
=20
+ DO_TEST_PARSE_ERROR("ppc64-tpmproxy-double",
+ QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE,
+ QEMU_CAPS_PCI_OHCI,
+ QEMU_CAPS_DEVICE_TPM_PASSTHROUGH,
+ QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY);
+
+ DO_TEST_PARSE_ERROR("ppc64-tpm-double",
+ QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE,
+ QEMU_CAPS_PCI_OHCI,
+ QEMU_CAPS_DEVICE_TPM_PASSTHROUGH,
+ QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY);
+
DO_TEST("aarch64-usb-controller-qemu-xhci",
QEMU_CAPS_OBJECT_GPEX,
QEMU_CAPS_NEC_USB_XHCI,
diff --git a/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xm=
l b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml
new file mode 100644
index 0000000000..4e0e5f24b8
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml
@@ -0,0 +1,42 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+
+ POWER9
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.=
xml b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml
new file mode 100644
index 0000000000..2e0dab4b33
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml
@@ -0,0 +1,46 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+
+ POWER9
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
index 033f81013e..8360d5eeca 100644
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@@ -609,6 +609,8 @@ mymain(void)
DO_TEST("controller-usb-order",
QEMU_CAPS_PIIX_DISABLE_S3,
QEMU_CAPS_PIIX_DISABLE_S4);
+ DO_TEST_CAPS_ARCH_LATEST("ppc64-tpmproxy-single", "ppc64");
+ DO_TEST_CAPS_ARCH_LATEST("ppc64-tpmproxy-with-tpm", "ppc64");
=20
DO_TEST_FULL("seclabel-dynamic-baselabel", WHEN_INACTIVE,
ARG_QEMU_CAPS, NONE);
--=20
2.26.2
From nobody Thu Apr 25 15:56:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.120 as permitted sender) client-ip=207.211.31.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589398294; cv=none;
d=zohomail.com; s=zohoarc;
b=UVj9Sr1PGMLZKpZFRj5HTBz1SZCICWg+SQg8Q+pcOWl6+CNsH4oEKFmcq7A9wjiSoreRbrFSIizdGwPEmx+7A+XLFA9bqrgTIpleOzA+ID6AhI1T4vNX70dq7O+pTWnjFsfpS0WjsP8dUwj35ejMynkovRFk1rk8wWT8Cf8331M=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1589398294;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=ottAuIn2CbWBl3kn7u9cYTFgeJbktR9EGkOFwpBx640=;
b=GF8YhH+7XCS88gSdQh4puiETysaXmCzLhd3su3pdgIsGsevtZleDj5vXiB9o65LPxfD5hCpcN+PByll6/AsHkpWuNf6mzTdoCbi4fxUU7nk45aS2FNuVohicb8gNlOrbzp9tsXecJ+Q9InfNaS3c8UUuAEjBVKwfmZj41vrymz8=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120]) by mx.zohomail.com
with SMTPS id 1589398294194460.563888076131;
Wed, 13 May 2020 12:31:34 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-499-JAs_VGGvPeqLykqZto5mPA-1; Wed, 13 May 2020 15:31:29 -0400
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
[10.5.11.14])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 46922108BD0C;
Wed, 13 May 2020 19:31:19 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 28AC35D9F3;
Wed, 13 May 2020 19:31:19 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id EB3C41800431;
Wed, 13 May 2020 19:31:18 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
[10.11.54.5])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 04DJVFk7021969 for ;
Wed, 13 May 2020 15:31:15 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 3929E42AD6; Wed, 13 May 2020 19:31:15 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 27ED642ADC
for ; Wed, 13 May 2020 19:31:15 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A002F833B49
for ; Wed, 13 May 2020 19:31:14 +0000 (UTC)
Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com
[209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-511-v7aR0d7qMp2JP5QEXqbQpQ-1; Wed, 13 May 2020 15:31:12 -0400
Received: by mail-qt1-f194.google.com with SMTP id l1so835289qtp.6
for ; Wed, 13 May 2020 12:31:12 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.10
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 May 2020 12:31:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1589398293;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=ottAuIn2CbWBl3kn7u9cYTFgeJbktR9EGkOFwpBx640=;
b=GKyMB+iMgLfOoj7e0GxSI52I7HPQLQBFFCFyPDOJZwo3kmjbMfFluQOni/cjqCA1qfjzSg
rFSa19KDtG/teD5yeca2kir4+CitYbljZ1iht9vKJyMarq2CaSrJBKRTLWBB3wTeQ+IVdL
TuNztKrENsJBUdujeEfxUMcwTn1TStw=
X-MC-Unique: JAs_VGGvPeqLykqZto5mPA-1
X-MC-Unique: v7aR0d7qMp2JP5QEXqbQpQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=ottAuIn2CbWBl3kn7u9cYTFgeJbktR9EGkOFwpBx640=;
b=sdVss9l0llvjQP3fgm3dwYYIkB/xyAihbRamRD1X9lLe0inju8Ubods9TbK6ylqurc
wnuK2HwSP8uypR8qf8Yb2bLx+06EFWfIQCFZ2cZMpaFJJWgXcN2gZX3XnSghBOxK4ejo
YcYmTQykU9k9uQRCJq2WoXmn/vwNtXm9xgFRrNkK8Ldrb81JbSLN7FbtBjFTkwj9cDcZ
1ulO4swuL02tWCqJqatR6qi0ZYSvIVt6ufwLaGAlVprxJcMvUBRlRRu3ThVzWb75Twlh
t1DXxAuscnZld4mQak4fiChQ60i2R1RjX1fJu2Peq22G15yUkEtGdTUpc73ts36VDBcy
j70Q==
X-Gm-Message-State: AOAM5326SfKJY2FEOSmye29aqJ2iFAFQbongt0MUFDGbml3YQLCJlfNc
UzB8hkgtzitc6USkTKAoxMokMffc
X-Google-Smtp-Source:
ABdhPJxFeK604BM2WrYujD4yhtO2/h7vMqz1u0PvWk9mZxXQFdEMM7lT4KznTEgT356a7Vx/OExAVw==
X-Received: by 2002:ac8:120a:: with SMTP id x10mr743800qti.127.1589398271583;
Wed, 13 May 2020 12:31:11 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v3 7/9] qemu: build command line for the TPM Proxy device
Date: Wed, 13 May 2020 16:30:42 -0300
Message-Id: <20200513193044.3401170-8-danielhb413@gmail.com>
In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com>
References: <20200513193044.3401170-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
This patch wraps it up all the wiring done in previous patches,
enabling a PPC64 guest to launch a guest using a TPM Proxy
device.
Note that device validation is already being done in qemu_validate.c,
qemuValidateDomainDeviceDefTPM(), on domain define time. We don't
need to verify QEMU capabilities for this device again inside
qemu_command.c.
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
src/qemu/qemu_alias.c | 16 ++++++++++++++++
src/qemu/qemu_command.c | 21 +++++++++++++++++++++
2 files changed, 37 insertions(+)
diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
index b0ea62af39..08fe5aa501 100644
--- a/src/qemu/qemu_alias.c
+++ b/src/qemu/qemu_alias.c
@@ -413,6 +413,18 @@ qemuAssignDeviceTPMAlias(virDomainTPMDefPtr tpm,
}
=20
=20
+static int
+qemuAssignDeviceTPMProxyAlias(virDomainTPMDefPtr tpmproxy,
+ int idx)
+{
+ if (tpmproxy->info.alias)
+ return 0;
+
+ tpmproxy->info.alias =3D g_strdup_printf("tpmproxy%d", idx);
+ return 0;
+}
+
+
int
qemuAssignDeviceRedirdevAlias(virDomainDefPtr def,
virDomainRedirdevDefPtr redirdev,
@@ -673,6 +685,10 @@ qemuAssignDeviceAliases(virDomainDefPtr def, virQEMUCa=
psPtr qemuCaps)
if (qemuAssignDeviceTPMAlias(def->tpm, 0) < 0)
return -1;
}
+ if (def->tpmproxy) {
+ if (qemuAssignDeviceTPMProxyAlias(def->tpmproxy, 0) < 0)
+ return -1;
+ }
for (i =3D 0; i < def->nmems; i++) {
if (qemuAssignDeviceMemoryAlias(NULL, def->mems[i], false) < 0)
return -1;
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index bfe70ed228..0b97db7388 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -8981,6 +8981,24 @@ qemuBuildTPMCommandLine(virCommandPtr cmd,
return 0;
}
=20
+static int
+qemuBuildTPMProxyCommandLine(virCommandPtr cmd,
+ const virDomainDef *def)
+{
+ const virDomainTPMDef *tpmproxy =3D def->tpmproxy;
+
+ if (!tpmproxy)
+ return 0;
+
+ virCommandAddArg(cmd, "-device");
+ virCommandAddArgFormat(cmd, "%s,id=3D%s,host-path=3D%s",
+ virDomainTPMModelTypeToString(tpmproxy->model),
+ tpmproxy->info.alias,
+ tpmproxy->data.passthrough.source.data.file.pat=
h);
+
+ return 0;
+}
+
static int
qemuBuildSEVCommandLine(virDomainObjPtr vm, virCommandPtr cmd,
virDomainSEVDefPtr sev)
@@ -9662,6 +9680,9 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
if (qemuBuildTPMCommandLine(cmd, def, qemuCaps) < 0)
return NULL;
=20
+ if (qemuBuildTPMProxyCommandLine(cmd, def) < 0)
+ return NULL;
+
if (qemuBuildInputCommandLine(cmd, def, qemuCaps) < 0)
return NULL;
=20
--=20
2.26.2
From nobody Thu Apr 25 15:56:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.120 as permitted sender) client-ip=205.139.110.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589398293; cv=none;
d=zohomail.com; s=zohoarc;
b=fizkhrOhUmgRqCtwuTczLelmPXUk1hWyXjQR9f8Cvm42PTvgNukYLAQu3q5V60GjwGd9jCv4HEJVvjiO0Vl6k/0ZZHIW6FdTzJYM1eftzU8z3I5krrMKw1RZnAChu2tccsRJPM/xw4+m67pW0pf8mEy2lRh6CImRtMnTXhsDTVs=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1589398293;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=iau7ok2g16JB63aZQzxM1z4U4NANaXu+3Z1+b6bFl5o=;
b=TlzsU/GZ9AnL9dBDY1Ud1/ChedBVAUvvtEzvxg6vMQlQ//QdU7/EGXm8n6eFZBu3ZGRUYxR/KVbnBbP48zQZhij4qxZJhmzqUY+P3/dqt2XjhP92ohBES383qn1fSt7ryTBq6vEwNcXQk7i5Iydn7ArvDRu99+yAfe4ObVLcsjU=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120]) by mx.zohomail.com
with SMTPS id 15893982936389.271924321604843;
Wed, 13 May 2020 12:31:33 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-488-6BzbYhsmOWqr10kYu42DpA-1; Wed, 13 May 2020 15:31:29 -0400
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
[10.5.11.16])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A57D3107B276;
Wed, 13 May 2020 19:31:21 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 873005C1D6;
Wed, 13 May 2020 19:31:21 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 573661806B0D;
Wed, 13 May 2020 19:31:21 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
[10.11.54.6])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 04DJVHjf021988 for ;
Wed, 13 May 2020 15:31:17 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 16F7C2156A4A; Wed, 13 May 2020 19:31:17 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 019AF2156A52
for ; Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AECEC101A525
for ; Wed, 13 May 2020 19:31:16 +0000 (UTC)
Received: from mail-qv1-f67.google.com (mail-qv1-f67.google.com
[209.85.219.67]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-390--xwxigbhMzSW5K0FB0HUig-1; Wed, 13 May 2020 15:31:14 -0400
Received: by mail-qv1-f67.google.com with SMTP id z5so503955qvw.4
for ; Wed, 13 May 2020 12:31:13 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.11
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 May 2020 12:31:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1589398292;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=iau7ok2g16JB63aZQzxM1z4U4NANaXu+3Z1+b6bFl5o=;
b=aEt6R+nROnxwBW+Tv+WSt2Zbyx/oCr/UFgqA3MtyvIFdy8g8MOz6/GFlkhSkXhNmx/oHTm
f/ZXLsN/48jjvn+suaov0DxCWyixiaih+upk5naUv78SlEF86/D49kz0HhHz8j9JPiNg7n
B04j+Mx8GJ0MAiK34QSeq6LvKzVqCrI=
X-MC-Unique: 6BzbYhsmOWqr10kYu42DpA-1
X-MC-Unique: -xwxigbhMzSW5K0FB0HUig-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=iau7ok2g16JB63aZQzxM1z4U4NANaXu+3Z1+b6bFl5o=;
b=MMTuMcbULJ0vGs+V7vtOk5T4VOr1xJli7EZCtKfXkmAam/uaPmCoiYy3pbafXO9m9p
Y/B9U/fui/sjkiKFQRqy/mHFvGGYODIksWyIKgzvwu64b6JkYH7gQVMiA+95+89YeRMt
64EcOl2nil2OrX4HCHVqLfpjnRWdQrF8l3P41/9EmdZpgUzWNQ/76gDMcg1wqCQQAjUy
4gpoVtKMP+lVncKMZ2L/Jx6ay+ymDvuazr7E+MwVApSh8rzhinEXjXlu7d0VuxAPvAyd
PhVd/Ho5u+8qoQ1h3qGOFVqNulwZA07dy0aNIJueh2x8CwNaOv20V8/vGkAnBoZqGAoz
S1eg==
X-Gm-Message-State: AOAM530m3End5yAppiUDUNIupBYURmVKoeNPTpPtEqdFIpHUC9OUI2ug
AWHhN2ZEEhFLIEGMNJPeISTA3c5a
X-Google-Smtp-Source:
ABdhPJznguaYGWZEpz7M5TwAMygw8An83R90CegqhTJjGVKB9iRylQPzopYF85bBLzGF+Ks6gw5wBQ==
X-Received: by 2002:a05:6214:122e:: with SMTP id
p14mr1250794qvv.168.1589398273290;
Wed, 13 May 2020 12:31:13 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v3 8/9] tests/qemuxml2argvtest.c: add TPM Proxy command line
tests
Date: Wed, 13 May 2020 16:30:43 -0300
Message-Id: <20200513193044.3401170-9-danielhb413@gmail.com>
In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com>
References: <20200513193044.3401170-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
Add tests for both supported scenarios: a single TPM Proxy and
a TPM Proxy with a regular TPM device in the same domain.
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
.../ppc64-tpmproxy-single.ppc64-latest.args | 34 +++++++++++++++++
.../ppc64-tpmproxy-with-tpm.ppc64-latest.args | 37 +++++++++++++++++++
tests/qemuxml2argvtest.c | 3 ++
3 files changed, 74 insertions(+)
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-late=
st.args
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-la=
test.args
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args=
b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args
new file mode 100644
index 0000000000..f606cee16b
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args
@@ -0,0 +1,34 @@
+LC_ALL=3DC \
+PATH=3D/bin \
+HOME=3D/tmp/lib/domain--1-QEMUGuest1 \
+USER=3Dtest \
+LOGNAME=3Dtest \
+XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \
+XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \
+XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \
+QEMU_AUDIO_DRV=3Dnone \
+/usr/bin/qemu-system-ppc64 \
+-name guest=3DQEMUGuest1,debug-threads=3Don \
+-S \
+-object secret,id=3DmasterKey0,format=3Draw,\
+file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
+-machine pseries,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \
+-cpu POWER9 \
+-m 256 \
+-overcommit mem-lock=3Doff \
+-smp 1,sockets=3D1,cores=3D1,threads=3D1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \
+-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \
+-rtc base=3Dutc \
+-no-shutdown \
+-boot strict=3Don \
+-device pci-ohci,id=3Dusb,bus=3Dpci.0,addr=3D0x1 \
+-device spapr-tpm-proxy,id=3Dtpmproxy0,host-path=3D/dev/tpmrm0 \
+-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x6 \
+-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\
+resourcecontrol=3Ddeny \
+-msg timestamp=3Don
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.ar=
gs b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args
new file mode 100644
index 0000000000..9908cd78e0
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args
@@ -0,0 +1,37 @@
+LC_ALL=3DC \
+PATH=3D/bin \
+HOME=3D/tmp/lib/domain--1-QEMUGuest1 \
+USER=3Dtest \
+LOGNAME=3Dtest \
+XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \
+XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \
+XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \
+QEMU_AUDIO_DRV=3Dnone \
+/usr/bin/qemu-system-ppc64 \
+-name guest=3DQEMUGuest1,debug-threads=3Don \
+-S \
+-object secret,id=3DmasterKey0,format=3Draw,\
+file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
+-machine pseries,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \
+-cpu POWER9 \
+-m 256 \
+-overcommit mem-lock=3Doff \
+-smp 1,sockets=3D1,cores=3D1,threads=3D1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \
+-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \
+-rtc base=3Dutc \
+-no-shutdown \
+-boot strict=3Don \
+-device pci-ohci,id=3Dusb,bus=3Dpci.0,addr=3D0x1 \
+-tpmdev emulator,id=3Dtpm-tpm0,chardev=3Dchrtpm \
+-chardev socket,id=3Dchrtpm,path=3D/dev/test \
+-device tpm-spapr,tpmdev=3Dtpm-tpm0,id=3Dtpm0,reg=3D0x00004000 \
+-device spapr-tpm-proxy,id=3Dtpmproxy0,host-path=3D/dev/tpmrm0 \
+-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x6 \
+-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\
+resourcecontrol=3Ddeny \
+-msg timestamp=3Don
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index ba82da5f4b..6a57a4910d 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -2978,6 +2978,9 @@ mymain(void)
QEMU_CAPS_DEVICE_TPM_PASSTHROUGH,
QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY);
=20
+ DO_TEST_CAPS_LATEST_PPC64("ppc64-tpmproxy-single");
+ DO_TEST_CAPS_LATEST_PPC64("ppc64-tpmproxy-with-tpm");
+
DO_TEST("aarch64-usb-controller-qemu-xhci",
QEMU_CAPS_OBJECT_GPEX,
QEMU_CAPS_NEC_USB_XHCI,
--=20
2.26.2
From nobody Thu Apr 25 15:56:13 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.61 as permitted sender) client-ip=205.139.110.61;
envelope-from=libvir-list-bounces@redhat.com;
helo=us-smtp-delivery-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1589398295; cv=none;
d=zohomail.com; s=zohoarc;
b=BSl6/DEzL/NrKBRPjPfZV+Nm9hxXGMfeeGlLN+PuZ0CiHTXTLJ3kWZAB2BS8INzfm+8uy/K0lzM3FmvcZCrak1l7n+ZrbT/R2ZSF8E3wMc+2aO2sehbpy/UwfBNqGzMYpdRmG34dyfrI8qcQVjVLSzmZXjBCYhf8WpGUna7XFkI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1589398295;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=+MA3/crOaYHgW7lF1/6Lcn7pWzmM+lsdA0o8wV6daIk=;
b=AwT4nnJpAmw9GqRpxK3W7iFn9kZqL53aBQUqvd5jH2H9OM0EE33ODqWwpS7fEjM776ANoNEWd/7RhVwm/epFtM+Ty7vNmyeZUkOlINzeRz/xtWyEIa8eU2YK7n74wCEyBOi8d+dyvKkNQYZnotq3nKsW3Gqyu2R5t1+CgvlEhBI=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com
[205.139.110.61]) by mx.zohomail.com
with SMTPS id 158939829559276.73525254858362;
Wed, 13 May 2020 12:31:35 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-72-I061jNkFO0aLmF0G_-wj-g-1; Wed, 13 May 2020 15:31:31 -0400
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
[10.5.11.11])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 20219460;
Wed, 13 May 2020 19:31:22 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id F307A5C6DB;
Wed, 13 May 2020 19:31:21 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id C3BA54E986;
Wed, 13 May 2020 19:31:21 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com
[10.11.54.3])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 04DJVKsU022008 for ;
Wed, 13 May 2020 15:31:20 -0400
Received: by smtp.corp.redhat.com (Postfix)
id EC6CA104FA94; Wed, 13 May 2020 19:31:19 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19])
by smtp.corp.redhat.com (Postfix) with ESMTPS id E3246104FAA6
for ; Wed, 13 May 2020 19:31:19 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com
[205.139.110.61])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C0238811768
for ; Wed, 13 May 2020 19:31:19 +0000 (UTC)
Received: from mail-qt1-f196.google.com (mail-qt1-f196.google.com
[209.85.160.196]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-80-6kNBMXOMMaGAe571ao-ypQ-1; Wed, 13 May 2020 15:31:15 -0400
Received: by mail-qt1-f196.google.com with SMTP id h26so821959qtu.8
for ; Wed, 13 May 2020 12:31:15 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070])
by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.13
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 13 May 2020 12:31:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1589398294;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=+MA3/crOaYHgW7lF1/6Lcn7pWzmM+lsdA0o8wV6daIk=;
b=a8D+Vf+2idLGLH53Gk7FngVr1k9szRkmdrjGeBsI9jcl4UCnn20cOMJWW4Qqm27XCAA8BR
wowxUwBLhgo+zz1iaXJt7A0U1AtuPDXt96AcC/64tb4Oj8+tf8bxuGjDQvEyiTfDuECQtM
pJ9n8iJE40mlPH2XdwtTIrKTdCF4p7g=
X-MC-Unique: I061jNkFO0aLmF0G_-wj-g-1
X-MC-Unique: 6kNBMXOMMaGAe571ao-ypQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=+MA3/crOaYHgW7lF1/6Lcn7pWzmM+lsdA0o8wV6daIk=;
b=M6qtPM10ytyvkhSjCQt7g6NDNciX2IZOhseoMki7JeprndFYG8/p2CMRRz5Rfzt23B
aZtywj0KVHnFnTxOmWJpBwN38WZZNwYOAhtgXaN+cJIgHPLKzPAlcEBrE+tWbrZteBsO
Avo/3LC7Tt6/IoyZ/b22AgscN01i7P9Tfi4B4ArLcaQaGKJUN8EKi4jQ+8Idka14Yjej
hRZmG79BfnuNz2F/hhu3M7PQKzwzY/NAIfaSpM7qfhP79EfqmTzjRMc5xotnZszvYQSs
hQXcIK2oqdjgfPQVnPmaYMbsqYwpPl3kzwas7CZYDRt8MqjsanqadhU7SWb1JP4HHvCl
EXqQ==
X-Gm-Message-State: AOAM531glZfN9LSAon7F39nwKubdOTE9RyqeyEUvmrwoAuaQZ8X491+r
Gjr0AEO1cLCtlOyn7j5Ai5H+yhyW
X-Google-Smtp-Source:
ABdhPJzbjkRQnIg3ufVBR3/AAuyIkujBF/IpnqKPS2ZxVgqro3HVU+Q9PZ9s69MpxKn4ueplunmXUA==
X-Received: by 2002:aed:3fab:: with SMTP id s40mr776893qth.140.1589398275011;
Wed, 13 May 2020 12:31:15 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v3 9/9] docs/news.xml: update for the new TPM Proxy device
Date: Wed, 13 May 2020 16:30:44 -0300
Message-Id: <20200513193044.3401170-10-danielhb413@gmail.com>
In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com>
References: <20200513193044.3401170-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
Signed-off-by: Daniel Henrique Barboza
Reviewed-by: Stefan Berger
---
docs/news.xml | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/docs/news.xml b/docs/news.xml
index 4cef804aac..c22a0f0a18 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -44,6 +44,23 @@
+
+
+ qemu: add TPM Proxy device support
+
+
+ libvirt can now create guests using a new device type called
+ "TPM Proxy". The TPM Proxy connects to a TPM Resource Manager
+ present in the host, enabling the guest to run in secure virtual
+ machine mode with the help of an Ultravisor. Adding a TPM Proxy =
to
+ a pSeries guest brings no security benefits unless the guest is
+ running on a PPC64 host that has Ultravisor and TPM Resource Man=
ager
+ support. Only one TPM Proxy is allowed per guest. A guest using
+ a TPM Proxy device can instantiate another TPM device at the same
+ time. This device is supported only for pSeries guests via the n=
ew
+ 'spapr-tpm-proxy' model of the TPM 'passthrough' backend.
+
+
--=20
2.26.2