From nobody Sun Feb 8 11:45:04 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1589398286; cv=none; d=zohomail.com; s=zohoarc; b=KvQ4Zb9FazeXsRGKDycaQRCmihRidacG7EJSLjVv6ypsQC1k40WTlYQspykJs1OIvdwqgJV4Y7/bynROBaIbUHd5bQm7NdA+EzMQQyXHYr2wbNRDYIYHcviGuba18d3MpFJDx//aN0M6SELGbF3ozt7IMS5v1Kw2Tl9AkeE8Z7Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589398286; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=IV+Q+U0CvRGut12xzbs5YX4QzOLPv3yApYVhkukzz+M=; b=Gi8KYmMDYXNyuPv28zRgMV47KlAS7j+el3si0uYnD1TG4Sk7spnppSGJPXPrPHKPY9ttgWLs8PMHpHzBVA2eC47J+9HEfAkPkkEEPnWVvPkNH6aZMpxUQ+5D1MKr6zJPw/nhvRqDV48oALKV9mAycFko/yeJhkHyU3RP9yqJwQc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1589398286346913.4093534047414; Wed, 13 May 2020 12:31:26 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-474-OLXVZzV7OGC54EA9YqC5-g-1; Wed, 13 May 2020 15:31:22 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2165E107ACF4; Wed, 13 May 2020 19:31:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F15FB60C84; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C38021809563; Wed, 13 May 2020 19:31:16 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04DJVAES021922 for ; Wed, 13 May 2020 15:31:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id E07E242AD3; Wed, 13 May 2020 19:31:09 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DA99F115E0B for ; Wed, 13 May 2020 19:31:07 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 840AA101A526 for ; Wed, 13 May 2020 19:31:07 +0000 (UTC) Received: from mail-qv1-f65.google.com (mail-qv1-f65.google.com [209.85.219.65]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-424-568-Zas7PA6GOeo0RBnKTw-1; Wed, 13 May 2020 15:31:02 -0400 Received: by mail-qv1-f65.google.com with SMTP id di6so483395qvb.10 for ; Wed, 13 May 2020 12:31:02 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:fbf2:bc5e:c314:af31:7070]) by smtp.gmail.com with ESMTPSA id n20sm478880qtk.89.2020.05.13.12.31.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 May 2020 12:31:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589398285; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=IV+Q+U0CvRGut12xzbs5YX4QzOLPv3yApYVhkukzz+M=; b=WODajYsJpzYxmcTqjDCIrmxo4TXUkVV+8/K6mFWygFmUm3IpVXClsXOEuUqSSJFgwm6aZY +Pyy5D07nDbCq4AHjyQgzDLiThq8Y/Nd/xeAeE+jfTazxPx8zAypVauaXA33M5pu23dkjy QyZKxcGYJmXrIHR/hFBvwm4PdhLtlgo= X-MC-Unique: OLXVZzV7OGC54EA9YqC5-g-1 X-MC-Unique: 568-Zas7PA6GOeo0RBnKTw-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=IV+Q+U0CvRGut12xzbs5YX4QzOLPv3yApYVhkukzz+M=; b=EyVrsYFkY7AZU9tbR0W+Lj7rKOH8+YJLkvIzQiIpjFYUV28I2ggiMa66HBEajKiUDD OMbhCc8HVEVy0p431iTJxXXadkw+UnbsR6ysPtWtKxfaNvY5wEcgjDRgxOf3XPb58qyB /bf/G9QFNifUw4NJv0Ht24TjJEEcfYXRNKgMBY3JtXJS4pT01aeNV6Y17GwCwSp9wL1G F3OLDyUOl8ubzvKueHZYspS9qamyb0l1ngxIDQQAHEUpxgTSwiLq5uKUElouk+n+wGMX 01EzfcSnzOIU9iWxfQcmz3zIjwgnes3PYwKmzfNOvm6KBL6XHlNQxE8BAMITLPfqXTBQ Di/A== X-Gm-Message-State: AOAM533k0ZPYUlGgfdVO8J5KIFaalYx1FM47M6lDACz2zBLJI1dz1D9H KyxyBuGpft/jI9WctZKL4+N+kZx0 X-Google-Smtp-Source: ABdhPJxqfmgqFH8t+ahu+bckSeDVe+t2CeMb5fE1L7wWsZFVh2JqVs8YQy2Wqa/m3ZHSPdGw22nUVA== X-Received: by 2002:ad4:556a:: with SMTP id w10mr1294588qvy.100.1589398261523; Wed, 13 May 2020 12:31:01 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v3 1/9] docs: documentation and schema for the new TPM Proxy model Date: Wed, 13 May 2020 16:30:36 -0300 Message-Id: <20200513193044.3401170-2-danielhb413@gmail.com> In-Reply-To: <20200513193044.3401170-1-danielhb413@gmail.com> References: <20200513193044.3401170-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , stefanb@linux.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" QEMU 4.1.0 introduced a new device type called TPM Proxy, currently implemented by PPC64 guests via a new virtual device called 'spapr-tpm-proxy' (see QEMU 0fb6bd073230 for more info). The TPM Proxy device interacts with a TPM Resource Manager, a host device capable of multiplexing the host TPM with multiple processes. This allows multiple guests to access some TPM features at the same time. Note that this mode of operation does not provide full TPM features to be available for the guest - for that case the guest still needs to assign a vTPM device (tpm-spapr for PPC64 guests). Although redundant, there is currently no technical limitation for a guest to assign both a vTPM and a TPM Proxy at the same time. This patch adds documentation and schema for a new TPM model type called 'spapr-tpm-proxy' that creates this new TPM Proxy device. This model is valid only for the 'passthrough' backend. An example of a TPM Proxy device connected to a TPM Resource Manager '/dev/tpmrm0' will look like this: Signed-off-by: Daniel Henrique Barboza Reviewed-by: Stefan Berger --- docs/formatdomain.html.in | 18 +++++++++++++++++- docs/schemas/domaincommon.rng | 1 + 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 23eb029234..15a92aa4f4 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -8792,6 +8792,17 @@ qemu-kvm -net nic,model=3D? /dev/null backend device is a TPM 2.0. Since 6.1.0, pSeries guests on PPC64 are supported and the default is tpm-spapr. + + Since 6.4.0, a new model called + spapr-tpm-proxy was added for pSeries guests. This = model + only works with the 'passthrough' backend. It creates a TPM Proxy + device that communicates with an existing TPM Resource Manager i= n the host, + for example /dev/tpmrm0, enabling the guest to run in secure vir= tual machine + mode with the help of an Ultravisor. Adding a TPM Proxy to a pSe= ries guest + brings no security benefits unless the guest is running on a PPC= 64 host that + has an Ultravisor and a TPM Resource Manager. Only one TPM Proxy= device is + allowed per guest, but a TPM Proxy device can be added together = with + other TPM devices.

backend
@@ -8804,7 +8815,7 @@ qemu-kvm -net nic,model=3D? /dev/null
passthrough

- Use the host's TPM device. + Use the host's TPM or TPM Resource Manager device.

This backend type requires exclusive access to a TPM device = on @@ -8812,6 +8823,11 @@ qemu-kvm -net nic,model=3D? /dev/null qualified file name is specified by path attribute of the source element. If no file name is specified th= en /dev/tpm0 is automatically used. + + Since 6.4.0, when choosing the + spapr-tpm-proxy model, the file name specified = is + expected to be a TPM Resource Manager device, e.g. + /dev/tpmrm0.

diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 9d60b090f3..50860419c3 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -4610,6 +4610,7 @@ tpm-tis tpm-crb tpm-spapr + spapr-tpm-proxy --=20 2.26.2