From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.120 as permitted sender) client-ip=207.211.31.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104722; cv=none;
d=zohomail.com; s=zohoarc;
b=VAcFoj29vmr4DpV0qR4otQw1mv8AQapSGxvWzygjJDzkRosWsMcRUe3V7+pyHmoJ8xmEhxqAtn2PZcoxdNDtOfDWemmj08iIfKuEIwemLAoFq0v8Mz0hg+RlXZHKSGDxPXMTwkzHWm4ux91ad7J0vNYJBG/JvKF7P1Dmfobo+p0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104722;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=p7zUQ28sFmtovDmVX/BqznHpgeN8gtV5KGuQdvtiC3I=;
b=AKTbWYc/DBf0lopkeERgJIKMKvIltXk6g/GTHVph8jOQIUaP6VXQLl5tCuo53ePoDzODi668V7aEHfnwc+nHOHXpF6Fzyq/NJ65ggshyVTd6tBLFE7HCnMPoGYKRGQGgbEvJ0/rdJZrwMuzBgMMoA6djotuHH89MTKmly3moj5c=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120]) by mx.zohomail.com
with SMTPS id 1591104722373886.5859409237211;
Tue, 2 Jun 2020 06:32:02 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-477-UWoz52F3NgyTtZyvv6tvyQ-1; Tue, 02 Jun 2020 09:31:57 -0400
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
[10.5.11.16])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C5FBB1009457;
Tue, 2 Jun 2020 13:31:50 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 161E85C298;
Tue, 2 Jun 2020 13:31:50 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id B9D4497016;
Tue, 2 Jun 2020 13:31:48 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com
[10.11.54.3])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DVkMD007261 for ;
Tue, 2 Jun 2020 09:31:46 -0400
Received: by smtp.corp.redhat.com (Postfix)
id ADDEB10DCF6C; Tue, 2 Jun 2020 13:31:46 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 8CA1310EE79F
for ; Tue, 2 Jun 2020 13:31:44 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com
[205.139.110.61])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 38C1286CB81
for ; Tue, 2 Jun 2020 13:31:44 +0000 (UTC)
Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com
[209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-218-f-vOYDmmMuqZO-SnYA_6Dg-1; Tue, 02 Jun 2020 09:31:41 -0400
Received: by mail-qt1-f194.google.com with SMTP id q14so10314809qtr.9;
Tue, 02 Jun 2020 06:31:41 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.39
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:31:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104721;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=p7zUQ28sFmtovDmVX/BqznHpgeN8gtV5KGuQdvtiC3I=;
b=bg8VWwDQyRivvLO0bbLHJfWUVWIt8c+jqVSVEY3WZflIr5RYrhi2hO30rhyRutOfSlHKdW
F5QHslKoJl7s0ee8z8aUwushhFHqhISrCgHU9VKJQcmcgeFFEotFbY5PrIyoyDfLeX1uwS
PeZd/wC6wkr+ZE03v1ZHFe+9mNAexpc=
X-MC-Unique: UWoz52F3NgyTtZyvv6tvyQ-1
X-MC-Unique: f-vOYDmmMuqZO-SnYA_6Dg-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=p7zUQ28sFmtovDmVX/BqznHpgeN8gtV5KGuQdvtiC3I=;
b=sIWieXmtNKQiW+Dp6ytO/MRsHJgdIBGaI4eUWMOlPkoLBCXdkiPSld0YDkHJdJRXzf
b0rC82fZc+L0mnX4lg51bTe99Y4gkRMUe2gaOxxOQMISOTCe7z8fTNBBxFXfDWxEBbIp
d98ScZKvIfZCJlT0xk4BiJxklSm3pZAcaVj/Lxei4fu19nyw+55yErXWhZxmYX4Z9d0h
OaKo6vdnKTuwpruyiT2z6P2h+43tL3V4FMmuEuuOiKWC+3kyERusZyr9aP/fk2xKIQZB
E6yZHNFqjqzU6nuMeHSWoZ20JyjrlgMUHrhYzr800xon9Qa/7ZlhzswZi9+L+NiFMdh8
su9w==
X-Gm-Message-State: AOAM531RV54sKvTOeSfzyIrpA5gUJ84XkRfewJQE/B6yvidocCil8lOc
TQTJyx10iXhTtNjqWNSrpeAL8CAa
X-Google-Smtp-Source:
ABdhPJwyfC/4NYUa6wCZwbBzFDGejSzFIQO1DPCujZ5vDh+aTzphbKja4xduSCQBbRF1nqYoWG+T4w==
X-Received: by 2002:ac8:46d6:: with SMTP id
h22mr27317120qto.145.1591104700970;
Tue, 02 Jun 2020 06:31:40 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 01/10] docs: documentation and schema for the new TPM Proxy
model
Date: Tue, 2 Jun 2020 10:30:58 -0300
Message-Id: <20200602133107.1987182-2-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
QEMU 4.1.0 introduced a new device type called TPM Proxy, currently
implemented by PPC64 guests via a new virtual device called
'spapr-tpm-proxy' (see QEMU 0fb6bd073230 for more info).
The TPM Proxy device interacts with a TPM Resource Manager, a host
device capable of multiplexing the host TPM with multiple processes.
This allows multiple guests to access some TPM features at the
same time. Note that this mode of operation does not provide
full TPM features to be available for the guest - for that case
the guest still needs to assign a vTPM device (tpm-spapr for
PPC64 guests). Although redundant, there is currently no technical
limitation for a guest to assign both a vTPM and a TPM Proxy at the
same time.
This patch adds documentation and schema for a new TPM model
type called 'spapr-tpm-proxy' that creates this new TPM Proxy
device. This model is valid only for the 'passthrough' backend.
An example of a TPM Proxy device connected to a TPM Resource Manager
'/dev/tpmrm0' will look like this:
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
docs/formatdomain.html.in | 19 ++++++++++++++++++-
docs/schemas/domaincommon.rng | 1 +
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 33cec1e6dd..769f01bf27 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -8798,6 +8798,18 @@ qemu-kvm -net nic,model=3D? /dev/null
backend device is a TPM 2.0. Since 6.1.0=
span>,
pSeries guests on PPC64 are supported and the default is
tpm-spapr
.
+
+ Since 6.4.0, a new model called
+ spapr-tpm-proxy
was added for pSeries guests. This =
model
+ only works with the passthrough
backend. It creates=
a
+ TPM Proxy device that communicates with an existing TPM Resource=
Manager
+ in the host, for example /dev/tpmrm0
, enabling the =
guest to
+ run in secure virtual machine mode with the help of an Ultraviso=
r. Adding
+ a TPM Proxy to a pSeries guest brings no security benefits unles=
s the guest
+ is running on a PPC64 host that has an Ultravisor and a TPM Reso=
urce Manager.
+ Only one TPM Proxy device is allowed per guest, but a TPM Proxy =
device can
+ be added together with
+ other TPM devices.
backend
@@ -8810,7 +8822,7 @@ qemu-kvm -net nic,model=3D? /dev/null
passthrough
- Use the host's TPM device.
+ Use the host's TPM or TPM Resource Manager device.
This backend type requires exclusive access to a TPM device =
on
@@ -8818,6 +8830,11 @@ qemu-kvm -net nic,model=3D? /dev/null
qualified file name is specified by path attribute of the
source
element. If no file name is specified th=
en
/dev/tpm0 is automatically used.
+
+ Since 6.4.0, when choosing the
+ spapr-tpm-proxy
model, the file name specified =
is
+ expected to be a TPM Resource Manager device, e.g.
+ /dev/tpmrm0
.
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 6727cd743b..b13cd2b330 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -4618,6 +4618,7 @@
tpm-tis
tpm-crb
tpm-spapr
+ spapr-tpm-proxy
--=20
2.26.2
From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.61 as permitted sender) client-ip=205.139.110.61;
envelope-from=libvir-list-bounces@redhat.com;
helo=us-smtp-delivery-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104722; cv=none;
d=zohomail.com; s=zohoarc;
b=RJpslvSOjZDQYnvnBOCA56wI7E0TUEl0McMyDLiUfGFUVKmpHHQMoXWScWOudRDXlAtaMQb1Ae9DnGi4gU1IFJwP6abq2DNN2WJM3wWw5zT9krFPbhlnYCgV9ozrmUxHrLzRQvpPJAsWDZkb3Uobd9z3j3HKX4+czIPpciGimAQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104722;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=YdMzy8q3rDIy20XXT/tbOsLbHZqLPMA2JyWCMq3bFZ0=;
b=WkABkI/ESFHgX4JLM8deDaLq+A0e93FQn2E8nbWBkwibyolktHXm2qWmAhzMk581s8VPr4Q6DrXx3f7txNaBlAO6JEKXCxLyS6zH/W5ha9VIoEL79hVIxh6cno3hkLUyREMut2bfxgf6VoIHjEGLqioXjfGjksq9G/4fktlDL60=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com
[205.139.110.61]) by mx.zohomail.com
with SMTPS id 1591104722660627.451275585459;
Tue, 2 Jun 2020 06:32:02 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-48-kpj45rcbMSO5nUZ5pwZvPg-1; Tue, 02 Jun 2020 09:31:57 -0400
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
[10.5.11.22])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C9F86107ACCA;
Tue, 2 Jun 2020 13:31:51 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 2E24A10016E8;
Tue, 2 Jun 2020 13:31:51 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8C63F97017;
Tue, 2 Jun 2020 13:31:49 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
[10.11.54.6])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DVlse007266 for ;
Tue, 2 Jun 2020 09:31:47 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 18FB52156A4D; Tue, 2 Jun 2020 13:31:47 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18])
by smtp.corp.redhat.com (Postfix) with ESMTPS id E69802156A2D
for ; Tue, 2 Jun 2020 13:31:46 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 308E28007A4
for ; Tue, 2 Jun 2020 13:31:46 +0000 (UTC)
Received: from mail-qk1-f194.google.com (mail-qk1-f194.google.com
[209.85.222.194]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-120-7uqz-h4wMMe8E0ItoJAMPQ-1; Tue, 02 Jun 2020 09:31:44 -0400
Received: by mail-qk1-f194.google.com with SMTP id 205so12473922qkg.3;
Tue, 02 Jun 2020 06:31:43 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.41
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:31:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104721;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=YdMzy8q3rDIy20XXT/tbOsLbHZqLPMA2JyWCMq3bFZ0=;
b=ewATOCE3Jl8YM2LKC8Cn0frhMpDKnDSRCG95GRBXrB+XMzIjBBlIjIYXpKRSRmh9BD/mFE
mzdABICIEVOygy6iSCHDmO75Ei8wBLgp6lYo1KyQcXUq2NazYMpefNzhQl+czuhARM8yjM
4mh9wCkGVIngSODTr546WcsIMD2cHHs=
X-MC-Unique: kpj45rcbMSO5nUZ5pwZvPg-1
X-MC-Unique: 7uqz-h4wMMe8E0ItoJAMPQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=YdMzy8q3rDIy20XXT/tbOsLbHZqLPMA2JyWCMq3bFZ0=;
b=CHhNEwDN+kM49ZLVfAEjtXCQ4hIDj2m05ZQmiPURbpcRZzqLkjZ8A/D8huXYELMkkz
bATdceVNg78LselgIps/+xKzGD1txcdWypG16N6xVD7Tg2QkFVf2UTOB0eYxcePVWEEI
/yAIHT/N9d9qFo7sJxUSvBwDF3Fyh9IR5aIql4dlWmHpDPvX10oSP9mAZOmGpFF4nS1Z
3ayC902Y2YlaO9JJ73tCxQvjapjo5XlCyiNBy1swHXXuKBWLOki6F3ae3OoMkEdfwCBU
/YmlvebArzA2nzOwOOID0q3Qu+bM0xdEBRuH2kBsUfcgxyt85ev8AoDoMoECBLqHseZt
+Dsw==
X-Gm-Message-State: AOAM533uFsnWbQX1dyoh2x9ylu1fRcmPoSQeqE9nMk5hev+OhFUdBN94
ort2v18WKTcon3WNTPNZGypt1KCe
X-Google-Smtp-Source:
ABdhPJy2RJ3fiOk5PCME1tHdBHcznHOPLaC99HwKaMULdBAqxQpsvq1Se8swIlPQy1bAm7t0Jg/Spw==
X-Received: by 2002:a37:a056:: with SMTP id
j83mr27125086qke.329.1591104703107;
Tue, 02 Jun 2020 06:31:43 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 02/10] qemu: Extend QEMU capabilities with
'spapr-tpm-proxy'
Date: Tue, 2 Jun 2020 10:30:59 -0300
Message-Id: <20200602133107.1987182-3-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Expose the TPM Proxy support for PPC64 guests by creating a new
cap called QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY.
This device is part of the machinery the guest need to orchestrate
with the PPC64 Ultravisor the transition to the Secure VM (SVM)
mode. Inside QEMU, this device will be used with the H_TPM_COMM
hypercall to connect with the TPM Resource Manager, enabling
the guest to open and close TPM sessions with the host TPM.
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Reviewed-by: J=C3=A1n Tomko
Signed-off-by: Daniel Henrique Barboza
---
src/qemu/qemu_capabilities.c | 4 ++++
src/qemu/qemu_capabilities.h | 3 +++
tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 +
4 files changed, 9 insertions(+)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index f12769635a..1b40735b6c 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -582,6 +582,9 @@ VIR_ENUM_IMPL(virQEMUCaps,
"tcg",
"virtio-blk-pci.scsi.default.disabled",
"pvscsi",
+
+ /* 370 */
+ "spapr-tpm-proxy",
);
=20
=20
@@ -1306,6 +1309,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[=
] =3D {
{ "vhost-user-fs-device", QEMU_CAPS_DEVICE_VHOST_USER_FS },
{ "tcg-accel", QEMU_CAPS_TCG },
{ "pvscsi", QEMU_CAPS_SCSI_PVSCSI },
+ { "spapr-tpm-proxy", QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY },
};
=20
=20
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 076ecad0f7..478cd2398f 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -564,6 +564,9 @@ typedef enum { /* virQEMUCapsFlags grouping marker for =
syntax-check */
QEMU_CAPS_VIRTIO_BLK_SCSI_DEFAULT_DISABLED, /* virtio-blk-pci.scsi dis=
abled by default */
QEMU_CAPS_SCSI_PVSCSI, /* -device pvscsi */
=20
+ /* 370 */
+ QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY, /* -device spapr-tpm-proxy */
+
QEMU_CAPS_LAST /* this must always be the last item */
} virQEMUCapsFlags;
=20
diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemuca=
pabilitiesdata/caps_4.2.0.ppc64.xml
index eeec181f62..b6b226da51 100644
--- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml
+++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml
@@ -185,6 +185,7 @@
+
4001050
0
42900242
diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemuca=
pabilitiesdata/caps_5.0.0.ppc64.xml
index 69e5b4c8fa..ee5ab416aa 100644
--- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml
+++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml
@@ -201,6 +201,7 @@
+
5000000
0
42900241
--=20
2.26.2
From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.61 as permitted sender) client-ip=205.139.110.61;
envelope-from=libvir-list-bounces@redhat.com;
helo=us-smtp-delivery-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104732; cv=none;
d=zohomail.com; s=zohoarc;
b=eSmcTB8AB4OCrkW1vZJSfrFXOGV5OF+r4K1tNuHTtdBXZRloJCMbjk/U3ildWS+JE386S+JMStsCmb0OufkgLH7Fe3zt1sBHmngmpM38+XsbF5CWMorujrWuwo7ZIX1yuA2kyU8VsZQM3asDoowpXdkGHb0IHSogxhRqzuvHSPc=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104732;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=kYxL6wlWalU1y5ELnkI9Dp6cP38YI9EnZ+MfX6M2WEQ=;
b=bmSrwVZwZTor5RdbSa7SKZJeox3rLj/E10Qv3aRYuEE9+0QC16QLRKy7HSQGLkDVanioBFXZEaTqT879kEJZHH5RyVvHmCIRh+VGQv4G0h9W1OSV0zHaJZrYTbDz6pOm9HyNPOQ04h+oZSscg+/jZ6zerZXqUR3ChN+85fMdzX0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com
[205.139.110.61]) by mx.zohomail.com
with SMTPS id 1591104732130222.7314471237239;
Tue, 2 Jun 2020 06:32:12 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-386-VtLtqxLzMLaJAAdD6k2Bog-1; Tue, 02 Jun 2020 09:32:07 -0400
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
[10.5.11.15])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id F0C2E85B67A;
Tue, 2 Jun 2020 13:32:01 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id D14CE78F06;
Tue, 2 Jun 2020 13:32:01 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id A215797017;
Tue, 2 Jun 2020 13:32:01 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
[10.11.54.4])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DVs4U007302 for ;
Tue, 2 Jun 2020 09:31:54 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 7935D202683D; Tue, 2 Jun 2020 13:31:54 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 28A242017DCB
for ; Tue, 2 Jun 2020 13:31:48 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 572A386CB91
for ; Tue, 2 Jun 2020 13:31:48 +0000 (UTC)
Received: from mail-qt1-f171.google.com (mail-qt1-f171.google.com
[209.85.160.171]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-475-0-TboUuYNKyT2PfSldsjKQ-1; Tue, 02 Jun 2020 09:31:46 -0400
Received: by mail-qt1-f171.google.com with SMTP id k22so10566298qtm.6;
Tue, 02 Jun 2020 06:31:46 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.43
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:31:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104730;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=kYxL6wlWalU1y5ELnkI9Dp6cP38YI9EnZ+MfX6M2WEQ=;
b=RSvu1YELBLaI/7AuFjri3N6IS9yQmydhlWD8m2Pc5aO9UZtLQ3qvIHN5Fxs23apD8cOWsU
s2GjL9XfraLTDArhS9kxgOqrKH1f8gOEBa1zjd3vjLf4rzp5vvQOqg8nrp5PZFdBK0JhUg
DReuUZG83xATmmoez7ZDugSoj9SSxME=
X-MC-Unique: VtLtqxLzMLaJAAdD6k2Bog-1
X-MC-Unique: 0-TboUuYNKyT2PfSldsjKQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=kYxL6wlWalU1y5ELnkI9Dp6cP38YI9EnZ+MfX6M2WEQ=;
b=RaSAQ9pUwsn5C/EUOi71dUMxtTjUwNgupYjHFDNr5dLuE3uNCfGFwbjeQH488/E5VW
LG/p8DNWygAXrE8ayPkZVdggtDQnh8VApXE8LQt35GLtOCSoE0PV39sa9TXY/gDofcMA
plC4pj8eFCdzC7hSu02It9kcM/QFr2Z5L0kjaassD61cXgGwi8U/DCcokp7q/aK2wpxo
0J+8vP39G584MmEw6c0IKmdwRBkFlZhqvu0vcVf/72/t4s31nSbqI42rk85Olnq4VSC+
d+U64pDpAuXs1NCmbuHfoXwoIEBnECSo1cMBCxLn0QYAl2Kzsf7m9bVc1ilpxY8sqahX
rFWQ==
X-Gm-Message-State: AOAM5323MqzTmuVQOxCo/KH9oS5625jKFyF4WQ3Xw9hHW9tVViCC9Awk
qRYCzvkNgY2PCFHXD64UZ3IqcpFy
X-Google-Smtp-Source:
ABdhPJxPg0pnJ8MtO8x0MeGqVACDyZGEL/xB3pdRUfbUg4xhfJc3hTn7E4cfuQoKEIuYU7dcAJgTFw==
X-Received: by 2002:ac8:134a:: with SMTP id
f10mr27982489qtj.123.1591104705613;
Tue, 02 Jun 2020 06:31:45 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 03/10] qemu_extdevice.c: remove unneeded 'ret' variable
Date: Tue, 2 Jun 2020 10:31:00 -0300
Message-Id: <20200602133107.1987182-4-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
qemuExtDevicesInitPaths() does not need 'ret'.
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
src/qemu/qemu_extdevice.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c
index dc188e6042..8f1bd9311e 100644
--- a/src/qemu/qemu_extdevice.c
+++ b/src/qemu/qemu_extdevice.c
@@ -73,12 +73,10 @@ static int
qemuExtDevicesInitPaths(virQEMUDriverPtr driver,
virDomainDefPtr def)
{
- int ret =3D 0;
-
if (def->tpm)
- ret =3D qemuExtTPMInitPaths(driver, def);
+ return qemuExtTPMInitPaths(driver, def);
=20
- return ret;
+ return 0;
}
=20
=20
--=20
2.26.2
From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.120 as permitted sender) client-ip=205.139.110.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104734; cv=none;
d=zohomail.com; s=zohoarc;
b=PDldTni0OXRYPhZTNkMpc6n14LrvA6oF+Y4ik2c7kgL6RL9lbB31Em5R/SJPJJwWjFScFSaByBP86YXCyan+Yb4W2zdUqeySt4uxS/D7VDRK64j2GlDdFV/zqh67ef4yX6Obnj7sx1ow0y7Q2HJQLPBHXBllzg9In2eBWRadUbM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104734;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=3A4lUZNqLUYTsWe+QC0wfPP1QzWTn+Ycjeb3qHm0+Ec=;
b=HeWdUt/MoR39yZQcDqUp1+VDIfwL0xwccNPS/4mxgWZM4K/oyBCQ3oAlEfJs/nvqJJS4WQPwFb7slZKyy3qFlYDd2Kz8iriQc0rLusu7cubUw++7C251xzGPWZZTL1l1NZ4s35pR2sYiXW7fDMVnl5FScMQpGq/cAKqsiJyFniA=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120]) by mx.zohomail.com
with SMTPS id 1591104734819988.5642717989624;
Tue, 2 Jun 2020 06:32:14 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-10-eI4mK9K6PTaY93bUnxosCQ-1; Tue, 02 Jun 2020 09:32:10 -0400
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
[10.5.11.23])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id E6CEB8018A7;
Tue, 2 Jun 2020 13:32:02 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id B019D49F6;
Tue, 2 Jun 2020 13:32:02 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 77F631809557;
Tue, 2 Jun 2020 13:32:02 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
[10.11.54.6])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DVs72007297 for ;
Tue, 2 Jun 2020 09:31:54 -0400
Received: by smtp.corp.redhat.com (Postfix)
id E04A42156709; Tue, 2 Jun 2020 13:31:53 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 944142156A53
for ; Tue, 2 Jun 2020 13:31:53 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A044F85338F
for ; Tue, 2 Jun 2020 13:31:51 +0000 (UTC)
Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com
[209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-81-FkV0mWSlMT6Bmsx2QwwaMA-1; Tue, 02 Jun 2020 09:31:49 -0400
Received: by mail-qt1-f194.google.com with SMTP id g18so10547548qtu.13;
Tue, 02 Jun 2020 06:31:48 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.45
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:31:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104733;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=3A4lUZNqLUYTsWe+QC0wfPP1QzWTn+Ycjeb3qHm0+Ec=;
b=RJxuw1YFCvD8w2CS80+QNlxb7m0kIkbrRx962f4QJg8ujpHLTOvaymSD8Arxwyb9gy1+Do
uGTgpFWp9kqTEhWogAWmd+whWtG3nJYZxt/zMnEZwoahMby75RbcEBAX5FK1iFg4xy0puR
LgFZB4eCVohnJp/ULFsA7criF0by2us=
X-MC-Unique: eI4mK9K6PTaY93bUnxosCQ-1
X-MC-Unique: FkV0mWSlMT6Bmsx2QwwaMA-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=3A4lUZNqLUYTsWe+QC0wfPP1QzWTn+Ycjeb3qHm0+Ec=;
b=TKblDaWSMz5ivjwOUSVjji3cGzWNHPUdh3NrIBxBtz/GWSbXS1sTSYpbvQWZ8CEUtA
V8MQ03jIEfSHK922UAE0loxKj8VQCjImEnl2YKdA5QcIqqXNEPE/QiZz06ds+rW4FVgX
+jpl6h25dRLfyZn3RZhXzSE0xL9bD8wh36NZfQvZpiNg+vxNNQEt3WqDtDmvtZJlu5Q5
6ZoYmlWlE8HvTOajKM0cxb0tf3bq0CcG5TduoRGK2nHQlDJFvNR3v9vQUPXRV+miaiZX
TnpECuE+KpgxgxvwP5rgNaCBn0hexMdu7etvOl5Kc9JQG0iLZRUbo+6PO2GnB7oLkciO
KXWg==
X-Gm-Message-State: AOAM532KARAabPfgmmYlgW3To7Ir+ndKIPA4g8lVUSVqYxJ/x92vCXxD
/xmNztUdg6aVv9hiyzaL+PD9nvZ/
X-Google-Smtp-Source:
ABdhPJyHGfJZMkpmH/X3zYByNN43IZyneIlbu3UY0OfYqOP+xku7lWNPqWvZgenTCfGlfO6EUM7qiw==
X-Received: by 2002:aed:3fd4:: with SMTP id
w20mr27629191qth.350.1591104707769;
Tue, 02 Jun 2020 06:31:47 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 04/10] qemu_tpm, security,
tests: change 'switch' clauses for 'if'
Date: Tue, 2 Jun 2020 10:31:01 -0300
Message-Id: <20200602133107.1987182-5-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
This trivial rework is aimed to reduce the amount of line changes
made by the next patch, when 'def->tpm' will become a 'def->tpms'
array.
Instead of using a 'switch' where only the VIR_DOMAIN_TPM_TYPE_EMULATOR
label does something, use an 'if' clause instead.
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
src/qemu/qemu_tpm.c | 44 +++++----------------------------
src/security/security_selinux.c | 16 ++----------
src/security/virt-aa-helper.c | 7 +-----
tests/qemuxml2argvtest.c | 7 +-----
4 files changed, 10 insertions(+), 64 deletions(-)
diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index fe567f440c..afec0e5328 100644
--- a/src/qemu/qemu_tpm.c
+++ b/src/qemu/qemu_tpm.c
@@ -680,14 +680,9 @@ qemuExtTPMInitPaths(virQEMUDriverPtr driver,
{
g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
=20
- switch (def->tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
return qemuTPMEmulatorInitPaths(def->tpm, cfg->swtpmStorageDir,
def->uuid);
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- case VIR_DOMAIN_TPM_TYPE_LAST:
- break;
- }
=20
return 0;
}
@@ -700,8 +695,7 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver,
g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
g_autofree char *shortName =3D NULL;
=20
- switch (def->tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
shortName =3D virDomainDefGetShortName(def);
if (!shortName)
return -1;
@@ -711,9 +705,6 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver,
cfg->swtpm_group,
cfg->swtpmStateDir, cfg->user,
shortName);
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- case VIR_DOMAIN_TPM_TYPE_LAST:
- break;
}
=20
return 0;
@@ -723,15 +714,8 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver,
void
qemuExtTPMCleanupHost(virDomainDefPtr def)
{
- switch (def->tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
qemuTPMDeleteEmulatorStorage(def->tpm);
- break;
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- case VIR_DOMAIN_TPM_TYPE_LAST:
- /* nothing to do */
- break;
- }
}
=20
=20
@@ -825,15 +809,9 @@ qemuExtTPMStart(virQEMUDriverPtr driver,
{
virDomainTPMDefPtr tpm =3D vm->def->tpm;
=20
- switch (tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
return qemuExtTPMStartEmulator(driver, vm, incomingMigration);
=20
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- case VIR_DOMAIN_TPM_TYPE_LAST:
- break;
- }
-
return 0;
}
=20
@@ -845,18 +823,13 @@ qemuExtTPMStop(virQEMUDriverPtr driver,
g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
g_autofree char *shortName =3D NULL;
=20
- switch (vm->def->tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
shortName =3D virDomainDefGetShortName(vm->def);
if (!shortName)
return;
=20
qemuTPMEmulatorStop(cfg->swtpmStateDir, shortName);
qemuSecurityCleanupTPMEmulator(driver, vm);
- break;
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- case VIR_DOMAIN_TPM_TYPE_LAST:
- break;
}
=20
return;
@@ -873,8 +846,7 @@ qemuExtTPMSetupCgroup(virQEMUDriverPtr driver,
int rc;
pid_t pid;
=20
- switch (def->tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
shortName =3D virDomainDefGetShortName(def);
if (!shortName)
return -1;
@@ -886,10 +858,6 @@ qemuExtTPMSetupCgroup(virQEMUDriverPtr driver,
}
if (virCgroupAddProcess(cgroup, pid) < 0)
return -1;
- break;
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- case VIR_DOMAIN_TPM_TYPE_LAST:
- break;
}
=20
return 0;
diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index 7bb7c2b7b1..c4c0504b56 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -3499,10 +3499,7 @@ virSecuritySELinuxSetTPMLabels(virSecurityManagerPtr=
mgr,
if (seclabel =3D=3D NULL)
return 0;
=20
- switch (def->tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- break;
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
ret =3D virSecuritySELinuxSetFileLabels(
mgr, def->tpm->data.emulator.storagepath,
seclabel);
@@ -3510,9 +3507,6 @@ virSecuritySELinuxSetTPMLabels(virSecurityManagerPtr =
mgr,
ret =3D virSecuritySELinuxSetFileLabels(
mgr, def->tpm->data.emulator.logfile,
seclabel);
- break;
- case VIR_DOMAIN_TPM_TYPE_LAST:
- break;
}
=20
return ret;
@@ -3525,18 +3519,12 @@ virSecuritySELinuxRestoreTPMLabels(virSecurityManag=
erPtr mgr,
{
int ret =3D 0;
=20
- switch (def->tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- break;
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
ret =3D virSecuritySELinuxRestoreFileLabels(
mgr, def->tpm->data.emulator.storagepath);
if (ret =3D=3D 0 && def->tpm->data.emulator.logfile)
ret =3D virSecuritySELinuxRestoreFileLabels(
mgr, def->tpm->data.emulator.logfile);
- break;
- case VIR_DOMAIN_TPM_TYPE_LAST:
- break;
}
=20
return ret;
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 6e6dd1b1db..6e8f77e4dd 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -1210,8 +1210,7 @@ get_files(vahControl * ctl)
char *shortName =3D NULL;
const char *tpmpath =3D NULL;
=20
- switch (ctl->def->tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (ctl->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
shortName =3D virDomainDefGetShortName(ctl->def);
=20
switch (ctl->def->tpm->version) {
@@ -1244,10 +1243,6 @@ get_files(vahControl * ctl)
RUNSTATEDIR, shortName);
=20
VIR_FREE(shortName);
- break;
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- case VIR_DOMAIN_TPM_TYPE_LAST:
- break;
}
}
=20
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 3103cac884..7c4b4e2134 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -438,15 +438,10 @@ testCompareXMLToArgvCreateArgs(virQEMUDriverPtr drv,
}
=20
if (vm->def->tpm) {
- switch (vm->def->tpm->type) {
- case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
VIR_FREE(vm->def->tpm->data.emulator.source.data.file.path);
vm->def->tpm->data.emulator.source.data.file.path =3D g_strdup=
("/dev/test");
vm->def->tpm->data.emulator.source.type =3D VIR_DOMAIN_CHR_TYP=
E_FILE;
- break;
- case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
- case VIR_DOMAIN_TPM_TYPE_LAST:
- break;
}
}
=20
--=20
2.26.2
From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.120 as permitted sender) client-ip=207.211.31.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104737; cv=none;
d=zohomail.com; s=zohoarc;
b=g95wjjKBZZ0difObTnfJ4vOqen55eqKg8c2yRW8o5YfnqecGssIPXazM7GkRy0cH/S5Ypd6l+YQYHkKYC3LwATbX7esjg5YZSsaO7a2v9bd4VfXfqZg0bGMq9aClfvg6Jv2oYNCq0fc8/zUYZR/jOKiF2DoB6Xvmy80FuUjJ8hY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104737;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=uDzzgub/qDp43m/awYwu9jAmi1joqGBeElNbTLOFllg=;
b=FABsRoEoU5pf8Ye1Uyy39UTLiOQowcXXigfIo3Dm49Uv9lZNSTHQYKXsPBLxzwH7SIJqsQStcIYyTGiWSRJFzxNFkrmN1e8uuEH/Ka6fPMzgF7vkIgG2YeP8PNON99Ncgb3ZxOZSlegxYVcBdTFX2Pe2zB9uOBr/8nHW6TnAuNo=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120]) by mx.zohomail.com
with SMTPS id 1591104737419471.68968567356046;
Tue, 2 Jun 2020 06:32:17 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-259-bUNuWzeBNgel-JwRjyL4vw-1; Tue, 02 Jun 2020 09:32:13 -0400
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
[10.5.11.14])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4EFEE108BD0D;
Tue, 2 Jun 2020 13:32:04 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 2F3D75D9DD;
Tue, 2 Jun 2020 13:32:04 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id F29999701E;
Tue, 2 Jun 2020 13:32:03 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
[10.11.54.4])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DVuP6007320 for ;
Tue, 2 Jun 2020 09:31:56 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 262012029F71; Tue, 2 Jun 2020 13:31:56 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 018922026FFE
for ; Tue, 2 Jun 2020 13:31:55 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com
[205.139.110.61])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5CEDB1914A21
for ; Tue, 2 Jun 2020 13:31:55 +0000 (UTC)
Received: from mail-qk1-f193.google.com (mail-qk1-f193.google.com
[209.85.222.193]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-136-aGRYWchuMlGp04_vR833eQ-1; Tue, 02 Jun 2020 09:31:51 -0400
Received: by mail-qk1-f193.google.com with SMTP id g28so11730334qkl.0;
Tue, 02 Jun 2020 06:31:51 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.47
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:31:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104736;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=uDzzgub/qDp43m/awYwu9jAmi1joqGBeElNbTLOFllg=;
b=GKF4MNNXqJV6VszYFQ0tFHRUdMBFpjGTbb7+ovo768jpy2k8QOLMQHvONWP+sz5l2praXW
5lNGQiIzb+sreY44C7OcbcEWHvPXZkY2rh6wdH0YqKKVcDeoxiREX1X7Mg0v5t+xHGJdYV
bsVQCEq59OOV6/LOAAyL6mGHEY0FMCQ=
X-MC-Unique: bUNuWzeBNgel-JwRjyL4vw-1
X-MC-Unique: aGRYWchuMlGp04_vR833eQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=uDzzgub/qDp43m/awYwu9jAmi1joqGBeElNbTLOFllg=;
b=G65rv0YscGSiRCX2RX6vHHl2h13xkgluFVECgOf+0XDN8POSaoue5Coo0TD82nEPRf
xcecX1Vr1/7enbCTmClx5yJgF9jYe4AJ/zZD+ygRAZ552wPTN/6ec6JMOeBEC9ebEAlS
eftEAlp0HqXgaPdaX5p+ix7e04wzGXffSP4WwGju3lHKIRGqyPDOJDmoloAlegJW5j1O
YUY0pbPfxbBf8oERpf4SrXu1Dlb7KUp7qDtZ2ywjxD342mJSHlU9RFcnoCSnS5w9wCpK
MhAWaK5UEtC3DjwK6UZ19Mc0f7OErQj8uhUUgsENdQGrmRIGdbYfcs61xlOEZS4V67kC
Ewnw==
X-Gm-Message-State: AOAM5325X9BDMrPV85J+UgXzm3w8VaXkA/c2K/GwP5QzC0+6d7FH4Q7s
xthsfZJmpSRzaUUDoSRC1fwOHPR/
X-Google-Smtp-Source:
ABdhPJyyaP7DhJyk+3UBpMyHmtJorOPWZzznBcGBLg7hNGbjevBQHLN9K2CdNMm0iq20UV28y2P1xw==
X-Received: by 2002:a37:7743:: with SMTP id
s64mr23555870qkc.345.1591104709888;
Tue, 02 Jun 2020 06:31:49 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 05/10] conf, qemu, security,
tests: introducing 'def->tpms' array
Date: Tue, 2 Jun 2020 10:31:02 -0300
Message-Id: <20200602133107.1987182-6-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
A TPM Proxy device can coexist with a regular TPM, but the
current domain definition supports only a single TPM device
in the 'tpm' pointer. This patch replaces this existing pointer
in the domain definition to an array of TPM devices.
All files that references the old pointer were adapted to
handle the new array instead. virDomainDefParseXML() TPM related
code was adapted to handle the parsing of an extra TPM device.
TPM validations after this new scenario will be updated in
the next patch.
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
src/conf/domain_audit.c | 4 +--
src/conf/domain_conf.c | 50 +++++++++++++++++++------------
src/conf/domain_conf.h | 6 +++-
src/qemu/qemu_alias.c | 4 +--
src/qemu/qemu_cgroup.c | 10 ++++---
src/qemu/qemu_command.c | 34 ++++++++++++++-------
src/qemu/qemu_domain.c | 31 +++++++++++++-------
src/qemu/qemu_domain_address.c | 11 ++++---
src/qemu/qemu_extdevice.c | 18 +++++++-----
src/qemu/qemu_tpm.c | 52 +++++++++++++++++++++++++--------
src/security/security_dac.c | 8 ++---
src/security/security_selinux.c | 32 ++++++++++++--------
src/security/virt-aa-helper.c | 9 ++++--
tests/qemuxml2argvtest.c | 13 +++++----
14 files changed, 186 insertions(+), 96 deletions(-)
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 1b0abb21a0..8bc6633af4 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -821,8 +821,8 @@ virDomainAuditStart(virDomainObjPtr vm, const char *rea=
son, bool success)
for (i =3D 0; i < vm->def->nrngs; i++)
virDomainAuditRNG(vm, NULL, vm->def->rngs[i], "start", true);
=20
- if (vm->def->tpm)
- virDomainAuditTPM(vm, vm->def->tpm, "start", true);
+ for (i =3D 0; i < vm->def->ntpms; i++)
+ virDomainAuditTPM(vm, vm->def->tpms[i], "start", true);
=20
for (i =3D 0; i < vm->def->nshmems; i++)
virDomainAuditShmem(vm, vm->def->shmems[i], "start", true);
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 1406cf079e..899f994e23 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1165,6 +1165,7 @@ VIR_ENUM_IMPL(virDomainTPMModel,
"tpm-tis",
"tpm-crb",
"tpm-spapr",
+ "spapr-tpm-proxy",
);
=20
VIR_ENUM_IMPL(virDomainTPMBackend,
@@ -3480,7 +3481,9 @@ void virDomainDefFree(virDomainDefPtr def)
virDomainMemoryDefFree(def->mems[i]);
VIR_FREE(def->mems);
=20
- virDomainTPMDefFree(def->tpm);
+ for (i =3D 0; i < def->ntpms; i++)
+ virDomainTPMDefFree(def->tpms[i]);
+ VIR_FREE(def->tpms);
=20
for (i =3D 0; i < def->npanics; i++)
virDomainPanicDefFree(def->panics[i]);
@@ -4313,10 +4316,10 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr =
def,
if ((rc =3D cb(def, &device, &def->shmems[i]->info, opaque)) !=3D =
0)
return rc;
}
- if (def->tpm) {
- device.type =3D VIR_DOMAIN_DEVICE_TPM;
- device.data.tpm =3D def->tpm;
- if ((rc =3D cb(def, &device, &def->tpm->info, opaque)) !=3D 0)
+ device.type =3D VIR_DOMAIN_DEVICE_TPM;
+ for (i =3D 0; i < def->ntpms; i++) {
+ device.data.tpm =3D def->tpms[i];
+ if ((rc =3D cb(def, &device, &def->tpms[i]->info, opaque)) !=3D 0)
return rc;
}
device.type =3D VIR_DOMAIN_DEVICE_PANIC;
@@ -21971,15 +21974,23 @@ virDomainDefParseXML(xmlDocPtr xml,
if ((n =3D virXPathNodeSet("./devices/tpm", ctxt, &nodes)) < 0)
goto error;
=20
- if (n > 1) {
+ if (n > 2) {
virReportError(VIR_ERR_XML_ERROR, "%s",
- _("only a single TPM device is supported"));
+ _("a maximum of two TPM devices is supported, one o=
f "
+ "them being a TPM Proxy device"));
goto error;
}
=20
- if (n > 0) {
- if (!(def->tpm =3D virDomainTPMDefParseXML(xmlopt, nodes[0], ctxt,=
flags)))
+ if (n && VIR_ALLOC_N(def->tpms, n) < 0)
+ goto error;
+
+ for (i =3D 0; i < n; i++) {
+ virDomainTPMDefPtr tpm =3D virDomainTPMDefParseXML(xmlopt, nodes[i=
],
+ ctxt, flags);
+ if (!tpm)
goto error;
+
+ def->tpms[def->ntpms++] =3D tpm;
}
VIR_FREE(nodes);
=20
@@ -24341,16 +24352,19 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPt=
r src,
goto error;
}
=20
- if (src->tpm && dst->tpm) {
- if (!virDomainTPMDefCheckABIStability(src->tpm, dst->tpm))
- goto error;
- } else if (src->tpm || dst->tpm) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("Either both target and source domains or none of=
"
- "them must have TPM device present"));
+ if (src->ntpms !=3D dst->ntpms) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Target domain TPM device count %zu "
+ "does not match source %zu"),
+ dst->ntpms, src->ntpms);
goto error;
}
=20
+ for (i =3D 0; i < src->ntpms; i++) {
+ if (!virDomainTPMDefCheckABIStability(src->tpms[i], dst->tpms[i]))
+ goto error;
+ }
+
if (src->nmems !=3D dst->nmems) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Target domain memory device count %zu "
@@ -29793,8 +29807,8 @@ virDomainDefFormatInternalSetRootName(virDomainDefP=
tr def,
goto error;
}
=20
- if (def->tpm) {
- if (virDomainTPMDefFormat(buf, def->tpm, flags) < 0)
+ for (n =3D 0; n < def->ntpms; n++) {
+ if (virDomainTPMDefFormat(buf, def->tpms[n], flags) < 0)
goto error;
}
=20
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index e152c599ca..84e36e03f4 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1294,6 +1294,7 @@ typedef enum {
VIR_DOMAIN_TPM_MODEL_TIS,
VIR_DOMAIN_TPM_MODEL_CRB,
VIR_DOMAIN_TPM_MODEL_SPAPR,
+ VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY,
=20
VIR_DOMAIN_TPM_MODEL_LAST
} virDomainTPMModel;
@@ -2624,11 +2625,14 @@ struct _virDomainDef {
size_t npanics;
virDomainPanicDefPtr *panics;
=20
+ /* At maximum 2 TPMs on the domain, if a TPM Proxy is present. */
+ size_t ntpms;
+ virDomainTPMDefPtr *tpms;
+
/* Only 1 */
virDomainWatchdogDefPtr watchdog;
virDomainMemballoonDefPtr memballoon;
virDomainNVRAMDefPtr nvram;
- virDomainTPMDefPtr tpm;
virCPUDefPtr cpu;
virSysinfoDefPtr sysinfo;
virDomainRedirFilterDefPtr redirfilter;
diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
index d6527cb046..85fdb85940 100644
--- a/src/qemu/qemu_alias.c
+++ b/src/qemu/qemu_alias.c
@@ -669,8 +669,8 @@ qemuAssignDeviceAliases(virDomainDefPtr def, virQEMUCap=
sPtr qemuCaps)
if (qemuAssignDeviceRNGAlias(def, def->rngs[i]) < 0)
return -1;
}
- if (def->tpm) {
- if (qemuAssignDeviceTPMAlias(def->tpm, 0) < 0)
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (qemuAssignDeviceTPMAlias(def->tpms[i], 0) < 0)
return -1;
}
for (i =3D 0; i < def->nmems; i++) {
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index d92202f847..eb0f03d4aa 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -332,10 +332,10 @@ qemuSetupChardevCgroupCB(virDomainDefPtr def G_GNUC_U=
NUSED,
=20
=20
static int
-qemuSetupTPMCgroup(virDomainObjPtr vm)
+qemuSetupTPMCgroup(virDomainObjPtr vm,
+ virDomainTPMDefPtr dev)
{
int ret =3D 0;
- virDomainTPMDefPtr dev =3D vm->def->tpm;
=20
switch (dev->type) {
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
@@ -805,8 +805,10 @@ qemuSetupDevicesCgroup(virDomainObjPtr vm)
vm) < 0)
return -1;
=20
- if (vm->def->tpm && qemuSetupTPMCgroup(vm) < 0)
- return -1;
+ for (i =3D 0; i < vm->def->ntpms; i++) {
+ if (qemuSetupTPMCgroup(vm, vm->def->tpms[i]) < 0)
+ return -1;
+ }
=20
for (i =3D 0; i < vm->def->nhostdevs; i++) {
/* This may allow /dev/vfio/vfio multiple times, but that
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 419eca5675..59caff08f2 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -8890,10 +8890,10 @@ qemuBuildDomainLoaderCommandLine(virCommandPtr cmd,
=20
static char *
qemuBuildTPMDevStr(const virDomainDef *def,
+ virDomainTPMDefPtr tpm,
virQEMUCapsPtr qemuCaps)
{
g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER;
- virDomainTPMDef *tpm =3D def->tpm;
const char *model =3D virDomainTPMModelTypeToString(tpm->model);
=20
virBufferAsprintf(&buf, "%s,tpmdev=3Dtpm-%s,id=3D%s",
@@ -8932,13 +8932,12 @@ qemuBuildTPMOpenBackendFDs(const char *tpmdev,
=20
=20
static char *
-qemuBuildTPMBackendStr(const virDomainDef *def,
- virCommandPtr cmd,
+qemuBuildTPMBackendStr(virCommandPtr cmd,
+ virDomainTPMDefPtr tpm,
int *tpmfd,
int *cancelfd,
char **chardev)
{
- const virDomainTPMDef *tpm =3D def->tpm;
g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER;
g_autofree char *cancel_path =3D NULL;
g_autofree char *devset =3D NULL;
@@ -8992,6 +8991,7 @@ qemuBuildTPMBackendStr(const virDomainDef *def,
static int
qemuBuildTPMCommandLine(virCommandPtr cmd,
const virDomainDef *def,
+ virDomainTPMDefPtr tpm,
virQEMUCapsPtr qemuCaps)
{
char *optstr;
@@ -9000,10 +9000,7 @@ qemuBuildTPMCommandLine(virCommandPtr cmd,
int cancelfd =3D -1;
char *fdset;
=20
- if (!def->tpm)
- return 0;
-
- if (!(optstr =3D qemuBuildTPMBackendStr(def, cmd,
+ if (!(optstr =3D qemuBuildTPMBackendStr(cmd, tpm,
&tpmfd, &cancelfd,
&chardev)))
return -1;
@@ -9032,7 +9029,7 @@ qemuBuildTPMCommandLine(virCommandPtr cmd,
VIR_FREE(fdset);
}
=20
- if (!(optstr =3D qemuBuildTPMDevStr(def, qemuCaps)))
+ if (!(optstr =3D qemuBuildTPMDevStr(def, tpm, qemuCaps)))
return -1;
=20
virCommandAddArgList(cmd, "-device", optstr, NULL);
@@ -9041,6 +9038,23 @@ qemuBuildTPMCommandLine(virCommandPtr cmd,
return 0;
}
=20
+
+static int
+qemuBuildTPMsCommandLine(virCommandPtr cmd,
+ const virDomainDef *def,
+ virQEMUCapsPtr qemuCaps)
+{
+ size_t i;
+
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (qemuBuildTPMCommandLine(cmd, def, def->tpms[i], qemuCaps) < 0)
+ return -1;
+ }
+
+ return 0;
+}
+
+
static int
qemuBuildSEVCommandLine(virDomainObjPtr vm, virCommandPtr cmd,
virDomainSEVDefPtr sev)
@@ -9720,7 +9734,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
chardevStdioLogd) < 0)
return NULL;
=20
- if (qemuBuildTPMCommandLine(cmd, def, qemuCaps) < 0)
+ if (qemuBuildTPMsCommandLine(cmd, def, qemuCaps) < 0)
return NULL;
=20
if (qemuBuildInputCommandLine(cmd, def, qemuCaps) < 0)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index d5e3d1a3cc..3173fc3a3b 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -11585,16 +11585,9 @@ qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr =
cfg G_GNUC_UNUSED,
=20
static int
qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED,
- virDomainObjPtr vm,
+ virDomainTPMDefPtr dev,
const struct qemuDomainCreateDeviceData *data)
{
- virDomainTPMDefPtr dev =3D vm->def->tpm;
-
- if (!dev)
- return 0;
-
- VIR_DEBUG("Setting up TPM");
-
switch (dev->type) {
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
if (qemuDomainCreateDevice(dev->data.passthrough.source.data.file.=
path,
@@ -11608,7 +11601,25 @@ qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GN=
UC_UNUSED,
break;
}
=20
- VIR_DEBUG("Setup TPM");
+ return 0;
+}
+
+
+static int
+qemuDomainSetupAllTPMs(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED,
+ virDomainObjPtr vm,
+ const struct qemuDomainCreateDeviceData *data)
+{
+ size_t i;
+
+ VIR_DEBUG("Setting up TPMs");
+
+ for (i =3D 0; i < vm->def->ntpms; i++) {
+ if (qemuDomainSetupTPM(cfg, vm->def->tpms[i], data) < 0)
+ return -1;
+ }
+
+ VIR_DEBUG("Setup all TPMs");
return 0;
}
=20
@@ -11834,7 +11845,7 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg,
if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0)
goto cleanup;
=20
- if (qemuDomainSetupTPM(cfg, vm, &data) < 0)
+ if (qemuDomainSetupAllTPMs(cfg, vm, &data) < 0)
goto cleanup;
=20
if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0)
diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c
index 07431343ed..4c26070022 100644
--- a/src/qemu/qemu_domain_address.c
+++ b/src/qemu/qemu_domain_address.c
@@ -268,10 +268,13 @@ qemuDomainAssignSpaprVIOAddresses(virDomainDefPtr def)
return -1;
}
=20
- if (def->tpm) {
- if (qemuDomainIsPSeries(def))
- def->tpm->info.type =3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVI=
O;
- if (qemuDomainAssignSpaprVIOAddress(def, &def->tpm->info,
+ for (i =3D 0; i < def->ntpms; i++) {
+ virDomainTPMDefPtr tpm =3D def->tpms[i];
+
+ if (tpm->model !=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY &&
+ qemuDomainIsPSeries(def))
+ tpm->info.type =3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO;
+ if (qemuDomainAssignSpaprVIOAddress(def, &tpm->info,
VIO_ADDR_TPM) < 0)
return -1;
}
diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c
index 8f1bd9311e..2fb71dd334 100644
--- a/src/qemu/qemu_extdevice.c
+++ b/src/qemu/qemu_extdevice.c
@@ -73,7 +73,7 @@ static int
qemuExtDevicesInitPaths(virQEMUDriverPtr driver,
virDomainDefPtr def)
{
- if (def->tpm)
+ if (def->ntpms > 0)
return qemuExtTPMInitPaths(driver, def);
=20
return 0;
@@ -132,7 +132,7 @@ qemuExtDevicesPrepareHost(virQEMUDriverPtr driver,
virDomainDefPtr def =3D vm->def;
size_t i;
=20
- if (def->tpm &&
+ if (def->ntpms > 0 &&
qemuExtTPMPrepareHost(driver, def) < 0)
return -1;
=20
@@ -155,7 +155,7 @@ qemuExtDevicesCleanupHost(virQEMUDriverPtr driver,
if (qemuExtDevicesInitPaths(driver, def) < 0)
return;
=20
- if (def->tpm)
+ if (def->ntpms > 0)
qemuExtTPMCleanupHost(def);
}
=20
@@ -181,7 +181,7 @@ qemuExtDevicesStart(virQEMUDriverPtr driver,
}
}
=20
- if (def->tpm && qemuExtTPMStart(driver, vm, incomingMigration) < 0)
+ if (def->ntpms > 0 && qemuExtTPMStart(driver, vm, incomingMigration) <=
0)
return -1;
=20
for (i =3D 0; i < def->nnets; i++) {
@@ -223,7 +223,7 @@ qemuExtDevicesStop(virQEMUDriverPtr driver,
qemuExtVhostUserGPUStop(driver, vm, video);
}
=20
- if (def->tpm)
+ if (def->ntpms > 0)
qemuExtTPMStop(driver, vm);
=20
for (i =3D 0; i < def->nnets; i++) {
@@ -256,8 +256,10 @@ qemuExtDevicesHasDevice(virDomainDefPtr def)
return true;
}
=20
- if (def->tpm && def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
- return true;
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (def->tpms[i]->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ return true;
+ }
=20
for (i =3D 0; i < def->nfss; i++) {
virDomainFSDefPtr fs =3D def->fss[i];
@@ -297,7 +299,7 @@ qemuExtDevicesSetupCgroup(virQEMUDriverPtr driver,
return -1;
}
=20
- if (def->tpm &&
+ if (def->ntpms > 0 &&
qemuExtTPMSetupCgroup(driver, def, cgroup) < 0)
return -1;
=20
diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index afec0e5328..8adb0e42b8 100644
--- a/src/qemu/qemu_tpm.c
+++ b/src/qemu/qemu_tpm.c
@@ -679,10 +679,15 @@ qemuExtTPMInitPaths(virQEMUDriverPtr driver,
virDomainDefPtr def)
{
g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
+ size_t i;
=20
- if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
- return qemuTPMEmulatorInitPaths(def->tpm, cfg->swtpmStorageDir,
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
+
+ return qemuTPMEmulatorInitPaths(def->tpms[i], cfg->swtpmStorageDir,
def->uuid);
+ }
=20
return 0;
}
@@ -694,13 +699,17 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver,
{
g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
g_autofree char *shortName =3D NULL;
+ size_t i;
+
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
=20
- if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
shortName =3D virDomainDefGetShortName(def);
if (!shortName)
return -1;
=20
- return qemuTPMEmulatorPrepareHost(def->tpm, cfg->swtpmLogDir,
+ return qemuTPMEmulatorPrepareHost(def->tpms[i], cfg->swtpmLogDir,
def->name, cfg->swtpm_user,
cfg->swtpm_group,
cfg->swtpmStateDir, cfg->user,
@@ -714,8 +723,14 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver,
void
qemuExtTPMCleanupHost(virDomainDefPtr def)
{
- if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
- qemuTPMDeleteEmulatorStorage(def->tpm);
+ size_t i;
+
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
+
+ qemuTPMDeleteEmulatorStorage(def->tpms[i]);
+ }
}
=20
=20
@@ -733,13 +748,13 @@ qemuExtTPMCleanupHost(virDomainDefPtr def)
static int
qemuExtTPMStartEmulator(virQEMUDriverPtr driver,
virDomainObjPtr vm,
+ virDomainTPMDefPtr tpm,
bool incomingMigration)
{
g_autoptr(virCommand) cmd =3D NULL;
int exitstatus =3D 0;
g_autofree char *errbuf =3D NULL;
g_autoptr(virQEMUDriverConfig) cfg =3D NULL;
- virDomainTPMDefPtr tpm =3D vm->def->tpm;
g_autofree char *shortName =3D virDomainDefGetShortName(vm->def);
int cmdret =3D 0, timeout, rc;
pid_t pid;
@@ -807,10 +822,15 @@ qemuExtTPMStart(virQEMUDriverPtr driver,
virDomainObjPtr vm,
bool incomingMigration)
{
- virDomainTPMDefPtr tpm =3D vm->def->tpm;
+ size_t i;
+
+ for (i =3D 0; i < vm->def->ntpms; i++) {
+ if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
=20
- if (tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
- return qemuExtTPMStartEmulator(driver, vm, incomingMigration);
+ return qemuExtTPMStartEmulator(driver, vm, vm->def->tpms[i],
+ incomingMigration);
+ }
=20
return 0;
}
@@ -822,8 +842,12 @@ qemuExtTPMStop(virQEMUDriverPtr driver,
{
g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver);
g_autofree char *shortName =3D NULL;
+ size_t i;
+
+ for (i =3D 0; i < vm->def->ntpms; i++) {
+ if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
=20
- if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
shortName =3D virDomainDefGetShortName(vm->def);
if (!shortName)
return;
@@ -845,8 +869,12 @@ qemuExtTPMSetupCgroup(virQEMUDriverPtr driver,
g_autofree char *shortName =3D NULL;
int rc;
pid_t pid;
+ size_t i;
+
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
=20
- if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
shortName =3D virDomainDefGetShortName(def);
if (!shortName)
return -1;
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 7b95a6f86d..6201c13f92 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1979,10 +1979,10 @@ virSecurityDACRestoreAllLabel(virSecurityManagerPtr=
mgr,
&chardevData) < 0)
rc =3D -1;
=20
- if (def->tpm) {
+ for (i =3D 0; i < def->ntpms; i++) {
if (virSecurityDACRestoreTPMFileLabel(mgr,
def,
- def->tpm) < 0)
+ def->tpms[i]) < 0)
rc =3D -1;
}
=20
@@ -2158,10 +2158,10 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr,
&chardevData) < 0)
return -1;
=20
- if (def->tpm) {
+ for (i =3D 0; i < def->ntpms; i++) {
if (virSecurityDACSetTPMFileLabel(mgr,
def,
- def->tpm) < 0)
+ def->tpms[i]) < 0)
return -1;
}
=20
diff --git a/src/security/security_selinux.c b/src/security/security_selinu=
x.c
index c4c0504b56..7b7c2c12b1 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2764,8 +2764,8 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManagerP=
tr mgr,
return -1;
}
=20
- if (def->tpm) {
- if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, def->tpm) <=
0)
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, def->tpms[i=
]) < 0)
rc =3D -1;
}
=20
@@ -3172,8 +3172,8 @@ virSecuritySELinuxSetAllLabel(virSecurityManagerPtr m=
gr,
return -1;
}
=20
- if (def->tpm) {
- if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpm) < 0)
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpms[i]) < 0)
return -1;
}
=20
@@ -3493,19 +3493,23 @@ virSecuritySELinuxSetTPMLabels(virSecurityManagerPt=
r mgr,
virDomainDefPtr def)
{
int ret =3D 0;
+ size_t i;
virSecurityLabelDefPtr seclabel;
=20
seclabel =3D virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAM=
E);
if (seclabel =3D=3D NULL)
return 0;
=20
- if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
+
ret =3D virSecuritySELinuxSetFileLabels(
- mgr, def->tpm->data.emulator.storagepath,
+ mgr, def->tpms[i]->data.emulator.storagepath,
seclabel);
- if (ret =3D=3D 0 && def->tpm->data.emulator.logfile)
+ if (ret =3D=3D 0 && def->tpms[i]->data.emulator.logfile)
ret =3D virSecuritySELinuxSetFileLabels(
- mgr, def->tpm->data.emulator.logfile,
+ mgr, def->tpms[i]->data.emulator.logfile,
seclabel);
}
=20
@@ -3518,13 +3522,17 @@ virSecuritySELinuxRestoreTPMLabels(virSecurityManag=
erPtr mgr,
virDomainDefPtr def)
{
int ret =3D 0;
+ size_t i;
+
+ for (i =3D 0; i < def->ntpms; i++) {
+ if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
=20
- if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
ret =3D virSecuritySELinuxRestoreFileLabels(
- mgr, def->tpm->data.emulator.storagepath);
- if (ret =3D=3D 0 && def->tpm->data.emulator.logfile)
+ mgr, def->tpms[i]->data.emulator.storagepath);
+ if (ret =3D=3D 0 && def->tpms[i]->data.emulator.logfile)
ret =3D virSecuritySELinuxRestoreFileLabels(
- mgr, def->tpm->data.emulator.logfile);
+ mgr, def->tpms[i]->data.emulator.logfile);
}
=20
return ret;
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 6e8f77e4dd..7abb6e70be 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -1206,14 +1206,17 @@ get_files(vahControl * ctl)
}
=20
=20
- if (ctl->def->tpm) {
+ if (ctl->def->ntpms > 0) {
char *shortName =3D NULL;
const char *tpmpath =3D NULL;
=20
- if (ctl->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
+ for (i =3D 0; i < ctl->def->ntpms; i++) {
+ if (ctl->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
+
shortName =3D virDomainDefGetShortName(ctl->def);
=20
- switch (ctl->def->tpm->version) {
+ switch (ctl->def->tpms[i]->version) {
case VIR_DOMAIN_TPM_VERSION_1_2:
tpmpath =3D "tpm1.2";
break;
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 7c4b4e2134..5a4ac187ef 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -437,12 +437,13 @@ testCompareXMLToArgvCreateArgs(virQEMUDriverPtr drv,
vsockPriv->vhostfd =3D 6789;
}
=20
- if (vm->def->tpm) {
- if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) {
- VIR_FREE(vm->def->tpm->data.emulator.source.data.file.path);
- vm->def->tpm->data.emulator.source.data.file.path =3D g_strdup=
("/dev/test");
- vm->def->tpm->data.emulator.source.type =3D VIR_DOMAIN_CHR_TYP=
E_FILE;
- }
+ for (i =3D 0; i < vm->def->ntpms; i++) {
+ if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR)
+ continue;
+
+ VIR_FREE(vm->def->tpms[i]->data.emulator.source.data.file.path);
+ vm->def->tpms[i]->data.emulator.source.data.file.path =3D g_strdup=
("/dev/test");
+ vm->def->tpms[i]->data.emulator.source.type =3D VIR_DOMAIN_CHR_TYP=
E_FILE;
}
=20
for (i =3D 0; i < vm->def->nvideos; i++) {
--=20
2.26.2
From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.120 as permitted sender) client-ip=205.139.110.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104741; cv=none;
d=zohomail.com; s=zohoarc;
b=Wtgz69lThh4DQWCxjoym9Yu4kSPL67pi0vwDhfTtZ6UZiA3luQa6diAAfJwVZ1Vutku0i0WtXZ4yo19kvHHJGlNY8jsroJeNcwwCHk8Ilo32hCIZibdnftjKCXodzmvRRWpoKzP8G3+vOXHBZ9dzsKTRn3PwExAzFntSlHblMW4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104741;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=hPAv/PSgrnX0CMBIsRq/2NZdEs68MMbhjBK+rTL3Fr8=;
b=dt94D6lmk1EAjH5xPqFwuYHTgCXcy1EY4VD9b3hJxOV9OzKbo0dgbWWg62CIDUeblr3yzs8S+68JlmT8almVik0qcgkSpcTxTca8LCaer2ovFFltHXQT33wXTGzgAfYPE1pzE6RFraHmZGshhXMnMk4PuxlQ/lBiB0nPdLhUgG0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120]) by mx.zohomail.com
with SMTPS id 1591104741872641.4723631614887;
Tue, 2 Jun 2020 06:32:21 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-332-1ZMD_ELYMyuJep2jO83UJA-1; Tue, 02 Jun 2020 09:32:18 -0400
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
[10.5.11.12])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 9F72B81E22C;
Tue, 2 Jun 2020 13:32:09 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 7B0056199D;
Tue, 2 Jun 2020 13:32:09 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 49F559701D;
Tue, 2 Jun 2020 13:32:09 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
[10.11.54.6])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DW7Aw007370 for ;
Tue, 2 Jun 2020 09:32:08 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 3EA11217B43B; Tue, 2 Jun 2020 13:32:07 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id B24CF2156A54
for ; Tue, 2 Jun 2020 13:31:59 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6ACB0108C273
for ; Tue, 2 Jun 2020 13:31:58 +0000 (UTC)
Received: from mail-qt1-f195.google.com (mail-qt1-f195.google.com
[209.85.160.195]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-60-0CFpPd93N7S-5j2ja1ZLbg-1; Tue, 02 Jun 2020 09:31:52 -0400
Received: by mail-qt1-f195.google.com with SMTP id k22so10566612qtm.6;
Tue, 02 Jun 2020 06:31:52 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.50
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:31:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104740;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=hPAv/PSgrnX0CMBIsRq/2NZdEs68MMbhjBK+rTL3Fr8=;
b=MTG0nTXvw3mpj9+GbJD7OjfyYI1qp4YKS2fX225LOIYhlPZcd/MTLhHUaoRpGiOuWdw9IB
0/1rtpqtHhOsOre+OLofuo0vXgu4ahxT0KZDDA9LUn+TyEFIRn8a3oyWbIZvcjM89pvI0C
9kRyynViAtZeHE2UX5n7NPnHAwMKqZ4=
X-MC-Unique: 1ZMD_ELYMyuJep2jO83UJA-1
X-MC-Unique: 0CFpPd93N7S-5j2ja1ZLbg-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=hPAv/PSgrnX0CMBIsRq/2NZdEs68MMbhjBK+rTL3Fr8=;
b=uKkxtCcERL0k6NHqudxlZsZb6wJxLvdVg6PIKGuJc0frGN+Uka1bU/3ZZl/pdsFx2a
gKPVducUj25m1VpO+zwkL7SB4b8FaPhuxuKfFOq1UnQxbigGPtWCyJWgAAzvkEHCcG3g
2+4uECS0+837fw6QEqslBW4Z07i9wHvU314WpW7VpXulDQS5krBDyZyEyPYOxEC27do5
l4gZvRqcemHfoW/TZCjjRVjN6J7A/yyZnabg+e/rBpq3saUd20beOvegBjcXF7f+3MqN
Ls+cHZRMMzUmGqAH3Hjxn4HSNoSipP8W/SoswCVIG43B/c/n1nxCAJtKNpvN6/ZCe3DS
Dl6w==
X-Gm-Message-State: AOAM533BtAGgiJG+E7sBxL6/qI2hpasf2Cue7AYGLkyOMGeFW3JENQ3d
RSvz31vgsU56b6Jv3v9rutWO79Lo
X-Google-Smtp-Source:
ABdhPJxPLPxohVNuZI7zG1o4H7AdNOgkxJAGXrg6pOzOkpgOTg39UiiXIVe9fBoRjyHtryUmtNLVsw==
X-Received: by 2002:ac8:1858:: with SMTP id
n24mr27280570qtk.189.1591104711834;
Tue, 02 Jun 2020 06:31:51 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 06/10] qemu: add validations after TPM Proxy model
introduction
Date: Tue, 2 Jun 2020 10:31:03 -0300
Message-Id: <20200602133107.1987182-7-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
Previous patch handled the conversion of def->tpm to the
array def->tpms and the XML parsing logic. This patch handles
the validations needed to ensure the intended behavior.
The existing qemuValidateDomainDeviceDefTPM() function was updated
to guarantee that the VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY model is
exclusive to PPC64 guests and to the VIR_DOMAIN_TPM_TYPE_PASSTHROUGH
backend.
A new function called qemuDomainDefTPMsPostParse() was added to guarantee
that the following combinations in the same domain are valid:
- a single TPM device
- a single TPM Proxy device
- a single TPM + single TPM Proxy devices
And these combinations in the same domain are NOT valid:
- 2 or more TPM devices
- 2 or more TPM Proxy devices
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
src/qemu/qemu_domain.c | 37 +++++++++++++++++++++++++++++++++++++
src/qemu/qemu_validate.c | 19 +++++++++++++++++++
2 files changed, 56 insertions(+)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 3173fc3a3b..b1b50f05d4 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -4953,6 +4953,40 @@ qemuDomainDefTsegPostParse(virDomainDefPtr def,
}
=20
=20
+static int
+qemuDomainDefTPMsPostParse(virDomainDefPtr def)
+{
+ virDomainTPMDefPtr proxyTPM =3D NULL;
+ virDomainTPMDefPtr regularTPM =3D NULL;
+ size_t i;
+
+ if (def->ntpms < 2)
+ return 0;
+
+ for (i =3D 0; i < def->ntpms; i++) {
+ virDomainTPMDefPtr tpm =3D def->tpms[i];
+
+ if (tpm->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) {
+ if (proxyTPM) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("only a single TPM Proxy device is suppor=
ted"));
+ return -1;
+ } else {
+ proxyTPM =3D tpm;
+ }
+ } else if (regularTPM) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("only a single TPM non-proxy device is suppor=
ted"));
+ return -1;
+ } else {
+ regularTPM =3D tpm;
+ }
+ }
+
+ return 0;
+}
+
+
static int
qemuDomainDefPostParseBasic(virDomainDefPtr def,
void *opaque G_GNUC_UNUSED)
@@ -5039,6 +5073,9 @@ qemuDomainDefPostParse(virDomainDefPtr def,
if (qemuDomainDefTsegPostParse(def, qemuCaps) < 0)
return -1;
=20
+ if (qemuDomainDefTPMsPostParse(def) < 0)
+ return -1;
+
return 0;
}
=20
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 584d1375b8..28e02ebefc 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -3623,6 +3623,25 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
case VIR_DOMAIN_TPM_MODEL_SPAPR:
flag =3D QEMU_CAPS_DEVICE_TPM_SPAPR;
break;
+ case VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY:
+ if (!ARCH_IS_PPC64(def->os.arch)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("TPM Proxy model %s is only available for "
+ "PPC64 guests"),
+ virDomainTPMModelTypeToString(tpm->model));
+ return -1;
+ }
+
+ /* TPM Proxy devices have 'passthrough' backend */
+ if (tpm->type !=3D VIR_DOMAIN_TPM_TYPE_PASSTHROUGH) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("TPM Proxy model %s requires "
+ "'Passthrough' backend"),
+ virDomainTPMModelTypeToString(tpm->model));
+ }
+
+ flag =3D QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY;
+ break;
case VIR_DOMAIN_TPM_MODEL_LAST:
default:
virReportEnumRangeError(virDomainTPMModel, tpm->model);
--=20
2.26.2
From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.120 as permitted sender) client-ip=205.139.110.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104734; cv=none;
d=zohomail.com; s=zohoarc;
b=cysgwbkv3eJ+JEPcKSKUP6LjoJOVLfm6qbmgR+6+KsJf83irjJBObudrmLng19XxIiRpPQ3OMKDtOvl7xEXCqxCpKDzBFaLUW/Ywq8sfhVz+FrdtTyTVLEOm/WlOwEbz7XaGRU/lIYXLj74LmEPbXfHeHQMBsQrQjqFZUQYEnbo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104734;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=a0EkD6FWtFVHTkmofLzTH87XhZS8bhdZ5dO4+d0WVxo=;
b=dhbxlwz5PShqYFdEvTEmpFfin1dvYioTYwaCPL0ad1Sgg26EMxzH8uHzrJOhxYZmY755fm1J5a+br4pa41LZTGT5nWkRHBgyV6kWl0G8F12KQdZA1cjlpj2ownV7XXo8aVXTkzwyWkuRu4pXLBLFYsqmWEoYYaZ8Y2hnW5MvXMg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120]) by mx.zohomail.com
with SMTPS id 1591104734799914.692386010666;
Tue, 2 Jun 2020 06:32:14 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-404-H7fh8HRaOwm3RoSmqQpe8w-1; Tue, 02 Jun 2020 09:32:10 -0400
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
[10.5.11.15])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B2EBF1009444;
Tue, 2 Jun 2020 13:32:01 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 927FE78F06;
Tue, 2 Jun 2020 13:32:01 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 681899701B;
Tue, 2 Jun 2020 13:32:01 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
[10.11.54.6])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DW0gO007336 for ;
Tue, 2 Jun 2020 09:32:00 -0400
Received: by smtp.corp.redhat.com (Postfix)
id F0F85217B433; Tue, 2 Jun 2020 13:31:59 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id AC74D2156A51
for ; Tue, 2 Jun 2020 13:31:59 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com
[205.139.110.61])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 81BA3853385
for ; Tue, 2 Jun 2020 13:31:59 +0000 (UTC)
Received: from mail-qv1-f65.google.com (mail-qv1-f65.google.com
[209.85.219.65]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-282-GEFjkhJqOxS0p_9P0EtPlw-1; Tue, 02 Jun 2020 09:31:55 -0400
Received: by mail-qv1-f65.google.com with SMTP id r16so1735714qvm.6;
Tue, 02 Jun 2020 06:31:55 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.52
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:31:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104733;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=a0EkD6FWtFVHTkmofLzTH87XhZS8bhdZ5dO4+d0WVxo=;
b=gYT/Khx7VOwsHyJWQAnqUK+PFiJV1k4PGsdluZpWNCVFGkFagh2UbUE4pGasmAh/9XevFY
DfJ9oC6JLkmpI5TlYTXV3XaYf60d2oi+UVzJIn6LVaFGGqxHv8t04F78X4LqDeXOggHMkW
r8jq//FdxJjGWFlSjDqV4yndlrQ/S9A=
X-MC-Unique: H7fh8HRaOwm3RoSmqQpe8w-1
X-MC-Unique: GEFjkhJqOxS0p_9P0EtPlw-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=a0EkD6FWtFVHTkmofLzTH87XhZS8bhdZ5dO4+d0WVxo=;
b=TR5mdC+vB5Q+ZoEHj1VMLJhi/pZHS6Lf1ro534ctjhDbrQ6UZ/MEdJOlJGWBgZJCnx
+RrWPOmFqckcVStL555AN7xhKZ+PqYLAUveedQEQCGpjzcpDCcxfFG7SChzprb3eoTRs
1nGtZMTkDCb/edZU++qro23oSzByFw5/LwalcOaOYiQefGZtEqEtZROSWp5bzmBwnJes
dOYKAHym4Kqm+kbBd47TEbAo8Byjj52MHlQyDo1gUcdL2+qrFD8B9ECXAgvFPDa8Zdil
CqWOkP/PJCpGzifzb4retf7aPD4G3V5LtB94bMU05voRHSqUTCw30NUwio//ffPY4e03
Uybg==
X-Gm-Message-State: AOAM530TwaOF3fH2LcA/kLwLM/v99v+iEzmw3q9vStliJzZ0wB1tXYW4
POC9OLIHuSawNY7BGqkC+qMD7tny
X-Google-Smtp-Source:
ABdhPJxFIlPP89BZD6Vl1PygZI63pj5SGdTDela8KxVcWiC7w/s5/Ohcbqpnm4LALFH6wJ3JlWblbQ==
X-Received: by 2002:a0c:b6d7:: with SMTP id
h23mr26851381qve.162.1591104714179;
Tue, 02 Jun 2020 06:31:54 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 07/10] tests: add XML schema tests for the TPM Proxy device
Date: Tue, 2 Jun 2020 10:31:04 -0300
Message-Id: <20200602133107.1987182-8-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
This tests aims to exercise how a TPM Proxy device can be
added in the domain, either alone or with a regular TPM
device. It also ensures that we do not allow bogus scenarios
to slip by.
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
tests/qemuxml2argvdata/ppc64-tpm-double.xml | 34 ++++++++++++++
.../ppc64-tpmproxy-double.xml | 38 +++++++++++++++
.../ppc64-tpmproxy-single.xml | 33 +++++++++++++
.../ppc64-tpmproxy-with-tpm.xml | 36 +++++++++++++++
tests/qemuxml2argvtest.c | 12 +++++
.../ppc64-tpmproxy-single.ppc64-latest.xml | 42 +++++++++++++++++
.../ppc64-tpmproxy-with-tpm.ppc64-latest.xml | 46 +++++++++++++++++++
tests/qemuxml2xmltest.c | 2 +
8 files changed, 243 insertions(+)
create mode 100644 tests/qemuxml2argvdata/ppc64-tpm-double.xml
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml
create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-la=
test.xml
create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-=
latest.xml
diff --git a/tests/qemuxml2argvdata/ppc64-tpm-double.xml b/tests/qemuxml2ar=
gvdata/ppc64-tpm-double.xml
new file mode 100644
index 0000000000..8730547a4d
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpm-double.xml
@@ -0,0 +1,34 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml b/tests/qemux=
ml2argvdata/ppc64-tpmproxy-double.xml
new file mode 100644
index 0000000000..12abda509e
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml
@@ -0,0 +1,38 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml b/tests/qemux=
ml2argvdata/ppc64-tpmproxy-single.xml
new file mode 100644
index 0000000000..729a2cdf28
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml
@@ -0,0 +1,33 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml b/tests/qem=
uxml2argvdata/ppc64-tpmproxy-with-tpm.xml
new file mode 100644
index 0000000000..a61ec9845c
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml
@@ -0,0 +1,36 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 5a4ac187ef..5feb964537 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -3064,6 +3064,18 @@ mymain(void)
QEMU_CAPS_NEC_USB_XHCI,
QEMU_CAPS_DEVICE_QEMU_XHCI);
=20
+ DO_TEST_PARSE_ERROR("ppc64-tpmproxy-double",
+ QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE,
+ QEMU_CAPS_PCI_OHCI,
+ QEMU_CAPS_DEVICE_TPM_PASSTHROUGH,
+ QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY);
+
+ DO_TEST_PARSE_ERROR("ppc64-tpm-double",
+ QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE,
+ QEMU_CAPS_PCI_OHCI,
+ QEMU_CAPS_DEVICE_TPM_PASSTHROUGH,
+ QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY);
+
DO_TEST("aarch64-usb-controller-qemu-xhci",
QEMU_CAPS_OBJECT_GPEX,
QEMU_CAPS_NEC_USB_XHCI,
diff --git a/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xm=
l b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml
new file mode 100644
index 0000000000..4e0e5f24b8
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml
@@ -0,0 +1,42 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+
+ POWER9
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.=
xml b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml
new file mode 100644
index 0000000000..9b64f914f0
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml
@@ -0,0 +1,46 @@
+
+ QEMUGuest1
+ c7a5fdbd-edaf-9455-926a-d65c16db1809
+ 219100
+ 219100
+ 1
+
+ hvm
+
+
+
+
+
+
+
+
+ POWER9
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-ppc64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
index dcc7b29ded..5a9ee18ece 100644
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@@ -609,6 +609,8 @@ mymain(void)
DO_TEST("controller-usb-order",
QEMU_CAPS_PIIX_DISABLE_S3,
QEMU_CAPS_PIIX_DISABLE_S4);
+ DO_TEST_CAPS_ARCH_LATEST("ppc64-tpmproxy-single", "ppc64");
+ DO_TEST_CAPS_ARCH_LATEST("ppc64-tpmproxy-with-tpm", "ppc64");
=20
DO_TEST_FULL("seclabel-dynamic-baselabel", WHEN_INACTIVE,
ARG_QEMU_CAPS, NONE);
--=20
2.26.2
From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
205.139.110.120 as permitted sender) client-ip=205.139.110.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104744; cv=none;
d=zohomail.com; s=zohoarc;
b=Ceun+CfbsqroHceA4a1WRycINxivx8hNxYYXr5H0K89c+Ea0zlGfkh2fSEU26vBdGjapLkuioYit7RjsGrO8/ilKQfxnjLeuHB9lWaDJKHVIR4aFBGNgPTL5TQrj70ZASR1xDTPuPaBDiKiUfv3c/2cBOaN6BSCWbPIcJ0ut9zo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104744;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=xg8DUHJRh+no17o2HJ1B6leT0z72pc3/+KxYYlgTtuY=;
b=T+z9b9Nx4N+YWzOgRff8VVvApT/Z9ZOHVYdgwlQpm8v8/cAbH13IiIxMaE56CkLqg01ayA5O0IFt84nw+9Uw9VdFDb6FOe9/h3zLOPXolbsw+bW9iggr1dnM/ML9fWk+wgSJL9khjKA+reFBwdYHS+O9m75qnvp/SZz7ClFiLYY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120]) by mx.zohomail.com
with SMTPS id 1591104744179320.4535676195919;
Tue, 2 Jun 2020 06:32:24 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-254-Zuu3QfOwNiOwyh-hFT5C2g-1; Tue, 02 Jun 2020 09:32:19 -0400
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
[10.5.11.13])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 90875461;
Tue, 2 Jun 2020 13:32:07 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 1D2FB11A9E0;
Tue, 2 Jun 2020 13:32:07 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id DB9A8180043A;
Tue, 2 Jun 2020 13:32:06 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
[10.11.54.5])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DW5rJ007355 for ;
Tue, 2 Jun 2020 09:32:05 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 5A397D0172; Tue, 2 Jun 2020 13:32:05 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 17B71D019F
for ; Tue, 2 Jun 2020 13:32:01 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[205.139.110.120])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 8559B81DA27
for ; Tue, 2 Jun 2020 13:32:01 +0000 (UTC)
Received: from mail-qk1-f195.google.com (mail-qk1-f195.google.com
[209.85.222.195]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-258-t3dXAH2LOPeENxhyzao2Zw-1; Tue, 02 Jun 2020 09:31:57 -0400
Received: by mail-qk1-f195.google.com with SMTP id w3so12446854qkb.6;
Tue, 02 Jun 2020 06:31:56 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.54
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:31:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104742;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=xg8DUHJRh+no17o2HJ1B6leT0z72pc3/+KxYYlgTtuY=;
b=RJiVzMMpiy+btlYRRDtRDxNrfzhS++kAqgZsfIK0SdirjPt92f3BvTXHDuhFCpXOOD9YVq
ViV3/u/ZNceEngtIiTym4Nj2h6aPRiQSEhH2vJh3Yek1m25oQq34ReWNaVcUljzACiXaSt
gKrdDY+7OUu4kEepvf2N61aS6OObLS8=
X-MC-Unique: Zuu3QfOwNiOwyh-hFT5C2g-1
X-MC-Unique: t3dXAH2LOPeENxhyzao2Zw-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=xg8DUHJRh+no17o2HJ1B6leT0z72pc3/+KxYYlgTtuY=;
b=eT7NPxpSf7Bc5S8wTk7Kuq2mpg51vE206aDUWPmj7eKs1Ob+uPgHKbYWHcWvfTaBTT
wpBj/bDwBVlytkOTJsguelsSLqyUXqGJ6T0xb200f8v5jGe309eNL8zUNchhZK3lwEt1
z2k08qi5+wqAEjeUWXc3giXinMwWEzfu7LJeBa4C25lvBax595RSKJMEyhWuSJL6jcYn
E9PI2FduxmsRK2dFt63Eplw2K7w19g9uMn5cYKfa0OYALKI+2zozpwJWzcRtMUCgFm14
6/GNTWHn1kPWjMAVDcHASmmBlawq/GLQBfK7Dkoj76J3dckGBr8at66lwnW0hqsP8Apd
lWdA==
X-Gm-Message-State: AOAM530AzV9gyuwWKbkTJxIaKybIuTcUe4OFDBhj5YZG8WNvaDH3lnT1
nsi2QoJE53FUJBUQDwdeBdCBZ7GO
X-Google-Smtp-Source:
ABdhPJxDpNcncq3MzmlKL3smR5rtKe7yiqRhhk3rhNBZYyKEjtZKAbyoMRK1bPeuCTvrciKbMWn5SA==
X-Received: by 2002:a37:6388:: with SMTP id
x130mr25286443qkb.458.1591104716357;
Tue, 02 Jun 2020 06:31:56 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 08/10] qemu: build command line for the TPM Proxy device
Date: Tue, 2 Jun 2020 10:31:05 -0300
Message-Id: <20200602133107.1987182-9-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
This patch wraps it up all the wiring done in previous patches,
enabling a PPC64 guest to launch a guest using a TPM Proxy
device.
Note that device validation is already being done in qemu_validate.c,
qemuValidateDomainDeviceDefTPM(), on domain define time. We don't
need to verify QEMU capabilities for this device again inside
qemu_command.c.
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
src/qemu/qemu_alias.c | 5 ++++-
src/qemu/qemu_command.c | 27 ++++++++++++++++++++++++++-
2 files changed, 30 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
index 85fdb85940..bb7145d630 100644
--- a/src/qemu/qemu_alias.c
+++ b/src/qemu/qemu_alias.c
@@ -408,7 +408,10 @@ qemuAssignDeviceTPMAlias(virDomainTPMDefPtr tpm,
if (tpm->info.alias)
return 0;
=20
- tpm->info.alias =3D g_strdup_printf("tpm%d", idx);
+ if (tpm->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY)
+ tpm->info.alias =3D g_strdup_printf("tpmproxy%d", idx);
+ else
+ tpm->info.alias =3D g_strdup_printf("tpm%d", idx);
return 0;
}
=20
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 59caff08f2..ab3828ec57 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -9039,6 +9039,26 @@ qemuBuildTPMCommandLine(virCommandPtr cmd,
}
=20
=20
+static int
+qemuBuildTPMProxyCommandLine(virCommandPtr cmd,
+ virDomainTPMDefPtr tpm)
+{
+ g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER;
+ const char *filePath =3D NULL;
+
+ filePath =3D tpm->data.passthrough.source.data.file.path;
+
+ virCommandAddArg(cmd, "-device");
+ virBufferAsprintf(&buf, "%s,id=3D%s,host-path=3D",
+ virDomainTPMModelTypeToString(tpm->model),
+ tpm->info.alias);
+ virQEMUBuildBufferEscapeComma(&buf, filePath);
+ virCommandAddArgBuffer(cmd, &buf);
+
+ return 0;
+}
+
+
static int
qemuBuildTPMsCommandLine(virCommandPtr cmd,
const virDomainDef *def,
@@ -9047,8 +9067,13 @@ qemuBuildTPMsCommandLine(virCommandPtr cmd,
size_t i;
=20
for (i =3D 0; i < def->ntpms; i++) {
- if (qemuBuildTPMCommandLine(cmd, def, def->tpms[i], qemuCaps) < 0)
+ if (def->tpms[i]->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) {
+ if (qemuBuildTPMProxyCommandLine(cmd, def->tpms[i]) < 0)
+ return -1;
+ } else if (qemuBuildTPMCommandLine(cmd, def,
+ def->tpms[i], qemuCaps) < 0) {
return -1;
+ }
}
=20
return 0;
--=20
2.26.2
From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.120 as permitted sender) client-ip=207.211.31.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104748; cv=none;
d=zohomail.com; s=zohoarc;
b=OK8lZDV10+YHPwdyg2vq+PrXuL87lAPX77Jw3GEk4og888V7BFCheC/WmleIuMS/j7bSZD50rsSk3mbILa6GOvFE78nwfEFBw4RViVqlHJ6oX3bPeYLpaQoOlLrS/wEyxf57GAXP3Hdwykh7MyBiTCcghdQ+NBE0nSztAwwoti0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104748;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=WHxxSVDBLUQjc2iFR+A5yNgfidIdJUunKBDAkZSccYk=;
b=EY6wl+5KL97tQZxnJh1Uc9h2iqrCuzOESU8eWL94+YP0P63s75LpUgMy3ucM9Zvl/GUEI7ysBZzcdHN5jqj42lw9/+JbilQi7Q0Ph8GUrmNDN/drLIG9RKlYi8V/nucgqmXvTfcry6w4MBhra9KvGaGxGRDytDQDb6fAagVH008=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120]) by mx.zohomail.com
with SMTPS id 1591104748863774.9326425206071;
Tue, 2 Jun 2020 06:32:28 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-245-s0491pUXOCa8napKVR-M5g-1; Tue, 02 Jun 2020 09:32:22 -0400
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
[10.5.11.23])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id EFD3D8015CE;
Tue, 2 Jun 2020 13:32:14 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
by smtp.corp.redhat.com (Postfix) with ESMTPS id CBF8719D71;
Tue, 2 Jun 2020 13:32:14 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9E93397020;
Tue, 2 Jun 2020 13:32:14 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
[10.11.54.4])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DWDjp007398 for ;
Tue, 2 Jun 2020 09:32:13 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 45899200C0FD; Tue, 2 Jun 2020 13:32:13 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 16B06202683E
for ; Tue, 2 Jun 2020 13:32:11 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DA8871914A30
for ; Tue, 2 Jun 2020 13:32:10 +0000 (UTC)
Received: from mail-qt1-f196.google.com (mail-qt1-f196.google.com
[209.85.160.196]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-243-oEZi-K_jOXe0HfxnUM9c-Q-1; Tue, 02 Jun 2020 09:32:02 -0400
Received: by mail-qt1-f196.google.com with SMTP id q14so10315783qtr.9;
Tue, 02 Jun 2020 06:32:01 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.56
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:31:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104745;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=WHxxSVDBLUQjc2iFR+A5yNgfidIdJUunKBDAkZSccYk=;
b=aVhH441aRB6e5ObODauipP8P1xvLqa8/Tp/dk4RnlTIxfSpB5LNrpuXAvduSm8M/NplX1O
2wY1NR5voypvR1HZfUYw6335OLsVdD3jSnquqdRIYAC0dUfiPNSeQPQKWFFv9RGT1ZieS6
4KQkZyBBAm880bthcsXTDZfm2NDInxU=
X-MC-Unique: s0491pUXOCa8napKVR-M5g-1
X-MC-Unique: oEZi-K_jOXe0HfxnUM9c-Q-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=WHxxSVDBLUQjc2iFR+A5yNgfidIdJUunKBDAkZSccYk=;
b=Y7zXjF3k+MRoIaRv+CMO6n/G29ZdT1x+g/o0O7fYW0KlYmacgD6S8hcsZ99KOF1aCY
2CtmzNzS9CDEjzwC5k8Y9NESXKsiln4sgIt2KujnNRObOxNfE+7SZWNV4A6gmj8gidDY
a75SteVoq4oaYjBvdezjAPUynak6D+42Il9Jp+Eec6Z/8pk6TwnhhdYHwpmVI7/eWdP/
e7zzikj807UcHQbW0L4g5YhY9/XZq0MO3SiOGzu4Y6N70Xe943FTw0I9PP3N2Mcnh3Ff
SwKFWaAzt33eu6kiFcPjFrC3Q1cMkjumkiHDlh9ritUrP8YvqPyQcrpZg5F59DTIuLWc
Ocdg==
X-Gm-Message-State: AOAM532UvvplgurjMyDT58uDWUuNn8+nacjXPH4hn3wjcwUL6KbdJfQ3
huYbYp0Dx33br1tr6r19AB5PyQfz
X-Google-Smtp-Source:
ABdhPJzpRDPZUCcsagrGSn85ltTHS30FyesNMXQz1SHZ5an9mIHpRyBfveGDOMZlzbKKoL/7POcPxw==
X-Received: by 2002:ac8:134a:: with SMTP id
f10mr27983613qtj.123.1591104718898;
Tue, 02 Jun 2020 06:31:58 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 09/10] tests/qemuxml2argvtest.c: add TPM Proxy command line
tests
Date: Tue, 2 Jun 2020 10:31:06 -0300
Message-Id: <20200602133107.1987182-10-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
Add tests for both supported scenarios: a single TPM Proxy and
a TPM Proxy with a regular TPM device in the same domain.
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
.../ppc64-tpmproxy-single.ppc64-latest.args | 34 +++++++++++++++++
.../ppc64-tpmproxy-with-tpm.ppc64-latest.args | 37 +++++++++++++++++++
tests/qemuxml2argvtest.c | 3 ++
3 files changed, 74 insertions(+)
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-late=
st.args
create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-la=
test.args
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args=
b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args
new file mode 100644
index 0000000000..f606cee16b
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args
@@ -0,0 +1,34 @@
+LC_ALL=3DC \
+PATH=3D/bin \
+HOME=3D/tmp/lib/domain--1-QEMUGuest1 \
+USER=3Dtest \
+LOGNAME=3Dtest \
+XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \
+XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \
+XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \
+QEMU_AUDIO_DRV=3Dnone \
+/usr/bin/qemu-system-ppc64 \
+-name guest=3DQEMUGuest1,debug-threads=3Don \
+-S \
+-object secret,id=3DmasterKey0,format=3Draw,\
+file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
+-machine pseries,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \
+-cpu POWER9 \
+-m 256 \
+-overcommit mem-lock=3Doff \
+-smp 1,sockets=3D1,cores=3D1,threads=3D1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \
+-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \
+-rtc base=3Dutc \
+-no-shutdown \
+-boot strict=3Don \
+-device pci-ohci,id=3Dusb,bus=3Dpci.0,addr=3D0x1 \
+-device spapr-tpm-proxy,id=3Dtpmproxy0,host-path=3D/dev/tpmrm0 \
+-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x6 \
+-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\
+resourcecontrol=3Ddeny \
+-msg timestamp=3Don
diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.ar=
gs b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args
new file mode 100644
index 0000000000..83eb58ae19
--- /dev/null
+++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args
@@ -0,0 +1,37 @@
+LC_ALL=3DC \
+PATH=3D/bin \
+HOME=3D/tmp/lib/domain--1-QEMUGuest1 \
+USER=3Dtest \
+LOGNAME=3Dtest \
+XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \
+XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \
+XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \
+QEMU_AUDIO_DRV=3Dnone \
+/usr/bin/qemu-system-ppc64 \
+-name guest=3DQEMUGuest1,debug-threads=3Don \
+-S \
+-object secret,id=3DmasterKey0,format=3Draw,\
+file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
+-machine pseries,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \
+-cpu POWER9 \
+-m 256 \
+-overcommit mem-lock=3Doff \
+-smp 1,sockets=3D1,cores=3D1,threads=3D1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \
+-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \
+-rtc base=3Dutc \
+-no-shutdown \
+-boot strict=3Don \
+-device pci-ohci,id=3Dusb,bus=3Dpci.0,addr=3D0x1 \
+-device spapr-tpm-proxy,id=3Dtpmproxy0,host-path=3D/dev/tpmrm0 \
+-tpmdev emulator,id=3Dtpm-tpm0,chardev=3Dchrtpm \
+-chardev socket,id=3Dchrtpm,path=3D/dev/test \
+-device tpm-spapr,tpmdev=3Dtpm-tpm0,id=3Dtpm0,reg=3D0x00004000 \
+-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x6 \
+-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\
+resourcecontrol=3Ddeny \
+-msg timestamp=3Don
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 5feb964537..83a051ed21 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -3076,6 +3076,9 @@ mymain(void)
QEMU_CAPS_DEVICE_TPM_PASSTHROUGH,
QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY);
=20
+ DO_TEST_CAPS_LATEST_PPC64("ppc64-tpmproxy-single");
+ DO_TEST_CAPS_LATEST_PPC64("ppc64-tpmproxy-with-tpm");
+
DO_TEST("aarch64-usb-controller-qemu-xhci",
QEMU_CAPS_OBJECT_GPEX,
QEMU_CAPS_NEC_USB_XHCI,
--=20
2.26.2
From nobody Wed May 1 22:55:28 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
207.211.31.120 as permitted sender) client-ip=207.211.31.120;
envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail(p=none dis=none) header.from=gmail.com
ARC-Seal: i=1; a=rsa-sha256; t=1591104743; cv=none;
d=zohomail.com; s=zohoarc;
b=kJIdTW5LNURP9H7DkTbqJtpNlEJqOmqR6lYKxFRgKXGzHS6Pj9aCEAqr702kuB4ihzbyAKNy4axR+TJuMG+uAINFgV2aV5lLYTuTOVSyNsPzJsxCHs3YbmhG5mx6fdrr/IqrJ/++G4DydP3ZvNCH2mChgRs/t1j8kGUBDFf7BWw=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc;
t=1591104743;
h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
bh=ZMAYp24gwas6jFNhFtV/ZuElh7vLFJNRYz+W4mHf0tc=;
b=mzBXvgu/4MBcHRXYeQOs9ryk8kt5/8OBnwarZeQtDMtJEHooMQBmT9wGX31vaLwwzWAQjmBYj87er1f2aKnwayW7auBA0oyF5cNkK6T+8f2T0lrEfPmLLYr8fQXtmzqniS2ZxPfJe7Hwbl7Oc0+YFbL4QsXdcv0zeIB1h7Cx4BE=
ARC-Authentication-Results: i=1; mx.zohomail.com;
dkim=pass;
spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com;
dmarc=fail header.from= (p=none dis=none)
header.from=
Return-Path:
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
[207.211.31.120]) by mx.zohomail.com
with SMTPS id 1591104743757109.40393940435604;
Tue, 2 Jun 2020 06:32:23 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
[209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-179-n7exHSrcO1CltR-x2gOzbw-1; Tue, 02 Jun 2020 09:32:19 -0400
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
[10.5.11.23])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 92CBB18FF666;
Tue, 2 Jun 2020 13:32:09 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
(colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 6E2F119D7C;
Tue, 2 Jun 2020 13:32:09 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3D0D21806B0C;
Tue, 2 Jun 2020 13:32:09 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com
[10.11.54.3])
by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
id 052DW7UP007368 for ;
Tue, 2 Jun 2020 09:32:07 -0400
Received: by smtp.corp.redhat.com (Postfix)
id 857301008C9A; Tue, 2 Jun 2020 13:32:07 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
(mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20])
by smtp.corp.redhat.com (Postfix) with ESMTPS id 101D61008B6B
for ; Tue, 2 Jun 2020 13:32:04 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com
[205.139.110.61])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
(No client certificate requested)
by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7A65F108C269
for ; Tue, 2 Jun 2020 13:32:04 +0000 (UTC)
Received: from mail-qv1-f67.google.com (mail-qv1-f67.google.com
[209.85.219.67]) (Using TLS) by relay.mimecast.com with ESMTP id
us-mta-350-AUGHDGxuNKGbe7l9ixKY0g-1; Tue, 02 Jun 2020 09:32:02 -0400
Received: by mail-qv1-f67.google.com with SMTP id p15so1729347qvr.9;
Tue, 02 Jun 2020 06:32:01 -0700 (PDT)
Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c])
by smtp.gmail.com with ESMTPSA id
c58sm2735424qtd.27.2020.06.02.06.31.59
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 02 Jun 2020 06:32:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
s=mimecast20190719; t=1591104742;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:
content-transfer-encoding:content-transfer-encoding:
in-reply-to:in-reply-to:references:references:list-id:list-help:
list-unsubscribe:list-subscribe:list-post;
bh=ZMAYp24gwas6jFNhFtV/ZuElh7vLFJNRYz+W4mHf0tc=;
b=AyjFITbFkgMfAdB9DgWlwDgnhYWlH4u2saFM0VXi9vG85bGqykllV7fntFVzDpshCacKrX
aExUULRPHKO83sWGl6ez/PQNtONgq16j4CXuIoU3ptFlu5UP1ltIEJ8vo7H7D3F/iwfuJd
SY63RXR6HI44eChlrMzsivprsAiE7To=
X-MC-Unique: n7exHSrcO1CltR-x2gOzbw-1
X-MC-Unique: AUGHDGxuNKGbe7l9ixKY0g-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
:references:mime-version:content-transfer-encoding;
bh=ZMAYp24gwas6jFNhFtV/ZuElh7vLFJNRYz+W4mHf0tc=;
b=b3t7KlA3plVVdjofGmEGZ+lvzlgt1BUjJb3Poor6fv+4mmmCKArtkgcjRPl/tdQ67w
CPz5ONAdd6N+UYwG3zoW0Jkap5ge6Ll6sZSUpyJPGE5vuVVQxzB26DvNVe1Si1duNuPn
l+s5u2U8zY3P+XQcz6lCLUpL2fpP1URcRxcklQS8MQS62Rgp8iKhM6R4IDhqPNR/Ft1s
GQsB3ACWMWvsvY+CkTSnPzY2k8CSNN7xMKc7JQW1Gh70iunaJJbHXbVqnXYvkMQmpp7f
bsumM5Bi31xNhbfIj+m8M6jlHXVkB8CCP4NFOv2Am77Ft1B4mDR2TkJfBoR9yr/31Lg4
H2tQ==
X-Gm-Message-State: AOAM530cd15TpAhVaSr14r88eY96ms3uu7ajEWqJLQW6b90XG0XsRWzH
aydLGqzxQiPHyZkGsYMZUDUm2r27
X-Google-Smtp-Source:
ABdhPJwCb/M8qRGh4/U4mxmaUl5vMWXDuaT2oUXmSE+cRe7znzSlO/pnEejBJNJYPhFgRMMI8wDGzw==
X-Received: by 2002:a0c:d78f:: with SMTP id
z15mr25341738qvi.178.1591104721349;
Tue, 02 Jun 2020 06:32:01 -0700 (PDT)
From: Daniel Henrique Barboza
To: libvir-list@redhat.com
Subject: [PATCH v6 10/10] docs/news.xml: update for the new TPM Proxy device
Date: Tue, 2 Jun 2020 10:31:07 -0300
Message-Id: <20200602133107.1987182-11-danielhb413@gmail.com>
In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com>
References: <20200602133107.1987182-1-danielhb413@gmail.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3
X-loop: libvir-list@redhat.com
Cc: Daniel Henrique Barboza , jtomko@redhat.com,
stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com,
david@gibson.dropbear.id.au
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"
Tested-by: Satheesh Rajendran
Reviewed-by: Stefan Berger
Signed-off-by: Daniel Henrique Barboza
---
docs/news.xml | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/docs/news.xml b/docs/news.xml
index 18d96af048..fc41e53d1d 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -44,6 +44,23 @@
+
+
+ qemu: add TPM Proxy device support
+
+
+ libvirt can now create guests using a new device type called
+ "TPM Proxy". The TPM Proxy connects to a TPM Resource Manager
+ present in the host, enabling the guest to run in secure virtual
+ machine mode with the help of an Ultravisor. Adding a TPM Proxy =
to
+ a pSeries guest brings no security benefits unless the guest is
+ running on a PPC64 host that has Ultravisor and TPM Resource Man=
ager
+ support. Only one TPM Proxy is allowed per guest. A guest using
+ a TPM Proxy device can instantiate another TPM device at the same
+ time. This device is supported only for pSeries guests via the n=
ew
+ 'spapr-tpm-proxy' model of the TPM 'passthrough' backend.
+
+
--=20
2.26.2