From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104722; cv=none; d=zohomail.com; s=zohoarc; b=VAcFoj29vmr4DpV0qR4otQw1mv8AQapSGxvWzygjJDzkRosWsMcRUe3V7+pyHmoJ8xmEhxqAtn2PZcoxdNDtOfDWemmj08iIfKuEIwemLAoFq0v8Mz0hg+RlXZHKSGDxPXMTwkzHWm4ux91ad7J0vNYJBG/JvKF7P1Dmfobo+p0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104722; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=p7zUQ28sFmtovDmVX/BqznHpgeN8gtV5KGuQdvtiC3I=; b=AKTbWYc/DBf0lopkeERgJIKMKvIltXk6g/GTHVph8jOQIUaP6VXQLl5tCuo53ePoDzODi668V7aEHfnwc+nHOHXpF6Fzyq/NJ65ggshyVTd6tBLFE7HCnMPoGYKRGQGgbEvJ0/rdJZrwMuzBgMMoA6djotuHH89MTKmly3moj5c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1591104722373886.5859409237211; Tue, 2 Jun 2020 06:32:02 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-477-UWoz52F3NgyTtZyvv6tvyQ-1; Tue, 02 Jun 2020 09:31:57 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C5FBB1009457; Tue, 2 Jun 2020 13:31:50 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 161E85C298; Tue, 2 Jun 2020 13:31:50 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B9D4497016; Tue, 2 Jun 2020 13:31:48 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DVkMD007261 for ; Tue, 2 Jun 2020 09:31:46 -0400 Received: by smtp.corp.redhat.com (Postfix) id ADDEB10DCF6C; Tue, 2 Jun 2020 13:31:46 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8CA1310EE79F for ; Tue, 2 Jun 2020 13:31:44 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 38C1286CB81 for ; Tue, 2 Jun 2020 13:31:44 +0000 (UTC) Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com [209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-218-f-vOYDmmMuqZO-SnYA_6Dg-1; Tue, 02 Jun 2020 09:31:41 -0400 Received: by mail-qt1-f194.google.com with SMTP id q14so10314809qtr.9; Tue, 02 Jun 2020 06:31:41 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104721; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=p7zUQ28sFmtovDmVX/BqznHpgeN8gtV5KGuQdvtiC3I=; b=bg8VWwDQyRivvLO0bbLHJfWUVWIt8c+jqVSVEY3WZflIr5RYrhi2hO30rhyRutOfSlHKdW F5QHslKoJl7s0ee8z8aUwushhFHqhISrCgHU9VKJQcmcgeFFEotFbY5PrIyoyDfLeX1uwS PeZd/wC6wkr+ZE03v1ZHFe+9mNAexpc= X-MC-Unique: UWoz52F3NgyTtZyvv6tvyQ-1 X-MC-Unique: f-vOYDmmMuqZO-SnYA_6Dg-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=p7zUQ28sFmtovDmVX/BqznHpgeN8gtV5KGuQdvtiC3I=; b=sIWieXmtNKQiW+Dp6ytO/MRsHJgdIBGaI4eUWMOlPkoLBCXdkiPSld0YDkHJdJRXzf b0rC82fZc+L0mnX4lg51bTe99Y4gkRMUe2gaOxxOQMISOTCe7z8fTNBBxFXfDWxEBbIp d98ScZKvIfZCJlT0xk4BiJxklSm3pZAcaVj/Lxei4fu19nyw+55yErXWhZxmYX4Z9d0h OaKo6vdnKTuwpruyiT2z6P2h+43tL3V4FMmuEuuOiKWC+3kyERusZyr9aP/fk2xKIQZB E6yZHNFqjqzU6nuMeHSWoZ20JyjrlgMUHrhYzr800xon9Qa/7ZlhzswZi9+L+NiFMdh8 su9w== X-Gm-Message-State: AOAM531RV54sKvTOeSfzyIrpA5gUJ84XkRfewJQE/B6yvidocCil8lOc TQTJyx10iXhTtNjqWNSrpeAL8CAa X-Google-Smtp-Source: ABdhPJwyfC/4NYUa6wCZwbBzFDGejSzFIQO1DPCujZ5vDh+aTzphbKja4xduSCQBbRF1nqYoWG+T4w== X-Received: by 2002:ac8:46d6:: with SMTP id h22mr27317120qto.145.1591104700970; Tue, 02 Jun 2020 06:31:40 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 01/10] docs: documentation and schema for the new TPM Proxy model Date: Tue, 2 Jun 2020 10:30:58 -0300 Message-Id: <20200602133107.1987182-2-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" QEMU 4.1.0 introduced a new device type called TPM Proxy, currently implemented by PPC64 guests via a new virtual device called 'spapr-tpm-proxy' (see QEMU 0fb6bd073230 for more info). The TPM Proxy device interacts with a TPM Resource Manager, a host device capable of multiplexing the host TPM with multiple processes. This allows multiple guests to access some TPM features at the same time. Note that this mode of operation does not provide full TPM features to be available for the guest - for that case the guest still needs to assign a vTPM device (tpm-spapr for PPC64 guests). Although redundant, there is currently no technical limitation for a guest to assign both a vTPM and a TPM Proxy at the same time. This patch adds documentation and schema for a new TPM model type called 'spapr-tpm-proxy' that creates this new TPM Proxy device. This model is valid only for the 'passthrough' backend. An example of a TPM Proxy device connected to a TPM Resource Manager '/dev/tpmrm0' will look like this: Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- docs/formatdomain.html.in | 19 ++++++++++++++++++- docs/schemas/domaincommon.rng | 1 + 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 33cec1e6dd..769f01bf27 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -8798,6 +8798,18 @@ qemu-kvm -net nic,model=3D? /dev/null backend device is a TPM 2.0. Since 6.1.0, pSeries guests on PPC64 are supported and the default is tpm-spapr. + + Since 6.4.0, a new model called + spapr-tpm-proxy was added for pSeries guests. This = model + only works with the passthrough backend. It creates= a + TPM Proxy device that communicates with an existing TPM Resource= Manager + in the host, for example /dev/tpmrm0, enabling the = guest to + run in secure virtual machine mode with the help of an Ultraviso= r. Adding + a TPM Proxy to a pSeries guest brings no security benefits unles= s the guest + is running on a PPC64 host that has an Ultravisor and a TPM Reso= urce Manager. + Only one TPM Proxy device is allowed per guest, but a TPM Proxy = device can + be added together with + other TPM devices.

backend
@@ -8810,7 +8822,7 @@ qemu-kvm -net nic,model=3D? /dev/null
passthrough

- Use the host's TPM device. + Use the host's TPM or TPM Resource Manager device.

This backend type requires exclusive access to a TPM device = on @@ -8818,6 +8830,11 @@ qemu-kvm -net nic,model=3D? /dev/null qualified file name is specified by path attribute of the source element. If no file name is specified th= en /dev/tpm0 is automatically used. + + Since 6.4.0, when choosing the + spapr-tpm-proxy model, the file name specified = is + expected to be a TPM Resource Manager device, e.g. + /dev/tpmrm0.

diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 6727cd743b..b13cd2b330 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -4618,6 +4618,7 @@ tpm-tis tpm-crb tpm-spapr + spapr-tpm-proxy --=20 2.26.2 From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104722; cv=none; d=zohomail.com; s=zohoarc; b=RJpslvSOjZDQYnvnBOCA56wI7E0TUEl0McMyDLiUfGFUVKmpHHQMoXWScWOudRDXlAtaMQb1Ae9DnGi4gU1IFJwP6abq2DNN2WJM3wWw5zT9krFPbhlnYCgV9ozrmUxHrLzRQvpPJAsWDZkb3Uobd9z3j3HKX4+czIPpciGimAQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104722; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=YdMzy8q3rDIy20XXT/tbOsLbHZqLPMA2JyWCMq3bFZ0=; b=WkABkI/ESFHgX4JLM8deDaLq+A0e93FQn2E8nbWBkwibyolktHXm2qWmAhzMk581s8VPr4Q6DrXx3f7txNaBlAO6JEKXCxLyS6zH/W5ha9VIoEL79hVIxh6cno3hkLUyREMut2bfxgf6VoIHjEGLqioXjfGjksq9G/4fktlDL60= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1591104722660627.451275585459; Tue, 2 Jun 2020 06:32:02 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-48-kpj45rcbMSO5nUZ5pwZvPg-1; Tue, 02 Jun 2020 09:31:57 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C9F86107ACCA; Tue, 2 Jun 2020 13:31:51 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2E24A10016E8; Tue, 2 Jun 2020 13:31:51 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8C63F97017; Tue, 2 Jun 2020 13:31:49 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DVlse007266 for ; Tue, 2 Jun 2020 09:31:47 -0400 Received: by smtp.corp.redhat.com (Postfix) id 18FB52156A4D; Tue, 2 Jun 2020 13:31:47 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E69802156A2D for ; Tue, 2 Jun 2020 13:31:46 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 308E28007A4 for ; Tue, 2 Jun 2020 13:31:46 +0000 (UTC) Received: from mail-qk1-f194.google.com (mail-qk1-f194.google.com [209.85.222.194]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-120-7uqz-h4wMMe8E0ItoJAMPQ-1; Tue, 02 Jun 2020 09:31:44 -0400 Received: by mail-qk1-f194.google.com with SMTP id 205so12473922qkg.3; Tue, 02 Jun 2020 06:31:43 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104721; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=YdMzy8q3rDIy20XXT/tbOsLbHZqLPMA2JyWCMq3bFZ0=; b=ewATOCE3Jl8YM2LKC8Cn0frhMpDKnDSRCG95GRBXrB+XMzIjBBlIjIYXpKRSRmh9BD/mFE mzdABICIEVOygy6iSCHDmO75Ei8wBLgp6lYo1KyQcXUq2NazYMpefNzhQl+czuhARM8yjM 4mh9wCkGVIngSODTr546WcsIMD2cHHs= X-MC-Unique: kpj45rcbMSO5nUZ5pwZvPg-1 X-MC-Unique: 7uqz-h4wMMe8E0ItoJAMPQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=YdMzy8q3rDIy20XXT/tbOsLbHZqLPMA2JyWCMq3bFZ0=; b=CHhNEwDN+kM49ZLVfAEjtXCQ4hIDj2m05ZQmiPURbpcRZzqLkjZ8A/D8huXYELMkkz bATdceVNg78LselgIps/+xKzGD1txcdWypG16N6xVD7Tg2QkFVf2UTOB0eYxcePVWEEI /yAIHT/N9d9qFo7sJxUSvBwDF3Fyh9IR5aIql4dlWmHpDPvX10oSP9mAZOmGpFF4nS1Z 3ayC902Y2YlaO9JJ73tCxQvjapjo5XlCyiNBy1swHXXuKBWLOki6F3ae3OoMkEdfwCBU /YmlvebArzA2nzOwOOID0q3Qu+bM0xdEBRuH2kBsUfcgxyt85ev8AoDoMoECBLqHseZt +Dsw== X-Gm-Message-State: AOAM533uFsnWbQX1dyoh2x9ylu1fRcmPoSQeqE9nMk5hev+OhFUdBN94 ort2v18WKTcon3WNTPNZGypt1KCe X-Google-Smtp-Source: ABdhPJy2RJ3fiOk5PCME1tHdBHcznHOPLaC99HwKaMULdBAqxQpsvq1Se8swIlPQy1bAm7t0Jg/Spw== X-Received: by 2002:a37:a056:: with SMTP id j83mr27125086qke.329.1591104703107; Tue, 02 Jun 2020 06:31:43 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 02/10] qemu: Extend QEMU capabilities with 'spapr-tpm-proxy' Date: Tue, 2 Jun 2020 10:30:59 -0300 Message-Id: <20200602133107.1987182-3-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Expose the TPM Proxy support for PPC64 guests by creating a new cap called QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY. This device is part of the machinery the guest need to orchestrate with the PPC64 Ultravisor the transition to the Secure VM (SVM) mode. Inside QEMU, this device will be used with the H_TPM_COMM hypercall to connect with the TPM Resource Manager, enabling the guest to open and close TPM sessions with the host TPM. Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Reviewed-by: J=C3=A1n Tomko Signed-off-by: Daniel Henrique Barboza --- src/qemu/qemu_capabilities.c | 4 ++++ src/qemu/qemu_capabilities.h | 3 +++ tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + 4 files changed, 9 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index f12769635a..1b40735b6c 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -582,6 +582,9 @@ VIR_ENUM_IMPL(virQEMUCaps, "tcg", "virtio-blk-pci.scsi.default.disabled", "pvscsi", + + /* 370 */ + "spapr-tpm-proxy", ); =20 =20 @@ -1306,6 +1309,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "vhost-user-fs-device", QEMU_CAPS_DEVICE_VHOST_USER_FS }, { "tcg-accel", QEMU_CAPS_TCG }, { "pvscsi", QEMU_CAPS_SCSI_PVSCSI }, + { "spapr-tpm-proxy", QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY }, }; =20 =20 diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 076ecad0f7..478cd2398f 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -564,6 +564,9 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ QEMU_CAPS_VIRTIO_BLK_SCSI_DEFAULT_DISABLED, /* virtio-blk-pci.scsi dis= abled by default */ QEMU_CAPS_SCSI_PVSCSI, /* -device pvscsi */ =20 + /* 370 */ + QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY, /* -device spapr-tpm-proxy */ + QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; =20 diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_4.2.0.ppc64.xml index eeec181f62..b6b226da51 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml @@ -185,6 +185,7 @@ + 4001050 0 42900242 diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemuca= pabilitiesdata/caps_5.0.0.ppc64.xml index 69e5b4c8fa..ee5ab416aa 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml @@ -201,6 +201,7 @@ + 5000000 0 42900241 --=20 2.26.2 From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104732; cv=none; d=zohomail.com; s=zohoarc; b=eSmcTB8AB4OCrkW1vZJSfrFXOGV5OF+r4K1tNuHTtdBXZRloJCMbjk/U3ildWS+JE386S+JMStsCmb0OufkgLH7Fe3zt1sBHmngmpM38+XsbF5CWMorujrWuwo7ZIX1yuA2kyU8VsZQM3asDoowpXdkGHb0IHSogxhRqzuvHSPc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104732; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=kYxL6wlWalU1y5ELnkI9Dp6cP38YI9EnZ+MfX6M2WEQ=; b=bmSrwVZwZTor5RdbSa7SKZJeox3rLj/E10Qv3aRYuEE9+0QC16QLRKy7HSQGLkDVanioBFXZEaTqT879kEJZHH5RyVvHmCIRh+VGQv4G0h9W1OSV0zHaJZrYTbDz6pOm9HyNPOQ04h+oZSscg+/jZ6zerZXqUR3ChN+85fMdzX0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1591104732130222.7314471237239; Tue, 2 Jun 2020 06:32:12 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-386-VtLtqxLzMLaJAAdD6k2Bog-1; Tue, 02 Jun 2020 09:32:07 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id F0C2E85B67A; Tue, 2 Jun 2020 13:32:01 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D14CE78F06; Tue, 2 Jun 2020 13:32:01 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id A215797017; Tue, 2 Jun 2020 13:32:01 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DVs4U007302 for ; Tue, 2 Jun 2020 09:31:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id 7935D202683D; Tue, 2 Jun 2020 13:31:54 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 28A242017DCB for ; Tue, 2 Jun 2020 13:31:48 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 572A386CB91 for ; Tue, 2 Jun 2020 13:31:48 +0000 (UTC) Received: from mail-qt1-f171.google.com (mail-qt1-f171.google.com [209.85.160.171]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-475-0-TboUuYNKyT2PfSldsjKQ-1; Tue, 02 Jun 2020 09:31:46 -0400 Received: by mail-qt1-f171.google.com with SMTP id k22so10566298qtm.6; Tue, 02 Jun 2020 06:31:46 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104730; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=kYxL6wlWalU1y5ELnkI9Dp6cP38YI9EnZ+MfX6M2WEQ=; b=RSvu1YELBLaI/7AuFjri3N6IS9yQmydhlWD8m2Pc5aO9UZtLQ3qvIHN5Fxs23apD8cOWsU s2GjL9XfraLTDArhS9kxgOqrKH1f8gOEBa1zjd3vjLf4rzp5vvQOqg8nrp5PZFdBK0JhUg DReuUZG83xATmmoez7ZDugSoj9SSxME= X-MC-Unique: VtLtqxLzMLaJAAdD6k2Bog-1 X-MC-Unique: 0-TboUuYNKyT2PfSldsjKQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=kYxL6wlWalU1y5ELnkI9Dp6cP38YI9EnZ+MfX6M2WEQ=; b=RaSAQ9pUwsn5C/EUOi71dUMxtTjUwNgupYjHFDNr5dLuE3uNCfGFwbjeQH488/E5VW LG/p8DNWygAXrE8ayPkZVdggtDQnh8VApXE8LQt35GLtOCSoE0PV39sa9TXY/gDofcMA plC4pj8eFCdzC7hSu02It9kcM/QFr2Z5L0kjaassD61cXgGwi8U/DCcokp7q/aK2wpxo 0J+8vP39G584MmEw6c0IKmdwRBkFlZhqvu0vcVf/72/t4s31nSbqI42rk85Olnq4VSC+ d+U64pDpAuXs1NCmbuHfoXwoIEBnECSo1cMBCxLn0QYAl2Kzsf7m9bVc1ilpxY8sqahX rFWQ== X-Gm-Message-State: AOAM5323MqzTmuVQOxCo/KH9oS5625jKFyF4WQ3Xw9hHW9tVViCC9Awk qRYCzvkNgY2PCFHXD64UZ3IqcpFy X-Google-Smtp-Source: ABdhPJxPg0pnJ8MtO8x0MeGqVACDyZGEL/xB3pdRUfbUg4xhfJc3hTn7E4cfuQoKEIuYU7dcAJgTFw== X-Received: by 2002:ac8:134a:: with SMTP id f10mr27982489qtj.123.1591104705613; Tue, 02 Jun 2020 06:31:45 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 03/10] qemu_extdevice.c: remove unneeded 'ret' variable Date: Tue, 2 Jun 2020 10:31:00 -0300 Message-Id: <20200602133107.1987182-4-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" qemuExtDevicesInitPaths() does not need 'ret'. Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- src/qemu/qemu_extdevice.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c index dc188e6042..8f1bd9311e 100644 --- a/src/qemu/qemu_extdevice.c +++ b/src/qemu/qemu_extdevice.c @@ -73,12 +73,10 @@ static int qemuExtDevicesInitPaths(virQEMUDriverPtr driver, virDomainDefPtr def) { - int ret =3D 0; - if (def->tpm) - ret =3D qemuExtTPMInitPaths(driver, def); + return qemuExtTPMInitPaths(driver, def); =20 - return ret; + return 0; } =20 =20 --=20 2.26.2 From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104734; cv=none; d=zohomail.com; s=zohoarc; b=PDldTni0OXRYPhZTNkMpc6n14LrvA6oF+Y4ik2c7kgL6RL9lbB31Em5R/SJPJJwWjFScFSaByBP86YXCyan+Yb4W2zdUqeySt4uxS/D7VDRK64j2GlDdFV/zqh67ef4yX6Obnj7sx1ow0y7Q2HJQLPBHXBllzg9In2eBWRadUbM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104734; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=3A4lUZNqLUYTsWe+QC0wfPP1QzWTn+Ycjeb3qHm0+Ec=; b=HeWdUt/MoR39yZQcDqUp1+VDIfwL0xwccNPS/4mxgWZM4K/oyBCQ3oAlEfJs/nvqJJS4WQPwFb7slZKyy3qFlYDd2Kz8iriQc0rLusu7cubUw++7C251xzGPWZZTL1l1NZ4s35pR2sYiXW7fDMVnl5FScMQpGq/cAKqsiJyFniA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1591104734819988.5642717989624; Tue, 2 Jun 2020 06:32:14 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-10-eI4mK9K6PTaY93bUnxosCQ-1; Tue, 02 Jun 2020 09:32:10 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id E6CEB8018A7; Tue, 2 Jun 2020 13:32:02 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B019D49F6; Tue, 2 Jun 2020 13:32:02 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 77F631809557; Tue, 2 Jun 2020 13:32:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DVs72007297 for ; Tue, 2 Jun 2020 09:31:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id E04A42156709; Tue, 2 Jun 2020 13:31:53 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 944142156A53 for ; Tue, 2 Jun 2020 13:31:53 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A044F85338F for ; Tue, 2 Jun 2020 13:31:51 +0000 (UTC) Received: from mail-qt1-f194.google.com (mail-qt1-f194.google.com [209.85.160.194]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-81-FkV0mWSlMT6Bmsx2QwwaMA-1; Tue, 02 Jun 2020 09:31:49 -0400 Received: by mail-qt1-f194.google.com with SMTP id g18so10547548qtu.13; Tue, 02 Jun 2020 06:31:48 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104733; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=3A4lUZNqLUYTsWe+QC0wfPP1QzWTn+Ycjeb3qHm0+Ec=; b=RJxuw1YFCvD8w2CS80+QNlxb7m0kIkbrRx962f4QJg8ujpHLTOvaymSD8Arxwyb9gy1+Do uGTgpFWp9kqTEhWogAWmd+whWtG3nJYZxt/zMnEZwoahMby75RbcEBAX5FK1iFg4xy0puR LgFZB4eCVohnJp/ULFsA7criF0by2us= X-MC-Unique: eI4mK9K6PTaY93bUnxosCQ-1 X-MC-Unique: FkV0mWSlMT6Bmsx2QwwaMA-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3A4lUZNqLUYTsWe+QC0wfPP1QzWTn+Ycjeb3qHm0+Ec=; b=TKblDaWSMz5ivjwOUSVjji3cGzWNHPUdh3NrIBxBtz/GWSbXS1sTSYpbvQWZ8CEUtA V8MQ03jIEfSHK922UAE0loxKj8VQCjImEnl2YKdA5QcIqqXNEPE/QiZz06ds+rW4FVgX +jpl6h25dRLfyZn3RZhXzSE0xL9bD8wh36NZfQvZpiNg+vxNNQEt3WqDtDmvtZJlu5Q5 6ZoYmlWlE8HvTOajKM0cxb0tf3bq0CcG5TduoRGK2nHQlDJFvNR3v9vQUPXRV+miaiZX TnpECuE+KpgxgxvwP5rgNaCBn0hexMdu7etvOl5Kc9JQG0iLZRUbo+6PO2GnB7oLkciO KXWg== X-Gm-Message-State: AOAM532KARAabPfgmmYlgW3To7Ir+ndKIPA4g8lVUSVqYxJ/x92vCXxD /xmNztUdg6aVv9hiyzaL+PD9nvZ/ X-Google-Smtp-Source: ABdhPJyHGfJZMkpmH/X3zYByNN43IZyneIlbu3UY0OfYqOP+xku7lWNPqWvZgenTCfGlfO6EUM7qiw== X-Received: by 2002:aed:3fd4:: with SMTP id w20mr27629191qth.350.1591104707769; Tue, 02 Jun 2020 06:31:47 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 04/10] qemu_tpm, security, tests: change 'switch' clauses for 'if' Date: Tue, 2 Jun 2020 10:31:01 -0300 Message-Id: <20200602133107.1987182-5-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" This trivial rework is aimed to reduce the amount of line changes made by the next patch, when 'def->tpm' will become a 'def->tpms' array. Instead of using a 'switch' where only the VIR_DOMAIN_TPM_TYPE_EMULATOR label does something, use an 'if' clause instead. Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- src/qemu/qemu_tpm.c | 44 +++++---------------------------- src/security/security_selinux.c | 16 ++---------- src/security/virt-aa-helper.c | 7 +----- tests/qemuxml2argvtest.c | 7 +----- 4 files changed, 10 insertions(+), 64 deletions(-) diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index fe567f440c..afec0e5328 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -680,14 +680,9 @@ qemuExtTPMInitPaths(virQEMUDriverPtr driver, { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); =20 - switch (def->tpm->type) { - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) return qemuTPMEmulatorInitPaths(def->tpm, cfg->swtpmStorageDir, def->uuid); - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - case VIR_DOMAIN_TPM_TYPE_LAST: - break; - } =20 return 0; } @@ -700,8 +695,7 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver, g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *shortName =3D NULL; =20 - switch (def->tpm->type) { - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(def); if (!shortName) return -1; @@ -711,9 +705,6 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver, cfg->swtpm_group, cfg->swtpmStateDir, cfg->user, shortName); - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - case VIR_DOMAIN_TPM_TYPE_LAST: - break; } =20 return 0; @@ -723,15 +714,8 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver, void qemuExtTPMCleanupHost(virDomainDefPtr def) { - switch (def->tpm->type) { - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) qemuTPMDeleteEmulatorStorage(def->tpm); - break; - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - case VIR_DOMAIN_TPM_TYPE_LAST: - /* nothing to do */ - break; - } } =20 =20 @@ -825,15 +809,9 @@ qemuExtTPMStart(virQEMUDriverPtr driver, { virDomainTPMDefPtr tpm =3D vm->def->tpm; =20 - switch (tpm->type) { - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) return qemuExtTPMStartEmulator(driver, vm, incomingMigration); =20 - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - case VIR_DOMAIN_TPM_TYPE_LAST: - break; - } - return 0; } =20 @@ -845,18 +823,13 @@ qemuExtTPMStop(virQEMUDriverPtr driver, g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *shortName =3D NULL; =20 - switch (vm->def->tpm->type) { - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(vm->def); if (!shortName) return; =20 qemuTPMEmulatorStop(cfg->swtpmStateDir, shortName); qemuSecurityCleanupTPMEmulator(driver, vm); - break; - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - case VIR_DOMAIN_TPM_TYPE_LAST: - break; } =20 return; @@ -873,8 +846,7 @@ qemuExtTPMSetupCgroup(virQEMUDriverPtr driver, int rc; pid_t pid; =20 - switch (def->tpm->type) { - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(def); if (!shortName) return -1; @@ -886,10 +858,6 @@ qemuExtTPMSetupCgroup(virQEMUDriverPtr driver, } if (virCgroupAddProcess(cgroup, pid) < 0) return -1; - break; - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - case VIR_DOMAIN_TPM_TYPE_LAST: - break; } =20 return 0; diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 7bb7c2b7b1..c4c0504b56 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -3499,10 +3499,7 @@ virSecuritySELinuxSetTPMLabels(virSecurityManagerPtr= mgr, if (seclabel =3D=3D NULL) return 0; =20 - switch (def->tpm->type) { - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - break; - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { ret =3D virSecuritySELinuxSetFileLabels( mgr, def->tpm->data.emulator.storagepath, seclabel); @@ -3510,9 +3507,6 @@ virSecuritySELinuxSetTPMLabels(virSecurityManagerPtr = mgr, ret =3D virSecuritySELinuxSetFileLabels( mgr, def->tpm->data.emulator.logfile, seclabel); - break; - case VIR_DOMAIN_TPM_TYPE_LAST: - break; } =20 return ret; @@ -3525,18 +3519,12 @@ virSecuritySELinuxRestoreTPMLabels(virSecurityManag= erPtr mgr, { int ret =3D 0; =20 - switch (def->tpm->type) { - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - break; - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { ret =3D virSecuritySELinuxRestoreFileLabels( mgr, def->tpm->data.emulator.storagepath); if (ret =3D=3D 0 && def->tpm->data.emulator.logfile) ret =3D virSecuritySELinuxRestoreFileLabels( mgr, def->tpm->data.emulator.logfile); - break; - case VIR_DOMAIN_TPM_TYPE_LAST: - break; } =20 return ret; diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 6e6dd1b1db..6e8f77e4dd 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -1210,8 +1210,7 @@ get_files(vahControl * ctl) char *shortName =3D NULL; const char *tpmpath =3D NULL; =20 - switch (ctl->def->tpm->type) { - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (ctl->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(ctl->def); =20 switch (ctl->def->tpm->version) { @@ -1244,10 +1243,6 @@ get_files(vahControl * ctl) RUNSTATEDIR, shortName); =20 VIR_FREE(shortName); - break; - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - case VIR_DOMAIN_TPM_TYPE_LAST: - break; } } =20 diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 3103cac884..7c4b4e2134 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -438,15 +438,10 @@ testCompareXMLToArgvCreateArgs(virQEMUDriverPtr drv, } =20 if (vm->def->tpm) { - switch (vm->def->tpm->type) { - case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { VIR_FREE(vm->def->tpm->data.emulator.source.data.file.path); vm->def->tpm->data.emulator.source.data.file.path =3D g_strdup= ("/dev/test"); vm->def->tpm->data.emulator.source.type =3D VIR_DOMAIN_CHR_TYP= E_FILE; - break; - case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: - case VIR_DOMAIN_TPM_TYPE_LAST: - break; } } =20 --=20 2.26.2 From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104737; cv=none; d=zohomail.com; s=zohoarc; b=g95wjjKBZZ0difObTnfJ4vOqen55eqKg8c2yRW8o5YfnqecGssIPXazM7GkRy0cH/S5Ypd6l+YQYHkKYC3LwATbX7esjg5YZSsaO7a2v9bd4VfXfqZg0bGMq9aClfvg6Jv2oYNCq0fc8/zUYZR/jOKiF2DoB6Xvmy80FuUjJ8hY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104737; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=uDzzgub/qDp43m/awYwu9jAmi1joqGBeElNbTLOFllg=; b=FABsRoEoU5pf8Ye1Uyy39UTLiOQowcXXigfIo3Dm49Uv9lZNSTHQYKXsPBLxzwH7SIJqsQStcIYyTGiWSRJFzxNFkrmN1e8uuEH/Ka6fPMzgF7vkIgG2YeP8PNON99Ncgb3ZxOZSlegxYVcBdTFX2Pe2zB9uOBr/8nHW6TnAuNo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1591104737419471.68968567356046; Tue, 2 Jun 2020 06:32:17 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-259-bUNuWzeBNgel-JwRjyL4vw-1; Tue, 02 Jun 2020 09:32:13 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4EFEE108BD0D; Tue, 2 Jun 2020 13:32:04 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2F3D75D9DD; Tue, 2 Jun 2020 13:32:04 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F29999701E; Tue, 2 Jun 2020 13:32:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DVuP6007320 for ; Tue, 2 Jun 2020 09:31:56 -0400 Received: by smtp.corp.redhat.com (Postfix) id 262012029F71; Tue, 2 Jun 2020 13:31:56 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 018922026FFE for ; Tue, 2 Jun 2020 13:31:55 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5CEDB1914A21 for ; Tue, 2 Jun 2020 13:31:55 +0000 (UTC) Received: from mail-qk1-f193.google.com (mail-qk1-f193.google.com [209.85.222.193]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-136-aGRYWchuMlGp04_vR833eQ-1; Tue, 02 Jun 2020 09:31:51 -0400 Received: by mail-qk1-f193.google.com with SMTP id g28so11730334qkl.0; Tue, 02 Jun 2020 06:31:51 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104736; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=uDzzgub/qDp43m/awYwu9jAmi1joqGBeElNbTLOFllg=; b=GKF4MNNXqJV6VszYFQ0tFHRUdMBFpjGTbb7+ovo768jpy2k8QOLMQHvONWP+sz5l2praXW 5lNGQiIzb+sreY44C7OcbcEWHvPXZkY2rh6wdH0YqKKVcDeoxiREX1X7Mg0v5t+xHGJdYV bsVQCEq59OOV6/LOAAyL6mGHEY0FMCQ= X-MC-Unique: bUNuWzeBNgel-JwRjyL4vw-1 X-MC-Unique: aGRYWchuMlGp04_vR833eQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uDzzgub/qDp43m/awYwu9jAmi1joqGBeElNbTLOFllg=; b=G65rv0YscGSiRCX2RX6vHHl2h13xkgluFVECgOf+0XDN8POSaoue5Coo0TD82nEPRf xcecX1Vr1/7enbCTmClx5yJgF9jYe4AJ/zZD+ygRAZ552wPTN/6ec6JMOeBEC9ebEAlS eftEAlp0HqXgaPdaX5p+ix7e04wzGXffSP4WwGju3lHKIRGqyPDOJDmoloAlegJW5j1O YUY0pbPfxbBf8oERpf4SrXu1Dlb7KUp7qDtZ2ywjxD342mJSHlU9RFcnoCSnS5w9wCpK MhAWaK5UEtC3DjwK6UZ19Mc0f7OErQj8uhUUgsENdQGrmRIGdbYfcs61xlOEZS4V67kC Ewnw== X-Gm-Message-State: AOAM5325X9BDMrPV85J+UgXzm3w8VaXkA/c2K/GwP5QzC0+6d7FH4Q7s xthsfZJmpSRzaUUDoSRC1fwOHPR/ X-Google-Smtp-Source: ABdhPJyyaP7DhJyk+3UBpMyHmtJorOPWZzznBcGBLg7hNGbjevBQHLN9K2CdNMm0iq20UV28y2P1xw== X-Received: by 2002:a37:7743:: with SMTP id s64mr23555870qkc.345.1591104709888; Tue, 02 Jun 2020 06:31:49 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 05/10] conf, qemu, security, tests: introducing 'def->tpms' array Date: Tue, 2 Jun 2020 10:31:02 -0300 Message-Id: <20200602133107.1987182-6-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" A TPM Proxy device can coexist with a regular TPM, but the current domain definition supports only a single TPM device in the 'tpm' pointer. This patch replaces this existing pointer in the domain definition to an array of TPM devices. All files that references the old pointer were adapted to handle the new array instead. virDomainDefParseXML() TPM related code was adapted to handle the parsing of an extra TPM device. TPM validations after this new scenario will be updated in the next patch. Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- src/conf/domain_audit.c | 4 +-- src/conf/domain_conf.c | 50 +++++++++++++++++++------------ src/conf/domain_conf.h | 6 +++- src/qemu/qemu_alias.c | 4 +-- src/qemu/qemu_cgroup.c | 10 ++++--- src/qemu/qemu_command.c | 34 ++++++++++++++------- src/qemu/qemu_domain.c | 31 +++++++++++++------- src/qemu/qemu_domain_address.c | 11 ++++--- src/qemu/qemu_extdevice.c | 18 +++++++----- src/qemu/qemu_tpm.c | 52 +++++++++++++++++++++++++-------- src/security/security_dac.c | 8 ++--- src/security/security_selinux.c | 32 ++++++++++++-------- src/security/virt-aa-helper.c | 9 ++++-- tests/qemuxml2argvtest.c | 13 +++++---- 14 files changed, 186 insertions(+), 96 deletions(-) diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c index 1b0abb21a0..8bc6633af4 100644 --- a/src/conf/domain_audit.c +++ b/src/conf/domain_audit.c @@ -821,8 +821,8 @@ virDomainAuditStart(virDomainObjPtr vm, const char *rea= son, bool success) for (i =3D 0; i < vm->def->nrngs; i++) virDomainAuditRNG(vm, NULL, vm->def->rngs[i], "start", true); =20 - if (vm->def->tpm) - virDomainAuditTPM(vm, vm->def->tpm, "start", true); + for (i =3D 0; i < vm->def->ntpms; i++) + virDomainAuditTPM(vm, vm->def->tpms[i], "start", true); =20 for (i =3D 0; i < vm->def->nshmems; i++) virDomainAuditShmem(vm, vm->def->shmems[i], "start", true); diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 1406cf079e..899f994e23 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1165,6 +1165,7 @@ VIR_ENUM_IMPL(virDomainTPMModel, "tpm-tis", "tpm-crb", "tpm-spapr", + "spapr-tpm-proxy", ); =20 VIR_ENUM_IMPL(virDomainTPMBackend, @@ -3480,7 +3481,9 @@ void virDomainDefFree(virDomainDefPtr def) virDomainMemoryDefFree(def->mems[i]); VIR_FREE(def->mems); =20 - virDomainTPMDefFree(def->tpm); + for (i =3D 0; i < def->ntpms; i++) + virDomainTPMDefFree(def->tpms[i]); + VIR_FREE(def->tpms); =20 for (i =3D 0; i < def->npanics; i++) virDomainPanicDefFree(def->panics[i]); @@ -4313,10 +4316,10 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr = def, if ((rc =3D cb(def, &device, &def->shmems[i]->info, opaque)) !=3D = 0) return rc; } - if (def->tpm) { - device.type =3D VIR_DOMAIN_DEVICE_TPM; - device.data.tpm =3D def->tpm; - if ((rc =3D cb(def, &device, &def->tpm->info, opaque)) !=3D 0) + device.type =3D VIR_DOMAIN_DEVICE_TPM; + for (i =3D 0; i < def->ntpms; i++) { + device.data.tpm =3D def->tpms[i]; + if ((rc =3D cb(def, &device, &def->tpms[i]->info, opaque)) !=3D 0) return rc; } device.type =3D VIR_DOMAIN_DEVICE_PANIC; @@ -21971,15 +21974,23 @@ virDomainDefParseXML(xmlDocPtr xml, if ((n =3D virXPathNodeSet("./devices/tpm", ctxt, &nodes)) < 0) goto error; =20 - if (n > 1) { + if (n > 2) { virReportError(VIR_ERR_XML_ERROR, "%s", - _("only a single TPM device is supported")); + _("a maximum of two TPM devices is supported, one o= f " + "them being a TPM Proxy device")); goto error; } =20 - if (n > 0) { - if (!(def->tpm =3D virDomainTPMDefParseXML(xmlopt, nodes[0], ctxt,= flags))) + if (n && VIR_ALLOC_N(def->tpms, n) < 0) + goto error; + + for (i =3D 0; i < n; i++) { + virDomainTPMDefPtr tpm =3D virDomainTPMDefParseXML(xmlopt, nodes[i= ], + ctxt, flags); + if (!tpm) goto error; + + def->tpms[def->ntpms++] =3D tpm; } VIR_FREE(nodes); =20 @@ -24341,16 +24352,19 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPt= r src, goto error; } =20 - if (src->tpm && dst->tpm) { - if (!virDomainTPMDefCheckABIStability(src->tpm, dst->tpm)) - goto error; - } else if (src->tpm || dst->tpm) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("Either both target and source domains or none of= " - "them must have TPM device present")); + if (src->ntpms !=3D dst->ntpms) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Target domain TPM device count %zu " + "does not match source %zu"), + dst->ntpms, src->ntpms); goto error; } =20 + for (i =3D 0; i < src->ntpms; i++) { + if (!virDomainTPMDefCheckABIStability(src->tpms[i], dst->tpms[i])) + goto error; + } + if (src->nmems !=3D dst->nmems) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Target domain memory device count %zu " @@ -29793,8 +29807,8 @@ virDomainDefFormatInternalSetRootName(virDomainDefP= tr def, goto error; } =20 - if (def->tpm) { - if (virDomainTPMDefFormat(buf, def->tpm, flags) < 0) + for (n =3D 0; n < def->ntpms; n++) { + if (virDomainTPMDefFormat(buf, def->tpms[n], flags) < 0) goto error; } =20 diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index e152c599ca..84e36e03f4 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1294,6 +1294,7 @@ typedef enum { VIR_DOMAIN_TPM_MODEL_TIS, VIR_DOMAIN_TPM_MODEL_CRB, VIR_DOMAIN_TPM_MODEL_SPAPR, + VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY, =20 VIR_DOMAIN_TPM_MODEL_LAST } virDomainTPMModel; @@ -2624,11 +2625,14 @@ struct _virDomainDef { size_t npanics; virDomainPanicDefPtr *panics; =20 + /* At maximum 2 TPMs on the domain, if a TPM Proxy is present. */ + size_t ntpms; + virDomainTPMDefPtr *tpms; + /* Only 1 */ virDomainWatchdogDefPtr watchdog; virDomainMemballoonDefPtr memballoon; virDomainNVRAMDefPtr nvram; - virDomainTPMDefPtr tpm; virCPUDefPtr cpu; virSysinfoDefPtr sysinfo; virDomainRedirFilterDefPtr redirfilter; diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c index d6527cb046..85fdb85940 100644 --- a/src/qemu/qemu_alias.c +++ b/src/qemu/qemu_alias.c @@ -669,8 +669,8 @@ qemuAssignDeviceAliases(virDomainDefPtr def, virQEMUCap= sPtr qemuCaps) if (qemuAssignDeviceRNGAlias(def, def->rngs[i]) < 0) return -1; } - if (def->tpm) { - if (qemuAssignDeviceTPMAlias(def->tpm, 0) < 0) + for (i =3D 0; i < def->ntpms; i++) { + if (qemuAssignDeviceTPMAlias(def->tpms[i], 0) < 0) return -1; } for (i =3D 0; i < def->nmems; i++) { diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index d92202f847..eb0f03d4aa 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -332,10 +332,10 @@ qemuSetupChardevCgroupCB(virDomainDefPtr def G_GNUC_U= NUSED, =20 =20 static int -qemuSetupTPMCgroup(virDomainObjPtr vm) +qemuSetupTPMCgroup(virDomainObjPtr vm, + virDomainTPMDefPtr dev) { int ret =3D 0; - virDomainTPMDefPtr dev =3D vm->def->tpm; =20 switch (dev->type) { case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: @@ -805,8 +805,10 @@ qemuSetupDevicesCgroup(virDomainObjPtr vm) vm) < 0) return -1; =20 - if (vm->def->tpm && qemuSetupTPMCgroup(vm) < 0) - return -1; + for (i =3D 0; i < vm->def->ntpms; i++) { + if (qemuSetupTPMCgroup(vm, vm->def->tpms[i]) < 0) + return -1; + } =20 for (i =3D 0; i < vm->def->nhostdevs; i++) { /* This may allow /dev/vfio/vfio multiple times, but that diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 419eca5675..59caff08f2 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -8890,10 +8890,10 @@ qemuBuildDomainLoaderCommandLine(virCommandPtr cmd, =20 static char * qemuBuildTPMDevStr(const virDomainDef *def, + virDomainTPMDefPtr tpm, virQEMUCapsPtr qemuCaps) { g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER; - virDomainTPMDef *tpm =3D def->tpm; const char *model =3D virDomainTPMModelTypeToString(tpm->model); =20 virBufferAsprintf(&buf, "%s,tpmdev=3Dtpm-%s,id=3D%s", @@ -8932,13 +8932,12 @@ qemuBuildTPMOpenBackendFDs(const char *tpmdev, =20 =20 static char * -qemuBuildTPMBackendStr(const virDomainDef *def, - virCommandPtr cmd, +qemuBuildTPMBackendStr(virCommandPtr cmd, + virDomainTPMDefPtr tpm, int *tpmfd, int *cancelfd, char **chardev) { - const virDomainTPMDef *tpm =3D def->tpm; g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER; g_autofree char *cancel_path =3D NULL; g_autofree char *devset =3D NULL; @@ -8992,6 +8991,7 @@ qemuBuildTPMBackendStr(const virDomainDef *def, static int qemuBuildTPMCommandLine(virCommandPtr cmd, const virDomainDef *def, + virDomainTPMDefPtr tpm, virQEMUCapsPtr qemuCaps) { char *optstr; @@ -9000,10 +9000,7 @@ qemuBuildTPMCommandLine(virCommandPtr cmd, int cancelfd =3D -1; char *fdset; =20 - if (!def->tpm) - return 0; - - if (!(optstr =3D qemuBuildTPMBackendStr(def, cmd, + if (!(optstr =3D qemuBuildTPMBackendStr(cmd, tpm, &tpmfd, &cancelfd, &chardev))) return -1; @@ -9032,7 +9029,7 @@ qemuBuildTPMCommandLine(virCommandPtr cmd, VIR_FREE(fdset); } =20 - if (!(optstr =3D qemuBuildTPMDevStr(def, qemuCaps))) + if (!(optstr =3D qemuBuildTPMDevStr(def, tpm, qemuCaps))) return -1; =20 virCommandAddArgList(cmd, "-device", optstr, NULL); @@ -9041,6 +9038,23 @@ qemuBuildTPMCommandLine(virCommandPtr cmd, return 0; } =20 + +static int +qemuBuildTPMsCommandLine(virCommandPtr cmd, + const virDomainDef *def, + virQEMUCapsPtr qemuCaps) +{ + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (qemuBuildTPMCommandLine(cmd, def, def->tpms[i], qemuCaps) < 0) + return -1; + } + + return 0; +} + + static int qemuBuildSEVCommandLine(virDomainObjPtr vm, virCommandPtr cmd, virDomainSEVDefPtr sev) @@ -9720,7 +9734,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, chardevStdioLogd) < 0) return NULL; =20 - if (qemuBuildTPMCommandLine(cmd, def, qemuCaps) < 0) + if (qemuBuildTPMsCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 if (qemuBuildInputCommandLine(cmd, def, qemuCaps) < 0) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index d5e3d1a3cc..3173fc3a3b 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -11585,16 +11585,9 @@ qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr = cfg G_GNUC_UNUSED, =20 static int qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, + virDomainTPMDefPtr dev, const struct qemuDomainCreateDeviceData *data) { - virDomainTPMDefPtr dev =3D vm->def->tpm; - - if (!dev) - return 0; - - VIR_DEBUG("Setting up TPM"); - switch (dev->type) { case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: if (qemuDomainCreateDevice(dev->data.passthrough.source.data.file.= path, @@ -11608,7 +11601,25 @@ qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GN= UC_UNUSED, break; } =20 - VIR_DEBUG("Setup TPM"); + return 0; +} + + +static int +qemuDomainSetupAllTPMs(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + size_t i; + + VIR_DEBUG("Setting up TPMs"); + + for (i =3D 0; i < vm->def->ntpms; i++) { + if (qemuDomainSetupTPM(cfg, vm->def->tpms[i], data) < 0) + return -1; + } + + VIR_DEBUG("Setup all TPMs"); return 0; } =20 @@ -11834,7 +11845,7 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupTPM(cfg, vm, &data) < 0) + if (qemuDomainSetupAllTPMs(cfg, vm, &data) < 0) goto cleanup; =20 if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0) diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c index 07431343ed..4c26070022 100644 --- a/src/qemu/qemu_domain_address.c +++ b/src/qemu/qemu_domain_address.c @@ -268,10 +268,13 @@ qemuDomainAssignSpaprVIOAddresses(virDomainDefPtr def) return -1; } =20 - if (def->tpm) { - if (qemuDomainIsPSeries(def)) - def->tpm->info.type =3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVI= O; - if (qemuDomainAssignSpaprVIOAddress(def, &def->tpm->info, + for (i =3D 0; i < def->ntpms; i++) { + virDomainTPMDefPtr tpm =3D def->tpms[i]; + + if (tpm->model !=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY && + qemuDomainIsPSeries(def)) + tpm->info.type =3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO; + if (qemuDomainAssignSpaprVIOAddress(def, &tpm->info, VIO_ADDR_TPM) < 0) return -1; } diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c index 8f1bd9311e..2fb71dd334 100644 --- a/src/qemu/qemu_extdevice.c +++ b/src/qemu/qemu_extdevice.c @@ -73,7 +73,7 @@ static int qemuExtDevicesInitPaths(virQEMUDriverPtr driver, virDomainDefPtr def) { - if (def->tpm) + if (def->ntpms > 0) return qemuExtTPMInitPaths(driver, def); =20 return 0; @@ -132,7 +132,7 @@ qemuExtDevicesPrepareHost(virQEMUDriverPtr driver, virDomainDefPtr def =3D vm->def; size_t i; =20 - if (def->tpm && + if (def->ntpms > 0 && qemuExtTPMPrepareHost(driver, def) < 0) return -1; =20 @@ -155,7 +155,7 @@ qemuExtDevicesCleanupHost(virQEMUDriverPtr driver, if (qemuExtDevicesInitPaths(driver, def) < 0) return; =20 - if (def->tpm) + if (def->ntpms > 0) qemuExtTPMCleanupHost(def); } =20 @@ -181,7 +181,7 @@ qemuExtDevicesStart(virQEMUDriverPtr driver, } } =20 - if (def->tpm && qemuExtTPMStart(driver, vm, incomingMigration) < 0) + if (def->ntpms > 0 && qemuExtTPMStart(driver, vm, incomingMigration) <= 0) return -1; =20 for (i =3D 0; i < def->nnets; i++) { @@ -223,7 +223,7 @@ qemuExtDevicesStop(virQEMUDriverPtr driver, qemuExtVhostUserGPUStop(driver, vm, video); } =20 - if (def->tpm) + if (def->ntpms > 0) qemuExtTPMStop(driver, vm); =20 for (i =3D 0; i < def->nnets; i++) { @@ -256,8 +256,10 @@ qemuExtDevicesHasDevice(virDomainDefPtr def) return true; } =20 - if (def->tpm && def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - return true; + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + return true; + } =20 for (i =3D 0; i < def->nfss; i++) { virDomainFSDefPtr fs =3D def->fss[i]; @@ -297,7 +299,7 @@ qemuExtDevicesSetupCgroup(virQEMUDriverPtr driver, return -1; } =20 - if (def->tpm && + if (def->ntpms > 0 && qemuExtTPMSetupCgroup(driver, def, cgroup) < 0) return -1; =20 diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index afec0e5328..8adb0e42b8 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -679,10 +679,15 @@ qemuExtTPMInitPaths(virQEMUDriverPtr driver, virDomainDefPtr def) { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + size_t i; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - return qemuTPMEmulatorInitPaths(def->tpm, cfg->swtpmStorageDir, + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + + return qemuTPMEmulatorInitPaths(def->tpms[i], cfg->swtpmStorageDir, def->uuid); + } =20 return 0; } @@ -694,13 +699,17 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver, { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *shortName =3D NULL; + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(def); if (!shortName) return -1; =20 - return qemuTPMEmulatorPrepareHost(def->tpm, cfg->swtpmLogDir, + return qemuTPMEmulatorPrepareHost(def->tpms[i], cfg->swtpmLogDir, def->name, cfg->swtpm_user, cfg->swtpm_group, cfg->swtpmStateDir, cfg->user, @@ -714,8 +723,14 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver, void qemuExtTPMCleanupHost(virDomainDefPtr def) { - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - qemuTPMDeleteEmulatorStorage(def->tpm); + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + + qemuTPMDeleteEmulatorStorage(def->tpms[i]); + } } =20 =20 @@ -733,13 +748,13 @@ qemuExtTPMCleanupHost(virDomainDefPtr def) static int qemuExtTPMStartEmulator(virQEMUDriverPtr driver, virDomainObjPtr vm, + virDomainTPMDefPtr tpm, bool incomingMigration) { g_autoptr(virCommand) cmd =3D NULL; int exitstatus =3D 0; g_autofree char *errbuf =3D NULL; g_autoptr(virQEMUDriverConfig) cfg =3D NULL; - virDomainTPMDefPtr tpm =3D vm->def->tpm; g_autofree char *shortName =3D virDomainDefGetShortName(vm->def); int cmdret =3D 0, timeout, rc; pid_t pid; @@ -807,10 +822,15 @@ qemuExtTPMStart(virQEMUDriverPtr driver, virDomainObjPtr vm, bool incomingMigration) { - virDomainTPMDefPtr tpm =3D vm->def->tpm; + size_t i; + + for (i =3D 0; i < vm->def->ntpms; i++) { + if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - return qemuExtTPMStartEmulator(driver, vm, incomingMigration); + return qemuExtTPMStartEmulator(driver, vm, vm->def->tpms[i], + incomingMigration); + } =20 return 0; } @@ -822,8 +842,12 @@ qemuExtTPMStop(virQEMUDriverPtr driver, { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *shortName =3D NULL; + size_t i; + + for (i =3D 0; i < vm->def->ntpms; i++) { + if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(vm->def); if (!shortName) return; @@ -845,8 +869,12 @@ qemuExtTPMSetupCgroup(virQEMUDriverPtr driver, g_autofree char *shortName =3D NULL; int rc; pid_t pid; + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(def); if (!shortName) return -1; diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 7b95a6f86d..6201c13f92 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1979,10 +1979,10 @@ virSecurityDACRestoreAllLabel(virSecurityManagerPtr= mgr, &chardevData) < 0) rc =3D -1; =20 - if (def->tpm) { + for (i =3D 0; i < def->ntpms; i++) { if (virSecurityDACRestoreTPMFileLabel(mgr, def, - def->tpm) < 0) + def->tpms[i]) < 0) rc =3D -1; } =20 @@ -2158,10 +2158,10 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr, &chardevData) < 0) return -1; =20 - if (def->tpm) { + for (i =3D 0; i < def->ntpms; i++) { if (virSecurityDACSetTPMFileLabel(mgr, def, - def->tpm) < 0) + def->tpms[i]) < 0) return -1; } =20 diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index c4c0504b56..7b7c2c12b1 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -2764,8 +2764,8 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManagerP= tr mgr, return -1; } =20 - if (def->tpm) { - if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, def->tpm) <= 0) + for (i =3D 0; i < def->ntpms; i++) { + if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, def->tpms[i= ]) < 0) rc =3D -1; } =20 @@ -3172,8 +3172,8 @@ virSecuritySELinuxSetAllLabel(virSecurityManagerPtr m= gr, return -1; } =20 - if (def->tpm) { - if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpm) < 0) + for (i =3D 0; i < def->ntpms; i++) { + if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpms[i]) < 0) return -1; } =20 @@ -3493,19 +3493,23 @@ virSecuritySELinuxSetTPMLabels(virSecurityManagerPt= r mgr, virDomainDefPtr def) { int ret =3D 0; + size_t i; virSecurityLabelDefPtr seclabel; =20 seclabel =3D virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAM= E); if (seclabel =3D=3D NULL) return 0; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + ret =3D virSecuritySELinuxSetFileLabels( - mgr, def->tpm->data.emulator.storagepath, + mgr, def->tpms[i]->data.emulator.storagepath, seclabel); - if (ret =3D=3D 0 && def->tpm->data.emulator.logfile) + if (ret =3D=3D 0 && def->tpms[i]->data.emulator.logfile) ret =3D virSecuritySELinuxSetFileLabels( - mgr, def->tpm->data.emulator.logfile, + mgr, def->tpms[i]->data.emulator.logfile, seclabel); } =20 @@ -3518,13 +3522,17 @@ virSecuritySELinuxRestoreTPMLabels(virSecurityManag= erPtr mgr, virDomainDefPtr def) { int ret =3D 0; + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { ret =3D virSecuritySELinuxRestoreFileLabels( - mgr, def->tpm->data.emulator.storagepath); - if (ret =3D=3D 0 && def->tpm->data.emulator.logfile) + mgr, def->tpms[i]->data.emulator.storagepath); + if (ret =3D=3D 0 && def->tpms[i]->data.emulator.logfile) ret =3D virSecuritySELinuxRestoreFileLabels( - mgr, def->tpm->data.emulator.logfile); + mgr, def->tpms[i]->data.emulator.logfile); } =20 return ret; diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 6e8f77e4dd..7abb6e70be 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -1206,14 +1206,17 @@ get_files(vahControl * ctl) } =20 =20 - if (ctl->def->tpm) { + if (ctl->def->ntpms > 0) { char *shortName =3D NULL; const char *tpmpath =3D NULL; =20 - if (ctl->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { + for (i =3D 0; i < ctl->def->ntpms; i++) { + if (ctl->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + shortName =3D virDomainDefGetShortName(ctl->def); =20 - switch (ctl->def->tpm->version) { + switch (ctl->def->tpms[i]->version) { case VIR_DOMAIN_TPM_VERSION_1_2: tpmpath =3D "tpm1.2"; break; diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 7c4b4e2134..5a4ac187ef 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -437,12 +437,13 @@ testCompareXMLToArgvCreateArgs(virQEMUDriverPtr drv, vsockPriv->vhostfd =3D 6789; } =20 - if (vm->def->tpm) { - if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { - VIR_FREE(vm->def->tpm->data.emulator.source.data.file.path); - vm->def->tpm->data.emulator.source.data.file.path =3D g_strdup= ("/dev/test"); - vm->def->tpm->data.emulator.source.type =3D VIR_DOMAIN_CHR_TYP= E_FILE; - } + for (i =3D 0; i < vm->def->ntpms; i++) { + if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + + VIR_FREE(vm->def->tpms[i]->data.emulator.source.data.file.path); + vm->def->tpms[i]->data.emulator.source.data.file.path =3D g_strdup= ("/dev/test"); + vm->def->tpms[i]->data.emulator.source.type =3D VIR_DOMAIN_CHR_TYP= E_FILE; } =20 for (i =3D 0; i < vm->def->nvideos; i++) { --=20 2.26.2 From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104741; cv=none; d=zohomail.com; s=zohoarc; b=Wtgz69lThh4DQWCxjoym9Yu4kSPL67pi0vwDhfTtZ6UZiA3luQa6diAAfJwVZ1Vutku0i0WtXZ4yo19kvHHJGlNY8jsroJeNcwwCHk8Ilo32hCIZibdnftjKCXodzmvRRWpoKzP8G3+vOXHBZ9dzsKTRn3PwExAzFntSlHblMW4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104741; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=hPAv/PSgrnX0CMBIsRq/2NZdEs68MMbhjBK+rTL3Fr8=; b=dt94D6lmk1EAjH5xPqFwuYHTgCXcy1EY4VD9b3hJxOV9OzKbo0dgbWWg62CIDUeblr3yzs8S+68JlmT8almVik0qcgkSpcTxTca8LCaer2ovFFltHXQT33wXTGzgAfYPE1pzE6RFraHmZGshhXMnMk4PuxlQ/lBiB0nPdLhUgG0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1591104741872641.4723631614887; Tue, 2 Jun 2020 06:32:21 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-332-1ZMD_ELYMyuJep2jO83UJA-1; Tue, 02 Jun 2020 09:32:18 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 9F72B81E22C; Tue, 2 Jun 2020 13:32:09 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7B0056199D; Tue, 2 Jun 2020 13:32:09 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 49F559701D; Tue, 2 Jun 2020 13:32:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DW7Aw007370 for ; Tue, 2 Jun 2020 09:32:08 -0400 Received: by smtp.corp.redhat.com (Postfix) id 3EA11217B43B; Tue, 2 Jun 2020 13:32:07 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B24CF2156A54 for ; Tue, 2 Jun 2020 13:31:59 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6ACB0108C273 for ; Tue, 2 Jun 2020 13:31:58 +0000 (UTC) Received: from mail-qt1-f195.google.com (mail-qt1-f195.google.com [209.85.160.195]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-60-0CFpPd93N7S-5j2ja1ZLbg-1; Tue, 02 Jun 2020 09:31:52 -0400 Received: by mail-qt1-f195.google.com with SMTP id k22so10566612qtm.6; Tue, 02 Jun 2020 06:31:52 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104740; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=hPAv/PSgrnX0CMBIsRq/2NZdEs68MMbhjBK+rTL3Fr8=; b=MTG0nTXvw3mpj9+GbJD7OjfyYI1qp4YKS2fX225LOIYhlPZcd/MTLhHUaoRpGiOuWdw9IB 0/1rtpqtHhOsOre+OLofuo0vXgu4ahxT0KZDDA9LUn+TyEFIRn8a3oyWbIZvcjM89pvI0C 9kRyynViAtZeHE2UX5n7NPnHAwMKqZ4= X-MC-Unique: 1ZMD_ELYMyuJep2jO83UJA-1 X-MC-Unique: 0CFpPd93N7S-5j2ja1ZLbg-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hPAv/PSgrnX0CMBIsRq/2NZdEs68MMbhjBK+rTL3Fr8=; b=uKkxtCcERL0k6NHqudxlZsZb6wJxLvdVg6PIKGuJc0frGN+Uka1bU/3ZZl/pdsFx2a gKPVducUj25m1VpO+zwkL7SB4b8FaPhuxuKfFOq1UnQxbigGPtWCyJWgAAzvkEHCcG3g 2+4uECS0+837fw6QEqslBW4Z07i9wHvU314WpW7VpXulDQS5krBDyZyEyPYOxEC27do5 l4gZvRqcemHfoW/TZCjjRVjN6J7A/yyZnabg+e/rBpq3saUd20beOvegBjcXF7f+3MqN Ls+cHZRMMzUmGqAH3Hjxn4HSNoSipP8W/SoswCVIG43B/c/n1nxCAJtKNpvN6/ZCe3DS Dl6w== X-Gm-Message-State: AOAM533BtAGgiJG+E7sBxL6/qI2hpasf2Cue7AYGLkyOMGeFW3JENQ3d RSvz31vgsU56b6Jv3v9rutWO79Lo X-Google-Smtp-Source: ABdhPJxPLPxohVNuZI7zG1o4H7AdNOgkxJAGXrg6pOzOkpgOTg39UiiXIVe9fBoRjyHtryUmtNLVsw== X-Received: by 2002:ac8:1858:: with SMTP id n24mr27280570qtk.189.1591104711834; Tue, 02 Jun 2020 06:31:51 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 06/10] qemu: add validations after TPM Proxy model introduction Date: Tue, 2 Jun 2020 10:31:03 -0300 Message-Id: <20200602133107.1987182-7-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Previous patch handled the conversion of def->tpm to the array def->tpms and the XML parsing logic. This patch handles the validations needed to ensure the intended behavior. The existing qemuValidateDomainDeviceDefTPM() function was updated to guarantee that the VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY model is exclusive to PPC64 guests and to the VIR_DOMAIN_TPM_TYPE_PASSTHROUGH backend. A new function called qemuDomainDefTPMsPostParse() was added to guarantee that the following combinations in the same domain are valid: - a single TPM device - a single TPM Proxy device - a single TPM + single TPM Proxy devices And these combinations in the same domain are NOT valid: - 2 or more TPM devices - 2 or more TPM Proxy devices Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- src/qemu/qemu_domain.c | 37 +++++++++++++++++++++++++++++++++++++ src/qemu/qemu_validate.c | 19 +++++++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 3173fc3a3b..b1b50f05d4 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4953,6 +4953,40 @@ qemuDomainDefTsegPostParse(virDomainDefPtr def, } =20 =20 +static int +qemuDomainDefTPMsPostParse(virDomainDefPtr def) +{ + virDomainTPMDefPtr proxyTPM =3D NULL; + virDomainTPMDefPtr regularTPM =3D NULL; + size_t i; + + if (def->ntpms < 2) + return 0; + + for (i =3D 0; i < def->ntpms; i++) { + virDomainTPMDefPtr tpm =3D def->tpms[i]; + + if (tpm->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) { + if (proxyTPM) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("only a single TPM Proxy device is suppor= ted")); + return -1; + } else { + proxyTPM =3D tpm; + } + } else if (regularTPM) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("only a single TPM non-proxy device is suppor= ted")); + return -1; + } else { + regularTPM =3D tpm; + } + } + + return 0; +} + + static int qemuDomainDefPostParseBasic(virDomainDefPtr def, void *opaque G_GNUC_UNUSED) @@ -5039,6 +5073,9 @@ qemuDomainDefPostParse(virDomainDefPtr def, if (qemuDomainDefTsegPostParse(def, qemuCaps) < 0) return -1; =20 + if (qemuDomainDefTPMsPostParse(def) < 0) + return -1; + return 0; } =20 diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 584d1375b8..28e02ebefc 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -3623,6 +3623,25 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm, case VIR_DOMAIN_TPM_MODEL_SPAPR: flag =3D QEMU_CAPS_DEVICE_TPM_SPAPR; break; + case VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY: + if (!ARCH_IS_PPC64(def->os.arch)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("TPM Proxy model %s is only available for " + "PPC64 guests"), + virDomainTPMModelTypeToString(tpm->model)); + return -1; + } + + /* TPM Proxy devices have 'passthrough' backend */ + if (tpm->type !=3D VIR_DOMAIN_TPM_TYPE_PASSTHROUGH) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("TPM Proxy model %s requires " + "'Passthrough' backend"), + virDomainTPMModelTypeToString(tpm->model)); + } + + flag =3D QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY; + break; case VIR_DOMAIN_TPM_MODEL_LAST: default: virReportEnumRangeError(virDomainTPMModel, tpm->model); --=20 2.26.2 From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104734; cv=none; d=zohomail.com; s=zohoarc; b=cysgwbkv3eJ+JEPcKSKUP6LjoJOVLfm6qbmgR+6+KsJf83irjJBObudrmLng19XxIiRpPQ3OMKDtOvl7xEXCqxCpKDzBFaLUW/Ywq8sfhVz+FrdtTyTVLEOm/WlOwEbz7XaGRU/lIYXLj74LmEPbXfHeHQMBsQrQjqFZUQYEnbo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104734; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=a0EkD6FWtFVHTkmofLzTH87XhZS8bhdZ5dO4+d0WVxo=; b=dhbxlwz5PShqYFdEvTEmpFfin1dvYioTYwaCPL0ad1Sgg26EMxzH8uHzrJOhxYZmY755fm1J5a+br4pa41LZTGT5nWkRHBgyV6kWl0G8F12KQdZA1cjlpj2ownV7XXo8aVXTkzwyWkuRu4pXLBLFYsqmWEoYYaZ8Y2hnW5MvXMg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1591104734799914.692386010666; Tue, 2 Jun 2020 06:32:14 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-404-H7fh8HRaOwm3RoSmqQpe8w-1; Tue, 02 Jun 2020 09:32:10 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B2EBF1009444; Tue, 2 Jun 2020 13:32:01 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 927FE78F06; Tue, 2 Jun 2020 13:32:01 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 681899701B; Tue, 2 Jun 2020 13:32:01 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DW0gO007336 for ; Tue, 2 Jun 2020 09:32:00 -0400 Received: by smtp.corp.redhat.com (Postfix) id F0F85217B433; Tue, 2 Jun 2020 13:31:59 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id AC74D2156A51 for ; Tue, 2 Jun 2020 13:31:59 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 81BA3853385 for ; Tue, 2 Jun 2020 13:31:59 +0000 (UTC) Received: from mail-qv1-f65.google.com (mail-qv1-f65.google.com [209.85.219.65]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-282-GEFjkhJqOxS0p_9P0EtPlw-1; Tue, 02 Jun 2020 09:31:55 -0400 Received: by mail-qv1-f65.google.com with SMTP id r16so1735714qvm.6; Tue, 02 Jun 2020 06:31:55 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104733; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=a0EkD6FWtFVHTkmofLzTH87XhZS8bhdZ5dO4+d0WVxo=; b=gYT/Khx7VOwsHyJWQAnqUK+PFiJV1k4PGsdluZpWNCVFGkFagh2UbUE4pGasmAh/9XevFY DfJ9oC6JLkmpI5TlYTXV3XaYf60d2oi+UVzJIn6LVaFGGqxHv8t04F78X4LqDeXOggHMkW r8jq//FdxJjGWFlSjDqV4yndlrQ/S9A= X-MC-Unique: H7fh8HRaOwm3RoSmqQpe8w-1 X-MC-Unique: GEFjkhJqOxS0p_9P0EtPlw-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=a0EkD6FWtFVHTkmofLzTH87XhZS8bhdZ5dO4+d0WVxo=; b=TR5mdC+vB5Q+ZoEHj1VMLJhi/pZHS6Lf1ro534ctjhDbrQ6UZ/MEdJOlJGWBgZJCnx +RrWPOmFqckcVStL555AN7xhKZ+PqYLAUveedQEQCGpjzcpDCcxfFG7SChzprb3eoTRs 1nGtZMTkDCb/edZU++qro23oSzByFw5/LwalcOaOYiQefGZtEqEtZROSWp5bzmBwnJes dOYKAHym4Kqm+kbBd47TEbAo8Byjj52MHlQyDo1gUcdL2+qrFD8B9ECXAgvFPDa8Zdil CqWOkP/PJCpGzifzb4retf7aPD4G3V5LtB94bMU05voRHSqUTCw30NUwio//ffPY4e03 Uybg== X-Gm-Message-State: AOAM530TwaOF3fH2LcA/kLwLM/v99v+iEzmw3q9vStliJzZ0wB1tXYW4 POC9OLIHuSawNY7BGqkC+qMD7tny X-Google-Smtp-Source: ABdhPJxFIlPP89BZD6Vl1PygZI63pj5SGdTDela8KxVcWiC7w/s5/Ohcbqpnm4LALFH6wJ3JlWblbQ== X-Received: by 2002:a0c:b6d7:: with SMTP id h23mr26851381qve.162.1591104714179; Tue, 02 Jun 2020 06:31:54 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 07/10] tests: add XML schema tests for the TPM Proxy device Date: Tue, 2 Jun 2020 10:31:04 -0300 Message-Id: <20200602133107.1987182-8-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" This tests aims to exercise how a TPM Proxy device can be added in the domain, either alone or with a regular TPM device. It also ensures that we do not allow bogus scenarios to slip by. Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- tests/qemuxml2argvdata/ppc64-tpm-double.xml | 34 ++++++++++++++ .../ppc64-tpmproxy-double.xml | 38 +++++++++++++++ .../ppc64-tpmproxy-single.xml | 33 +++++++++++++ .../ppc64-tpmproxy-with-tpm.xml | 36 +++++++++++++++ tests/qemuxml2argvtest.c | 12 +++++ .../ppc64-tpmproxy-single.ppc64-latest.xml | 42 +++++++++++++++++ .../ppc64-tpmproxy-with-tpm.ppc64-latest.xml | 46 +++++++++++++++++++ tests/qemuxml2xmltest.c | 2 + 8 files changed, 243 insertions(+) create mode 100644 tests/qemuxml2argvdata/ppc64-tpm-double.xml create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-la= test.xml create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-= latest.xml diff --git a/tests/qemuxml2argvdata/ppc64-tpm-double.xml b/tests/qemuxml2ar= gvdata/ppc64-tpm-double.xml new file mode 100644 index 0000000000..8730547a4d --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpm-double.xml @@ -0,0 +1,34 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + + +
+ + + diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml b/tests/qemux= ml2argvdata/ppc64-tpmproxy-double.xml new file mode 100644 index 0000000000..12abda509e --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml @@ -0,0 +1,38 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + + + + + + +
+ + + diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml b/tests/qemux= ml2argvdata/ppc64-tpmproxy-single.xml new file mode 100644 index 0000000000..729a2cdf28 --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml @@ -0,0 +1,33 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + +
+ + + diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml b/tests/qem= uxml2argvdata/ppc64-tpmproxy-with-tpm.xml new file mode 100644 index 0000000000..a61ec9845c --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml @@ -0,0 +1,36 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + + + + +
+ + + diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 5a4ac187ef..5feb964537 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -3064,6 +3064,18 @@ mymain(void) QEMU_CAPS_NEC_USB_XHCI, QEMU_CAPS_DEVICE_QEMU_XHCI); =20 + DO_TEST_PARSE_ERROR("ppc64-tpmproxy-double", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_PCI_OHCI, + QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, + QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY); + + DO_TEST_PARSE_ERROR("ppc64-tpm-double", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_PCI_OHCI, + QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, + QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY); + DO_TEST("aarch64-usb-controller-qemu-xhci", QEMU_CAPS_OBJECT_GPEX, QEMU_CAPS_NEC_USB_XHCI, diff --git a/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xm= l b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml new file mode 100644 index 0000000000..4e0e5f24b8 --- /dev/null +++ b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml @@ -0,0 +1,42 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + + POWER9 + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + + + + + +
+ + + + diff --git a/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.= xml b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml new file mode 100644 index 0000000000..9b64f914f0 --- /dev/null +++ b/tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml @@ -0,0 +1,46 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + + + + + + POWER9 + + + destroy + restart + restart + + /usr/bin/qemu-system-ppc64 + +
+ + + + + + + + + + + + +
+ + +
+ + + + diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index dcc7b29ded..5a9ee18ece 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -609,6 +609,8 @@ mymain(void) DO_TEST("controller-usb-order", QEMU_CAPS_PIIX_DISABLE_S3, QEMU_CAPS_PIIX_DISABLE_S4); + DO_TEST_CAPS_ARCH_LATEST("ppc64-tpmproxy-single", "ppc64"); + DO_TEST_CAPS_ARCH_LATEST("ppc64-tpmproxy-with-tpm", "ppc64"); =20 DO_TEST_FULL("seclabel-dynamic-baselabel", WHEN_INACTIVE, ARG_QEMU_CAPS, NONE); --=20 2.26.2 From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104744; cv=none; d=zohomail.com; s=zohoarc; b=Ceun+CfbsqroHceA4a1WRycINxivx8hNxYYXr5H0K89c+Ea0zlGfkh2fSEU26vBdGjapLkuioYit7RjsGrO8/ilKQfxnjLeuHB9lWaDJKHVIR4aFBGNgPTL5TQrj70ZASR1xDTPuPaBDiKiUfv3c/2cBOaN6BSCWbPIcJ0ut9zo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104744; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=xg8DUHJRh+no17o2HJ1B6leT0z72pc3/+KxYYlgTtuY=; b=T+z9b9Nx4N+YWzOgRff8VVvApT/Z9ZOHVYdgwlQpm8v8/cAbH13IiIxMaE56CkLqg01ayA5O0IFt84nw+9Uw9VdFDb6FOe9/h3zLOPXolbsw+bW9iggr1dnM/ML9fWk+wgSJL9khjKA+reFBwdYHS+O9m75qnvp/SZz7ClFiLYY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1591104744179320.4535676195919; Tue, 2 Jun 2020 06:32:24 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-254-Zuu3QfOwNiOwyh-hFT5C2g-1; Tue, 02 Jun 2020 09:32:19 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 90875461; Tue, 2 Jun 2020 13:32:07 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1D2FB11A9E0; Tue, 2 Jun 2020 13:32:07 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id DB9A8180043A; Tue, 2 Jun 2020 13:32:06 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DW5rJ007355 for ; Tue, 2 Jun 2020 09:32:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5A397D0172; Tue, 2 Jun 2020 13:32:05 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 17B71D019F for ; Tue, 2 Jun 2020 13:32:01 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 8559B81DA27 for ; Tue, 2 Jun 2020 13:32:01 +0000 (UTC) Received: from mail-qk1-f195.google.com (mail-qk1-f195.google.com [209.85.222.195]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-258-t3dXAH2LOPeENxhyzao2Zw-1; Tue, 02 Jun 2020 09:31:57 -0400 Received: by mail-qk1-f195.google.com with SMTP id w3so12446854qkb.6; Tue, 02 Jun 2020 06:31:56 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104742; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=xg8DUHJRh+no17o2HJ1B6leT0z72pc3/+KxYYlgTtuY=; b=RJiVzMMpiy+btlYRRDtRDxNrfzhS++kAqgZsfIK0SdirjPt92f3BvTXHDuhFCpXOOD9YVq ViV3/u/ZNceEngtIiTym4Nj2h6aPRiQSEhH2vJh3Yek1m25oQq34ReWNaVcUljzACiXaSt gKrdDY+7OUu4kEepvf2N61aS6OObLS8= X-MC-Unique: Zuu3QfOwNiOwyh-hFT5C2g-1 X-MC-Unique: t3dXAH2LOPeENxhyzao2Zw-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=xg8DUHJRh+no17o2HJ1B6leT0z72pc3/+KxYYlgTtuY=; b=eT7NPxpSf7Bc5S8wTk7Kuq2mpg51vE206aDUWPmj7eKs1Ob+uPgHKbYWHcWvfTaBTT wpBj/bDwBVlytkOTJsguelsSLqyUXqGJ6T0xb200f8v5jGe309eNL8zUNchhZK3lwEt1 z2k08qi5+wqAEjeUWXc3giXinMwWEzfu7LJeBa4C25lvBax595RSKJMEyhWuSJL6jcYn E9PI2FduxmsRK2dFt63Eplw2K7w19g9uMn5cYKfa0OYALKI+2zozpwJWzcRtMUCgFm14 6/GNTWHn1kPWjMAVDcHASmmBlawq/GLQBfK7Dkoj76J3dckGBr8at66lwnW0hqsP8Apd lWdA== X-Gm-Message-State: AOAM530AzV9gyuwWKbkTJxIaKybIuTcUe4OFDBhj5YZG8WNvaDH3lnT1 nsi2QoJE53FUJBUQDwdeBdCBZ7GO X-Google-Smtp-Source: ABdhPJxDpNcncq3MzmlKL3smR5rtKe7yiqRhhk3rhNBZYyKEjtZKAbyoMRK1bPeuCTvrciKbMWn5SA== X-Received: by 2002:a37:6388:: with SMTP id x130mr25286443qkb.458.1591104716357; Tue, 02 Jun 2020 06:31:56 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 08/10] qemu: build command line for the TPM Proxy device Date: Tue, 2 Jun 2020 10:31:05 -0300 Message-Id: <20200602133107.1987182-9-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" This patch wraps it up all the wiring done in previous patches, enabling a PPC64 guest to launch a guest using a TPM Proxy device. Note that device validation is already being done in qemu_validate.c, qemuValidateDomainDeviceDefTPM(), on domain define time. We don't need to verify QEMU capabilities for this device again inside qemu_command.c. Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- src/qemu/qemu_alias.c | 5 ++++- src/qemu/qemu_command.c | 27 ++++++++++++++++++++++++++- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c index 85fdb85940..bb7145d630 100644 --- a/src/qemu/qemu_alias.c +++ b/src/qemu/qemu_alias.c @@ -408,7 +408,10 @@ qemuAssignDeviceTPMAlias(virDomainTPMDefPtr tpm, if (tpm->info.alias) return 0; =20 - tpm->info.alias =3D g_strdup_printf("tpm%d", idx); + if (tpm->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) + tpm->info.alias =3D g_strdup_printf("tpmproxy%d", idx); + else + tpm->info.alias =3D g_strdup_printf("tpm%d", idx); return 0; } =20 diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 59caff08f2..ab3828ec57 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -9039,6 +9039,26 @@ qemuBuildTPMCommandLine(virCommandPtr cmd, } =20 =20 +static int +qemuBuildTPMProxyCommandLine(virCommandPtr cmd, + virDomainTPMDefPtr tpm) +{ + g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER; + const char *filePath =3D NULL; + + filePath =3D tpm->data.passthrough.source.data.file.path; + + virCommandAddArg(cmd, "-device"); + virBufferAsprintf(&buf, "%s,id=3D%s,host-path=3D", + virDomainTPMModelTypeToString(tpm->model), + tpm->info.alias); + virQEMUBuildBufferEscapeComma(&buf, filePath); + virCommandAddArgBuffer(cmd, &buf); + + return 0; +} + + static int qemuBuildTPMsCommandLine(virCommandPtr cmd, const virDomainDef *def, @@ -9047,8 +9067,13 @@ qemuBuildTPMsCommandLine(virCommandPtr cmd, size_t i; =20 for (i =3D 0; i < def->ntpms; i++) { - if (qemuBuildTPMCommandLine(cmd, def, def->tpms[i], qemuCaps) < 0) + if (def->tpms[i]->model =3D=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) { + if (qemuBuildTPMProxyCommandLine(cmd, def->tpms[i]) < 0) + return -1; + } else if (qemuBuildTPMCommandLine(cmd, def, + def->tpms[i], qemuCaps) < 0) { return -1; + } } =20 return 0; --=20 2.26.2 From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104748; cv=none; d=zohomail.com; s=zohoarc; b=OK8lZDV10+YHPwdyg2vq+PrXuL87lAPX77Jw3GEk4og888V7BFCheC/WmleIuMS/j7bSZD50rsSk3mbILa6GOvFE78nwfEFBw4RViVqlHJ6oX3bPeYLpaQoOlLrS/wEyxf57GAXP3Hdwykh7MyBiTCcghdQ+NBE0nSztAwwoti0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104748; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=WHxxSVDBLUQjc2iFR+A5yNgfidIdJUunKBDAkZSccYk=; b=EY6wl+5KL97tQZxnJh1Uc9h2iqrCuzOESU8eWL94+YP0P63s75LpUgMy3ucM9Zvl/GUEI7ysBZzcdHN5jqj42lw9/+JbilQi7Q0Ph8GUrmNDN/drLIG9RKlYi8V/nucgqmXvTfcry6w4MBhra9KvGaGxGRDytDQDb6fAagVH008= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1591104748863774.9326425206071; Tue, 2 Jun 2020 06:32:28 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-245-s0491pUXOCa8napKVR-M5g-1; Tue, 02 Jun 2020 09:32:22 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id EFD3D8015CE; Tue, 2 Jun 2020 13:32:14 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CBF8719D71; Tue, 2 Jun 2020 13:32:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9E93397020; Tue, 2 Jun 2020 13:32:14 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DWDjp007398 for ; Tue, 2 Jun 2020 09:32:13 -0400 Received: by smtp.corp.redhat.com (Postfix) id 45899200C0FD; Tue, 2 Jun 2020 13:32:13 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 16B06202683E for ; Tue, 2 Jun 2020 13:32:11 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DA8871914A30 for ; Tue, 2 Jun 2020 13:32:10 +0000 (UTC) Received: from mail-qt1-f196.google.com (mail-qt1-f196.google.com [209.85.160.196]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-243-oEZi-K_jOXe0HfxnUM9c-Q-1; Tue, 02 Jun 2020 09:32:02 -0400 Received: by mail-qt1-f196.google.com with SMTP id q14so10315783qtr.9; Tue, 02 Jun 2020 06:32:01 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104745; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=WHxxSVDBLUQjc2iFR+A5yNgfidIdJUunKBDAkZSccYk=; b=aVhH441aRB6e5ObODauipP8P1xvLqa8/Tp/dk4RnlTIxfSpB5LNrpuXAvduSm8M/NplX1O 2wY1NR5voypvR1HZfUYw6335OLsVdD3jSnquqdRIYAC0dUfiPNSeQPQKWFFv9RGT1ZieS6 4KQkZyBBAm880bthcsXTDZfm2NDInxU= X-MC-Unique: s0491pUXOCa8napKVR-M5g-1 X-MC-Unique: oEZi-K_jOXe0HfxnUM9c-Q-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WHxxSVDBLUQjc2iFR+A5yNgfidIdJUunKBDAkZSccYk=; b=Y7zXjF3k+MRoIaRv+CMO6n/G29ZdT1x+g/o0O7fYW0KlYmacgD6S8hcsZ99KOF1aCY 2CtmzNzS9CDEjzwC5k8Y9NESXKsiln4sgIt2KujnNRObOxNfE+7SZWNV4A6gmj8gidDY a75SteVoq4oaYjBvdezjAPUynak6D+42Il9Jp+Eec6Z/8pk6TwnhhdYHwpmVI7/eWdP/ e7zzikj807UcHQbW0L4g5YhY9/XZq0MO3SiOGzu4Y6N70Xe943FTw0I9PP3N2Mcnh3Ff SwKFWaAzt33eu6kiFcPjFrC3Q1cMkjumkiHDlh9ritUrP8YvqPyQcrpZg5F59DTIuLWc Ocdg== X-Gm-Message-State: AOAM532UvvplgurjMyDT58uDWUuNn8+nacjXPH4hn3wjcwUL6KbdJfQ3 huYbYp0Dx33br1tr6r19AB5PyQfz X-Google-Smtp-Source: ABdhPJzpRDPZUCcsagrGSn85ltTHS30FyesNMXQz1SHZ5an9mIHpRyBfveGDOMZlzbKKoL/7POcPxw== X-Received: by 2002:ac8:134a:: with SMTP id f10mr27983613qtj.123.1591104718898; Tue, 02 Jun 2020 06:31:58 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 09/10] tests/qemuxml2argvtest.c: add TPM Proxy command line tests Date: Tue, 2 Jun 2020 10:31:06 -0300 Message-Id: <20200602133107.1987182-10-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Add tests for both supported scenarios: a single TPM Proxy and a TPM Proxy with a regular TPM device in the same domain. Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- .../ppc64-tpmproxy-single.ppc64-latest.args | 34 +++++++++++++++++ .../ppc64-tpmproxy-with-tpm.ppc64-latest.args | 37 +++++++++++++++++++ tests/qemuxml2argvtest.c | 3 ++ 3 files changed, 74 insertions(+) create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-late= st.args create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-la= test.args diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args= b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args new file mode 100644 index 0000000000..f606cee16b --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args @@ -0,0 +1,34 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/tmp/lib/domain--1-QEMUGuest1 \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-ppc64 \ +-name guest=3DQEMUGuest1,debug-threads=3Don \ +-S \ +-object secret,id=3DmasterKey0,format=3Draw,\ +file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ +-machine pseries,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \ +-cpu POWER9 \ +-m 256 \ +-overcommit mem-lock=3Doff \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-boot strict=3Don \ +-device pci-ohci,id=3Dusb,bus=3Dpci.0,addr=3D0x1 \ +-device spapr-tpm-proxy,id=3Dtpmproxy0,host-path=3D/dev/tpmrm0 \ +-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x6 \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\ +resourcecontrol=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.ar= gs b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args new file mode 100644 index 0000000000..83eb58ae19 --- /dev/null +++ b/tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args @@ -0,0 +1,37 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/tmp/lib/domain--1-QEMUGuest1 \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-ppc64 \ +-name guest=3DQEMUGuest1,debug-threads=3Don \ +-S \ +-object secret,id=3DmasterKey0,format=3Draw,\ +file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ +-machine pseries,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \ +-cpu POWER9 \ +-m 256 \ +-overcommit mem-lock=3Doff \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-boot strict=3Don \ +-device pci-ohci,id=3Dusb,bus=3Dpci.0,addr=3D0x1 \ +-device spapr-tpm-proxy,id=3Dtpmproxy0,host-path=3D/dev/tpmrm0 \ +-tpmdev emulator,id=3Dtpm-tpm0,chardev=3Dchrtpm \ +-chardev socket,id=3Dchrtpm,path=3D/dev/test \ +-device tpm-spapr,tpmdev=3Dtpm-tpm0,id=3Dtpm0,reg=3D0x00004000 \ +-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x6 \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\ +resourcecontrol=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 5feb964537..83a051ed21 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -3076,6 +3076,9 @@ mymain(void) QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY); =20 + DO_TEST_CAPS_LATEST_PPC64("ppc64-tpmproxy-single"); + DO_TEST_CAPS_LATEST_PPC64("ppc64-tpmproxy-with-tpm"); + DO_TEST("aarch64-usb-controller-qemu-xhci", QEMU_CAPS_OBJECT_GPEX, QEMU_CAPS_NEC_USB_XHCI, --=20 2.26.2 From nobody Wed May 1 22:55:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104743; cv=none; d=zohomail.com; s=zohoarc; b=kJIdTW5LNURP9H7DkTbqJtpNlEJqOmqR6lYKxFRgKXGzHS6Pj9aCEAqr702kuB4ihzbyAKNy4axR+TJuMG+uAINFgV2aV5lLYTuTOVSyNsPzJsxCHs3YbmhG5mx6fdrr/IqrJ/++G4DydP3ZvNCH2mChgRs/t1j8kGUBDFf7BWw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104743; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ZMAYp24gwas6jFNhFtV/ZuElh7vLFJNRYz+W4mHf0tc=; b=mzBXvgu/4MBcHRXYeQOs9ryk8kt5/8OBnwarZeQtDMtJEHooMQBmT9wGX31vaLwwzWAQjmBYj87er1f2aKnwayW7auBA0oyF5cNkK6T+8f2T0lrEfPmLLYr8fQXtmzqniS2ZxPfJe7Hwbl7Oc0+YFbL4QsXdcv0zeIB1h7Cx4BE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1591104743757109.40393940435604; Tue, 2 Jun 2020 06:32:23 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-179-n7exHSrcO1CltR-x2gOzbw-1; Tue, 02 Jun 2020 09:32:19 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 92CBB18FF666; Tue, 2 Jun 2020 13:32:09 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6E2F119D7C; Tue, 2 Jun 2020 13:32:09 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3D0D21806B0C; Tue, 2 Jun 2020 13:32:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DW7UP007368 for ; Tue, 2 Jun 2020 09:32:07 -0400 Received: by smtp.corp.redhat.com (Postfix) id 857301008C9A; Tue, 2 Jun 2020 13:32:07 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 101D61008B6B for ; Tue, 2 Jun 2020 13:32:04 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7A65F108C269 for ; Tue, 2 Jun 2020 13:32:04 +0000 (UTC) Received: from mail-qv1-f67.google.com (mail-qv1-f67.google.com [209.85.219.67]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-350-AUGHDGxuNKGbe7l9ixKY0g-1; Tue, 02 Jun 2020 09:32:02 -0400 Received: by mail-qv1-f67.google.com with SMTP id p15so1729347qvr.9; Tue, 02 Jun 2020 06:32:01 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:32:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104742; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ZMAYp24gwas6jFNhFtV/ZuElh7vLFJNRYz+W4mHf0tc=; b=AyjFITbFkgMfAdB9DgWlwDgnhYWlH4u2saFM0VXi9vG85bGqykllV7fntFVzDpshCacKrX aExUULRPHKO83sWGl6ez/PQNtONgq16j4CXuIoU3ptFlu5UP1ltIEJ8vo7H7D3F/iwfuJd SY63RXR6HI44eChlrMzsivprsAiE7To= X-MC-Unique: n7exHSrcO1CltR-x2gOzbw-1 X-MC-Unique: AUGHDGxuNKGbe7l9ixKY0g-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ZMAYp24gwas6jFNhFtV/ZuElh7vLFJNRYz+W4mHf0tc=; b=b3t7KlA3plVVdjofGmEGZ+lvzlgt1BUjJb3Poor6fv+4mmmCKArtkgcjRPl/tdQ67w CPz5ONAdd6N+UYwG3zoW0Jkap5ge6Ll6sZSUpyJPGE5vuVVQxzB26DvNVe1Si1duNuPn l+s5u2U8zY3P+XQcz6lCLUpL2fpP1URcRxcklQS8MQS62Rgp8iKhM6R4IDhqPNR/Ft1s GQsB3ACWMWvsvY+CkTSnPzY2k8CSNN7xMKc7JQW1Gh70iunaJJbHXbVqnXYvkMQmpp7f bsumM5Bi31xNhbfIj+m8M6jlHXVkB8CCP4NFOv2Am77Ft1B4mDR2TkJfBoR9yr/31Lg4 H2tQ== X-Gm-Message-State: AOAM530cd15TpAhVaSr14r88eY96ms3uu7ajEWqJLQW6b90XG0XsRWzH aydLGqzxQiPHyZkGsYMZUDUm2r27 X-Google-Smtp-Source: ABdhPJwCb/M8qRGh4/U4mxmaUl5vMWXDuaT2oUXmSE+cRe7znzSlO/pnEejBJNJYPhFgRMMI8wDGzw== X-Received: by 2002:a0c:d78f:: with SMTP id z15mr25341738qvi.178.1591104721349; Tue, 02 Jun 2020 06:32:01 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 10/10] docs/news.xml: update for the new TPM Proxy device Date: Tue, 2 Jun 2020 10:31:07 -0300 Message-Id: <20200602133107.1987182-11-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- docs/news.xml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/docs/news.xml b/docs/news.xml index 18d96af048..fc41e53d1d 100644 --- a/docs/news.xml +++ b/docs/news.xml @@ -44,6 +44,23 @@
+ + + qemu: add TPM Proxy device support + + + libvirt can now create guests using a new device type called + "TPM Proxy". The TPM Proxy connects to a TPM Resource Manager + present in the host, enabling the guest to run in secure virtual + machine mode with the help of an Ultravisor. Adding a TPM Proxy = to + a pSeries guest brings no security benefits unless the guest is + running on a PPC64 host that has Ultravisor and TPM Resource Man= ager + support. Only one TPM Proxy is allowed per guest. A guest using + a TPM Proxy device can instantiate another TPM device at the same + time. This device is supported only for pSeries guests via the n= ew + 'spapr-tpm-proxy' model of the TPM 'passthrough' backend. + +
--=20 2.26.2