From nobody Sun Feb 8 05:40:47 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1591104737; cv=none; d=zohomail.com; s=zohoarc; b=g95wjjKBZZ0difObTnfJ4vOqen55eqKg8c2yRW8o5YfnqecGssIPXazM7GkRy0cH/S5Ypd6l+YQYHkKYC3LwATbX7esjg5YZSsaO7a2v9bd4VfXfqZg0bGMq9aClfvg6Jv2oYNCq0fc8/zUYZR/jOKiF2DoB6Xvmy80FuUjJ8hY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1591104737; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=uDzzgub/qDp43m/awYwu9jAmi1joqGBeElNbTLOFllg=; b=FABsRoEoU5pf8Ye1Uyy39UTLiOQowcXXigfIo3Dm49Uv9lZNSTHQYKXsPBLxzwH7SIJqsQStcIYyTGiWSRJFzxNFkrmN1e8uuEH/Ka6fPMzgF7vkIgG2YeP8PNON99Ncgb3ZxOZSlegxYVcBdTFX2Pe2zB9uOBr/8nHW6TnAuNo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1591104737419471.68968567356046; Tue, 2 Jun 2020 06:32:17 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-259-bUNuWzeBNgel-JwRjyL4vw-1; Tue, 02 Jun 2020 09:32:13 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4EFEE108BD0D; Tue, 2 Jun 2020 13:32:04 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2F3D75D9DD; Tue, 2 Jun 2020 13:32:04 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F29999701E; Tue, 2 Jun 2020 13:32:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 052DVuP6007320 for ; Tue, 2 Jun 2020 09:31:56 -0400 Received: by smtp.corp.redhat.com (Postfix) id 262012029F71; Tue, 2 Jun 2020 13:31:56 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 018922026FFE for ; Tue, 2 Jun 2020 13:31:55 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5CEDB1914A21 for ; Tue, 2 Jun 2020 13:31:55 +0000 (UTC) Received: from mail-qk1-f193.google.com (mail-qk1-f193.google.com [209.85.222.193]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-136-aGRYWchuMlGp04_vR833eQ-1; Tue, 02 Jun 2020 09:31:51 -0400 Received: by mail-qk1-f193.google.com with SMTP id g28so11730334qkl.0; Tue, 02 Jun 2020 06:31:51 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c7:9da7:da03:b92e:aafb:831c]) by smtp.gmail.com with ESMTPSA id c58sm2735424qtd.27.2020.06.02.06.31.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 06:31:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1591104736; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=uDzzgub/qDp43m/awYwu9jAmi1joqGBeElNbTLOFllg=; b=GKF4MNNXqJV6VszYFQ0tFHRUdMBFpjGTbb7+ovo768jpy2k8QOLMQHvONWP+sz5l2praXW 5lNGQiIzb+sreY44C7OcbcEWHvPXZkY2rh6wdH0YqKKVcDeoxiREX1X7Mg0v5t+xHGJdYV bsVQCEq59OOV6/LOAAyL6mGHEY0FMCQ= X-MC-Unique: bUNuWzeBNgel-JwRjyL4vw-1 X-MC-Unique: aGRYWchuMlGp04_vR833eQ-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uDzzgub/qDp43m/awYwu9jAmi1joqGBeElNbTLOFllg=; b=G65rv0YscGSiRCX2RX6vHHl2h13xkgluFVECgOf+0XDN8POSaoue5Coo0TD82nEPRf xcecX1Vr1/7enbCTmClx5yJgF9jYe4AJ/zZD+ygRAZ552wPTN/6ec6JMOeBEC9ebEAlS eftEAlp0HqXgaPdaX5p+ix7e04wzGXffSP4WwGju3lHKIRGqyPDOJDmoloAlegJW5j1O YUY0pbPfxbBf8oERpf4SrXu1Dlb7KUp7qDtZ2ywjxD342mJSHlU9RFcnoCSnS5w9wCpK MhAWaK5UEtC3DjwK6UZ19Mc0f7OErQj8uhUUgsENdQGrmRIGdbYfcs61xlOEZS4V67kC Ewnw== X-Gm-Message-State: AOAM5325X9BDMrPV85J+UgXzm3w8VaXkA/c2K/GwP5QzC0+6d7FH4Q7s xthsfZJmpSRzaUUDoSRC1fwOHPR/ X-Google-Smtp-Source: ABdhPJyyaP7DhJyk+3UBpMyHmtJorOPWZzznBcGBLg7hNGbjevBQHLN9K2CdNMm0iq20UV28y2P1xw== X-Received: by 2002:a37:7743:: with SMTP id s64mr23555870qkc.345.1591104709888; Tue, 02 Jun 2020 06:31:49 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Subject: [PATCH v6 05/10] conf, qemu, security, tests: introducing 'def->tpms' array Date: Tue, 2 Jun 2020 10:31:02 -0300 Message-Id: <20200602133107.1987182-6-danielhb413@gmail.com> In-Reply-To: <20200602133107.1987182-1-danielhb413@gmail.com> References: <20200602133107.1987182-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , jtomko@redhat.com, stefanb@linux.ibm.com, sathnaga@linux.vnet.ibm.com, david@gibson.dropbear.id.au X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" A TPM Proxy device can coexist with a regular TPM, but the current domain definition supports only a single TPM device in the 'tpm' pointer. This patch replaces this existing pointer in the domain definition to an array of TPM devices. All files that references the old pointer were adapted to handle the new array instead. virDomainDefParseXML() TPM related code was adapted to handle the parsing of an extra TPM device. TPM validations after this new scenario will be updated in the next patch. Tested-by: Satheesh Rajendran Reviewed-by: Stefan Berger Signed-off-by: Daniel Henrique Barboza --- src/conf/domain_audit.c | 4 +-- src/conf/domain_conf.c | 50 +++++++++++++++++++------------ src/conf/domain_conf.h | 6 +++- src/qemu/qemu_alias.c | 4 +-- src/qemu/qemu_cgroup.c | 10 ++++--- src/qemu/qemu_command.c | 34 ++++++++++++++------- src/qemu/qemu_domain.c | 31 +++++++++++++------- src/qemu/qemu_domain_address.c | 11 ++++--- src/qemu/qemu_extdevice.c | 18 +++++++----- src/qemu/qemu_tpm.c | 52 +++++++++++++++++++++++++-------- src/security/security_dac.c | 8 ++--- src/security/security_selinux.c | 32 ++++++++++++-------- src/security/virt-aa-helper.c | 9 ++++-- tests/qemuxml2argvtest.c | 13 +++++---- 14 files changed, 186 insertions(+), 96 deletions(-) diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c index 1b0abb21a0..8bc6633af4 100644 --- a/src/conf/domain_audit.c +++ b/src/conf/domain_audit.c @@ -821,8 +821,8 @@ virDomainAuditStart(virDomainObjPtr vm, const char *rea= son, bool success) for (i =3D 0; i < vm->def->nrngs; i++) virDomainAuditRNG(vm, NULL, vm->def->rngs[i], "start", true); =20 - if (vm->def->tpm) - virDomainAuditTPM(vm, vm->def->tpm, "start", true); + for (i =3D 0; i < vm->def->ntpms; i++) + virDomainAuditTPM(vm, vm->def->tpms[i], "start", true); =20 for (i =3D 0; i < vm->def->nshmems; i++) virDomainAuditShmem(vm, vm->def->shmems[i], "start", true); diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 1406cf079e..899f994e23 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1165,6 +1165,7 @@ VIR_ENUM_IMPL(virDomainTPMModel, "tpm-tis", "tpm-crb", "tpm-spapr", + "spapr-tpm-proxy", ); =20 VIR_ENUM_IMPL(virDomainTPMBackend, @@ -3480,7 +3481,9 @@ void virDomainDefFree(virDomainDefPtr def) virDomainMemoryDefFree(def->mems[i]); VIR_FREE(def->mems); =20 - virDomainTPMDefFree(def->tpm); + for (i =3D 0; i < def->ntpms; i++) + virDomainTPMDefFree(def->tpms[i]); + VIR_FREE(def->tpms); =20 for (i =3D 0; i < def->npanics; i++) virDomainPanicDefFree(def->panics[i]); @@ -4313,10 +4316,10 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr = def, if ((rc =3D cb(def, &device, &def->shmems[i]->info, opaque)) !=3D = 0) return rc; } - if (def->tpm) { - device.type =3D VIR_DOMAIN_DEVICE_TPM; - device.data.tpm =3D def->tpm; - if ((rc =3D cb(def, &device, &def->tpm->info, opaque)) !=3D 0) + device.type =3D VIR_DOMAIN_DEVICE_TPM; + for (i =3D 0; i < def->ntpms; i++) { + device.data.tpm =3D def->tpms[i]; + if ((rc =3D cb(def, &device, &def->tpms[i]->info, opaque)) !=3D 0) return rc; } device.type =3D VIR_DOMAIN_DEVICE_PANIC; @@ -21971,15 +21974,23 @@ virDomainDefParseXML(xmlDocPtr xml, if ((n =3D virXPathNodeSet("./devices/tpm", ctxt, &nodes)) < 0) goto error; =20 - if (n > 1) { + if (n > 2) { virReportError(VIR_ERR_XML_ERROR, "%s", - _("only a single TPM device is supported")); + _("a maximum of two TPM devices is supported, one o= f " + "them being a TPM Proxy device")); goto error; } =20 - if (n > 0) { - if (!(def->tpm =3D virDomainTPMDefParseXML(xmlopt, nodes[0], ctxt,= flags))) + if (n && VIR_ALLOC_N(def->tpms, n) < 0) + goto error; + + for (i =3D 0; i < n; i++) { + virDomainTPMDefPtr tpm =3D virDomainTPMDefParseXML(xmlopt, nodes[i= ], + ctxt, flags); + if (!tpm) goto error; + + def->tpms[def->ntpms++] =3D tpm; } VIR_FREE(nodes); =20 @@ -24341,16 +24352,19 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPt= r src, goto error; } =20 - if (src->tpm && dst->tpm) { - if (!virDomainTPMDefCheckABIStability(src->tpm, dst->tpm)) - goto error; - } else if (src->tpm || dst->tpm) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("Either both target and source domains or none of= " - "them must have TPM device present")); + if (src->ntpms !=3D dst->ntpms) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Target domain TPM device count %zu " + "does not match source %zu"), + dst->ntpms, src->ntpms); goto error; } =20 + for (i =3D 0; i < src->ntpms; i++) { + if (!virDomainTPMDefCheckABIStability(src->tpms[i], dst->tpms[i])) + goto error; + } + if (src->nmems !=3D dst->nmems) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Target domain memory device count %zu " @@ -29793,8 +29807,8 @@ virDomainDefFormatInternalSetRootName(virDomainDefP= tr def, goto error; } =20 - if (def->tpm) { - if (virDomainTPMDefFormat(buf, def->tpm, flags) < 0) + for (n =3D 0; n < def->ntpms; n++) { + if (virDomainTPMDefFormat(buf, def->tpms[n], flags) < 0) goto error; } =20 diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index e152c599ca..84e36e03f4 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1294,6 +1294,7 @@ typedef enum { VIR_DOMAIN_TPM_MODEL_TIS, VIR_DOMAIN_TPM_MODEL_CRB, VIR_DOMAIN_TPM_MODEL_SPAPR, + VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY, =20 VIR_DOMAIN_TPM_MODEL_LAST } virDomainTPMModel; @@ -2624,11 +2625,14 @@ struct _virDomainDef { size_t npanics; virDomainPanicDefPtr *panics; =20 + /* At maximum 2 TPMs on the domain, if a TPM Proxy is present. */ + size_t ntpms; + virDomainTPMDefPtr *tpms; + /* Only 1 */ virDomainWatchdogDefPtr watchdog; virDomainMemballoonDefPtr memballoon; virDomainNVRAMDefPtr nvram; - virDomainTPMDefPtr tpm; virCPUDefPtr cpu; virSysinfoDefPtr sysinfo; virDomainRedirFilterDefPtr redirfilter; diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c index d6527cb046..85fdb85940 100644 --- a/src/qemu/qemu_alias.c +++ b/src/qemu/qemu_alias.c @@ -669,8 +669,8 @@ qemuAssignDeviceAliases(virDomainDefPtr def, virQEMUCap= sPtr qemuCaps) if (qemuAssignDeviceRNGAlias(def, def->rngs[i]) < 0) return -1; } - if (def->tpm) { - if (qemuAssignDeviceTPMAlias(def->tpm, 0) < 0) + for (i =3D 0; i < def->ntpms; i++) { + if (qemuAssignDeviceTPMAlias(def->tpms[i], 0) < 0) return -1; } for (i =3D 0; i < def->nmems; i++) { diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index d92202f847..eb0f03d4aa 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -332,10 +332,10 @@ qemuSetupChardevCgroupCB(virDomainDefPtr def G_GNUC_U= NUSED, =20 =20 static int -qemuSetupTPMCgroup(virDomainObjPtr vm) +qemuSetupTPMCgroup(virDomainObjPtr vm, + virDomainTPMDefPtr dev) { int ret =3D 0; - virDomainTPMDefPtr dev =3D vm->def->tpm; =20 switch (dev->type) { case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: @@ -805,8 +805,10 @@ qemuSetupDevicesCgroup(virDomainObjPtr vm) vm) < 0) return -1; =20 - if (vm->def->tpm && qemuSetupTPMCgroup(vm) < 0) - return -1; + for (i =3D 0; i < vm->def->ntpms; i++) { + if (qemuSetupTPMCgroup(vm, vm->def->tpms[i]) < 0) + return -1; + } =20 for (i =3D 0; i < vm->def->nhostdevs; i++) { /* This may allow /dev/vfio/vfio multiple times, but that diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 419eca5675..59caff08f2 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -8890,10 +8890,10 @@ qemuBuildDomainLoaderCommandLine(virCommandPtr cmd, =20 static char * qemuBuildTPMDevStr(const virDomainDef *def, + virDomainTPMDefPtr tpm, virQEMUCapsPtr qemuCaps) { g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER; - virDomainTPMDef *tpm =3D def->tpm; const char *model =3D virDomainTPMModelTypeToString(tpm->model); =20 virBufferAsprintf(&buf, "%s,tpmdev=3Dtpm-%s,id=3D%s", @@ -8932,13 +8932,12 @@ qemuBuildTPMOpenBackendFDs(const char *tpmdev, =20 =20 static char * -qemuBuildTPMBackendStr(const virDomainDef *def, - virCommandPtr cmd, +qemuBuildTPMBackendStr(virCommandPtr cmd, + virDomainTPMDefPtr tpm, int *tpmfd, int *cancelfd, char **chardev) { - const virDomainTPMDef *tpm =3D def->tpm; g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER; g_autofree char *cancel_path =3D NULL; g_autofree char *devset =3D NULL; @@ -8992,6 +8991,7 @@ qemuBuildTPMBackendStr(const virDomainDef *def, static int qemuBuildTPMCommandLine(virCommandPtr cmd, const virDomainDef *def, + virDomainTPMDefPtr tpm, virQEMUCapsPtr qemuCaps) { char *optstr; @@ -9000,10 +9000,7 @@ qemuBuildTPMCommandLine(virCommandPtr cmd, int cancelfd =3D -1; char *fdset; =20 - if (!def->tpm) - return 0; - - if (!(optstr =3D qemuBuildTPMBackendStr(def, cmd, + if (!(optstr =3D qemuBuildTPMBackendStr(cmd, tpm, &tpmfd, &cancelfd, &chardev))) return -1; @@ -9032,7 +9029,7 @@ qemuBuildTPMCommandLine(virCommandPtr cmd, VIR_FREE(fdset); } =20 - if (!(optstr =3D qemuBuildTPMDevStr(def, qemuCaps))) + if (!(optstr =3D qemuBuildTPMDevStr(def, tpm, qemuCaps))) return -1; =20 virCommandAddArgList(cmd, "-device", optstr, NULL); @@ -9041,6 +9038,23 @@ qemuBuildTPMCommandLine(virCommandPtr cmd, return 0; } =20 + +static int +qemuBuildTPMsCommandLine(virCommandPtr cmd, + const virDomainDef *def, + virQEMUCapsPtr qemuCaps) +{ + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (qemuBuildTPMCommandLine(cmd, def, def->tpms[i], qemuCaps) < 0) + return -1; + } + + return 0; +} + + static int qemuBuildSEVCommandLine(virDomainObjPtr vm, virCommandPtr cmd, virDomainSEVDefPtr sev) @@ -9720,7 +9734,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, chardevStdioLogd) < 0) return NULL; =20 - if (qemuBuildTPMCommandLine(cmd, def, qemuCaps) < 0) + if (qemuBuildTPMsCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 if (qemuBuildInputCommandLine(cmd, def, qemuCaps) < 0) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index d5e3d1a3cc..3173fc3a3b 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -11585,16 +11585,9 @@ qemuDomainSetupAllChardevs(virQEMUDriverConfigPtr = cfg G_GNUC_UNUSED, =20 static int qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, - virDomainObjPtr vm, + virDomainTPMDefPtr dev, const struct qemuDomainCreateDeviceData *data) { - virDomainTPMDefPtr dev =3D vm->def->tpm; - - if (!dev) - return 0; - - VIR_DEBUG("Setting up TPM"); - switch (dev->type) { case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: if (qemuDomainCreateDevice(dev->data.passthrough.source.data.file.= path, @@ -11608,7 +11601,25 @@ qemuDomainSetupTPM(virQEMUDriverConfigPtr cfg G_GN= UC_UNUSED, break; } =20 - VIR_DEBUG("Setup TPM"); + return 0; +} + + +static int +qemuDomainSetupAllTPMs(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED, + virDomainObjPtr vm, + const struct qemuDomainCreateDeviceData *data) +{ + size_t i; + + VIR_DEBUG("Setting up TPMs"); + + for (i =3D 0; i < vm->def->ntpms; i++) { + if (qemuDomainSetupTPM(cfg, vm->def->tpms[i], data) < 0) + return -1; + } + + VIR_DEBUG("Setup all TPMs"); return 0; } =20 @@ -11834,7 +11845,7 @@ qemuDomainBuildNamespace(virQEMUDriverConfigPtr cfg, if (qemuDomainSetupAllChardevs(cfg, vm, &data) < 0) goto cleanup; =20 - if (qemuDomainSetupTPM(cfg, vm, &data) < 0) + if (qemuDomainSetupAllTPMs(cfg, vm, &data) < 0) goto cleanup; =20 if (qemuDomainSetupAllGraphics(cfg, vm, &data) < 0) diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c index 07431343ed..4c26070022 100644 --- a/src/qemu/qemu_domain_address.c +++ b/src/qemu/qemu_domain_address.c @@ -268,10 +268,13 @@ qemuDomainAssignSpaprVIOAddresses(virDomainDefPtr def) return -1; } =20 - if (def->tpm) { - if (qemuDomainIsPSeries(def)) - def->tpm->info.type =3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVI= O; - if (qemuDomainAssignSpaprVIOAddress(def, &def->tpm->info, + for (i =3D 0; i < def->ntpms; i++) { + virDomainTPMDefPtr tpm =3D def->tpms[i]; + + if (tpm->model !=3D VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY && + qemuDomainIsPSeries(def)) + tpm->info.type =3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO; + if (qemuDomainAssignSpaprVIOAddress(def, &tpm->info, VIO_ADDR_TPM) < 0) return -1; } diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c index 8f1bd9311e..2fb71dd334 100644 --- a/src/qemu/qemu_extdevice.c +++ b/src/qemu/qemu_extdevice.c @@ -73,7 +73,7 @@ static int qemuExtDevicesInitPaths(virQEMUDriverPtr driver, virDomainDefPtr def) { - if (def->tpm) + if (def->ntpms > 0) return qemuExtTPMInitPaths(driver, def); =20 return 0; @@ -132,7 +132,7 @@ qemuExtDevicesPrepareHost(virQEMUDriverPtr driver, virDomainDefPtr def =3D vm->def; size_t i; =20 - if (def->tpm && + if (def->ntpms > 0 && qemuExtTPMPrepareHost(driver, def) < 0) return -1; =20 @@ -155,7 +155,7 @@ qemuExtDevicesCleanupHost(virQEMUDriverPtr driver, if (qemuExtDevicesInitPaths(driver, def) < 0) return; =20 - if (def->tpm) + if (def->ntpms > 0) qemuExtTPMCleanupHost(def); } =20 @@ -181,7 +181,7 @@ qemuExtDevicesStart(virQEMUDriverPtr driver, } } =20 - if (def->tpm && qemuExtTPMStart(driver, vm, incomingMigration) < 0) + if (def->ntpms > 0 && qemuExtTPMStart(driver, vm, incomingMigration) <= 0) return -1; =20 for (i =3D 0; i < def->nnets; i++) { @@ -223,7 +223,7 @@ qemuExtDevicesStop(virQEMUDriverPtr driver, qemuExtVhostUserGPUStop(driver, vm, video); } =20 - if (def->tpm) + if (def->ntpms > 0) qemuExtTPMStop(driver, vm); =20 for (i =3D 0; i < def->nnets; i++) { @@ -256,8 +256,10 @@ qemuExtDevicesHasDevice(virDomainDefPtr def) return true; } =20 - if (def->tpm && def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - return true; + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + return true; + } =20 for (i =3D 0; i < def->nfss; i++) { virDomainFSDefPtr fs =3D def->fss[i]; @@ -297,7 +299,7 @@ qemuExtDevicesSetupCgroup(virQEMUDriverPtr driver, return -1; } =20 - if (def->tpm && + if (def->ntpms > 0 && qemuExtTPMSetupCgroup(driver, def, cgroup) < 0) return -1; =20 diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index afec0e5328..8adb0e42b8 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -679,10 +679,15 @@ qemuExtTPMInitPaths(virQEMUDriverPtr driver, virDomainDefPtr def) { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + size_t i; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - return qemuTPMEmulatorInitPaths(def->tpm, cfg->swtpmStorageDir, + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + + return qemuTPMEmulatorInitPaths(def->tpms[i], cfg->swtpmStorageDir, def->uuid); + } =20 return 0; } @@ -694,13 +699,17 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver, { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *shortName =3D NULL; + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(def); if (!shortName) return -1; =20 - return qemuTPMEmulatorPrepareHost(def->tpm, cfg->swtpmLogDir, + return qemuTPMEmulatorPrepareHost(def->tpms[i], cfg->swtpmLogDir, def->name, cfg->swtpm_user, cfg->swtpm_group, cfg->swtpmStateDir, cfg->user, @@ -714,8 +723,14 @@ qemuExtTPMPrepareHost(virQEMUDriverPtr driver, void qemuExtTPMCleanupHost(virDomainDefPtr def) { - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - qemuTPMDeleteEmulatorStorage(def->tpm); + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + + qemuTPMDeleteEmulatorStorage(def->tpms[i]); + } } =20 =20 @@ -733,13 +748,13 @@ qemuExtTPMCleanupHost(virDomainDefPtr def) static int qemuExtTPMStartEmulator(virQEMUDriverPtr driver, virDomainObjPtr vm, + virDomainTPMDefPtr tpm, bool incomingMigration) { g_autoptr(virCommand) cmd =3D NULL; int exitstatus =3D 0; g_autofree char *errbuf =3D NULL; g_autoptr(virQEMUDriverConfig) cfg =3D NULL; - virDomainTPMDefPtr tpm =3D vm->def->tpm; g_autofree char *shortName =3D virDomainDefGetShortName(vm->def); int cmdret =3D 0, timeout, rc; pid_t pid; @@ -807,10 +822,15 @@ qemuExtTPMStart(virQEMUDriverPtr driver, virDomainObjPtr vm, bool incomingMigration) { - virDomainTPMDefPtr tpm =3D vm->def->tpm; + size_t i; + + for (i =3D 0; i < vm->def->ntpms; i++) { + if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - return qemuExtTPMStartEmulator(driver, vm, incomingMigration); + return qemuExtTPMStartEmulator(driver, vm, vm->def->tpms[i], + incomingMigration); + } =20 return 0; } @@ -822,8 +842,12 @@ qemuExtTPMStop(virQEMUDriverPtr driver, { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *shortName =3D NULL; + size_t i; + + for (i =3D 0; i < vm->def->ntpms; i++) { + if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(vm->def); if (!shortName) return; @@ -845,8 +869,12 @@ qemuExtTPMSetupCgroup(virQEMUDriverPtr driver, g_autofree char *shortName =3D NULL; int rc; pid_t pid; + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { shortName =3D virDomainDefGetShortName(def); if (!shortName) return -1; diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 7b95a6f86d..6201c13f92 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1979,10 +1979,10 @@ virSecurityDACRestoreAllLabel(virSecurityManagerPtr= mgr, &chardevData) < 0) rc =3D -1; =20 - if (def->tpm) { + for (i =3D 0; i < def->ntpms; i++) { if (virSecurityDACRestoreTPMFileLabel(mgr, def, - def->tpm) < 0) + def->tpms[i]) < 0) rc =3D -1; } =20 @@ -2158,10 +2158,10 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr, &chardevData) < 0) return -1; =20 - if (def->tpm) { + for (i =3D 0; i < def->ntpms; i++) { if (virSecurityDACSetTPMFileLabel(mgr, def, - def->tpm) < 0) + def->tpms[i]) < 0) return -1; } =20 diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index c4c0504b56..7b7c2c12b1 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -2764,8 +2764,8 @@ virSecuritySELinuxRestoreAllLabel(virSecurityManagerP= tr mgr, return -1; } =20 - if (def->tpm) { - if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, def->tpm) <= 0) + for (i =3D 0; i < def->ntpms; i++) { + if (virSecuritySELinuxRestoreTPMFileLabelInt(mgr, def, def->tpms[i= ]) < 0) rc =3D -1; } =20 @@ -3172,8 +3172,8 @@ virSecuritySELinuxSetAllLabel(virSecurityManagerPtr m= gr, return -1; } =20 - if (def->tpm) { - if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpm) < 0) + for (i =3D 0; i < def->ntpms; i++) { + if (virSecuritySELinuxSetTPMFileLabel(mgr, def, def->tpms[i]) < 0) return -1; } =20 @@ -3493,19 +3493,23 @@ virSecuritySELinuxSetTPMLabels(virSecurityManagerPt= r mgr, virDomainDefPtr def) { int ret =3D 0; + size_t i; virSecurityLabelDefPtr seclabel; =20 seclabel =3D virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAM= E); if (seclabel =3D=3D NULL) return 0; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + ret =3D virSecuritySELinuxSetFileLabels( - mgr, def->tpm->data.emulator.storagepath, + mgr, def->tpms[i]->data.emulator.storagepath, seclabel); - if (ret =3D=3D 0 && def->tpm->data.emulator.logfile) + if (ret =3D=3D 0 && def->tpms[i]->data.emulator.logfile) ret =3D virSecuritySELinuxSetFileLabels( - mgr, def->tpm->data.emulator.logfile, + mgr, def->tpms[i]->data.emulator.logfile, seclabel); } =20 @@ -3518,13 +3522,17 @@ virSecuritySELinuxRestoreTPMLabels(virSecurityManag= erPtr mgr, virDomainDefPtr def) { int ret =3D 0; + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; =20 - if (def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { ret =3D virSecuritySELinuxRestoreFileLabels( - mgr, def->tpm->data.emulator.storagepath); - if (ret =3D=3D 0 && def->tpm->data.emulator.logfile) + mgr, def->tpms[i]->data.emulator.storagepath); + if (ret =3D=3D 0 && def->tpms[i]->data.emulator.logfile) ret =3D virSecuritySELinuxRestoreFileLabels( - mgr, def->tpm->data.emulator.logfile); + mgr, def->tpms[i]->data.emulator.logfile); } =20 return ret; diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 6e8f77e4dd..7abb6e70be 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -1206,14 +1206,17 @@ get_files(vahControl * ctl) } =20 =20 - if (ctl->def->tpm) { + if (ctl->def->ntpms > 0) { char *shortName =3D NULL; const char *tpmpath =3D NULL; =20 - if (ctl->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { + for (i =3D 0; i < ctl->def->ntpms; i++) { + if (ctl->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + shortName =3D virDomainDefGetShortName(ctl->def); =20 - switch (ctl->def->tpm->version) { + switch (ctl->def->tpms[i]->version) { case VIR_DOMAIN_TPM_VERSION_1_2: tpmpath =3D "tpm1.2"; break; diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 7c4b4e2134..5a4ac187ef 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -437,12 +437,13 @@ testCompareXMLToArgvCreateArgs(virQEMUDriverPtr drv, vsockPriv->vhostfd =3D 6789; } =20 - if (vm->def->tpm) { - if (vm->def->tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) { - VIR_FREE(vm->def->tpm->data.emulator.source.data.file.path); - vm->def->tpm->data.emulator.source.data.file.path =3D g_strdup= ("/dev/test"); - vm->def->tpm->data.emulator.source.type =3D VIR_DOMAIN_CHR_TYP= E_FILE; - } + for (i =3D 0; i < vm->def->ntpms; i++) { + if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + + VIR_FREE(vm->def->tpms[i]->data.emulator.source.data.file.path); + vm->def->tpms[i]->data.emulator.source.data.file.path =3D g_strdup= ("/dev/test"); + vm->def->tpms[i]->data.emulator.source.type =3D VIR_DOMAIN_CHR_TYP= E_FILE; } =20 for (i =3D 0; i < vm->def->nvideos; i++) { --=20 2.26.2