From nobody Sun Apr 28 19:23:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1635787630281287.4657598218173; Mon, 1 Nov 2021 10:27:10 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-176-6z7vs1kbOuCuHXMXIBV0eg-1; Mon, 01 Nov 2021 13:27:05 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 02331A0CB6; Mon, 1 Nov 2021 17:27:01 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A43BB1972D; Mon, 1 Nov 2021 17:27:00 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 515A94EA29; Mon, 1 Nov 2021 17:27:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1A1HNqks010065 for ; Mon, 1 Nov 2021 13:23:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id CD69540D1B9D; Mon, 1 Nov 2021 17:23:52 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C957540C1252 for ; Mon, 1 Nov 2021 17:23:52 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AF654802E5C for ; Mon, 1 Nov 2021 17:23:52 +0000 (UTC) Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-139-QjSQ8C3PMI6Knqf7RV2n1g-1; Mon, 01 Nov 2021 13:23:51 -0400 Received: from pps.filterd (m0098421.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 1A1G8YXM011696; Mon, 1 Nov 2021 17:23:50 GMT Received: from ppma03wdc.us.ibm.com (ba.79.3fa9.ip4.static.sl-reverse.com [169.63.121.186]) by mx0a-001b2d01.pphosted.com with ESMTP id 3c2jq8jd4n-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Nov 2021 17:23:50 +0000 Received: from pps.filterd (ppma03wdc.us.ibm.com [127.0.0.1]) by ppma03wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 1A1HEo4h029242; Mon, 1 Nov 2021 17:23:49 GMT Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma03wdc.us.ibm.com with ESMTP id 3c0wpa1fdr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Nov 2021 17:23:49 +0000 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 1A1HNmPU44892582 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Nov 2021 17:23:49 GMT Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E11AA112062; Mon, 1 Nov 2021 17:23:48 +0000 (GMT) Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C921F112064; Mon, 1 Nov 2021 17:23:48 +0000 (GMT) Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP; Mon, 1 Nov 2021 17:23:48 +0000 (GMT) X-MC-Unique: 6z7vs1kbOuCuHXMXIBV0eg-1 X-MC-Unique: QjSQ8C3PMI6Knqf7RV2n1g-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 1/2] qemu: Move code to add encryption options for swtpm_setup into function Date: Mon, 1 Nov 2021 13:23:39 -0400 Message-Id: <20211101172340.2619285-2-stefanb@linux.ibm.com> In-Reply-To: <20211101172340.2619285-1-stefanb@linux.ibm.com> References: <20211101172340.2619285-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: dWT2M-s-TR3y4-uT6WfqhncBdSzfOY4o X-Proofpoint-ORIG-GUID: dWT2M-s-TR3y4-uT6WfqhncBdSzfOY4o X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1, Aquarius:18.0.790, Hydra:6.0.425, FMLib:17.0.607.475 definitions=2021-11-01_06,2021-11-01_01,2020-04-07_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 lowpriorityscore=0 mlxlogscore=999 priorityscore=1501 spamscore=0 phishscore=0 adultscore=0 suspectscore=0 malwarescore=0 bulkscore=0 impostorscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2111010093 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2 X-loop: libvir-list@redhat.com Cc: marcandre.lureau@redhat.com, Stefan Berger X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1635787630945100001 Content-Type: text/plain; charset="utf-8" Move the code that adds encryption options for the swtpm_setup command line into its own function. Signed-off-by: Stefan Berger Reviewed-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Michal Privoznik --- src/qemu/qemu_tpm.c | 55 +++++++++++++++++++++++++++++++-------------- 1 file changed, 38 insertions(+), 17 deletions(-) diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 5a05273100..93cb04f49d 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -422,6 +422,42 @@ qemuTPMCreateConfigFiles(const char *swtpm_setup) } =20 =20 +/* + * Add encryption parameters to swtpm_setup command line. + * + * @cmd: virCommand to add options to + * @swtpm_setup: swtpm_setup tool path + * @secretuuid: The secret's uuid; may be NULL + */ +static int +qemuTPMVirCommandAddEncryption(virCommand *cmd, + const char *swtpm_setup, + const unsigned char *secretuuid) +{ + int pwdfile_fd; + + if (!secretuuid) + return 0; + + if (!virTPMSwtpmSetupCapsGet( + VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PWDFILE_FD)) { + virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, + _("%s does not support passing a passphrase using a file " + "descriptor"), swtpm_setup); + return -1; + } + if ((pwdfile_fd =3D qemuTPMSetupEncryption(secretuuid, cmd)) < 0) + return -1; + + virCommandAddArg(cmd, "--pwdfile-fd"); + virCommandAddArgFormat(cmd, "%d", pwdfile_fd); + virCommandAddArgList(cmd, "--cipher", "aes-256-cbc", NULL); + virCommandPassFD(cmd, pwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT); + + return 0; +} + + /* * qemuTPMEmulatorRunSetup * @@ -495,23 +531,8 @@ qemuTPMEmulatorRunSetup(const char *storagepath, break; } =20 - if (secretuuid) { - if (!virTPMSwtpmSetupCapsGet( - VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PWDFILE_FD)) { - virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, - _("%s does not support passing a passphrase using a file " - "descriptor"), swtpm_setup); - return -1; - } - if ((pwdfile_fd =3D qemuTPMSetupEncryption(secretuuid, cmd)) < 0) - return -1; - - virCommandAddArg(cmd, "--pwdfile-fd"); - virCommandAddArgFormat(cmd, "%d", pwdfile_fd); - virCommandAddArgList(cmd, "--cipher", "aes-256-cbc", NULL); - virCommandPassFD(cmd, pwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT= ); - pwdfile_fd =3D -1; - } + if (qemuTPMVirCommandAddEncryption(cmd, swtpm_setup, secretuuid) < 0) + return -1; =20 if (!incomingMigration) { virCommandAddArgList(cmd, --=20 2.31.1 From nobody Sun Apr 28 19:23:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1635787685946346.8983161080847; Mon, 1 Nov 2021 10:28:05 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-263-bPHtSd_INsiw-IfYXhP-dA-1; Mon, 01 Nov 2021 13:28:01 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id AB512A0CAB; Mon, 1 Nov 2021 17:27:56 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8D7CF1017E28; Mon, 1 Nov 2021 17:27:56 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 598DF4EA30; Mon, 1 Nov 2021 17:27:56 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1A1HNuUE010085 for ; Mon, 1 Nov 2021 13:23:56 -0400 Received: by smtp.corp.redhat.com (Postfix) id 420AB4010FF7; Mon, 1 Nov 2021 17:23:56 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3C5CF4010E89 for ; Mon, 1 Nov 2021 17:23:56 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1D5D5800882 for ; Mon, 1 Nov 2021 17:23:56 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-531-5_hCO8VtN9yMxdCAL4bAkQ-1; Mon, 01 Nov 2021 13:23:52 -0400 Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 1A1H8Ptl002970; Mon, 1 Nov 2021 17:23:51 GMT Received: from ppma02dal.us.ibm.com (a.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.10]) by mx0a-001b2d01.pphosted.com with ESMTP id 3c2cm1a258-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Nov 2021 17:23:50 +0000 Received: from pps.filterd (ppma02dal.us.ibm.com [127.0.0.1]) by ppma02dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 1A1HEoGK001484; Mon, 1 Nov 2021 17:23:49 GMT Received: from b01cxnp22034.gho.pok.ibm.com (b01cxnp22034.gho.pok.ibm.com [9.57.198.24]) by ppma02dal.us.ibm.com with ESMTP id 3c22trbbf1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 01 Nov 2021 17:23:49 +0000 Received: from b01ledav004.gho.pok.ibm.com (b01ledav004.gho.pok.ibm.com [9.57.199.109]) by b01cxnp22034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 1A1HNn8w42140070 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 1 Nov 2021 17:23:49 GMT Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 08DD0112069; Mon, 1 Nov 2021 17:23:49 +0000 (GMT) Received: from b01ledav004.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E2A46112066; Mon, 1 Nov 2021 17:23:48 +0000 (GMT) Received: from sbct-2.pok.ibm.com (unknown [9.47.158.152]) by b01ledav004.gho.pok.ibm.com (Postfix) with ESMTP; Mon, 1 Nov 2021 17:23:48 +0000 (GMT) X-MC-Unique: bPHtSd_INsiw-IfYXhP-dA-1 X-MC-Unique: 5_hCO8VtN9yMxdCAL4bAkQ-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 2/2] qemu: tpm: Extend TPM domain XML with PCR banks to activate Date: Mon, 1 Nov 2021 13:23:40 -0400 Message-Id: <20211101172340.2619285-3-stefanb@linux.ibm.com> In-Reply-To: <20211101172340.2619285-1-stefanb@linux.ibm.com> References: <20211101172340.2619285-1-stefanb@linux.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: W4wjvi1ndY9p42ilaIUNLiPWJ-iYNbr9 X-Proofpoint-GUID: W4wjvi1ndY9p42ilaIUNLiPWJ-iYNbr9 X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1, Aquarius:18.0.790, Hydra:6.0.425, FMLib:17.0.607.475 definitions=2021-11-01_06,2021-11-01_01,2020-04-07_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 phishscore=0 mlxlogscore=999 spamscore=0 priorityscore=1501 suspectscore=0 mlxscore=0 bulkscore=0 impostorscore=0 adultscore=0 malwarescore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2111010093 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.84 on 10.11.54.1 X-loop: libvir-list@redhat.com Cc: marcandre.lureau@redhat.com, Stefan Berger X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1635787688023100001 Content-Type: text/plain; charset="utf-8" Extend the TPM domain XML with an attribute active_pcr_banks that allows a user to specify the PCR banks to activate before starting a VM. A comma- separated list of PCR banks with the choices of sha1, sha256, sha384 and sha512 is allowed. When the XML attribute is provided, the set of active PCR banks is 'enforced' by running swtpm_setup before every start of the VM. The activation requires that swtpm_setup v0.7 or later is installed and may not have any effect otherwise. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=3D2016599 Signed-off-by: Stefan Berger --- docs/formatdomain.rst | 12 ++- docs/schemas/basictypes.rng | 6 ++ docs/schemas/domaincommon.rng | 5 ++ src/conf/domain_conf.c | 21 ++++- src/conf/domain_conf.h | 1 + src/qemu/qemu_tpm.c | 80 +++++++++++++++++++ src/util/virtpm.c | 1 + src/util/virtpm.h | 1 + tests/qemuxml2argvdata/tpm-emulator-tpm2.xml | 2 +- .../tpm-emulator-tpm2.x86_64-latest.xml | 2 +- 10 files changed, 127 insertions(+), 4 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 0651975c88..8785a7a682 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -7537,7 +7537,7 @@ Example: usage of the TPM Emulator ... - + @@ -7598,6 +7598,16 @@ Example: usage of the TPM Emulator This attribute only works with the ``emulator`` backend. The accepted v= alues are ``yes`` and ``no``. :since:`Since 7.0.0` =20 +``active_pcr_banks`` + The ``active_pcr_banks`` attribute indicates the names of the PCR banks + of a TPM 2.0 to activate. A comma separated list of PCR banks' names + must be provided. Valid names are for example sha1, sha256, sha384, and + sha512. If this attribute is provided, the set of PCR banks are activat= ed + before every start of a VM and this step is logged in the swtpm's log. + This attribute requires that swtpm_setup v0.7 or later is installed + and may not have any effect otherwise. This attribute only works with t= he + ``emulator`` backend. since:`Since 7.10.0` + ``encryption`` The ``encryption`` element allows the state of a TPM emulator to be encrypted. The ``secret`` must reference a secret object that holds the diff --git a/docs/schemas/basictypes.rng b/docs/schemas/basictypes.rng index a221ff6295..3bd1eebdc4 100644 --- a/docs/schemas/basictypes.rng +++ b/docs/schemas/basictypes.rng @@ -88,6 +88,12 @@ =20 + + + (sha1|sha256|sha384|sha512){1}(,(sha1|sha256= |sha384|sha512)){0,3} + + + 10 diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 67df13d90d..6801673cf1 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -5331,6 +5331,11 @@ + + + + + diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 4644d18120..bc8237fd0b 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -3207,6 +3207,7 @@ void virDomainTPMDefFree(virDomainTPMDef *def) break; case VIR_DOMAIN_TPM_TYPE_EMULATOR: virDomainChrSourceDefClear(&def->data.emulator.source); + g_free(def->data.emulator.activePcrBanks); g_free(def->data.emulator.storagepath); g_free(def->data.emulator.logfile); break; @@ -11733,7 +11734,7 @@ virDomainSmartcardDefParseXML(virDomainXMLOption *x= mlopt, * Emulator state encryption is supported with the following: * * - * + * * * * @@ -11759,6 +11760,7 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt, g_autofree char *version =3D NULL; g_autofree char *secretuuid =3D NULL; g_autofree char *persistent_state =3D NULL; + g_autofree char *activePcrBanks =3D NULL; g_autofree xmlNodePtr *backends =3D NULL; =20 def =3D g_new0(virDomainTPMDef, 1); @@ -11841,6 +11843,18 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt, goto error; } } + if (def->version =3D=3D VIR_DOMAIN_TPM_VERSION_2_0) { + activePcrBanks =3D virXMLPropString(backends[0], "active_pcr_b= anks"); + if (activePcrBanks) { + if (!virStringMatch(activePcrBanks, + "(sha1|sha256|sha384|sha512)(,(sha1|sh= a256|sha384|sha512)){0,3}")) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Malformatted list of PCR banks")); + goto error; + } + def->data.emulator.activePcrBanks =3D g_steal_pointer(&act= ivePcrBanks); + } + } break; case VIR_DOMAIN_TPM_TYPE_LAST: goto error; @@ -25433,6 +25447,11 @@ virDomainTPMDefFormat(virBuffer *buf, virDomainTPMVersionTypeToString(def->version)); if (def->data.emulator.persistent_state) virBufferAddLit(buf, " persistent_state=3D'yes'"); + if (def->version =3D=3D VIR_DOMAIN_TPM_VERSION_2_0 && + def->data.emulator.activePcrBanks) { + virBufferAsprintf(buf, " active_pcr_banks=3D'%s'", + def->data.emulator.activePcrBanks); + } if (def->data.emulator.hassecretuuid) { char uuidstr[VIR_UUID_STRING_BUFLEN]; virBufferAddLit(buf, ">\n"); diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index cb6d8975b8..19597dba7e 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1381,6 +1381,7 @@ struct _virDomainTPMDef { unsigned char secretuuid[VIR_UUID_BUFLEN]; bool hassecretuuid; bool persistent_state; + char *activePcrBanks; } emulator; } data; }; diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 93cb04f49d..bb14228edc 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -566,6 +566,78 @@ qemuTPMEmulatorRunSetup(const char *storagepath, } =20 =20 +/* + * qemuTPMEmulatorReconfigure + * + * + * @storagepath: path to the directory for TPM state + * @swtpm_user: The userid to switch to when setting up the TPM; + * typically this should be the uid of 'tss' or 'root' + * @swtpm_group: The group id to switch to + * @swtpmActivePcrBanks: The string describing the active PCR banks + * @logfile: The file to write the log into; it must be writable + * for the user given by userid or 'tss' + * @tpmversion: The version of the TPM, either a TPM 1.2 or TPM 2 + * @secretuuid: The secret's UUID needed for state encryption + * + * Reconfigure the active PCR banks of a TPM 2. + */ +static int +qemuTPMEmulatorReconfigure(const char *storagepath, + uid_t swtpm_user, + gid_t swtpm_group, + const char *swtpmActivePcrBanks, + const char *logfile, + const virDomainTPMVersion tpmversion, + const unsigned char *secretuuid) +{ + g_autoptr(virCommand) cmd =3D NULL; + int exitstatus; + g_autofree char *swtpm_setup =3D virTPMGetSwtpmSetup(); + VIR_AUTOCLOSE pwdfile_fd =3D -1; + + if (!swtpm_setup) + return -1; + + if (tpmversion !=3D VIR_DOMAIN_TPM_VERSION_2_0 || + swtpmActivePcrBanks =3D=3D NULL || + !virTPMSwtpmSetupCapsGet( + VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_RECONFIGURE_PCR_BANKS)) + return 0; + + cmd =3D virCommandNew(swtpm_setup); + if (!cmd) + return -1; + + virCommandSetUID(cmd, swtpm_user); + virCommandSetGID(cmd, swtpm_group); + + virCommandAddArgList(cmd, "--tpm2", NULL); + + if (qemuTPMVirCommandAddEncryption(cmd, swtpm_setup, secretuuid) < 0) + return -1; + + virCommandAddArgList(cmd, + "--tpm-state", storagepath, + "--logfile", logfile, + "--pcr-banks", swtpmActivePcrBanks, + "--reconfigure", + NULL); + + virCommandClearCaps(cmd); + + if (virCommandRun(cmd, &exitstatus) < 0 || exitstatus !=3D 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Could not run '%s --reconfigure'. exitstatus: %d= ; " + "Check error log '%s' for details."), + swtpm_setup, exitstatus, logfile); + return -1; + } + + return 0; +} + + /* * qemuTPMEmulatorBuildCommand: * @@ -620,6 +692,14 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm, secretuuid, incomingMigration) < 0) goto error; =20 + if (!incomingMigration && + qemuTPMEmulatorReconfigure(tpm->data.emulator.storagepath, + swtpm_user, swtpm_group, + tpm->data.emulator.activePcrBanks, + tpm->data.emulator.logfile, tpm->versio= n, + secretuuid) < 0) + goto error; + unlink(tpm->data.emulator.source.data.nix.path); =20 cmd =3D virCommandNew(swtpm); diff --git a/src/util/virtpm.c b/src/util/virtpm.c index 40d9272e66..7fa870b803 100644 --- a/src/util/virtpm.c +++ b/src/util/virtpm.c @@ -47,6 +47,7 @@ VIR_ENUM_IMPL(virTPMSwtpmSetupFeature, "cmdarg-pwdfile-fd", "cmdarg-create-config-files", "tpm12-not-need-root", + "cmdarg-reconfigure-pcr-banks", ); =20 /** diff --git a/src/util/virtpm.h b/src/util/virtpm.h index b75eb84f31..defea6c106 100644 --- a/src/util/virtpm.h +++ b/src/util/virtpm.h @@ -40,6 +40,7 @@ typedef enum { VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PWDFILE_FD, VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_CREATE_CONFIG_FILES, VIR_TPM_SWTPM_SETUP_FEATURE_TPM12_NOT_NEED_ROOT, + VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_RECONFIGURE_PCR_BANKS, =20 VIR_TPM_SWTPM_SETUP_FEATURE_LAST } virTPMSwtpmSetupFeature; diff --git a/tests/qemuxml2argvdata/tpm-emulator-tpm2.xml b/tests/qemuxml2a= rgvdata/tpm-emulator-tpm2.xml index 3e2f485ee7..ca9b38540d 100644 --- a/tests/qemuxml2argvdata/tpm-emulator-tpm2.xml +++ b/tests/qemuxml2argvdata/tpm-emulator-tpm2.xml @@ -23,7 +23,7 @@ - + diff --git a/tests/qemuxml2xmloutdata/tpm-emulator-tpm2.x86_64-latest.xml b= /tests/qemuxml2xmloutdata/tpm-emulator-tpm2.x86_64-latest.xml index fe4e1aba19..2488f6ad29 100644 --- a/tests/qemuxml2xmloutdata/tpm-emulator-tpm2.x86_64-latest.xml +++ b/tests/qemuxml2xmloutdata/tpm-emulator-tpm2.x86_64-latest.xml @@ -28,7 +28,7 @@ - +