From nobody Sun Feb 8 10:22:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=reject dis=none) header.from=linux.ibm.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1729283233767773.8653023163947; Fri, 18 Oct 2024 13:27:13 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 9E31816B1; Fri, 18 Oct 2024 16:27:12 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 0500315E0; Fri, 18 Oct 2024 16:24:39 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 8F98B12F2; Fri, 18 Oct 2024 16:24:24 -0400 (EDT) Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 1964BDEE for ; Fri, 18 Oct 2024 16:24:24 -0400 (EDT) Received: from pps.filterd (m0353725.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 49IIavkN008066; Fri, 18 Oct 2024 20:24:23 GMT Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 42as8aaq0q-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 18 Oct 2024 20:24:23 +0000 (GMT) Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 49IIJ1Jl006843; Fri, 18 Oct 2024 20:24:22 GMT Received: from smtprelay02.dal12v.mail.ibm.com ([172.16.1.4]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4284xkpg8d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 18 Oct 2024 20:24:22 +0000 Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay02.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 49IKOMd850397632 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 18 Oct 2024 20:24:22 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 20D7658062; Fri, 18 Oct 2024 20:24:22 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CB1B05805E; Fri, 18 Oct 2024 20:24:21 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Fri, 18 Oct 2024 20:24:21 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=dGMG9noiS9sGJyEEp KhAI7c3GjlPX6+w96E0UBs3/+8=; b=pOJUFA8c4+aWjhNdUkNaYE5o0U32TKBBw JOHC2BSpV5FMBa5UxGBSeqr56W/mW97PPHb7T8C8mWZHc2Kba9ZPUH9i+DZmOnSI 27prk68xeqZbi3cbcRQM25ePBzXvBKU5VU194R0LrNeEFo5SJ/2++Tgnu2jg67bU zEuAeg/U1aS6LjvGLdDMA2JN7xz/5c1eNb5QJTQfoGGhj6EHY78al+EuJZnlxF8u XugGKcuUUYI6x/2HaJ4zjOnYYZmdmFW2n8L/F6OVi5bIhkUxoeCGYbkC0rQBLWvn BUUwD4TBPcCqz9vZfpU1xR2wffdfTmLTIZB1iqGJI3rTy+arMuZdQ== From: Stefan Berger To: devel@lists.libvirt.org Subject: [PATCH v3 08/10] qemu: Extend swtpm_setup command line to set a profile by its name Date: Fri, 18 Oct 2024 16:24:12 -0400 Message-ID: <20241018202414.2430136-9-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20241018202414.2430136-1-stefanb@linux.ibm.com> References: <20241018202414.2430136-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: zl5cluy4ctrUvEWcsthF9cy3trFMYJZD X-Proofpoint-ORIG-GUID: zl5cluy4ctrUvEWcsthF9cy3trFMYJZD X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1051,Hydra:6.0.680,FMLib:17.12.62.30 definitions=2024-10-15_01,2024-10-11_01,2024-09-30_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 mlxscore=0 lowpriorityscore=0 suspectscore=0 mlxlogscore=999 phishscore=0 adultscore=0 impostorscore=0 priorityscore=1501 spamscore=0 malwarescore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2409260000 definitions=main-2410180127 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: HMEELJCZQHFCYHUAYLDIZGGZ7VJCGE7L X-Message-ID-Hash: HMEELJCZQHFCYHUAYLDIZGGZ7VJCGE7L X-MailFrom: stefanb@linux.ibm.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0 CC: marcandre.lureau@redhat.com, Stefan Berger X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1729283235030116600 Content-Type: text/plain; charset="utf-8" Run swtpm_setup with the --profile-name option if the user provided the name of a profile. swtpm_setup will try to load the profile from directories with local profiles and distro profiles and if no profile by this name with appended '.json' suffix could be found there, it will fall back to try to use an internal profile with the given name. Also set the --profile-remove-disabled option if the user provided a value in the remove_disabled attribute in the profile XML node. Signed-off-by: Stefan Berger Reviewed-by: Marc-Andr=C3=A9 Lureau --- src/qemu/qemu_tpm.c | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 506743c268..f49276d9be 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -340,6 +340,41 @@ qemuTPMVirCommandAddEncryption(virCommand *cmd, } =20 =20 +/* + * Add a (optional) profile to the swtpm_setup command line. + * + * @cmd: virCommand to add options to + * @emulator: emulator parameters + * + * Returns 0 on success, -1 on failure. + */ +static int +qemuTPMVirCommandAddProfile(virCommand *cmd, + const virDomainTPMEmulatorDef *emulator) +{ + if (!emulator->profile_name) + return 0; + + if (!virTPMSwtpmSetupCapsGet( + VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PROFILE)) { + virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, "%s", + _("swtpm_setup has no support for profiles")); + return -1; + } + + virCommandAddArgList(cmd, + "--profile-name", emulator->profile_name, + NULL); + + if (emulator->profile_remove_disabled) + virCommandAddArgList(cmd, + "--profile-remove-disable", + emulator->profile_remove_disabled, + NULL); + return 0; +} + + /* * qemuTPMEmulatorRunSetup * @@ -414,6 +449,8 @@ qemuTPMEmulatorRunSetup(const virDomainTPMEmulatorDef *= emulator, "--lock-nvram", "--not-overwrite", NULL); + if (qemuTPMVirCommandAddProfile(cmd, emulator) < 0) + return -1; } else { virCommandAddArgList(cmd, "--tpm-state", emulator->storagepath, --=20 2.47.0