From nobody Wed May 14 11:50:53 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1523415030382355.65128607084716;
 Tue, 10 Apr 2018 19:50:30 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id D26B13DE3D;
	Wed, 11 Apr 2018 02:50:28 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id E7EB7662F7;
	Wed, 11 Apr 2018 02:50:27 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id E49F64CA97;
	Wed, 11 Apr 2018 02:50:24 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
	[10.5.11.13])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w3B2oNAD009917 for <libvir-list@listman.util.phx.redhat.com>;
	Tue, 10 Apr 2018 22:50:23 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 70FCA6607A; Wed, 11 Apr 2018 02:50:23 +0000 (UTC)
Received: from mx1.redhat.com (ext-mx01.extmail.prod.ext.phx2.redhat.com
	[10.5.110.25])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 6A79E66064
	for <libvir-list@redhat.com>; Wed, 11 Apr 2018 02:50:20 +0000 (UTC)
Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com
	[148.163.158.5])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id BBE7481DE9
	for <libvir-list@redhat.com>; Wed, 11 Apr 2018 02:50:19 +0000 (UTC)
Received: from pps.filterd (m0098416.ppops.net [127.0.0.1])
	by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id
	w3B2neHD005922
	for <libvir-list@redhat.com>; Tue, 10 Apr 2018 22:50:19 -0400
Received: from e36.co.us.ibm.com (e36.co.us.ibm.com [32.97.110.154])
	by mx0b-001b2d01.pphosted.com with ESMTP id 2h99ays53j-1
	(version=TLSv1.2 cipher=AES256-SHA256 bits=256 verify=NOT)
	for <libvir-list@redhat.com>; Tue, 10 Apr 2018 22:50:18 -0400
Received: from localhost
	by e36.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only!
	Violators will be prosecuted
	for <libvir-list@redhat.com> from <stefanb@linux.vnet.ibm.com>;
	Tue, 10 Apr 2018 20:50:18 -0600
Received: from b03cxnp08028.gho.boulder.ibm.com (9.17.130.20)
	by e36.co.us.ibm.com (192.168.1.136) with IBM ESMTP SMTP Gateway:
	Authorized Use Only! Violators will be prosecuted;
	Tue, 10 Apr 2018 20:50:15 -0600
Received: from b03ledav005.gho.boulder.ibm.com
	(b03ledav005.gho.boulder.ibm.com [9.17.130.236])
	by b03cxnp08028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with
	ESMTP id w3B2oEvn3998148; Tue, 10 Apr 2018 19:50:14 -0700
Received: from b03ledav005.gho.boulder.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 92C72BE03A;
	Tue, 10 Apr 2018 20:50:14 -0600 (MDT)
Received: from sbct-3.watson.ibm.com (unknown [9.47.158.153])
	by b03ledav005.gho.boulder.ibm.com (Postfix) with ESMTP id 50F07BE038;
	Tue, 10 Apr 2018 20:50:14 -0600 (MDT)
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
To: libvir-list@redhat.com
Date: Tue, 10 Apr 2018 22:50:00 -0400
In-Reply-To: <1523415005-30661-1-git-send-email-stefanb@linux.vnet.ibm.com>
References: <1523415005-30661-1-git-send-email-stefanb@linux.vnet.ibm.com>
X-TM-AS-GCONF: 00
x-cbid: 18041102-0020-0000-0000-00000DB8AB97
X-IBM-SpamModules-Scores: 
X-IBM-SpamModules-Versions: BY=3.00008834; HX=3.00000241; KW=3.00000007;
	PH=3.00000004; SC=3.00000256; SDB=6.01016139; UDB=6.00518173;
	IPR=6.00795386;
	MB=3.00020511; MTD=3.00000008; XFM=3.00000015; UTC=2018-04-11 02:50:16
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 18041102-0021-0000-0000-000060DB718E
Message-Id: <1523415005-30661-2-git-send-email-stefanb@linux.vnet.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, ,
	definitions=2018-04-11_01:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
	priorityscore=1501
	malwarescore=0 suspectscore=15 phishscore=0 bulkscore=0 spamscore=0
	clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0
	classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000
	definitions=main-1804110026
X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207
	matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com
	[10.5.110.25]); Wed, 11 Apr 2018 02:50:19 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com
 [10.5.110.25]);
	Wed, 11 Apr 2018 02:50:19 +0000 (UTC) for IP:'148.163.158.5'
	DOMAIN:'mx0b-001b2d01.pphosted.com'
	HELO:'mx0a-001b2d01.pphosted.com'
	FROM:'stefanb@linux.vnet.ibm.com' RCPT:''
X-RedHat-Spam-Score: -0.7 (RCVD_IN_DNSWL_LOW) 148.163.158.5
	mx0b-001b2d01.pphosted.com 148.163.158.5
	mx0b-001b2d01.pphosted.com <stefanb@linux.vnet.ibm.com>
X-Scanned-By: MIMEDefang 2.83 on 10.5.110.25
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v2 1/6] tpm: Enable TPM CRB interface
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]);
 Wed, 11 Apr 2018 02:50:29 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Enable the TPM CRB interface added in QEMU 2.12. the TPM CRB
interface is a simpler interface than the TPM TIS and is only
available for TPM 2.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
---
 docs/formatdomain.html.in                         |  2 ++
 docs/schemas/domaincommon.rng                     |  5 +++-
 src/conf/domain_conf.c                            |  5 ++--
 src/conf/domain_conf.h                            |  1 +
 src/qemu/qemu_capabilities.c                      |  5 ++++
 src/qemu/qemu_capabilities.h                      |  1 +
 tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml |  1 +
 tests/qemuxml2argvdata/tpm-passthrough-crb.args   | 24 +++++++++++++++
 tests/qemuxml2argvdata/tpm-passthrough-crb.xml    | 32 ++++++++++++++++++++
 tests/qemuxml2argvtest.c                          |  3 ++
 tests/qemuxml2xmloutdata/tpm-passthrough-crb.xml  | 36 +++++++++++++++++++=
++++
 11 files changed, 111 insertions(+), 4 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/tpm-passthrough-crb.args
 create mode 100644 tests/qemuxml2argvdata/tpm-passthrough-crb.xml
 create mode 100644 tests/qemuxml2xmloutdata/tpm-passthrough-crb.xml

diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 08dc74b..16fc7db 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -7628,6 +7628,8 @@ qemu-kvm -net nic,model=3D? /dev/null
           The <code>model</code> attribute specifies what device
           model QEMU provides to the guest. If no model name is provided,
           <code>tpm-tis</code> will automatically be chosen.
+          Another available choice is the <code>tpm-crb</code>, which
+          should only be used when the backend is a TPM 2.
         </p>
       </dd>
       <dt><code>backend</code></dt>
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 8165e69..be5c628 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -4112,7 +4112,10 @@
     <element name=3D"tpm">
       <optional>
         <attribute name=3D"model">
-          <value>tpm-tis</value>
+          <choice>
+            <value>tpm-tis</value>
+            <value>tpm-crb</value>
+          </choice>
         </attribute>
       </optional>
       <ref name=3D"tpm-backend"/>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index ae7c0d9..232174a 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -858,7 +858,8 @@ VIR_ENUM_IMPL(virDomainRNGBackend,
               "egd");
=20
 VIR_ENUM_IMPL(virDomainTPMModel, VIR_DOMAIN_TPM_MODEL_LAST,
-              "tpm-tis")
+              "tpm-tis",
+              "tpm-crb")
=20
 VIR_ENUM_IMPL(virDomainTPMBackend, VIR_DOMAIN_TPM_TYPE_LAST,
               "passthrough")
@@ -12549,8 +12550,6 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlop=
t,
         virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                        _("Unknown TPM frontend model '%s'"), model);
         goto error;
-    } else {
-        def->model =3D VIR_DOMAIN_TPM_MODEL_TIS;
     }
=20
     ctxt->node =3D node;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 61379e5..1724340 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1277,6 +1277,7 @@ struct _virDomainHubDef {
=20
 typedef enum {
     VIR_DOMAIN_TPM_MODEL_TIS,
+    VIR_DOMAIN_TPM_MODEL_CRB,
=20
     VIR_DOMAIN_TPM_MODEL_LAST
 } virDomainTPMModel;
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index e54dde6..0952663 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -466,6 +466,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
               /* 285 */
               "virtio-mouse-ccw",
               "virtio-tablet-ccw",
+              "tpm-crb",
     );
=20
=20
@@ -3104,6 +3105,10 @@ const struct tpmTypeToCaps virQEMUCapsTPMModelsToCap=
s[] =3D {
         .type =3D VIR_DOMAIN_TPM_MODEL_TIS,
         .caps =3D QEMU_CAPS_DEVICE_TPM_TIS,
     },
+    {
+        .type =3D VIR_DOMAIN_TPM_MODEL_CRB,
+        .caps =3D QEMU_CAPS_DEVICE_TPM_CRB,
+    },
 };
=20
 static int
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 3f3c29f..604525a 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -450,6 +450,7 @@ typedef enum {
     /* 285 */
     QEMU_CAPS_DEVICE_VIRTIO_MOUSE_CCW, /* -device virtio-mouse-ccw */
     QEMU_CAPS_DEVICE_VIRTIO_TABLET_CCW, /* -device virtio-tablet-ccw */
+    QEMU_CAPS_DEVICE_TPM_CRB, /* -device tpm-crb */
=20
     QEMU_CAPS_LAST /* this must always be the last item */
 } virQEMUCapsFlags;
diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml b/tests/qemu=
capabilitiesdata/caps_2.12.0.x86_64.xml
index 334296e..39ee4f4 100644
--- a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml
@@ -225,6 +225,7 @@
   <flag name=3D'iscsi.password-secret'/>
   <flag name=3D'isa-serial'/>
   <flag name=3D'dump-completed'/>
+  <flag name=3D'tpm-crb'/>
   <version>2011090</version>
   <kvmVersion>0</kvmVersion>
   <microcodeVersion>390060</microcodeVersion>
diff --git a/tests/qemuxml2argvdata/tpm-passthrough-crb.args b/tests/qemuxm=
l2argvdata/tpm-passthrough-crb.args
new file mode 100644
index 0000000..ae052b4
--- /dev/null
+++ b/tests/qemuxml2argvdata/tpm-passthrough-crb.args
@@ -0,0 +1,24 @@
+LC_ALL=3DC \
+PATH=3D/bin \
+HOME=3D/home/test \
+USER=3Dtest \
+LOGNAME=3Dtest \
+QEMU_AUDIO_DRV=3Dnone \
+/usr/bin/qemu-system-x86_64 \
+-name TPM-VM \
+-S \
+-M pc-0.12 \
+-m 2048 \
+-smp 1,sockets=3D1,cores=3D1,threads=3D1 \
+-uuid 11d7cd22-da89-3094-6212-079a48a309a1 \
+-nographic \
+-nodefaults \
+-chardev socket,id=3Dcharmonitor,path=3D/tmp/lib/domain--1-TPM-VM/monitor.=
sock,\
+server,nowait \
+-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dreadline \
+-boot c \
+-usb \
+-tpmdev passthrough,id=3Dtpm-tpm0,path=3D/dev/tpm0,\
+cancel-path=3D/sys/class/misc/tpm0/device/cancel \
+-device tpm-crb,tpmdev=3Dtpm-tpm0,id=3Dtpm0 \
+-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x3
diff --git a/tests/qemuxml2argvdata/tpm-passthrough-crb.xml b/tests/qemuxml=
2argvdata/tpm-passthrough-crb.xml
new file mode 100644
index 0000000..d4f3873
--- /dev/null
+++ b/tests/qemuxml2argvdata/tpm-passthrough-crb.xml
@@ -0,0 +1,32 @@
+<domain type=3D'qemu'>
+  <name>TPM-VM</name>
+  <uuid>11d7cd22-da89-3094-6212-079a48a309a1</uuid>
+  <memory unit=3D'KiB'>2097152</memory>
+  <currentMemory unit=3D'KiB'>512288</currentMemory>
+  <vcpu placement=3D'static'>1</vcpu>
+  <os>
+    <type arch=3D'x86_64' machine=3D'pc-0.12'>hvm</type>
+    <boot dev=3D'hd'/>
+    <bootmenu enable=3D'yes'/>
+  </os>
+  <features>
+    <acpi/>
+  </features>
+  <clock offset=3D'utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <controller type=3D'usb' index=3D'0'/>
+    <controller type=3D'pci' index=3D'0' model=3D'pci-root'/>
+    <input type=3D'mouse' bus=3D'ps2'/>
+    <input type=3D'keyboard' bus=3D'ps2'/>
+    <tpm model=3D'tpm-crb'>
+      <backend type=3D'passthrough'>
+        <device path=3D'/dev/tpm0'/>
+      </backend>
+    </tpm>
+    <memballoon model=3D'virtio'/>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 308d71f..2992197 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -2134,6 +2134,9 @@ mymain(void)
=20
     DO_TEST("tpm-passthrough",
             QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, QEMU_CAPS_DEVICE_TPM_TIS);
+    DO_TEST("tpm-passthrough-crb",
+            QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, QEMU_CAPS_DEVICE_TPM_TIS,
+            QEMU_CAPS_DEVICE_TPM_CRB);
     DO_TEST_PARSE_ERROR("tpm-no-backend-invalid",
                         QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, QEMU_CAPS_DEVICE=
_TPM_TIS);
=20
diff --git a/tests/qemuxml2xmloutdata/tpm-passthrough-crb.xml b/tests/qemux=
ml2xmloutdata/tpm-passthrough-crb.xml
new file mode 100644
index 0000000..ad094a4
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/tpm-passthrough-crb.xml
@@ -0,0 +1,36 @@
+<domain type=3D'qemu'>
+  <name>TPM-VM</name>
+  <uuid>11d7cd22-da89-3094-6212-079a48a309a1</uuid>
+  <memory unit=3D'KiB'>2097152</memory>
+  <currentMemory unit=3D'KiB'>512288</currentMemory>
+  <vcpu placement=3D'static'>1</vcpu>
+  <os>
+    <type arch=3D'x86_64' machine=3D'pc-0.12'>hvm</type>
+    <boot dev=3D'hd'/>
+    <bootmenu enable=3D'yes'/>
+  </os>
+  <features>
+    <acpi/>
+  </features>
+  <clock offset=3D'utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <controller type=3D'usb' index=3D'0'>
+      <address type=3D'pci' domain=3D'0x0000' bus=3D'0x00' slot=3D'0x01' f=
unction=3D'0x2'/>
+    </controller>
+    <controller type=3D'pci' index=3D'0' model=3D'pci-root'/>
+    <input type=3D'mouse' bus=3D'ps2'/>
+    <input type=3D'keyboard' bus=3D'ps2'/>
+    <tpm model=3D'tpm-crb'>
+      <backend type=3D'passthrough'>
+        <device path=3D'/dev/tpm0'/>
+      </backend>
+    </tpm>
+    <memballoon model=3D'virtio'>
+      <address type=3D'pci' domain=3D'0x0000' bus=3D'0x00' slot=3D'0x03' f=
unction=3D'0x0'/>
+    </memballoon>
+  </devices>
+</domain>
--=20
2.5.5

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list