Add support for TPM emulator (for 4.5)

[libvirt] [PATCH v8 15/18] qemu: Validate chosen TPM model rather than overwriting it

Posted by Stefan Berger 6 years, 11 months ago

TPM 1.2 does not support a CRB interface but only TIS. So, in
this case we need to alert the user and request a change to the
XML rather than silently overwriting it.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
---
 src/conf/domain_conf.c | 15 ---------------
 src/qemu/qemu_domain.c | 28 +++++++++++++++++++++++++++-
 2 files changed, 27 insertions(+), 16 deletions(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index d67ccbbf11..0b244b2eac 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -12727,21 +12727,6 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
         def->version = VIR_DOMAIN_TPM_VERSION_1_2;
     else
         def->version = virDomainTPMVersionTypeFromString(version);
-    switch (def->version) {
-    case VIR_DOMAIN_TPM_VERSION_1_2:
-        /* only TIS available for emulator */
-        if (def->type == VIR_DOMAIN_TPM_TYPE_EMULATOR)
-            def->model = VIR_DOMAIN_TPM_MODEL_TIS;
-        break;
-    case VIR_DOMAIN_TPM_VERSION_2:
-        break;
-    case VIR_DOMAIN_TPM_VERSION_LAST:
-    default:
-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                       _("Unsupported TPM version '%s'"),
-                       version);
-        goto error;
-    }
 
     switch (def->type) {
     case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index fafcb7fe69..b9f7c4d07d 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -5233,6 +5233,29 @@ qemuDomainDeviceDefValidateMemory(const virDomainMemoryDef *memory ATTRIBUTE_UNU
 }
 
 
+static int
+qemuDomainDeviceDefValidateTPM(const virDomainTPMDef *tpm,
+                               const virDomainDef *def ATTRIBUTE_UNUSED)
+{
+    switch (tpm->version) {
+    case VIR_DOMAIN_TPM_VERSION_1_2:
+        /* only TIS available for emulator */
+        if (tpm->type == VIR_DOMAIN_TPM_TYPE_EMULATOR &&
+            tpm->model != VIR_DOMAIN_TPM_MODEL_TIS) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("Unsupported interface %s for TPM 1.2"),
+                           virDomainTPMModelTypeToString(tpm->model));
+            return -1;
+        }
+        break;
+    case VIR_DOMAIN_TPM_VERSION_2:
+    case VIR_DOMAIN_TPM_VERSION_LAST:
+        break;
+    }
+    return 0;
+}
+
+
 static int
 qemuDomainDeviceDefValidate(const virDomainDeviceDef *dev,
                             const virDomainDef *def,
@@ -5292,6 +5315,10 @@ qemuDomainDeviceDefValidate(const virDomainDeviceDef *dev,
         ret = qemuDomainDeviceDefValidateMemory(dev->data.memory, def);
         break;
 
+    case VIR_DOMAIN_DEVICE_TPM:
+        ret = qemuDomainDeviceDefValidateTPM(dev->data.tpm, def);
+        break;
+
     case VIR_DOMAIN_DEVICE_LEASE:
     case VIR_DOMAIN_DEVICE_FS:
     case VIR_DOMAIN_DEVICE_INPUT:
@@ -5301,7 +5328,6 @@ qemuDomainDeviceDefValidate(const virDomainDeviceDef *dev,
     case VIR_DOMAIN_DEVICE_MEMBALLOON:
     case VIR_DOMAIN_DEVICE_NVRAM:
     case VIR_DOMAIN_DEVICE_SHMEM:
-    case VIR_DOMAIN_DEVICE_TPM:
     case VIR_DOMAIN_DEVICE_PANIC:
     case VIR_DOMAIN_DEVICE_IOMMU:
     case VIR_DOMAIN_DEVICE_NONE:
-- 
2.14.3

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v8 15/18] qemu: Validate chosen TPM model rather than overwriting it

Posted by Ján Tomko 6 years, 11 months ago

On Thu, May 24, 2018 at 04:26:11PM -0400, Stefan Berger wrote:
>TPM 1.2 does not support a CRB interface but only TIS. So, in
>this case we need to alert the user and request a change to the
>XML rather than silently overwriting it.
>
>Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
>---
> src/conf/domain_conf.c | 15 ---------------
> src/qemu/qemu_domain.c | 28 +++++++++++++++++++++++++++-
> 2 files changed, 27 insertions(+), 16 deletions(-)
>
>diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
>index d67ccbbf11..0b244b2eac 100644
>--- a/src/conf/domain_conf.c
>+++ b/src/conf/domain_conf.c
>@@ -12727,21 +12727,6 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
>         def->version = VIR_DOMAIN_TPM_VERSION_1_2;
>     else
>         def->version = virDomainTPMVersionTypeFromString(version);
>-    switch (def->version) {
>-    case VIR_DOMAIN_TPM_VERSION_1_2:
>-        /* only TIS available for emulator */
>-        if (def->type == VIR_DOMAIN_TPM_TYPE_EMULATOR)
>-            def->model = VIR_DOMAIN_TPM_MODEL_TIS;
>-        break;
>-    case VIR_DOMAIN_TPM_VERSION_2:
>-        break;
>-    case VIR_DOMAIN_TPM_VERSION_LAST:
>-    default:
>-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>-                       _("Unsupported TPM version '%s'"),
>-                       version);
>-        goto error;
>-    }

Deleting code newly added in the series feels strange. It should not
have been added in the first place.

>
>     switch (def->type) {
>     case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:

For the rest:

Reviewed-by: Ján Tomko <jtomko@redhat.com>

Jano
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v8 15/18] qemu: Validate chosen TPM model rather than overwriting it

Posted by Stefan Berger 6 years, 11 months ago

On 06/02/2018 09:38 AM, Ján Tomko wrote:
> On Thu, May 24, 2018 at 04:26:11PM -0400, Stefan Berger wrote:
>> TPM 1.2 does not support a CRB interface but only TIS. So, in
>> this case we need to alert the user and request a change to the
>> XML rather than silently overwriting it.
>>
>> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
>> ---
>> src/conf/domain_conf.c | 15 ---------------
>> src/qemu/qemu_domain.c | 28 +++++++++++++++++++++++++++-
>> 2 files changed, 27 insertions(+), 16 deletions(-)
>>
>> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
>> index d67ccbbf11..0b244b2eac 100644
>> --- a/src/conf/domain_conf.c
>> +++ b/src/conf/domain_conf.c
>> @@ -12727,21 +12727,6 @@ 
>> virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
>>         def->version = VIR_DOMAIN_TPM_VERSION_1_2;
>>     else
>>         def->version = virDomainTPMVersionTypeFromString(version);
>> -    switch (def->version) {
>> -    case VIR_DOMAIN_TPM_VERSION_1_2:
>> -        /* only TIS available for emulator */
>> -        if (def->type == VIR_DOMAIN_TPM_TYPE_EMULATOR)
>> -            def->model = VIR_DOMAIN_TPM_MODEL_TIS;
>> -        break;
>> -    case VIR_DOMAIN_TPM_VERSION_2:
>> -        break;
>> -    case VIR_DOMAIN_TPM_VERSION_LAST:
>> -    default:
>> -        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>> -                       _("Unsupported TPM version '%s'"),
>> -                       version);
>> -        goto error;
>> -    }
>
> Deleting code newly added in the series feels strange. It should not
> have been added in the first place.
>
>>
>>     switch (def->type) {
>>     case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
>
> For the rest:

If you don't mind, I will squash this into 10/18.

>
>
> Reviewed-by: Ján Tomko <jtomko@redhat.com>
>
> Jano


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list