On 04/12/2013 11:54 AM, Daniel P. Berrange wrote:
On Fri, Apr 12, 2013 at 11:29:43AM -0400, Stefan Berger wrote:
> On 04/12/2013 09:37 AM, Daniel P. Berrange wrote:
>> On Fri, Apr 12, 2013 at 09:25:14AM -0400, Stefan Berger wrote:
>>> Hello!
>>>
>>> The following set of patches adds support to libvirt for
>>> adding a TPM passthrough device to a QEMU guest. Support for
>>> this was recently accepted into QEMU.
>>>
>>> This set of patches borrows a lot from the recently added support
>>> for rng's.
>>>
>>> Regards,
>>> Stefan
>>>
>>> ---
>>> v5->v6:
>>> - followed tree to 039a3283
>>> - simplified virTPMFindCancelPath in 4/11 following D. Berrange's
comments
>> ACK to all patches in v6.
> Argh, after removing the cancel_path from the virDomainTPMDef
> structure and now determining the cancel_path at the places where it
> is needed and verifying that the file actually exists, the test case
> only works if the device actually exists since it runs through that
> code when creating the QEMU command line... The idea is to SELinux
> label the device it in libvirt, which is a 'must', and pass that
> same file that was labeled via QEMU command line for QEMU to just
> use it. QEMU, however, can determine this file itself also -- though
> I should simplify the code there as well. I thought it was better to
> not assume the two are in lock-step, i.e., can find the same file,
> but let libvirt pass the file that was determined.
This says to me that the virTPMFindCancelPath method is still too
over-engineered. It could just accept /dev/tpm0 and return
/sys/misc/tpm0/cancel unconditionally, without trying to probe
sysfs to see what exists there. The security drivers will still
be validating that the file actually exists when starting QEMU,
so no need to do that on every call to virTPMFindCancelPath
You are of course right. Let me append the latest version of this file
to v6 4/11 for review.
Stefan