Re: [PATCH 3/3] qemu: Only allow TPM 2.0 for RISC-V guests

We've made similar changes for aarch64 a few years back (see d8a1c059e0ed and previous commits), and the rationale is the same: the architecture is new enough that TPM 2.0 predates it, so TPM 1.2 support was never considered and will just not work. Signed-off-by: Andrea Bolognani <abologna(a)redhat.com&gt; --- src/qemu/qemu_domain.c | 1 + src/qemu/qemu_validate.c | 10 ++++++---- .../aarch64-tpm-wrong-model.aarch64-latest.err | 2 +- ...4-virt-default-models.riscv64-latest.abi-update.xml | 2 +- .../riscv64-virt-default-models.riscv64-latest.xml | 2 +- 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index bda62f2e5c..6bb18ad5a8 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -6182,6 +6182,7 @@ qemuDomainTPMDefPostParse(virDomainTPMDef *tpm, tpm->data.emulator.version == VIR_DOMAIN_TPM_VERSION_DEFAULT) { if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR || tpm->model == VIR_DOMAIN_TPM_MODEL_CRB || + qemuDomainIsRISCVVirt(def) || qemuDomainIsARMVirt(def)) tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_2_0; else diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index ac1940cb31..7b871be05f 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -4765,10 +4765,12 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm, _("TPM 1.2 is not supported with the SPAPR device model")); return -1; } - /* TPM 1.2 + ARM does not work */ - if (qemuDomainIsARMVirt(def)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("TPM 1.2 is not supported on ARM")); + /* TPM 1.2 does not work on certain modern architectures */ + if (qemuDomainIsARMVirt(def) || + qemuDomainIsRISCVVirt(def)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("TPM 1.2 is not supported on architecture '%1$s'"), + virArchToString(def->os.arch)); return -1; }