Re: [libvirt] [PATCH v8 00/18] Add support for TPM emulator (for 4.5)

On 06/05/2018 01:03 AM, Marc Hartmayer wrote: > On Thu, May 24, 2018 at 10:25 PM +0200, Stefan Berger > <stefanb(a)linux.vnet.ibm.com&gt; wrote: >> This series of patches adds support for the TPM emulator backend that >> is available in QEMU and based on swtpm + libtpms. It allows to >> attach a >> TPM 1.2 or 2 to a QEMU VM. sVirt labels are used for labeling the swtpm >> process, its Unix socket, and log file with the same label that the >> QEMU process gets. Besides that swtpm is added to the emulator >> cgroup to >> restrict its CPU usage. >> >> The device XML can be changed from a TPM 1.2 to a TPM 2 and back to a >> TPM 1.2. The device state is not removed during those changes but only >> when the domain is undefined. >> >> The swtpm needs persistent storage to store its state. For that I am >> using the uuid of the VM as part of the path since the name of the VM >> can be changed. Logfiles, PID files, and socket names are based on the >> name of the VM, though. >> >>    Stefan >> >> v7->v8: >>    - Delaying this series for 4.5; adjusted references to 4.4 >>    - Fixed a test case since version='1.2' is now formatted as well >>    - Appended patches for AppArmor and auditing >>    - Appended patches that improve / fix existing code >>    - patch for validating the TPM configuration rather than >> overwriting it; >>      a particular case is the CRB interface does not work with a TPM >> 1.2 >>    - swtpm_setup can be run for a TPM 2 in unprivileged mode as well >> >> v6->v7: >>    - followed Jan Tomko's suggestion with resulting changing to patch >>      10/12. >>    - re-added missing parts related to swtpm_setup and TPM that got >> lost >>      in v4 >> >> v5->v6: >>    - Addressed John Ferlan's comments >>    - rebased on latest tip >>    - Added patch 12. >> >> v4->v5: >>    - Addressed John Ferlan's, Boris Fiuczysnki's and Marc >> Hartmayer's comments >>    - rebased on latest tip >> >> v3->v4: >>    - Addressed John Ferlan's comments >>    - Fixed bugs I found while testing >>    - rebased on latest tip >> >> >> Stefan Berger (18): >>    conf: Add support for external swtpm TPM emulator to domain XML >>    qemu: Extend QEMU capabilities with 'tpm-emulator' >>    util: Implement virFileChownFiles() >>    security: Add DAC and SELinux security for tpm-emulator >>    qemu: Extend qemu_conf with tpm-emulator support >>    qemu: Extend QEMU with external TPM support >>    qemu: Add support for external swtpm TPM emulator >>    tests: Add test cases for external swtpm TPM emulator >>    security: Label the external swtpm with SELinux labels >>    conf: Add support for choosing emulation of a TPM 2 >>    qemu: Add swtpm to emulator cgroup >>    news: Update news with new TPM emulator feature >>    security: Add swtpm paths to the domain's AppArmor profile >>    qemu: Run swtpm_setup in unprivileged mode for a TPM 2 >>    qemu: Validate chosen TPM model rather than overwriting it >>    conf: Audit TPM emulator device at domain startup >>    conf: Use resrc=tpm in case of TPM passthrough following docs >>    conf: Use virDomainChrSourceDefClear() rather than VIR_FREE() >> >>   docs/auditlog.html.in                              |   2 +- >>   docs/formatdomain.html.in                          |  43 + >>   docs/news.xml                                      |  13 + >>   docs/schemas/domaincommon.rng                      |  17 + >>   examples/apparmor/libvirt-qemu                     |   3 + >>   libvirt.spec.in                                    |   2 + >>   src/conf/domain_audit.c                            |  20 +- >>   src/conf/domain_conf.c                             |  49 +- >>   src/conf/domain_conf.h                             |  15 + >>   src/libvirt_private.syms                           |   3 + >>   src/qemu/Makefile.inc.am                           |  10 + >>   src/qemu/libvirtd_qemu.aug                         |   5 + >>   src/qemu/qemu.conf                                 |   8 + >>   src/qemu/qemu_capabilities.c                       |   5 + >>   src/qemu/qemu_capabilities.h                       |   1 + >>   src/qemu/qemu_cgroup.c                             |  36 + >>   src/qemu/qemu_cgroup.h                             |   2 + >>   src/qemu/qemu_command.c                            |  34 +- >>   src/qemu/qemu_conf.c                               |  43 + >>   src/qemu/qemu_conf.h                               |   6 + >>   src/qemu/qemu_domain.c                             |  31 +- >>   src/qemu/qemu_extdevice.c                          | 180 ++++ >>   src/qemu/qemu_extdevice.h                          |  59 ++ >>   src/qemu/qemu_process.c                            |  16 + >>   src/qemu/qemu_security.c                           |  69 ++ >>   src/qemu/qemu_security.h                           |  11 + >>   src/qemu/qemu_tpm.c                                | 922 >> +++++++++++++++++++++ >>   src/qemu/qemu_tpm.h                                |  56 ++ >>   src/qemu/test_libvirtd_qemu.aug.in                 |   2 + >>   src/security/security_dac.c                        |   7 + >>   src/security/security_driver.h                     |   7 + >>   src/security/security_manager.c                    |  36 + >>   src/security/security_manager.h                    |   6 + >>   src/security/security_selinux.c                    | 172 ++++ >>   src/security/security_stack.c                      |  40 + >>   src/security/virt-aa-helper.c                      |  24 + >>   src/util/virfile.c                                 |  55 ++ >>   src/util/virfile.h                                 |   3 + >>   tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml   |   1 + >>   tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml |   1 + >>   tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml   |   1 + >>   tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml   |   1 + >>   tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml  |   1 + >>   .../tpm-emulator-tpm2.x86_64-latest.args           |  33 + >>   tests/qemuxml2argvdata/tpm-emulator-tpm2.xml       |  30 + >>   .../tpm-emulator.x86_64-latest.args                |  33 + >>   tests/qemuxml2argvdata/tpm-emulator.xml            |  30 + >>   tests/qemuxml2argvtest.c                           |  16 +- >>   tests/qemuxml2xmloutdata/tpm-emulator-tpm2.xml     |  34 + >>   tests/qemuxml2xmloutdata/tpm-emulator.xml          |  34 + >>   tests/qemuxml2xmltest.c                            |   1 + >>   51 files changed, 2212 insertions(+), 17 deletions(-) >>   create mode 100644 src/qemu/qemu_extdevice.c >>   create mode 100644 src/qemu/qemu_extdevice.h >>   create mode 100644 src/qemu/qemu_tpm.c >>   create mode 100644 src/qemu/qemu_tpm.h >>   create mode 100644 >> tests/qemuxml2argvdata/tpm-emulator-tpm2.x86_64-latest.args >>   create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2.xml >>   create mode 100644 >> tests/qemuxml2argvdata/tpm-emulator.x86_64-latest.args >>   create mode 100644 tests/qemuxml2argvdata/tpm-emulator.xml >>   create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator-tpm2.xml >>   create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator.xml >> >> -- >> 2.14.3 > Hi Stefan, > > if I restart libvirtd while the TPM-guest is running, the guest crashes… > I haven’t had a closer look yet, but can you please verify the behavior > for you? Thanks! I do not see this with the current version (v9) I posted yesterday. Is this happening only when a vTPM is attached or also in other cases? Though. I had seen such behavior a while ago but then it disappeared and iirc it wasn't limited to guests with an attached vTPM. I think it was due to libvirt terminating the guest for some reason.

  Stefan > > Beste Grüße / Kind regards >     Marc Hartmayer > > IBM Deutschland Research & Development GmbH > Vorsitzende des Aufsichtsrats: Martina Koederitz > Geschäftsführung: Dirk Wittkopp > Sitz der Gesellschaft: Böblingen > Registergericht: Amtsgericht Stuttgart, HRB 243294