On Wed, Nov 24, 2021 at 10:10:32AM +0100, Peter Krempa wrote:
On Tue, Nov 23, 2021 at 18:04:07 +0000, Daniel P. Berrangé wrote:
This reports what TPM features QEMU supports, provided that swtpm is installed in the host.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> ---
[...]
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index a4c492dde2..374909bef2 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c
[...]
@@ -6206,6 +6207,35 @@ virQEMUCapsFillDomainDeviceFSCaps(virQEMUCaps *qemuCaps, }
+void +virQEMUCapsFillDomainDeviceTPMCaps(virQEMUCaps *qemuCaps, + virDomainCapsDeviceTPM *tpm) +{ + if (virTPMEmulatorInit() < 0) { + virResetLastError();
Resetting the error here is not acceptable as it pollutes logs with:
2021-11-24 08:58:21.996+0000: 3685776: error : virTPMEmulatorInit:313 : Unable to find 'swtpm' binary in $PATH: No such file or directory
each time capabilities are queried. You will certainly need a "quiet" variant of this function.
+ tpm->supported = VIR_TRISTATE_BOOL_NO; + } else { + tpm->supported = VIR_TRISTATE_BOOL_YES; + tpm->model.report = true; + tpm->backendModel.report = true; + + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_TPM_TIS)) + VIR_DOMAIN_CAPS_ENUM_SET(tpm->model, VIR_DOMAIN_TPM_MODEL_TIS); + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_TPM_CRB)) + VIR_DOMAIN_CAPS_ENUM_SET(tpm->model, VIR_DOMAIN_TPM_MODEL_CRB); + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_TPM_SPAPR)) + VIR_DOMAIN_CAPS_ENUM_SET(tpm->model, VIR_DOMAIN_TPM_MODEL_SPAPR); + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY)) + VIR_DOMAIN_CAPS_ENUM_SET(tpm->model, VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY);
In certain versions (visible in the next commit) neither of the above is supported which resutls in:
diff --git a/tests/domaincapsdata/qemu_2.11.0.s390x.xml b/tests/domaincapsdata/qemu_2.11.0.s390x.xml index 804bf8020e..f76624ffc8 100644 --- a/tests/domaincapsdata/qemu_2.11.0.s390x.xml +++ b/tests/domaincapsdata/qemu_2.11.0.s390x.xml @@ -205,7 +205,12 @@ <value>handle</value> </enum> </filesystem> - <tpm supported='no'/> + <tpm supported='yes'> + <enum name='model'/> + <enum name='backendModel'> + <value>emulator</value> + </enum> + </tpm> </devices> <features> <gic supported='no'/>
Does it even make sense to show that TPM is supported?
True, we can filter out if count(model) == 0 or count(backendModel) == 0 Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|