4:56 p.m.
This series of patches add support for the new TPM CRB interface in
QEMU that will become available with QEMU 2.12.
The rest of the patches add support for the TPM emulator backend that
is available in QEMU and based on swtpm + libtpms. Here I hope for
feedback for how to organize the layout of directories, files, and
UnixIO socket files that QEMU needs to talk to 'swtpm'.
Stefan
Stefan Berger (6):
tpm: Enable TPM CRB interface
tpm: Add support for external swtpm TPM emulator
tpm: Label the external swtpm with SELinux labels
tpm: Handle TPM emulator device reconfigurations
tpm: Add support for choosing emulation of a TPM 2
tpm: Add swtpm to emulator cgroup
docs/formatdomain.html.in | 47 ++
docs/schemas/domaincommon.rng | 23 +-
src/conf/domain_audit.c | 2 +
src/conf/domain_conf.c | 131 ++++-
src/conf/domain_conf.h | 19 +
src/libvirt_private.syms | 8 +
src/qemu/Makefile.inc.am | 2 +
src/qemu/libvirtd_qemu.aug | 3 +
src/qemu/qemu.conf | 7 +
src/qemu/qemu_capabilities.c | 10 +
src/qemu/qemu_capabilities.h | 2 +
src/qemu/qemu_cgroup.c | 54 ++
src/qemu/qemu_cgroup.h | 1 +
src/qemu/qemu_command.c | 52 +-
src/qemu/qemu_conf.c | 11 +-
src/qemu/qemu_conf.h | 2 +
src/qemu/qemu_domain.c | 2 +
src/qemu/qemu_driver.c | 16 +-
src/qemu/qemu_extdevice.c | 245 +++++++++
src/qemu/qemu_extdevice.h | 36 ++
src/qemu/qemu_process.c | 12 +
src/qemu/test_libvirtd_qemu.aug.in | 1 +
src/security/security_dac.c | 6 +
src/security/security_driver.h | 5 +-
src/security/security_manager.c | 15 +
src/security/security_manager.h | 3 +
src/security/security_selinux.c | 101 ++++
src/security/security_stack.c | 19 +
src/util/vircgroup.c | 42 ++
src/util/vircgroup.h | 1 +
src/util/virfile.c | 12 +
src/util/virfile.h | 2 +-
src/util/virtpm.c | 550 +++++++++++++++++++++
src/util/virtpm.h | 14 +
tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 2 +
tests/qemuxml2argvdata/tpm-emulator-tpm2.args | 24 +
tests/qemuxml2argvdata/tpm-emulator-tpm2.xml | 30 ++
tests/qemuxml2argvdata/tpm-emulator.args | 24 +
tests/qemuxml2argvdata/tpm-emulator.xml | 30 ++
tests/qemuxml2argvdata/tpm-passthrough-crb.args | 24 +
tests/qemuxml2argvdata/tpm-passthrough-crb.xml | 32 ++
tests/qemuxml2argvmock.c | 2 +
tests/qemuxml2argvtest.c | 23 +
tests/qemuxml2xmloutdata/tpm-emulator-tpm2.xml | 34 ++
tests/qemuxml2xmloutdata/tpm-emulator.xml | 34 ++
tests/qemuxml2xmloutdata/tpm-passthrough-crb.xml | 36 ++
tests/qemuxml2xmltest.c | 1 +
51 files changed, 1736 insertions(+), 20 deletions(-)
create mode 100644 src/qemu/qemu_extdevice.c
create mode 100644 src/qemu/qemu_extdevice.h
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2.args
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2.xml
create mode 100644 tests/qemuxml2argvdata/tpm-emulator.args
create mode 100644 tests/qemuxml2argvdata/tpm-emulator.xml
create mode 100644 tests/qemuxml2argvdata/tpm-passthrough-crb.args
create mode 100644 tests/qemuxml2argvdata/tpm-passthrough-crb.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator-tpm2.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-passthrough-crb.xml
--
2.5.5