4:30 a.m.
The _virDomainTPMDef structure has 'version' member, which is a
bit misplaced. It's only emulator type of TPM that can have a
version, even our documentation says so:
``version``
The ``version`` attribute indicates the version of the TPM. This attribute
only works with the ``emulator`` backend. The following versions are
supported:
Therefore, move the member into that part of union that's
covering emulated TPM devices.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/conf/domain_conf.c | 34 +++++++++++-----------
src/conf/domain_conf.h | 2 +-
src/qemu/qemu_domain.c | 7 +++--
src/qemu/qemu_tpm.c | 10 ++++---
src/qemu/qemu_validate.c | 53 ++++++++++++++++++-----------------
src/security/virt-aa-helper.c | 2 +-
6 files changed, 56 insertions(+), 52 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 2d8989e4ff..28f0e75e60 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -10396,15 +10396,6 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt,
goto error;
}
- version = virXMLPropString(backends[0], "version");
- if (version &&
- (def->version = virDomainTPMVersionTypeFromString(version)) <= 0) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("Unsupported TPM version '%s'"),
- version);
- goto error;
- }
-
switch (def->type) {
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
if (!(def->data.passthrough.source = virDomainChrSourceDefNew(xmlopt)))
@@ -10416,6 +10407,15 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt,
def->data.passthrough.source->data.file.path = g_steal_pointer(&path);
break;
case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ version = virXMLPropString(backends[0], "version");
+ if (version &&
+ (def->data.emulator.version = virDomainTPMVersionTypeFromString(version))
<= 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Unsupported TPM version '%s'"),
+ version);
+ goto error;
+ }
+
if (!(def->data.emulator.source = virDomainChrSourceDefNew(xmlopt)))
goto error;
secretuuid = virXPathString("string(./backend/encryption/@secret)",
ctxt);
@@ -10437,7 +10437,7 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt,
goto error;
}
}
- if (def->version == VIR_DOMAIN_TPM_VERSION_2_0) {
+ if (def->data.emulator.version == VIR_DOMAIN_TPM_VERSION_2_0) {
if ((nnodes = virXPathNodeSet("./backend/active_pcr_banks/*", ctxt,
&nodes)) < 0)
break;
for (i = 0; i < nnodes; i++) {
@@ -20658,14 +20658,14 @@ virDomainTPMDefCheckABIStability(virDomainTPMDef *src,
return false;
}
- if (src->version != dst->version) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("Target TPM version doesn't match source"));
- return false;
- }
-
switch (src->type) {
case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (src->data.emulator.version != dst->data.emulator.version) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Target TPM version doesn't match source"));
+ return false;
+ }
+
if (src->data.emulator.activePcrBanks != dst->data.emulator.activePcrBanks)
{
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("Target active PCR banks doesn't match
source"));
@@ -24219,7 +24219,7 @@ virDomainTPMDefFormat(virBuffer *buf,
break;
case VIR_DOMAIN_TPM_TYPE_EMULATOR:
virBufferAsprintf(&backendAttrBuf, " version='%s'",
- virDomainTPMVersionTypeToString(def->version));
+
virDomainTPMVersionTypeToString(def->data.emulator.version));
if (def->data.emulator.persistent_state)
virBufferAddLit(&backendAttrBuf, "
persistent_state='yes'");
if (def->data.emulator.hassecretuuid) {
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 7139b91aca..3362042db5 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1439,12 +1439,12 @@ struct _virDomainTPMDef {
int type; /* virDomainTPMBackendType */
virDomainDeviceInfo info;
int model; /* virDomainTPMModel */
- int version; /* virDomainTPMVersion */
union {
struct {
virDomainChrSourceDef *source;
} passthrough;
struct {
+ int version; /* virDomainTPMVersion */
virDomainChrSourceDef *source;
char *storagepath;
char *logfile;
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 94b2e3118c..0343fd3597 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -4594,13 +4594,14 @@ qemuDomainDefTPMsPostParse(virDomainDef *def)
virDomainTPMDef *tpm = def->tpms[i];
/* TPM 1.2 and 2 are not compatible, so we choose a specific version here */
- if (tpm->version == VIR_DOMAIN_TPM_VERSION_DEFAULT) {
+ if (tpm->type == VIR_DOMAIN_TPM_TYPE_EMULATOR &&
+ tpm->data.emulator.version == VIR_DOMAIN_TPM_VERSION_DEFAULT) {
if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR ||
tpm->model == VIR_DOMAIN_TPM_MODEL_CRB ||
qemuDomainIsARMVirt(def))
- tpm->version = VIR_DOMAIN_TPM_VERSION_2_0;
+ tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_2_0;
else
- tpm->version = VIR_DOMAIN_TPM_VERSION_1_2;
+ tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_1_2;
}
if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) {
diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index 03829775b8..f28dd2e1e9 100644
--- a/src/qemu/qemu_tpm.c
+++ b/src/qemu/qemu_tpm.c
@@ -575,7 +575,8 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm,
if (created &&
qemuTPMEmulatorRunSetup(tpm->data.emulator.storagepath, vmname, vmuuid,
privileged, swtpm_user, swtpm_group,
- tpm->data.emulator.logfile, tpm->version,
+ tpm->data.emulator.logfile,
+ tpm->data.emulator.version,
secretuuid, incomingMigration) < 0)
goto error;
@@ -583,7 +584,8 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm,
qemuTPMEmulatorReconfigure(tpm->data.emulator.storagepath,
swtpm_user, swtpm_group,
tpm->data.emulator.activePcrBanks,
- tpm->data.emulator.logfile, tpm->version,
+ tpm->data.emulator.logfile,
+ tpm->data.emulator.version,
secretuuid) < 0)
goto error;
@@ -611,7 +613,7 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm,
virCommandSetUID(cmd, swtpm_user);
virCommandSetGID(cmd, swtpm_group);
- switch (tpm->version) {
+ switch (tpm->data.emulator.version) {
case VIR_DOMAIN_TPM_VERSION_1_2:
break;
case VIR_DOMAIN_TPM_VERSION_2_0:
@@ -684,7 +686,7 @@ qemuTPMEmulatorInitPaths(virDomainTPMDef *tpm,
if (!tpm->data.emulator.storagepath &&
!(tpm->data.emulator.storagepath =
qemuTPMEmulatorStorageBuildPath(swtpmStorageDir, uuidstr,
- tpm->version)))
+ tpm->data.emulator.version)))
return -1;
if (!tpm->data.emulator.logfile) {
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 764d5b029e..ff164118b7 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -4760,33 +4760,34 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
{
virDomainCapsDeviceTPM tpmCaps = { 0 };
- switch (tpm->version) {
- case VIR_DOMAIN_TPM_VERSION_1_2:
- /* TPM 1.2 + CRB do not work */
- if (tpm->type == VIR_DOMAIN_TPM_TYPE_EMULATOR &&
- tpm->model == VIR_DOMAIN_TPM_MODEL_CRB) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("Unsupported interface %s for TPM 1.2"),
- virDomainTPMModelTypeToString(tpm->model));
- return -1;
+ if (tpm->type == VIR_DOMAIN_TPM_TYPE_EMULATOR) {
+ switch (tpm->data.emulator.version) {
+ case VIR_DOMAIN_TPM_VERSION_1_2:
+ /* TPM 1.2 + CRB do not work */
+ if (tpm->model == VIR_DOMAIN_TPM_MODEL_CRB) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Unsupported interface %s for TPM 1.2"),
+ virDomainTPMModelTypeToString(tpm->model));
+ return -1;
+ }
+ /* TPM 1.2 + SPAPR do not work with any 'type' (backend) */
+ if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("TPM 1.2 is not supported with the SPAPR device
model"));
+ return -1;
+ }
+ /* TPM 1.2 + ARM does not work */
+ if (qemuDomainIsARMVirt(def)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("TPM 1.2 is not supported on ARM"));
+ return -1;
+ }
+ break;
+ case VIR_DOMAIN_TPM_VERSION_2_0:
+ case VIR_DOMAIN_TPM_VERSION_DEFAULT:
+ case VIR_DOMAIN_TPM_VERSION_LAST:
+ break;
}
- /* TPM 1.2 + SPAPR do not work with any 'type' (backend) */
- if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("TPM 1.2 is not supported with the SPAPR device
model"));
- return -1;
- }
- /* TPM 1.2 + ARM does not work */
- if (qemuDomainIsARMVirt(def)) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("TPM 1.2 is not supported on ARM"));
- return -1;
- }
- break;
- case VIR_DOMAIN_TPM_VERSION_2_0:
- case VIR_DOMAIN_TPM_VERSION_DEFAULT:
- case VIR_DOMAIN_TPM_VERSION_LAST:
- break;
}
virQEMUCapsFillDomainDeviceTPMCaps(qemuCaps, &tpmCaps);
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 8629503e11..2d0bc99c73 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -1212,7 +1212,7 @@ get_files(vahControl * ctl)
shortName = virDomainDefGetShortName(ctl->def);
- switch (ctl->def->tpms[i]->version) {
+ switch (ctl->def->tpms[i]->data.emulator.version) {
case VIR_DOMAIN_TPM_VERSION_1_2:
tpmpath = "tpm1.2";
break;
--
2.35.1