[PATCH v2] libvirt: configure TPM device in the XML
Parses vtpm.present from VMX files and converts to libvirt TPM device with CRB model and emulator backend. VMware vTPM uses TPM 2.0 with the CRB Signed-off-by: Srihari Parimi <sparimi@redhat.com> --- src/vmx/vmx.c | 34 ++++++++++++++++++++++++++++++++++ tests/vmx2xmldata/vtpm.vmx | 22 ++++++++++++++++++++++ tests/vmx2xmldata/vtpm.xml | 32 ++++++++++++++++++++++++++++++++ tests/vmx2xmltest.c | 2 ++ 4 files changed, 90 insertions(+) create mode 100644 tests/vmx2xmldata/vtpm.vmx create mode 100644 tests/vmx2xmldata/vtpm.xml diff --git a/src/vmx/vmx.c b/src/vmx/vmx.c index 57dfd57cfc..9873794568 100644 --- a/src/vmx/vmx.c +++ b/src/vmx/vmx.c @@ -599,6 +599,7 @@ static int virVMXParseSerial(virVMXContext *ctx, virConf *conf, int port, static int virVMXParseParallel(virVMXContext *ctx, virConf *conf, int port, virDomainChrDef **def); static int virVMXParseSVGA(virConf *conf, virDomainVideoDef **def); +static int virVMXParseTPM(virConf *conf, virDomainTPMDef **def); static int virVMXFormatVNC(virDomainGraphicsDef *def, virBuffer *buffer); static int virVMXFormatDisk(virVMXContext *ctx, virDomainDiskDef *def, @@ -1938,6 +1939,18 @@ virVMXParseConfig(virVMXContext *ctx, def->nvideos = 1; + /* def:tpms */ + { + virDomainTPMDef *tpm = NULL; + if (virVMXParseTPM(conf, &tpm) < 0) + goto cleanup; + + VIR_DEBUG("Is vtpm present: %s", + (tpm != NULL) ? "yes" : "no"); + if (tpm) + VIR_APPEND_ELEMENT(def->tpms, def->ntpms, tpm); + } + /* def:sounds */ /* FIXME */ @@ -3367,6 +3380,27 @@ virVMXParseSVGA(virConf *conf, virDomainVideoDef **def) return result; } +static int +virVMXParseTPM(virConf *conf, virDomainTPMDef **def) +{ + bool vtpm_present = false; + + /* vmx:vtpm.present */ + if (virVMXGetConfigBoolean(conf, "vtpm.present", &vtpm_present, + false, true) < 0) { + return -1; + } + + if (!vtpm_present) + return 0; + + *def = g_new0(virDomainTPMDef, 1); + (*def)->type = VIR_DOMAIN_TPM_TYPE_EMULATOR; + (*def)->model = VIR_DOMAIN_TPM_MODEL_CRB; + (*def)->data.emulator.version = VIR_DOMAIN_TPM_VERSION_2_0; + + return 0; +} /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * diff --git a/tests/vmx2xmldata/vtpm.vmx b/tests/vmx2xmldata/vtpm.vmx new file mode 100644 index 0000000000..6e2fd725b7 --- /dev/null +++ b/tests/vmx2xmldata/vtpm.vmx @@ -0,0 +1,22 @@ +config.version = "8" +virtualHW.version = "19" +displayName = "test-vtpm" +memsize = "4096" +numvcpus = "2" +guestOS = "windows9-64" + +# Disk Configuration +scsi0.present = "TRUE" +scsi0.virtualDev = "lsisas1068" +scsi0:0.present = "TRUE" +scsi0:0.deviceType = "scsi-hardDisk" +scsi0:0.fileName = "test_disk.vmdk" + +# vTPM configuration +vtpm.present = "TRUE" + +# Network Configuration +ethernet0.present = "TRUE" +ethernet0.connectionType = "nat" +ethernet0.virtualDev = "e1000e" +ethernet0.addressType = "generated" diff --git a/tests/vmx2xmldata/vtpm.xml b/tests/vmx2xmldata/vtpm.xml new file mode 100644 index 0000000000..cbb23ce673 --- /dev/null +++ b/tests/vmx2xmldata/vtpm.xml @@ -0,0 +1,32 @@ +<domain type='vmware'> + <name>test-vtpm</name> + <uuid>00000000-0000-0000-0000-000000000000</uuid> + <memory unit='KiB'>4194304</memory> + <currentMemory unit='KiB'>4194304</currentMemory> + <vcpu placement='static'>2</vcpu> + <os> + <type arch='x86_64'>hvm</type> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <disk type='file' device='disk'> + <source file='[datastore] directory/test_disk.vmdk'/> + <target dev='sda' bus='scsi'/> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </disk> + <controller type='scsi' index='0' model='lsisas1068'/> + <interface type='user'> + <mac address='00:00:00:00:00:00' type='generated'/> + <model type='e1000e'/> + </interface> + <tpm model='tpm-crb'> + <backend type='emulator' version='2.0'/> + </tpm> + <video> + <model type='vmvga' vram='4096' primary='yes'/> + </video> + </devices> +</domain> diff --git a/tests/vmx2xmltest.c b/tests/vmx2xmltest.c index fcca765bed..3ffc04fda4 100644 --- a/tests/vmx2xmltest.c +++ b/tests/vmx2xmltest.c @@ -243,6 +243,8 @@ mymain(void) DO_TEST("firmware-efi"); + DO_TEST("vtpm"); + ctx.datacenterPath = "folder1/folder2/datacenter1"; DO_TEST("datacenterpath"); -- 2.53.0
In last review I've asked to fix the summary to mention 'vmx' instead of the redundant 'libvirt:'. On Mon, Apr 20, 2026 at 12:10:38 +0530, Srihari Parimi via Devel wrote:
Parses vtpm.present from VMX files and converts to libvirt TPM device with CRB model and emulator backend. VMware vTPM uses TPM 2.0 with the CRB
In last review I've asked for a link to the document stating where the assumption to use TPM 2.0 comes from Cole provided it. Please include it as requested.
Signed-off-by: Srihari Parimi <sparimi@redhat.com> --- src/vmx/vmx.c | 34 ++++++++++++++++++++++++++++++++++ tests/vmx2xmldata/vtpm.vmx | 22 ++++++++++++++++++++++ tests/vmx2xmldata/vtpm.xml | 32 ++++++++++++++++++++++++++++++++ tests/vmx2xmltest.c | 2 ++ 4 files changed, 90 insertions(+) create mode 100644 tests/vmx2xmldata/vtpm.vmx create mode 100644 tests/vmx2xmldata/vtpm.xml
diff --git a/src/vmx/vmx.c b/src/vmx/vmx.c index 57dfd57cfc..9873794568 100644 --- a/src/vmx/vmx.c +++ b/src/vmx/vmx.c @@ -599,6 +599,7 @@ static int virVMXParseSerial(virVMXContext *ctx, virConf *conf, int port, static int virVMXParseParallel(virVMXContext *ctx, virConf *conf, int port, virDomainChrDef **def); static int virVMXParseSVGA(virConf *conf, virDomainVideoDef **def); +static int virVMXParseTPM(virConf *conf, virDomainTPMDef **def);
static int virVMXFormatVNC(virDomainGraphicsDef *def, virBuffer *buffer); static int virVMXFormatDisk(virVMXContext *ctx, virDomainDiskDef *def, @@ -1938,6 +1939,18 @@ virVMXParseConfig(virVMXContext *ctx,
def->nvideos = 1;
+ /* def:tpms */ + { + virDomainTPMDef *tpm = NULL; + if (virVMXParseTPM(conf, &tpm) < 0) + goto cleanup; + + VIR_DEBUG("Is vtpm present: %s", + (tpm != NULL) ? "yes" : "no");
This is mis-aligned. And differently than in v1 and doesn't even exceed maximul line size. Also none of the other parsers in this file have a VIR_DEBUG statement. Either drop it completely or just format it as: VIR_DEBUG("vTPM present: '%d'", !!tpm);
+ if (tpm) + VIR_APPEND_ELEMENT(def->tpms, def->ntpms, tpm); + }
On Mon, Apr 20, 2026 at 3:16 PM Peter Krempa <pkrempa@redhat.com> wrote:
In last review I've asked to fix the summary to mention 'vmx' instead of the redundant 'libvirt:'.
Yes changed - apologies to have missed last time
On Mon, Apr 20, 2026 at 12:10:38 +0530, Srihari Parimi via Devel wrote:
Parses vtpm.present from VMX files and converts to libvirt TPM device with CRB model and emulator backend. VMware vTPM uses TPM 2.0 with the CRB
In last review I've asked for a link to the document stating where the assumption to use TPM 2.0 comes from Cole provided it. Please include it as requested.
Included the document link which Cole provided. The CRB vs TIS - my google search only shows recommendations to use CRB
Signed-off-by: Srihari Parimi <sparimi@redhat.com> --- src/vmx/vmx.c | 34 ++++++++++++++++++++++++++++++++++ tests/vmx2xmldata/vtpm.vmx | 22 ++++++++++++++++++++++ tests/vmx2xmldata/vtpm.xml | 32 ++++++++++++++++++++++++++++++++ tests/vmx2xmltest.c | 2 ++ 4 files changed, 90 insertions(+) create mode 100644 tests/vmx2xmldata/vtpm.vmx create mode 100644 tests/vmx2xmldata/vtpm.xml
diff --git a/src/vmx/vmx.c b/src/vmx/vmx.c index 57dfd57cfc..9873794568 100644 --- a/src/vmx/vmx.c +++ b/src/vmx/vmx.c @@ -599,6 +599,7 @@ static int virVMXParseSerial(virVMXContext *ctx,
static int virVMXParseParallel(virVMXContext *ctx, virConf *conf, int
virConf *conf, int port, port,
virDomainChrDef **def); static int virVMXParseSVGA(virConf *conf, virDomainVideoDef **def); +static int virVMXParseTPM(virConf *conf, virDomainTPMDef **def);
static int virVMXFormatVNC(virDomainGraphicsDef *def, virBuffer
*buffer);
static int virVMXFormatDisk(virVMXContext *ctx, virDomainDiskDef *def, @@ -1938,6 +1939,18 @@ virVMXParseConfig(virVMXContext *ctx,
def->nvideos = 1;
+ /* def:tpms */ + { + virDomainTPMDef *tpm = NULL; + if (virVMXParseTPM(conf, &tpm) < 0) + goto cleanup; + + VIR_DEBUG("Is vtpm present: %s", + (tpm != NULL) ? "yes" : "no");
This is mis-aligned. And differently than in v1 and doesn't even exceed maximul line size.
Also none of the other parsers in this file have a VIR_DEBUG statement. Either drop it completely or just format it as:
VIR_DEBUG("vTPM present: '%d'", !!tpm);
I have removed this
+ if (tpm) + VIR_APPEND_ELEMENT(def->tpms, def->ntpms, tpm); + }
participants (2)
-
Peter Krempa -
Srihari Parimi