3:16 a.m.
I'm wondering if there will be vTPM support in libvirt in the near
future?! Xen does support it already with the configuration "vtpm =
['instance=1,backend=0']", for example.
So it would be great if the libvirt XML format supported it, too... For
example like this:
<devices>
<vtpm instance="1" backend="xxx" />
</devices>
Both attributes are optional. The backend attribute is a VM ID (on Xen,
only zero for dom0 is supported) and could be implemented as a UUID?!
What do you think? Are there any efforts to introducing that?
Cheers
Andreas
4:30 a.m.
On Thu, Jun 25, 2009 at 09:16:26AM +0100, Andreas Sommer wrote:
I'm wondering if there will be vTPM support in libvirt in the
near
future?! Xen does support it already with the configuration "vtpm =
['instance=1,backend=0']", for example.
So it would be great if the libvirt XML format supported it, too... For
example like this:
<devices>
<vtpm instance="1" backend="xxx" />
</devices>
Both attributes are optional. The backend attribute is a VM ID (on Xen,
only zero for dom0 is supported) and could be implemented as a UUID?!
I'd just ignore 'backend' for now - none of the other existing devices
suport anything other than dom0 as the backend, so its no loss to assume
dom0 for TPM too.
What is 'instance' ?
For element I'd prefer to just call it '<tpm>' - the 'v' is
redundant
since every device is virtual here :-)
What do you think? Are there any efforts to introducing that?
No one has ever asked for it before, which is why we've not supported
this to date. I don't have any objection to supporting it, so patches
would be welcomed.
Regards,
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
7:06 a.m.
I agree on ignoring "backend" for now. The "instance" parameter
defines
a vTPM ID associated to that domain. There's a file "vtpm.db" which
lists all mappings between domain UUID and vTPM ID, which means as long
as you set a UUID for each of your domains, the correct vTPM is selected
automatically (this is important for loading the last vTPM state).
Can you please give me a short introduction on how to add this feature
to libvirt? I know how to check out the code and how to change the
domain RelaxNG schema, but where do I need to change the source code?
Oh, and how do I need to configure it in order to install it on a
machine (I guess "./configure --prefix=???" is important?!).
Best regards
Andreas
Daniel P. Berrange wrote:
On Thu, Jun 25, 2009 at 09:16:26AM +0100, Andreas Sommer wrote:
> I'm wondering if there will be vTPM support in libvirt in the near
> future?! Xen does support it already with the configuration "vtpm =
> ['instance=1,backend=0']", for example.
>
> So it would be great if the libvirt XML format supported it, too... For
> example like this:
>
> <devices>
> <vtpm instance="1" backend="xxx" />
> </devices>
>
> Both attributes are optional. The backend attribute is a VM ID (on Xen,
> only zero for dom0 is supported) and could be implemented as a UUID?!
>
I'd just ignore 'backend' for now - none of the other existing devices
suport anything other than dom0 as the backend, so its no loss to assume
dom0 for TPM too.
What is 'instance' ?
For element I'd prefer to just call it '<tpm>' - the 'v' is
redundant
since every device is virtual here :-)
> What do you think? Are there any efforts to introducing that?
>
No one has ever asked for it before, which is why we've not supported
this to date. I don't have any objection to supporting it, so patches
would be welcomed.
Regards,
Daniel
12:18 p.m.
Hi again,
I found out that the important files for the patch will be
- domain_conf.c
- util.h
- domain_conf.h
- xm_internal.c
Guess I could figure out how to code it, but I still need to know how to
install libvirt from sources. There's no documentation about it...
Andreas Sommer wrote:
I agree on ignoring "backend" for now. The
"instance" parameter
defines a vTPM ID associated to that domain. There's a file "vtpm.db"
which lists all mappings between domain UUID and vTPM ID, which means
as long as you set a UUID for each of your domains, the correct vTPM
is selected automatically (this is important for loading the last vTPM
state).
Can you please give me a short introduction on how to add this feature
to libvirt? I know how to check out the code and how to change the
domain RelaxNG schema, but where do I need to change the source code?
Oh, and how do I need to configure it in order to install it on a
machine (I guess "./configure --prefix=???" is important?!).
Best regards
Andreas
Daniel P. Berrange wrote:
> On Thu, Jun 25, 2009 at 09:16:26AM +0100, Andreas Sommer wrote:
>
>> I'm wondering if there will be vTPM support in libvirt in the near
>> future?! Xen does support it already with the configuration "vtpm =
>> ['instance=1,backend=0']", for example.
>>
>> So it would be great if the libvirt XML format supported it, too...
>> For example like this:
>>
>> <devices>
>> <vtpm instance="1" backend="xxx" />
>> </devices>
>>
>> Both attributes are optional. The backend attribute is a VM ID (on
>> Xen, only zero for dom0 is supported) and could be implemented as a
>> UUID?!
>>
>
> I'd just ignore 'backend' for now - none of the other existing devices
> suport anything other than dom0 as the backend, so its no loss to assume
> dom0 for TPM too.
>
> What is 'instance' ?
>
> For element I'd prefer to just call it '<tpm>' - the 'v' is
redundant
> since every device is virtual here :-)
>
>
>> What do you think? Are there any efforts to introducing that?
>>
>
> No one has ever asked for it before, which is why we've not supported
> this to date. I don't have any objection to supporting it, so patches
> would be welcomed.
>
> Regards,
> Daniel
>
--
Libvir-list mailing list
Libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
1:20 p.m.
Andreas Sommer wrote:
Hi again,
I found out that the important files for the patch will be
- domain_conf.c
- util.h
- domain_conf.h
- xm_internal.c
Guess I could figure out how to code it, but I still need to know how to
install libvirt from sources. There's no documentation about it...
You can find the doc on how to download and build at:
http://libvirt.org/downloads.html
There is also some documentation on how to modify libvirt at:
http://www.libvirt.org/api_extension.html
It may not be entirely relevant to what you're doing, but it should
provide some traction in looking at the codebase. I'd like to hear your
thoughts on it, as I wrote it relatively recently.
Dave
Andreas Sommer wrote:
> I agree on ignoring "backend" for now. The "instance" parameter
> defines a vTPM ID associated to that domain. There's a file "vtpm.db"
> which lists all mappings between domain UUID and vTPM ID, which means
> as long as you set a UUID for each of your domains, the correct vTPM
> is selected automatically (this is important for loading the last vTPM
> state).
>
> Can you please give me a short introduction on how to add this feature
> to libvirt? I know how to check out the code and how to change the
> domain RelaxNG schema, but where do I need to change the source code?
> Oh, and how do I need to configure it in order to install it on a
> machine (I guess "./configure --prefix=???" is important?!).
>
> Best regards
> Andreas
>
> Daniel P. Berrange wrote:
>> On Thu, Jun 25, 2009 at 09:16:26AM +0100, Andreas Sommer wrote:
>>
>>> I'm wondering if there will be vTPM support in libvirt in the near
>>> future?! Xen does support it already with the configuration "vtpm =
>>> ['instance=1,backend=0']", for example.
>>>
>>> So it would be great if the libvirt XML format supported it, too...
>>> For example like this:
>>>
>>> <devices>
>>> <vtpm instance="1" backend="xxx" />
>>> </devices>
>>>
>>> Both attributes are optional. The backend attribute is a VM ID (on
>>> Xen, only zero for dom0 is supported) and could be implemented as a
>>> UUID?!
>>>
>>
>> I'd just ignore 'backend' for now - none of the other existing
devices
>> suport anything other than dom0 as the backend, so its no loss to assume
>> dom0 for TPM too.
>>
>> What is 'instance' ?
>>
>> For element I'd prefer to just call it '<tpm>' - the
'v' is redundant
>> since every device is virtual here :-)
>>
>>
>>> What do you think? Are there any efforts to introducing that?
>>>
>>
>> No one has ever asked for it before, which is why we've not supported
>> this to date. I don't have any objection to supporting it, so patches
>> would be welcomed.
>>
>> Regards,
>> Daniel
>>
>
> --
> Libvir-list mailing list
> Libvir-list(a)redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
--
Libvir-list mailing list
Libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
3:30 a.m.
I made some changes to the code and would like to try it out by
installing libvirt. As you said, there's an example on how to build and
install it, but how do I need to configure it in order to get it
installed on my system and not in some $HOME directory?? Yesterday I tried
./configure
make
make install
then virsh is installed but cannot find libvirt.so.0. Can you help me
with that or edit the installation instructions on the website?
Dave Allan wrote:
Andreas Sommer wrote:
> Hi again,
>
> I found out that the important files for the patch will be
> - domain_conf.c
> - util.h
> - domain_conf.h
> - xm_internal.c
>
> Guess I could figure out how to code it, but I still need to know how
> to install libvirt from sources. There's no documentation about it...
You can find the doc on how to download and build at:
http://libvirt.org/downloads.html
There is also some documentation on how to modify libvirt at:
http://www.libvirt.org/api_extension.html
It may not be entirely relevant to what you're doing, but it should
provide some traction in looking at the codebase. I'd like to hear
your thoughts on it, as I wrote it relatively recently.
Dave
>
> Andreas Sommer wrote:
>> I agree on ignoring "backend" for now. The "instance"
parameter
>> defines a vTPM ID associated to that domain. There's a file
>> "vtpm.db" which lists all mappings between domain UUID and vTPM ID,
>> which means as long as you set a UUID for each of your domains, the
>> correct vTPM is selected automatically (this is important for
>> loading the last vTPM state).
>>
>> Can you please give me a short introduction on how to add this
>> feature to libvirt? I know how to check out the code and how to
>> change the domain RelaxNG schema, but where do I need to change the
>> source code? Oh, and how do I need to configure it in order to
>> install it on a machine (I guess "./configure --prefix=???" is
>> important?!).
>>
>> Best regards
>> Andreas
>>
>> Daniel P. Berrange wrote:
>>> On Thu, Jun 25, 2009 at 09:16:26AM +0100, Andreas Sommer wrote:
>>>
>>>> I'm wondering if there will be vTPM support in libvirt in the near
>>>> future?! Xen does support it already with the configuration "vtpm
>>>> = ['instance=1,backend=0']", for example.
>>>>
>>>> So it would be great if the libvirt XML format supported it,
>>>> too... For example like this:
>>>>
>>>> <devices>
>>>> <vtpm instance="1" backend="xxx" />
>>>> </devices>
>>>>
>>>> Both attributes are optional. The backend attribute is a VM ID (on
>>>> Xen, only zero for dom0 is supported) and could be implemented as
>>>> a UUID?!
>>>>
>>>
>>> I'd just ignore 'backend' for now - none of the other existing
devices
>>> suport anything other than dom0 as the backend, so its no loss to
>>> assume
>>> dom0 for TPM too.
>>>
>>> What is 'instance' ?
>>>
>>> For element I'd prefer to just call it '<tpm>' - the
'v' is redundant
>>> since every device is virtual here :-)
>>>
>>>
>>>> What do you think? Are there any efforts to introducing that?
>>>>
>>>
>>> No one has ever asked for it before, which is why we've not supported
>>> this to date. I don't have any objection to supporting it, so patches
>>> would be welcomed.
>>>
>>> Regards,
>>> Daniel
>>>
>>
>> --
>> Libvir-list mailing list
>> Libvir-list(a)redhat.com
>> https://www.redhat.com/mailman/listinfo/libvir-list
>>
>
> --
> Libvir-list mailing list
> Libvir-list(a)redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
3:44 a.m.
On Fri, Jun 26, 2009 at 09:30:53AM +0100, Andreas Sommer wrote:
I made some changes to the code and would like to try it out by
installing libvirt. As you said, there's an example on how to build and
install it, but how do I need to configure it in order to get it
installed on my system and not in some $HOME directory?? Yesterday I tried
./configure
make
make install
then virsh is installed but cannot find libvirt.so.0. Can you help me
with that or edit the installation instructions on the website?
If you're just doing dev changes, it is best not to install it into
your main system. Instead just build and run directly from the source
tree.
eg, what I normally do is
./autogen.sh --enable-compile-warnings=error --prefix=/usr --localstatedir=/var
--sysconfdir=/etc
make
And *not* make install.
Then as root just stop the normal libvirtd daemon that comes with your
distro, and run the one you just compiled manually, eg
$ su - root
# /etc/init.d/libvirtd stop
# /home/berrange/work/libvirt/qemud/libvirtd
And likewise, use the 'virsh' binary directly from the source tree
$ cd $HOME/work/libvirt/src
$ ./virsh
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
3:32 p.m.
Thanks for your help so far. I changed the basics needed for vTPM
support, which include XML <--> native configuration stuff (you will see
it in the patch).
I'm not really sure what else has to be done - maybe reading from
xenstore?? Hope you can give me some tips on what is still missing.
I did already try "./virsh domxml-from-native xen-xm
some_config_file_that_contains_the_vtpm_line" and it gave me the correct
XML answer :)
Please find attached the unified diff.
Best regards
Andreas
Daniel P. Berrange wrote:
On Fri, Jun 26, 2009 at 09:30:53AM +0100, Andreas Sommer wrote:
> I made some changes to the code and would like to try it out by
> installing libvirt. As you said, there's an example on how to build and
> install it, but how do I need to configure it in order to get it
> installed on my system and not in some $HOME directory?? Yesterday I tried
>
> ./configure
> make
> make install
>
> then virsh is installed but cannot find libvirt.so.0. Can you help me
> with that or edit the installation instructions on the website?
>
If you're just doing dev changes, it is best not to install it into
your main system. Instead just build and run directly from the source
tree.
eg, what I normally do is
./autogen.sh --enable-compile-warnings=error --prefix=/usr --localstatedir=/var
--sysconfdir=/etc
make
And *not* make install.
Then as root just stop the normal libvirtd daemon that comes with your
distro, and run the one you just compiled manually, eg
$ su - root
# /etc/init.d/libvirtd stop
# /home/berrange/work/libvirt/qemud/libvirtd
And likewise, use the 'virsh' binary directly from the source tree
$ cd $HOME/work/libvirt/src
$ ./virsh
Daniel
Index: src/domain_conf.c
===================================================================
RCS file: /data/cvs/libvirt/src/domain_conf.c,v
retrieving revision 1.88
diff -u -r1.88 domain_conf.c
--- src/domain_conf.c 25 Jun 2009 13:55:58 -0000 1.88
+++ src/domain_conf.c 27 Jun 2009 15:12:28 -0000
@@ -461,6 +461,8 @@
for (i = 0 ; i < def->nhostdevs ; i++)
virDomainHostdevDefFree(def->hostdevs[i]);
VIR_FREE(def->hostdevs);
+
+ VIR_FREE(def->tpm);
VIR_FREE(def->os.type);
VIR_FREE(def->os.arch);
@@ -1622,6 +1624,62 @@
}
+/* Parse the XML definition for a vTPM device (<tpm
instance="optional_instance_number">) */
+static virDomainTpmDefPtr
+virDomainTpmDefParseXML(virConnectPtr conn,
+ xmlNodePtr node, int flags) {
+
+ flags = flags; /* TODO: Andreas Sommer <AndiDog(a)web.de> flags unused, what are
they used for */
+
+ virDomainTpmDefPtr def;
+ char *instance = NULL;
+
+ if (VIR_ALLOC(def) < 0) {
+ virReportOOMError(conn);
+ return NULL;
+ }
+
+ instance = virXMLPropString(node, "instance");
+
+ /* Attribute "instance" is optional*/
+ if (instance) {
+ /* "instance" is defined as a number >= 0 */
+ if (!c_isdigit(*instance) || *instance == '0') {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ _("TPM instance attribute '%s' found, but
must be a number >= 0 (make sure no whitespaces or leading zeroes are
contained)"), instance);
+ goto error;
+ }
+
+ const char *check = &instance[1];
+ while (*check && c_isdigit(*check)) ++check;
+ if (*check) {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ _("TPM instance attribute '%s' contains
non-digits, must be a number >= 0 (make sure no whitespaces or leading zeroes are
contained)"), instance);
+ goto error;
+ }
+
+ int err = virStrToLong_l("instance", NULL, 10, &def->instance);
+ if (err) {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ _("TPM instance '%s' is not a valid
number"), instance);
+ goto error;
+ }
+ }
+ else
+ def->instance = -1;
+
+cleanup:
+ VIR_FREE(instance);
+
+ return def;
+
+error:
+ VIR_FREE(def);
+ def = NULL;
+ goto cleanup;
+}
+
+
static virDomainSoundDefPtr
virDomainSoundDefParseXML(virConnectPtr conn,
const xmlNodePtr node,
@@ -2617,6 +2675,30 @@
def->inputs[def->ninputs] = input;
def->ninputs++;
}
+
+
+ /* analysis of the vTPM device */
+ if ((n = virXPathNodeSet(conn, "./devices/tpm", ctxt, &nodes)) < 0)
{
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ "%s", _("cannot extract vTPM device"));
+ goto error;
+ }
+ if (n > 1) {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ "%s", _("there can only be one vTPM
device"));
+ goto error;
+ }
+ if (n == 1) {
+ virDomainTpmDefPtr tpm = virDomainTpmDefParseXML(conn,
+ nodes[0],
+ flags);
+
+ if (!tpm)
+ goto error;
+
+ def->tpm = tpm;
+ }
+ VIR_FREE(nodes);
/* analysis of the sound devices */
@@ -3856,6 +3938,13 @@
goto cleanup;
}
+ if (def->tpm) {
+ virBufferVSprintf(&buf, " <tpm");
+ if (def->tpm->instance >= 0)
+ virBufferVSprintf(&buf, " instance='%ld'",
def->tpm->instance);
+ virBufferVSprintf(&buf, "/>\n");
+ }
+
for (n = 0 ; n < def->nsounds ; n++)
if (virDomainSoundDefFormat(conn, &buf, def->sounds[n]) < 0)
goto cleanup;
Index: src/domain_conf.h
===================================================================
RCS file: /data/cvs/libvirt/src/domain_conf.h,v
retrieving revision 1.49
diff -u -r1.49 domain_conf.h
--- src/domain_conf.h 16 Jun 2009 15:42:46 -0000 1.49
+++ src/domain_conf.h 27 Jun 2009 15:12:28 -0000
@@ -275,6 +275,21 @@
VIR_DOMAIN_GRAPHICS_TYPE_LAST,
};
+typedef struct _virDomainTpmDef virDomainTpmDef;
+typedef virDomainTpmDef *virDomainTpmDefPtr;
+struct _virDomainTpmDef {
+ /*
+ "instance" defines the vTPM ID which should be used for the domain.
This is optional
+ in the XML domain description. If it isn't present, the following value must
be -1.
+ */
+ long instance;
+
+ /*
+ Note that the "backend" value is left out of libvirt because only dom0
is supported yet.
+ In the future development of Xen there might be stubdomains containing the TPM
backend module.
+ */
+};
+
typedef struct _virDomainGraphicsDef virDomainGraphicsDef;
typedef virDomainGraphicsDef *virDomainGraphicsDefPtr;
struct _virDomainGraphicsDef {
@@ -504,6 +519,9 @@
/* Only 1 */
virDomainChrDefPtr console;
virSecurityLabelDef seclabel;
+
+ /* vTPM */
+ virDomainTpmDefPtr tpm;
};
/* Guest VM runtime state */
Index: src/util.c
===================================================================
RCS file: /data/cvs/libvirt/src/util.c,v
retrieving revision 1.111
diff -u -r1.111 util.c
--- src/util.c 26 Jun 2009 15:08:04 -0000 1.111
+++ src/util.c 27 Jun 2009 15:12:29 -0000
@@ -1403,6 +1403,25 @@
return 0;
}
+/* Just like virStrToLong_i, above, but produce a "long" value */
+int
+virStrToLong_l(char const *s, char **end_ptr, int base, long *result)
+{
+ long int val;
+ char *p;
+ int err;
+
+ errno = 0;
+ val = strtol(s, &p, base);
+ err = (errno || (!end_ptr && *p) || p == s || (long) val != val);
+ if (end_ptr)
+ *end_ptr = p;
+ if (err)
+ return -1;
+ *result = val;
+ return 0;
+}
+
/* Just like virStrToLong_i, above, but produce an "long long" value. */
int
virStrToLong_ll(char const *s, char **end_ptr, int base, long long *result)
Index: src/util.h
===================================================================
RCS file: /data/cvs/libvirt/src/util.h,v
retrieving revision 1.50
diff -u -r1.50 util.h
--- src/util.h 11 Jun 2009 13:18:56 -0000 1.50
+++ src/util.h 27 Jun 2009 15:12:29 -0000
@@ -145,6 +145,10 @@
char **end_ptr,
int base,
unsigned int *result);
+int virStrToLong_l(char const *s,
+ char **end_ptr,
+ int base,
+ long *result);
int virStrToLong_ll(char const *s,
char **end_ptr,
int base,
Index: src/xm_internal.c
===================================================================
RCS file: /data/cvs/libvirt/src/xm_internal.c,v
retrieving revision 1.128
diff -u -r1.128 xm_internal.c
--- src/xm_internal.c 19 Jun 2009 12:34:31 -0000 1.128
+++ src/xm_internal.c 27 Jun 2009 15:12:30 -0000
@@ -1353,6 +1353,41 @@
}
}
+ list = virConfGetValue(conf, "vtpm");
+ if (list && list->type == VIR_CONF_LIST && list->list
&&
+ list->list->type == VIR_CONF_STRING) {
+
+ if (VIR_ALLOC(def->tpm) < 0)
+ goto no_memory;
+ list = list->list;
+
+ /*
+ "backend" options is ignored here because yet only
+ zero is supported (TPM backend on dom0)
+ */
+ const char *instance;
+
+ if (STRPREFIX(list->str, "instance="))
+ instance = list->str;
+ else {
+ instance = strstr(list->str, ",instance=");
+ if (instance == NULL)
+ instance = strstr(list->str, " instance=");
+ if (instance == NULL)
+ instance = strstr(list->str, "\tinstance=");
+ }
+
+ if (instance) {
+ /* parse instance number */
+ if (virStrToLong_l(instance+10, NULL, 10, &def->tpm->instance) <
0 ||
+ def->tpm->instance < 0)
+ def->tpm->instance = -1;
+ }
+ else
+ def->tpm->instance = -1;
+ }
+
+
if (hvm) {
virDomainChrDefPtr chr = NULL;
@@ -2408,6 +2443,38 @@
goto no_memory;
}
}
+
+ /*
+ vTPM configuration
+
+ Both "instance" and "backend" values are optional.
"backend" is set to zero because
+ the TPM backend driver is yet on dom0. In the future, there might be
implementations which
+ have a domU that contains the backend driver.
+ */
+ if (def->tpm) {
+ virConfValuePtr tpmValue = NULL;
+ virBuffer buf = VIR_BUFFER_INITIALIZER;
+ virConfValuePtr tmp = NULL;
+
+ if (VIR_ALLOC(tmp) < 0)
+ goto no_memory;
+
+ if (def->tpm->instance >= 0)
+ virBufferVSprintf(&buf, "instance=%ld,",
def->tpm->instance);
+
+ virBufferAddLit(&buf, ",backend=0");
+
+ tmp->type = VIR_CONF_STRING;
+ tmp->str = virBufferContentAndReset(&buf);
+ tmp->next = NULL;
+
+ tpmValue->type = VIR_CONF_LIST;
+ tpmValue->list = tmp;
+
+ if (virConfSetValue(conf, "vtpm", tpmValue) < 0)
+ goto no_memory;
+ }
+
/* analyze of the devices */
if (VIR_ALLOC(diskVal) < 0)
10:51 a.m.
On Sat, Jun 27, 2009 at 09:32:27PM +0100, Andreas Sommer wrote:
Thanks for your help so far. I changed the basics needed for vTPM
support, which include XML <--> native configuration stuff (you will see
it in the patch).
I'm not really sure what else has to be done - maybe reading from
xenstore?? Hope you can give me some tips on what is still missing.
Ok, so your patch has added the generic XML handling, and also added
support to the 'xm' driver which handles /etc/xen config files. The
main thing you have left is adding support to the 'xend_internal.c'
file which is what talks to XenD and is responsible for starting
guests, and handling config of running guests.
I did already try "./virsh domxml-from-native xen-xm
some_config_file_that_contains_the_vtpm_line" and it gave me the correct
XML answer :)
Great.
It would be nice to add a couple of test cases too. For the 'xm_internal.c'
changes, you can add files to tests/xmconfigdata/ and tests/xmconfigtest.c
while for the 'xend_internal' changes the tests are in
tests/sexpr2xmltest.c, tests/xml2sexprtest.c. The 'sxpr' files are what
you get from Xend when doing 'xm list --long GUESTNAME'.
+
+ /* Attribute "instance" is optional*/
+ if (instance) {
+ /* "instance" is defined as a number >= 0 */
+ if (!c_isdigit(*instance) || *instance == '0') {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ _("TPM instance attribute '%s' found, but
must be a number >= 0 (make sure no whitespaces or leading zeroes are
contained)"), instance);
+ goto error;
+ }
+
+ const char *check = &instance[1];
+ while (*check && c_isdigit(*check)) ++check;
+ if (*check) {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ _("TPM instance attribute '%s' contains
non-digits, must be a number >= 0 (make sure no whitespaces or leading zeroes are
contained)"), instance);
+ goto error;
+ }
These two loops are redundant really - virStrToLong_l does sufficient
checking of data validity.
+
+ int err = virStrToLong_l("instance", NULL, 10,
&def->instance);
+ if (err) {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ _("TPM instance '%s' is not a valid
number"), instance);
+ goto error;
+ }
+ }
+ else
+ def->instance = -1;
+
+cleanup:
+ VIR_FREE(instance);
+
+ return def;
+
+error:
+ VIR_FREE(def);
+ def = NULL;
+ goto cleanup;
+}
+
+
static virDomainSoundDefPtr
virDomainSoundDefParseXML(virConnectPtr conn,
const xmlNodePtr node,
@@ -2617,6 +2675,30 @@
def->inputs[def->ninputs] = input;
def->ninputs++;
}
+
+
+ /* analysis of the vTPM device */
+ if ((n = virXPathNodeSet(conn, "./devices/tpm", ctxt, &nodes)) < 0)
{
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ "%s", _("cannot extract vTPM
device"));
+ goto error;
+ }
+ if (n > 1) {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ "%s", _("there can only be one vTPM
device"));
+ goto error;
+ }
+ if (n == 1) {
+ virDomainTpmDefPtr tpm = virDomainTpmDefParseXML(conn,
+ nodes[0],
+ flags);
+
+ if (!tpm)
+ goto error;
+
+ def->tpm = tpm;
+ }
+ VIR_FREE(nodes);
/* analysis of the sound devices */
+typedef struct _virDomainTpmDef virDomainTpmDef;
+typedef virDomainTpmDef *virDomainTpmDefPtr;
+struct _virDomainTpmDef {
+ /*
+ "instance" defines the vTPM ID which should be used for the domain.
This is optional
+ in the XML domain description. If it isn't present, the following value must
be -1.
+ */
+ long instance;
+ if (def->tpm) {
+ virConfValuePtr tpmValue = NULL;
+ virBuffer buf = VIR_BUFFER_INITIALIZER;
+ virConfValuePtr tmp = NULL;
+
+ if (VIR_ALLOC(tmp) < 0)
+ goto no_memory;
+
+ if (def->tpm->instance >= 0)
+ virBufferVSprintf(&buf, "instance=%ld,",
def->tpm->instance);
+
+ virBufferAddLit(&buf, ",backend=0");
+
+ tmp->type = VIR_CONF_STRING;
+ tmp->str = virBufferContentAndReset(&buf);
+ tmp->next = NULL;
Before calling 'virBufferContentAndReset' you should do
if (virBufferError(&buf))
goto no_memory;
to check that there hasn't been an OOM condition in the earlier AddLit
or VSprintf() calls.
+
+ tpmValue->type = VIR_CONF_LIST;
+ tpmValue->list = tmp;
+
+ if (virConfSetValue(conf, "vtpm", tpmValue) < 0)
+ goto no_memory;
+ }
+
Regards,
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
2:14 p.m.
On 06/27/2009 04:32 PM, Andreas Sommer wrote:
Index: src/domain_conf.c
===================================================================
RCS file: /data/cvs/libvirt/src/domain_conf.c,v
retrieving revision 1.88
diff -u -r1.88 domain_conf.c
--- src/domain_conf.c 25 Jun 2009 13:55:58 -0000 1.88
+++ src/domain_conf.c 27 Jun 2009 15:12:28 -0000
@@ -461,6 +461,8 @@
for (i = 0 ; i < def->nhostdevs ; i++)
virDomainHostdevDefFree(def->hostdevs[i]);
VIR_FREE(def->hostdevs);
+
+ VIR_FREE(def->tpm);
VIR_FREE(def->os.type);
VIR_FREE(def->os.arch);
@@ -1622,6 +1624,62 @@
}
+/* Parse the XML definition for a vTPM device (<tpm
instance="optional_instance_number">) */
+static virDomainTpmDefPtr
+virDomainTpmDefParseXML(virConnectPtr conn,
+ xmlNodePtr node, int flags) {
+
Whitespace is funky here.
+ flags = flags; /* TODO: Andreas Sommer <AndiDog(a)web.de>
flags unused, what are they used for */
+
If you change the function definition to be:
virDomainTpmDefParseXML(..., int flags ATTRIBUTE_UNUSED);
You will avoid the compiler warning. The flags attribute is only relevant for
formatting certain XML, and they correctly don't apply here.
+ virDomainTpmDefPtr def;
+ char *instance = NULL;
+
+ if (VIR_ALLOC(def) < 0) {
+ virReportOOMError(conn);
+ return NULL;
+ }
+
+ instance = virXMLPropString(node, "instance");
+
+ /* Attribute "instance" is optional*/
+ if (instance) {
+ /* "instance" is defined as a number >= 0 */
+ if (!c_isdigit(*instance) || *instance == '0') {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ _("TPM instance attribute '%s' found, but
must be a number >= 0 (make sure no whitespaces or leading zeroes are
contained)"), instance);
+ goto error;
+ }
+
+ const char *check = &instance[1];
+ while (*check && c_isdigit(*check)) ++check;
+ if (*check) {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ _("TPM instance attribute '%s' contains
non-digits, must be a number >= 0 (make sure no whitespaces or leading zeroes are
contained)"), instance);
+ goto error;
+ }
+
+ int err = virStrToLong_l("instance", NULL, 10,
&def->instance);
+ if (err) {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ _("TPM instance '%s' is not a valid
number"), instance);
+ goto error;
+ }
+ }
+ else
+ def->instance = -1;
+
+cleanup:
+ VIR_FREE(instance);
+
+ return def;
+
+error:
+ VIR_FREE(def);
+ def = NULL;
+ goto cleanup;
+}
+
+
static virDomainSoundDefPtr
virDomainSoundDefParseXML(virConnectPtr conn,
const xmlNodePtr node,
@@ -2617,6 +2675,30 @@
def->inputs[def->ninputs] = input;
def->ninputs++;
}
+
+
+ /* analysis of the vTPM device */
+ if ((n = virXPathNodeSet(conn, "./devices/tpm", ctxt, &nodes)) < 0)
{
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ "%s", _("cannot extract vTPM
device"));
+ goto error;
+ }
+ if (n > 1) {
+ virDomainReportError(conn, VIR_ERR_INTERNAL_ERROR,
+ "%s", _("there can only be one vTPM
device"));
+ goto error;
+ }
+ if (n == 1) {
+ virDomainTpmDefPtr tpm = virDomainTpmDefParseXML(conn,
+ nodes[0],
+ flags);
+
+ if (!tpm)
+ goto error;
+
+ def->tpm = tpm;
+ }
+ VIR_FREE(nodes);
/* analysis of the sound devices */
@@ -3856,6 +3938,13 @@
goto cleanup;
}
+ if (def->tpm) {
+ virBufferVSprintf(&buf, " <tpm");
+ if (def->tpm->instance >= 0)
+ virBufferVSprintf(&buf, " instance='%ld'",
def->tpm->instance);
+ virBufferVSprintf(&buf, "/>\n");
+ }
+
It's a bit overkill, but I think it's better to follow existing convention and
move this formatting to a function like 'virDomainTpmDefFormat'.
Thanks,
Cole
4:58 p.m.
I'm still experimenting around with the vTPM patch, and I want to
install my version of libvirt on a Debian system - not in my $HOME
directory but on the default paths. I followed the autogen command below
and also did "make install", but now virsh for example searches for the
certificates in /usr/local/etc/pki instead of the standard path
/etc/pki. How do I need to configure the project to correct that and
install libvirt from source like it would be installed by a package manager?
Daniel P. Berrange wrote:
If you're just doing dev changes, it is best not to install it
into
your main system. Instead just build and run directly from the source
tree.
eg, what I normally do is
./autogen.sh --enable-compile-warnings=error --prefix=/usr --localstatedir=/var
--sysconfdir=/etc
make
And *not* make install.
5:11 p.m.
Hey Andreas,
$ apt-get source libvirt0
$ cd libvirt-*
Copy your patch to debian/patches/foo.patch (no, not literally foo) and
then run
$ sudo apt-get build-dep libvirt0 && debuild -uc -us
when it's done there will be a few .deb files in ../
Cheers,
C.J.
On Wed, 2009-07-01 at 22:58 +0100, Andreas Sommer wrote:
I'm still experimenting around with the vTPM patch, and I want to
install my version of libvirt on a Debian system - not in my $HOME
directory but on the default paths. I followed the autogen command below
and also did "make install", but now virsh for example searches for the
certificates in /usr/local/etc/pki instead of the standard path
/etc/pki. How do I need to configure the project to correct that and
install libvirt from source like it would be installed by a package manager?
Daniel P. Berrange wrote:
> If you're just doing dev changes, it is best not to install it into
> your main system. Instead just build and run directly from the source
> tree.
>
> eg, what I normally do is
>
> ./autogen.sh --enable-compile-warnings=error --prefix=/usr --localstatedir=/var
--sysconfdir=/etc
> make
>
> And *not* make install.
>
--
Libvir-list mailing list
Libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
4:33 a.m.
On Wed, Jul 01, 2009 at 10:58:57PM +0100, Andreas Sommer wrote:
I'm still experimenting around with the vTPM patch, and I want to
install my version of libvirt on a Debian system - not in my $HOME
directory but on the default paths. I followed the autogen command below
and also did "make install", but now virsh for example searches for the
certificates in /usr/local/etc/pki instead of the standard path
/etc/pki. How do I need to configure the project to correct that and
install libvirt from source like it would be installed by a package manager?
If it is using /usr/local/etc, then you must have missed off the
--sysconfdir=/etc arg to configure.
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
9:19 a.m.
On Wed, Jul 01, 2009 at 10:58:57PM +0100, Andreas Sommer wrote:
I'm still experimenting around with the vTPM patch, and I want to
install my version of libvirt on a Debian system - not in my $HOME
directory but on the default paths. I followed the autogen command below
and also did "make install", but now virsh for example searches for the
certificates in /usr/local/etc/pki instead of the standard path
/etc/pki. How do I need to configure the project to correct that and
install libvirt from source like it would be installed by a package
manager?
Have a look how ./configure is called when building the Debian package:
https://buildd.debian.org/fetch.cgi?&pkg=libvirt&ver=0.6.4-1%2Bb1...
cd . && CC="cc" CXX="g++" CFLAGS="-g -O2 -g -Wall
-O2" CXXFLAGS="-g -O2
-g -Wall -O2" CPPFLAGS="" LDFLAGS=""
/build/buildd-libvirt_0.6.4-1-i386-7BeE2u/libvirt-0.6.4/./configure
--build=i486-linux-gnu --prefix=/usr --includedir="\${prefix}/include"
--mandir="\${prefix}/share/man" --infodir="\${prefix}/share/info"
--sysconfdir=/etc --localstatedir=/var
--libexecdir="\${prefix}/lib/libvirt" --disable-maintainer-mode
--disable-dependency-tracking --srcdir=. --disable-rpath --with-qemu
--with-openvz --with-avahi --with-sasl --with-polkit --with-hal
--with-storage-fs --with-storage-lvm --with-storage-iscsi
--with-storage-disk --with-init-scripts=none --without-numactl
--enable-debug --with-xen --with-vbox --with-lxc
Cheers,
-- Guido
5621
days inactive
5628
days old
13 comments
6 participants
participants (6)
-
Andreas Sommer -
C.J. Adams-Collier -
Cole Robinson -
Daniel P. Berrange -
Dave Allan -
Guido Günther