[PATCH v3 0/2] tpm: Prevent choice of TPM 1.2 backend for SPAPR
From: Stefan Berger <stefanb@linux.ibm.com> This series of patches adds an additional check for the SPAPR device model that prevents the choice of a TPM 1.2 backend. Stefan Stefan Berger (2): qemu: Move setting of TPM default to post parse function conf: Set SPAPR TPM default to 2.0 and prevent 1.2 choice src/qemu/qemu_domain.c | 11 ++++++++--- src/qemu/qemu_validate.c | 10 ++++++---- 2 files changed, 14 insertions(+), 7 deletions(-) -- 2.17.1
From: Stefan Berger <stefanb@linux.ibm.com> Move setting the TPM default version out of the validation function into the post parse function. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- src/qemu/qemu_domain.c | 7 ++++--- src/qemu/qemu_validate.c | 4 ---- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 42cc78ac1b..f916d840e2 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4347,12 +4347,13 @@ qemuDomainDefTPMsPostParse(virDomainDefPtr def) virDomainTPMDefPtr regularTPM = NULL; size_t i; - if (def->ntpms < 2) - return 0; - for (i = 0; i < def->ntpms; i++) { virDomainTPMDefPtr tpm = def->tpms[i]; + /* TPM 1.2 and 2 are not compatible, so we choose a specific version here */ + if (tpm->version == VIR_DOMAIN_TPM_VERSION_DEFAULT) + tpm->version = VIR_DOMAIN_TPM_VERSION_1_2; + if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) { if (proxyTPM) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index bd7590a00a..d130b52bf2 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -3644,10 +3644,6 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm, { virQEMUCapsFlags flag; - /* TPM 1.2 and 2 are not compatible, so we choose a specific version here */ - if (tpm->version == VIR_DOMAIN_TPM_VERSION_DEFAULT) - tpm->version = VIR_DOMAIN_TPM_VERSION_1_2; - switch (tpm->version) { case VIR_DOMAIN_TPM_VERSION_1_2: /* TPM 1.2 + CRB do not work */ -- 2.17.1
On Wed, Jul 08, 2020 at 10:49:38 -0400, Stefan Berger wrote:
From: Stefan Berger <stefanb@linux.ibm.com>
Move setting the TPM default version out of the validation function into the post parse function.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- src/qemu/qemu_domain.c | 7 ++++--- src/qemu/qemu_validate.c | 4 ---- 2 files changed, 4 insertions(+), 7 deletions(-)
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
On 7/8/20 11:49 AM, Stefan Berger wrote:
From: Stefan Berger <stefanb@linux.ibm.com>
Move setting the TPM default version out of the validation function into the post parse function.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> ---
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
From: Stefan Berger <stefanb@linux.ibm.com> The firmware (SLOF) on QEMU for ppc64 does not support TPM 1.2, so prevent the choice of TPM 1.2 when the SPAPR device model is chosen and use a default of '2.0' (TPM 2) for the backend. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- src/qemu/qemu_domain.c | 8 ++++++-- src/qemu/qemu_validate.c | 6 ++++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index f916d840e2..b0f5e17613 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4351,8 +4351,12 @@ qemuDomainDefTPMsPostParse(virDomainDefPtr def) virDomainTPMDefPtr tpm = def->tpms[i]; /* TPM 1.2 and 2 are not compatible, so we choose a specific version here */ - if (tpm->version == VIR_DOMAIN_TPM_VERSION_DEFAULT) - tpm->version = VIR_DOMAIN_TPM_VERSION_1_2; + if (tpm->version == VIR_DOMAIN_TPM_VERSION_DEFAULT) { + if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR) + tpm->version = VIR_DOMAIN_TPM_VERSION_2_0; + else + tpm->version = VIR_DOMAIN_TPM_VERSION_1_2; + } if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) { if (proxyTPM) { diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index d130b52bf2..488f258d00 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -3654,6 +3654,12 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm, virDomainTPMModelTypeToString(tpm->model)); return -1; } + /* TPM 1.2 + SPAPR do not work with any 'type' (backend) */ + if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("TPM 1.2 is not supported with the SPAPR device model")); + return -1; + } break; case VIR_DOMAIN_TPM_VERSION_2_0: case VIR_DOMAIN_TPM_VERSION_DEFAULT: -- 2.17.1
On Wed, Jul 08, 2020 at 10:49:39 -0400, Stefan Berger wrote:
From: Stefan Berger <stefanb@linux.ibm.com>
The firmware (SLOF) on QEMU for ppc64 does not support TPM 1.2, so prevent the choice of TPM 1.2 when the SPAPR device model is chosen and use a default of '2.0' (TPM 2) for the backend.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- src/qemu/qemu_domain.c | 8 ++++++-- src/qemu/qemu_validate.c | 6 ++++++ 2 files changed, 12 insertions(+), 2 deletions(-)
I'm not familiar enough with ppc64 to review the claims, but the code looks good to me. If nobody objects Reviewed-by: Peter Krempa <pkrempa@redhat.com>
On 7/8/20 11:16 AM, Peter Krempa wrote:
On Wed, Jul 08, 2020 at 10:49:39 -0400, Stefan Berger wrote:
From: Stefan Berger <stefanb@linux.ibm.com>
The firmware (SLOF) on QEMU for ppc64 does not support TPM 1.2, so prevent the choice of TPM 1.2 when the SPAPR device model is chosen and use a default of '2.0' (TPM 2) for the backend.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- src/qemu/qemu_domain.c | 8 ++++++-- src/qemu/qemu_validate.c | 6 ++++++ 2 files changed, 12 insertions(+), 2 deletions(-) I'm not familiar enough with ppc64 to review the claims, but the code looks good to me.
If nobody objects
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This addresses this BZ: https://bugzilla.linux.ibm.com/show_bug.cgi?id=182797 (last comment) I cannot push to the repo. Can you?
On 7/8/20 11:49 AM, Stefan Berger wrote:
From: Stefan Berger <stefanb@linux.ibm.com>
The firmware (SLOF) on QEMU for ppc64 does not support TPM 1.2, so prevent the choice of TPM 1.2 when the SPAPR device model is chosen and use a default of '2.0' (TPM 2) for the backend.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> ---
Does x86 uses TPM 1.2? Seems like something that it's in the code because QEMU supports it, but in the end people uses 2.0 all the time. However, I can't backup this claim and I have no desirable of making x86 people angry, so let's leave it at that. Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
On 7/8/20 11:56 AM, Daniel Henrique Barboza wrote:
On 7/8/20 11:49 AM, Stefan Berger wrote:
From: Stefan Berger <stefanb@linux.ibm.com>
The firmware (SLOF) on QEMU for ppc64 does not support TPM 1.2, so prevent the choice of TPM 1.2 when the SPAPR device model is chosen and use a default of '2.0' (TPM 2) for the backend.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> ---
Does x86 uses TPM 1.2?
Yes, it is at least available there, how much it is used is a different question.
Seems like something that it's in the code because QEMU supports it, but in the end people uses 2.0 all the time. However, I can't backup this claim and I have no desirable of making x86 people angry, so let's leave it at that.
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
participants (4)
-
Daniel Henrique Barboza -
Peter Krempa -
Stefan Berger -
Stefan Berger