[PATCH 0/3] qemu: Use TPM 2.0 on RISC-V
Andrea Bolognani (3): tests: Add TPM coverage to default-models tests tests: Delete some redundant test cases qemu: Only allow TPM 2.0 for RISC-V guests src/qemu/qemu_domain.c | 1 + src/qemu/qemu_validate.c | 10 +-- ...aarch64-tpm-wrong-model.aarch64-latest.err | 2 +- .../aarch64-tpm.aarch64-latest.args | 34 --------- .../aarch64-tpm.aarch64-latest.xml | 29 -------- tests/qemuxmlconfdata/aarch64-tpm.xml | 15 ---- ...ault-models.aarch64-latest.abi-update.args | 3 + ...fault-models.aarch64-latest.abi-update.xml | 3 + ...64-virt-default-models.aarch64-latest.args | 3 + ...h64-virt-default-models.aarch64-latest.xml | 3 + .../aarch64-virt-default-models.xml | 3 + .../loongarch64-virt-default-models.xml | 1 + ...efault-models.ppc64-latest.abi-update.args | 3 + ...default-models.ppc64-latest.abi-update.xml | 4 ++ ...4-pseries-default-models.ppc64-latest.args | 3 + ...64-pseries-default-models.ppc64-latest.xml | 4 ++ .../ppc64-pseries-default-models.xml | 3 + ...ault-models.riscv64-latest.abi-update.args | 3 + ...fault-models.riscv64-latest.abi-update.xml | 3 + ...64-virt-default-models.riscv64-latest.args | 3 + ...v64-virt-default-models.riscv64-latest.xml | 3 + .../riscv64-virt-default-models.xml | 3 + .../s390x-ccw-default-models.xml | 1 + .../tpm-emulator-spapr.ppc64-latest.args | 45 ------------ .../tpm-emulator-spapr.ppc64-latest.xml | 1 - tests/qemuxmlconfdata/tpm-emulator-spapr.xml | 70 ------------------- ...fault-models.x86_64-latest.abi-update.args | 3 + ...efault-models.x86_64-latest.abi-update.xml | 3 + ...86_64-pc-default-models.x86_64-latest.args | 3 + ...x86_64-pc-default-models.x86_64-latest.xml | 3 + .../x86_64-pc-default-models.xml | 3 + ...fault-models.x86_64-latest.abi-update.args | 3 + ...efault-models.x86_64-latest.abi-update.xml | 3 + ...6_64-q35-default-models.x86_64-latest.args | 3 + ...86_64-q35-default-models.x86_64-latest.xml | 3 + .../x86_64-q35-default-models.xml | 3 + tests/qemuxmlconftest.c | 2 - 37 files changed, 87 insertions(+), 201 deletions(-) delete mode 100644 tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.args delete mode 100644 tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.xml delete mode 100644 tests/qemuxmlconfdata/aarch64-tpm.xml delete mode 100644 tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.args delete mode 120000 tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.xml delete mode 100644 tests/qemuxmlconfdata/tpm-emulator-spapr.xml -- 2.45.1
We have a non-trivial amount of architecture-specific logic dealing with TPM, so it's good to have coverage for it. Note that TPM supports seems to be currently missing from s390x and loongarch64 QEMU builds. I'm not entirely sure whether there's a good reason for that or it's simply an oversight, but either way we have to skip them for now. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- ...aarch64-virt-default-models.aarch64-latest.abi-update.args | 3 +++ .../aarch64-virt-default-models.aarch64-latest.abi-update.xml | 3 +++ .../aarch64-virt-default-models.aarch64-latest.args | 3 +++ .../aarch64-virt-default-models.aarch64-latest.xml | 3 +++ tests/qemuxmlconfdata/aarch64-virt-default-models.xml | 3 +++ tests/qemuxmlconfdata/loongarch64-virt-default-models.xml | 1 + .../ppc64-pseries-default-models.ppc64-latest.abi-update.args | 3 +++ .../ppc64-pseries-default-models.ppc64-latest.abi-update.xml | 4 ++++ .../ppc64-pseries-default-models.ppc64-latest.args | 3 +++ .../ppc64-pseries-default-models.ppc64-latest.xml | 4 ++++ tests/qemuxmlconfdata/ppc64-pseries-default-models.xml | 3 +++ ...riscv64-virt-default-models.riscv64-latest.abi-update.args | 3 +++ .../riscv64-virt-default-models.riscv64-latest.abi-update.xml | 3 +++ .../riscv64-virt-default-models.riscv64-latest.args | 3 +++ .../riscv64-virt-default-models.riscv64-latest.xml | 3 +++ tests/qemuxmlconfdata/riscv64-virt-default-models.xml | 3 +++ tests/qemuxmlconfdata/s390x-ccw-default-models.xml | 1 + .../x86_64-pc-default-models.x86_64-latest.abi-update.args | 3 +++ .../x86_64-pc-default-models.x86_64-latest.abi-update.xml | 3 +++ .../x86_64-pc-default-models.x86_64-latest.args | 3 +++ .../x86_64-pc-default-models.x86_64-latest.xml | 3 +++ tests/qemuxmlconfdata/x86_64-pc-default-models.xml | 3 +++ .../x86_64-q35-default-models.x86_64-latest.abi-update.args | 3 +++ .../x86_64-q35-default-models.x86_64-latest.abi-update.xml | 3 +++ .../x86_64-q35-default-models.x86_64-latest.args | 3 +++ .../x86_64-q35-default-models.x86_64-latest.xml | 3 +++ tests/qemuxmlconfdata/x86_64-q35-default-models.xml | 3 +++ 27 files changed, 79 insertions(+) diff --git a/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.abi-update.args b/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.abi-update.args index 0c4acf800f..a503f45d0c 100644 --- a/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.abi-update.args +++ b/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.abi-update.args @@ -38,6 +38,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"virtio-net-pci","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.2","addr":"0x0"}' \ -chardev pty,id=charserial0 \ -serial chardev:charserial0 \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-tis-device","tpmdev":"tpm-tpm0","id":"tpm0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"virtio-gpu-pci","id":"video0","max_outputs":1,"bus":"pci.5","addr":"0x0"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.abi-update.xml b/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.abi-update.xml index 87be062c89..bbe1dd931d 100644 --- a/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.abi-update.xml +++ b/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.abi-update.xml @@ -69,6 +69,9 @@ <console type='pty'> <target type='serial' port='0'/> </console> + <tpm model='tpm-tis'> + <backend type='emulator' version='2.0'/> + </tpm> <audio id='1' type='none'/> <video> <model type='virtio' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.args b/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.args index 0c4acf800f..a503f45d0c 100644 --- a/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.args +++ b/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.args @@ -38,6 +38,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"virtio-net-pci","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.2","addr":"0x0"}' \ -chardev pty,id=charserial0 \ -serial chardev:charserial0 \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-tis-device","tpmdev":"tpm-tpm0","id":"tpm0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"virtio-gpu-pci","id":"video0","max_outputs":1,"bus":"pci.5","addr":"0x0"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.xml b/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.xml index 87be062c89..bbe1dd931d 100644 --- a/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.xml +++ b/tests/qemuxmlconfdata/aarch64-virt-default-models.aarch64-latest.xml @@ -69,6 +69,9 @@ <console type='pty'> <target type='serial' port='0'/> </console> + <tpm model='tpm-tis'> + <backend type='emulator' version='2.0'/> + </tpm> <audio id='1' type='none'/> <video> <model type='virtio' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/aarch64-virt-default-models.xml b/tests/qemuxmlconfdata/aarch64-virt-default-models.xml index cf7f330c0b..d9ad495e75 100644 --- a/tests/qemuxmlconfdata/aarch64-virt-default-models.xml +++ b/tests/qemuxmlconfdata/aarch64-virt-default-models.xml @@ -14,6 +14,9 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <tpm> + <backend type='emulator'/> + </tpm> <video/> <memballoon model='none'/> <!-- No default model for <panic/> on aarch64 --> diff --git a/tests/qemuxmlconfdata/loongarch64-virt-default-models.xml b/tests/qemuxmlconfdata/loongarch64-virt-default-models.xml index 109fb3b3ea..e59ebdeed4 100644 --- a/tests/qemuxmlconfdata/loongarch64-virt-default-models.xml +++ b/tests/qemuxmlconfdata/loongarch64-virt-default-models.xml @@ -14,6 +14,7 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <!-- TPM support not currently built on loongarch64 --> <video/> <memballoon model='none'/> <!-- No default model for <panic/> on loongarch64 --> diff --git a/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.abi-update.args b/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.abi-update.args index 1395f19bfe..f4ae38f1b5 100644 --- a/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.abi-update.args +++ b/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.abi-update.args @@ -32,6 +32,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"rtl8139","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.0","addr":"0x1"}' \ -chardev pty,id=charserial0 \ -device '{"driver":"spapr-vty","chardev":"charserial0","id":"serial0","reg":805306368}' \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-spapr","tpmdev":"tpm-tpm0","id":"tpm0","reg":16384}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"VGA","id":"video0","vgamem_mb":16,"bus":"pci.0","addr":"0x3"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.abi-update.xml b/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.abi-update.xml index 2304c6f786..24eed24ab6 100644 --- a/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.abi-update.xml +++ b/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.abi-update.xml @@ -42,6 +42,10 @@ <target type='serial' port='0'/> <address type='spapr-vio' reg='0x30000000'/> </console> + <tpm model='tpm-spapr'> + <backend type='emulator' version='2.0'/> + <address type='spapr-vio' reg='0x00004000'/> + </tpm> <audio id='1' type='none'/> <video> <model type='vga' vram='16384' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.args b/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.args index 84c341a24d..c833b6cbf9 100644 --- a/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.args +++ b/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.args @@ -32,6 +32,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"rtl8139","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.0","addr":"0x1"}' \ -chardev pty,id=charserial0 \ -device '{"driver":"spapr-vty","chardev":"charserial0","id":"serial0","reg":805306368}' \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-spapr","tpmdev":"tpm-tpm0","id":"tpm0","reg":16384}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"VGA","id":"video0","vgamem_mb":16,"bus":"pci.0","addr":"0x3"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.xml b/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.xml index f342093ec8..4cf7257536 100644 --- a/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.xml +++ b/tests/qemuxmlconfdata/ppc64-pseries-default-models.ppc64-latest.xml @@ -42,6 +42,10 @@ <target type='serial' port='0'/> <address type='spapr-vio' reg='0x30000000'/> </console> + <tpm model='tpm-spapr'> + <backend type='emulator' version='2.0'/> + <address type='spapr-vio' reg='0x00004000'/> + </tpm> <audio id='1' type='none'/> <video> <model type='vga' vram='16384' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/ppc64-pseries-default-models.xml b/tests/qemuxmlconfdata/ppc64-pseries-default-models.xml index 4c2d16f01a..afb2d5fc43 100644 --- a/tests/qemuxmlconfdata/ppc64-pseries-default-models.xml +++ b/tests/qemuxmlconfdata/ppc64-pseries-default-models.xml @@ -14,6 +14,9 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <tpm> + <backend type='emulator'/> + </tpm> <video/> <memballoon model='none'/> <panic/> diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.args b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.args index 28b56d876c..8f878120b0 100644 --- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.args +++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.args @@ -36,6 +36,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"virtio-net-pci","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.2","addr":"0x0"}' \ -chardev pty,id=charserial0 \ -serial chardev:charserial0 \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-tis-device","tpmdev":"tpm-tpm0","id":"tpm0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"virtio-vga","id":"video0","max_outputs":1,"bus":"pci.4","addr":"0x0"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml index 942bd21f9e..a3a701b8e4 100644 --- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml +++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml @@ -58,6 +58,9 @@ <console type='pty'> <target type='serial' port='0'/> </console> + <tpm model='tpm-tis'> + <backend type='emulator' version='1.2'/> + </tpm> <audio id='1' type='none'/> <video> <model type='virtio' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.args b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.args index 28b56d876c..8f878120b0 100644 --- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.args +++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.args @@ -36,6 +36,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"virtio-net-pci","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.2","addr":"0x0"}' \ -chardev pty,id=charserial0 \ -serial chardev:charserial0 \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-tis-device","tpmdev":"tpm-tpm0","id":"tpm0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"virtio-vga","id":"video0","max_outputs":1,"bus":"pci.4","addr":"0x0"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml index 942bd21f9e..a3a701b8e4 100644 --- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml +++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml @@ -58,6 +58,9 @@ <console type='pty'> <target type='serial' port='0'/> </console> + <tpm model='tpm-tis'> + <backend type='emulator' version='1.2'/> + </tpm> <audio id='1' type='none'/> <video> <model type='virtio' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.xml b/tests/qemuxmlconfdata/riscv64-virt-default-models.xml index d421b080a8..b89295af16 100644 --- a/tests/qemuxmlconfdata/riscv64-virt-default-models.xml +++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.xml @@ -14,6 +14,9 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <tpm> + <backend type='emulator'/> + </tpm> <video/> <memballoon model='none'/> <!-- No default model for <panic/> on riscv64 --> diff --git a/tests/qemuxmlconfdata/s390x-ccw-default-models.xml b/tests/qemuxmlconfdata/s390x-ccw-default-models.xml index a196129628..dd97349e6f 100644 --- a/tests/qemuxmlconfdata/s390x-ccw-default-models.xml +++ b/tests/qemuxmlconfdata/s390x-ccw-default-models.xml @@ -14,6 +14,7 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <!-- TPM support not currently built on s390x --> <video/> <memballoon model='none'/> <panic/> diff --git a/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.abi-update.args b/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.abi-update.args index 3220a40959..6563b05937 100644 --- a/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.abi-update.args +++ b/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.abi-update.args @@ -32,6 +32,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"rtl8139","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.0","addr":"0x3"}' \ -chardev pty,id=charserial0 \ -device '{"driver":"isa-serial","chardev":"charserial0","id":"serial0","index":0}' \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-tis","tpmdev":"tpm-tpm0","id":"tpm0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"cirrus-vga","id":"video0","bus":"pci.0","addr":"0x2"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.abi-update.xml b/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.abi-update.xml index dc563fdaf9..512d4bd597 100644 --- a/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.abi-update.xml +++ b/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.abi-update.xml @@ -39,6 +39,9 @@ </console> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> + <tpm model='tpm-tis'> + <backend type='emulator' version='1.2'/> + </tpm> <audio id='1' type='none'/> <video> <model type='cirrus' vram='16384' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.args b/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.args index 3220a40959..6563b05937 100644 --- a/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.args +++ b/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.args @@ -32,6 +32,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"rtl8139","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.0","addr":"0x3"}' \ -chardev pty,id=charserial0 \ -device '{"driver":"isa-serial","chardev":"charserial0","id":"serial0","index":0}' \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-tis","tpmdev":"tpm-tpm0","id":"tpm0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"cirrus-vga","id":"video0","bus":"pci.0","addr":"0x2"}' \ -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ diff --git a/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.xml b/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.xml index dc563fdaf9..512d4bd597 100644 --- a/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.xml +++ b/tests/qemuxmlconfdata/x86_64-pc-default-models.x86_64-latest.xml @@ -39,6 +39,9 @@ </console> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> + <tpm model='tpm-tis'> + <backend type='emulator' version='1.2'/> + </tpm> <audio id='1' type='none'/> <video> <model type='cirrus' vram='16384' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/x86_64-pc-default-models.xml b/tests/qemuxmlconfdata/x86_64-pc-default-models.xml index 6727d2f6a0..7f4c9f8662 100644 --- a/tests/qemuxmlconfdata/x86_64-pc-default-models.xml +++ b/tests/qemuxmlconfdata/x86_64-pc-default-models.xml @@ -14,6 +14,9 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <tpm> + <backend type='emulator'/> + </tpm> <video/> <memballoon model='none'/> <panic/> diff --git a/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.abi-update.args b/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.abi-update.args index b9905c6446..29ea0bedac 100644 --- a/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.abi-update.args +++ b/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.abi-update.args @@ -35,6 +35,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"rtl8139","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.2","addr":"0x1"}' \ -chardev pty,id=charserial0 \ -device '{"driver":"isa-serial","chardev":"charserial0","id":"serial0","index":0}' \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-tis","tpmdev":"tpm-tpm0","id":"tpm0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"cirrus-vga","id":"video0","bus":"pcie.0","addr":"0x1"}' \ -global ICH9-LPC.noreboot=off \ diff --git a/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.abi-update.xml b/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.abi-update.xml index 782fe39491..6406229b2f 100644 --- a/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.abi-update.xml +++ b/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.abi-update.xml @@ -56,6 +56,9 @@ </console> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> + <tpm model='tpm-tis'> + <backend type='emulator' version='1.2'/> + </tpm> <audio id='1' type='none'/> <video> <model type='cirrus' vram='16384' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.args b/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.args index b9905c6446..29ea0bedac 100644 --- a/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.args +++ b/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.args @@ -35,6 +35,9 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-guest/.config \ -device '{"driver":"rtl8139","netdev":"hostnet0","id":"net0","mac":"52:54:00:09:a4:37","bus":"pci.2","addr":"0x1"}' \ -chardev pty,id=charserial0 \ -device '{"driver":"isa-serial","chardev":"charserial0","id":"serial0","index":0}' \ +-chardev socket,id=chrtpm,path=/dev/test \ +-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ +-device '{"driver":"tpm-tis","tpmdev":"tpm-tpm0","id":"tpm0"}' \ -audiodev '{"id":"audio1","driver":"none"}' \ -device '{"driver":"cirrus-vga","id":"video0","bus":"pcie.0","addr":"0x1"}' \ -global ICH9-LPC.noreboot=off \ diff --git a/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.xml b/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.xml index 782fe39491..6406229b2f 100644 --- a/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.xml +++ b/tests/qemuxmlconfdata/x86_64-q35-default-models.x86_64-latest.xml @@ -56,6 +56,9 @@ </console> <input type='mouse' bus='ps2'/> <input type='keyboard' bus='ps2'/> + <tpm model='tpm-tis'> + <backend type='emulator' version='1.2'/> + </tpm> <audio id='1' type='none'/> <video> <model type='cirrus' vram='16384' heads='1' primary='yes'/> diff --git a/tests/qemuxmlconfdata/x86_64-q35-default-models.xml b/tests/qemuxmlconfdata/x86_64-q35-default-models.xml index 5cdf07f9d3..65fb76f2dc 100644 --- a/tests/qemuxmlconfdata/x86_64-q35-default-models.xml +++ b/tests/qemuxmlconfdata/x86_64-q35-default-models.xml @@ -14,6 +14,9 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <tpm> + <backend type='emulator'/> + </tpm> <video/> <memballoon model='none'/> <panic/> -- 2.45.1
On Mon, May 27, 2024 at 19:31:34 +0200, Andrea Bolognani wrote:
We have a non-trivial amount of architecture-specific logic dealing with TPM, so it's good to have coverage for it.
Note that TPM supports seems to be currently missing from s390x and loongarch64 QEMU builds. I'm not entirely sure whether
I presume you mean that TPM support was not built into the QEMU builds used to capture the capability dumps, right?
there's a good reason for that or it's simply an oversight, but either way we have to skip them for now.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- ...aarch64-virt-default-models.aarch64-latest.abi-update.args | 3 +++ .../aarch64-virt-default-models.aarch64-latest.abi-update.xml | 3 +++ .../aarch64-virt-default-models.aarch64-latest.args | 3 +++ .../aarch64-virt-default-models.aarch64-latest.xml | 3 +++ tests/qemuxmlconfdata/aarch64-virt-default-models.xml | 3 +++ tests/qemuxmlconfdata/loongarch64-virt-default-models.xml | 1 + .../ppc64-pseries-default-models.ppc64-latest.abi-update.args | 3 +++ .../ppc64-pseries-default-models.ppc64-latest.abi-update.xml | 4 ++++ .../ppc64-pseries-default-models.ppc64-latest.args | 3 +++ .../ppc64-pseries-default-models.ppc64-latest.xml | 4 ++++ tests/qemuxmlconfdata/ppc64-pseries-default-models.xml | 3 +++ ...riscv64-virt-default-models.riscv64-latest.abi-update.args | 3 +++ .../riscv64-virt-default-models.riscv64-latest.abi-update.xml | 3 +++ .../riscv64-virt-default-models.riscv64-latest.args | 3 +++ .../riscv64-virt-default-models.riscv64-latest.xml | 3 +++ tests/qemuxmlconfdata/riscv64-virt-default-models.xml | 3 +++ tests/qemuxmlconfdata/s390x-ccw-default-models.xml | 1 + .../x86_64-pc-default-models.x86_64-latest.abi-update.args | 3 +++ .../x86_64-pc-default-models.x86_64-latest.abi-update.xml | 3 +++ .../x86_64-pc-default-models.x86_64-latest.args | 3 +++ .../x86_64-pc-default-models.x86_64-latest.xml | 3 +++ tests/qemuxmlconfdata/x86_64-pc-default-models.xml | 3 +++ .../x86_64-q35-default-models.x86_64-latest.abi-update.args | 3 +++ .../x86_64-q35-default-models.x86_64-latest.abi-update.xml | 3 +++ .../x86_64-q35-default-models.x86_64-latest.args | 3 +++ .../x86_64-q35-default-models.x86_64-latest.xml | 3 +++ tests/qemuxmlconfdata/x86_64-q35-default-models.xml | 3 +++ 27 files changed, 79 insertions(+)
[...]
diff --git a/tests/qemuxmlconfdata/loongarch64-virt-default-models.xml b/tests/qemuxmlconfdata/loongarch64-virt-default-models.xml index 109fb3b3ea..e59ebdeed4 100644 --- a/tests/qemuxmlconfdata/loongarch64-virt-default-models.xml +++ b/tests/qemuxmlconfdata/loongarch64-virt-default-models.xml @@ -14,6 +14,7 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <!-- TPM support not currently built on loongarch64 --> <video/> <memballoon model='none'/>
[...]
diff --git a/tests/qemuxmlconfdata/s390x-ccw-default-models.xml b/tests/qemuxmlconfdata/s390x-ccw-default-models.xml index a196129628..dd97349e6f 100644 --- a/tests/qemuxmlconfdata/s390x-ccw-default-models.xml +++ b/tests/qemuxmlconfdata/s390x-ccw-default-models.xml @@ -14,6 +14,7 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <!-- TPM support not currently built on s390x -->
Both the commit message and this comment isn't really clear whether TPM is not supported by the platform itself or just was omitted when building qemu which was used for the caps dump. I think it will be even harder to understand this for anyone who finds this comment later. I suggest: TPM was not compiled into the QEMU binary used for the capability dump, but platform supports it Or something similar more clear. Reviewed-by: Peter Krempa <pkrempa@redhat.com>
On Tue, May 28, 2024 at 08:59:46AM GMT, Peter Krempa wrote:
On Mon, May 27, 2024 at 19:31:34 +0200, Andrea Bolognani wrote:
Note that TPM supports seems to be currently missing from s390x and loongarch64 QEMU builds. I'm not entirely sure whether there's a good reason for that or it's simply an oversight, but either way we have to skip them for now.
I presume you mean that TPM support was not built into the QEMU builds used to capture the capability dumps, right?
That's just the thing: I don't know :) In both cases the default configuration disables it, but it's unclear to me whether that is something that could be addressed with a simple patch or there are factors at play that make TPM inherently incompatible with these architectures.
+++ b/tests/qemuxmlconfdata/s390x-ccw-default-models.xml @@ -14,6 +14,7 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <!-- TPM support not currently built on s390x -->
For s390x, Thomas has confirmed that TPM is just not a thing and will never be a thing, so while the comment is technically accurate I agree that stronger language should be used to reflect the situation. Thomas, please correct me if I got this wrong :)
+++ b/tests/qemuxmlconfdata/loongarch64-virt-default-models.xml @@ -14,6 +14,7 @@ <mac address='52:54:00:09:a4:37'/> </interface> <serial type='pty'/> + <!-- TPM support not currently built on loongarch64 -->
For loongarch64, maybe Xianglai Li can provide some insight. Is TPM something that could be flipped on at the QEMU level? -- Andrea Bolognani / Red Hat / Virtualization
The default-models tests provide coverage for these scenarios now. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- .../aarch64-tpm.aarch64-latest.args | 34 --------- .../aarch64-tpm.aarch64-latest.xml | 29 -------- tests/qemuxmlconfdata/aarch64-tpm.xml | 15 ---- .../tpm-emulator-spapr.ppc64-latest.args | 45 ------------ .../tpm-emulator-spapr.ppc64-latest.xml | 1 - tests/qemuxmlconfdata/tpm-emulator-spapr.xml | 70 ------------------- tests/qemuxmlconftest.c | 2 - 7 files changed, 196 deletions(-) delete mode 100644 tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.args delete mode 100644 tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.xml delete mode 100644 tests/qemuxmlconfdata/aarch64-tpm.xml delete mode 100644 tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.args delete mode 120000 tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.xml delete mode 100644 tests/qemuxmlconfdata/tpm-emulator-spapr.xml diff --git a/tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.args b/tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.args deleted file mode 100644 index 729d0cae53..0000000000 --- a/tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.args +++ /dev/null @@ -1,34 +0,0 @@ -LC_ALL=C \ -PATH=/bin \ -HOME=/var/lib/libvirt/qemu/domain--1-aarch64test \ -USER=test \ -LOGNAME=test \ -XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-aarch64test/.local/share \ -XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-aarch64test/.cache \ -XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-aarch64test/.config \ -/usr/bin/qemu-system-aarch64 \ --name guest=aarch64test,debug-threads=on \ --S \ --object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-aarch64test/master-key.aes"}' \ --machine virt,usb=off,gic-version=2,dump-guest-core=off,memory-backend=mach-virt.ram,acpi=off \ --accel tcg \ --cpu cortex-a15 \ --m size=1048576k \ --object '{"qom-type":"memory-backend-ram","id":"mach-virt.ram","size":1073741824}' \ --overcommit mem-lock=off \ --smp 1,sockets=1,cores=1,threads=1 \ --uuid 496d7ea8-9739-544b-4ebd-ef08be936e8b \ --display none \ --no-user-config \ --nodefaults \ --chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ --mon chardev=charmonitor,id=monitor,mode=control \ --rtc base=utc \ --no-shutdown \ --boot strict=on \ --chardev socket,id=chrtpm,path=/dev/test \ --tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ --device '{"driver":"tpm-tis-device","tpmdev":"tpm-tpm0","id":"tpm0"}' \ --audiodev '{"id":"audio1","driver":"none"}' \ --sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ --msg timestamp=on diff --git a/tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.xml b/tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.xml deleted file mode 100644 index e97f39aec3..0000000000 --- a/tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.xml +++ /dev/null @@ -1,29 +0,0 @@ -<domain type='qemu'> - <name>aarch64test</name> - <uuid>496d7ea8-9739-544b-4ebd-ef08be936e8b</uuid> - <memory unit='KiB'>1048576</memory> - <currentMemory unit='KiB'>1048576</currentMemory> - <vcpu placement='static'>1</vcpu> - <os> - <type arch='aarch64' machine='virt'>hvm</type> - <boot dev='hd'/> - </os> - <features> - <gic version='2'/> - </features> - <cpu mode='custom' match='exact' check='none'> - <model fallback='forbid'>cortex-a15</model> - </cpu> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>destroy</on_crash> - <devices> - <emulator>/usr/bin/qemu-system-aarch64</emulator> - <controller type='pci' index='0' model='pcie-root'/> - <tpm model='tpm-tis'> - <backend type='emulator' version='2.0'/> - </tpm> - <audio id='1' type='none'/> - </devices> -</domain> diff --git a/tests/qemuxmlconfdata/aarch64-tpm.xml b/tests/qemuxmlconfdata/aarch64-tpm.xml deleted file mode 100644 index b22dbee71e..0000000000 --- a/tests/qemuxmlconfdata/aarch64-tpm.xml +++ /dev/null @@ -1,15 +0,0 @@ -<domain type="qemu"> - <name>aarch64test</name> - <uuid>496d7ea8-9739-544b-4ebd-ef08be936e8b</uuid> - <memory>1048576</memory> - <vcpu placement='static'>1</vcpu> - <os> - <type arch="aarch64" machine="virt">hvm</type> - </os> - <devices> - <emulator>/usr/bin/qemu-system-aarch64</emulator> - <tpm> - <backend type='emulator'/> - </tpm> - </devices> -</domain> diff --git a/tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.args b/tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.args deleted file mode 100644 index cba1950e2d..0000000000 --- a/tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.args +++ /dev/null @@ -1,45 +0,0 @@ -LC_ALL=C \ -PATH=/bin \ -HOME=/var/lib/libvirt/qemu/domain--1-TPM-VM \ -USER=test \ -LOGNAME=test \ -XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-TPM-VM/.local/share \ -XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-TPM-VM/.cache \ -XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-TPM-VM/.config \ -/usr/bin/qemu-system-ppc64 \ --name guest=TPM-VM,debug-threads=on \ --S \ --object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-TPM-VM/master-key.aes"}' \ --machine pseries-5.0,usb=off,dump-guest-core=off,memory-backend=ppc_spapr.ram \ --accel tcg \ --cpu POWER9 \ --m size=2097152k \ --object '{"qom-type":"memory-backend-ram","id":"ppc_spapr.ram","size":2147483648}' \ --overcommit mem-lock=off \ --smp 1,sockets=1,cores=1,threads=1 \ --uuid 11d7cd22-da89-3094-6212-079a48a309a1 \ --display none \ --no-user-config \ --nodefaults \ --chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ --mon chardev=charmonitor,id=monitor,mode=control \ --rtc base=utc \ --no-shutdown \ --boot menu=on,strict=on \ --device '{"driver":"pci-ohci","id":"usb","bus":"pci.0","addr":"0x1"}' \ --device '{"driver":"spapr-vscsi","id":"scsi0","reg":8192}' \ --device '{"driver":"spapr-vscsi","id":"scsi1","reg":12288}' \ --blockdev '{"driver":"file","filename":"/tmp/scsidisk.img","node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}' \ --blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw","file":"libvirt-1-storage"}' \ --device '{"driver":"scsi-hd","bus":"scsi1.0","channel":0,"scsi-id":0,"lun":0,"device_id":"drive-scsi1-0-0-0","drive":"libvirt-1-format","id":"scsi1-0-0-0","bootindex":1}' \ --chardev pty,id=charserial0 \ --device '{"driver":"spapr-vty","chardev":"charserial0","id":"serial0","reg":805306368}' \ --chardev pty,id=charserial1 \ --device '{"driver":"spapr-vty","chardev":"charserial1","id":"serial1","reg":805310464}' \ --chardev socket,id=chrtpm,path=/dev/test \ --tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \ --device '{"driver":"tpm-spapr","tpmdev":"tpm-tpm0","id":"tpm0","reg":20480}' \ --audiodev '{"id":"audio1","driver":"none"}' \ --global spapr-nvram.reg=0x4000 \ --sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ --msg timestamp=on diff --git a/tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.xml b/tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.xml deleted file mode 120000 index e3c4cd8051..0000000000 --- a/tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.xml +++ /dev/null @@ -1 +0,0 @@ -tpm-emulator-spapr.xml \ No newline at end of file diff --git a/tests/qemuxmlconfdata/tpm-emulator-spapr.xml b/tests/qemuxmlconfdata/tpm-emulator-spapr.xml deleted file mode 100644 index 1b4b825e2c..0000000000 --- a/tests/qemuxmlconfdata/tpm-emulator-spapr.xml +++ /dev/null @@ -1,70 +0,0 @@ -<domain type='qemu'> - <name>TPM-VM</name> - <uuid>11d7cd22-da89-3094-6212-079a48a309a1</uuid> - <memory unit='KiB'>2097152</memory> - <currentMemory unit='KiB'>512288</currentMemory> - <vcpu placement='static'>1</vcpu> - <os> - <type arch='ppc64' machine='pseries-5.0'>hvm</type> - <boot dev='hd'/> - <bootmenu enable='yes'/> - </os> - <features> - <acpi/> - </features> - <cpu mode='custom' match='exact' check='none'> - <model fallback='forbid'>POWER9</model> - </cpu> - <clock offset='utc'/> - <on_poweroff>destroy</on_poweroff> - <on_reboot>restart</on_reboot> - <on_crash>destroy</on_crash> - <devices> - <emulator>/usr/bin/qemu-system-ppc64</emulator> - <disk type='file' device='disk'> - <driver name='qemu' type='raw'/> - <source file='/tmp/scsidisk.img'/> - <target dev='sda' bus='scsi'/> - <address type='drive' controller='1' bus='0' target='0' unit='0'/> - </disk> - <controller type='scsi' index='0' model='ibmvscsi'> - <address type='spapr-vio' reg='0x00002000'/> - </controller> - <controller type='scsi' index='1' model='ibmvscsi'> - <address type='spapr-vio' reg='0x00003000'/> - </controller> - <controller type='usb' index='0' model='pci-ohci'> - <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> - </controller> - <controller type='pci' index='0' model='pci-root'> - <model name='spapr-pci-host-bridge'/> - <target index='0'/> - </controller> - <serial type='pty'> - <target type='spapr-vio-serial' port='0'> - <model name='spapr-vty'/> - </target> - <address type='spapr-vio' reg='0x30000000'/> - </serial> - <serial type='pty'> - <target type='spapr-vio-serial' port='1'> - <model name='spapr-vty'/> - </target> - <address type='spapr-vio' reg='0x30001000'/> - </serial> - <console type='pty'> - <target type='serial' port='0'/> - <address type='spapr-vio' reg='0x30000000'/> - </console> - <tpm model='tpm-spapr'> - <backend type='emulator' version='2.0'/> - <address type='spapr-vio' reg='0x00005000'/> - </tpm> - <audio id='1' type='none'/> - <memballoon model='none'/> - <nvram> - <address type='spapr-vio' reg='0x00004000'/> - </nvram> - <panic model='pseries'/> - </devices> -</domain> diff --git a/tests/qemuxmlconftest.c b/tests/qemuxmlconftest.c index 2842b44b3e..d2f62081b7 100644 --- a/tests/qemuxmlconftest.c +++ b/tests/qemuxmlconftest.c @@ -2482,8 +2482,6 @@ mymain(void) DO_TEST_CAPS_LATEST("tpm-emulator-tpm2"); DO_TEST_CAPS_LATEST("tpm-emulator-tpm2-enc"); DO_TEST_CAPS_LATEST("tpm-emulator-tpm2-pstate"); - DO_TEST_CAPS_LATEST_PPC64("tpm-emulator-spapr"); - DO_TEST_CAPS_ARCH_LATEST("aarch64-tpm", "aarch64"); DO_TEST_CAPS_ARCH_LATEST_PARSE_ERROR("aarch64-tpm-wrong-model", "aarch64"); DO_TEST_CAPS_LATEST("tpm-external"); -- 2.45.1
On Mon, May 27, 2024 at 19:31:35 +0200, Andrea Bolognani wrote:
The default-models tests provide coverage for these scenarios now.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- .../aarch64-tpm.aarch64-latest.args | 34 --------- .../aarch64-tpm.aarch64-latest.xml | 29 -------- tests/qemuxmlconfdata/aarch64-tpm.xml | 15 ---- .../tpm-emulator-spapr.ppc64-latest.args | 45 ------------ .../tpm-emulator-spapr.ppc64-latest.xml | 1 - tests/qemuxmlconfdata/tpm-emulator-spapr.xml | 70 ------------------- tests/qemuxmlconftest.c | 2 - 7 files changed, 196 deletions(-) delete mode 100644 tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.args delete mode 100644 tests/qemuxmlconfdata/aarch64-tpm.aarch64-latest.xml delete mode 100644 tests/qemuxmlconfdata/aarch64-tpm.xml delete mode 100644 tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.args delete mode 120000 tests/qemuxmlconfdata/tpm-emulator-spapr.ppc64-latest.xml delete mode 100644 tests/qemuxmlconfdata/tpm-emulator-spapr.xml
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
We've made similar changes for aarch64 a few years back (see d8a1c059e0ed and previous commits), and the rationale is the same: the architecture is new enough that TPM 2.0 predates it, so TPM 1.2 support was never considered and will just not work. Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/qemu_domain.c | 1 + src/qemu/qemu_validate.c | 10 ++++++---- .../aarch64-tpm-wrong-model.aarch64-latest.err | 2 +- ...4-virt-default-models.riscv64-latest.abi-update.xml | 2 +- .../riscv64-virt-default-models.riscv64-latest.xml | 2 +- 5 files changed, 10 insertions(+), 7 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index bda62f2e5c..6bb18ad5a8 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -6182,6 +6182,7 @@ qemuDomainTPMDefPostParse(virDomainTPMDef *tpm, tpm->data.emulator.version == VIR_DOMAIN_TPM_VERSION_DEFAULT) { if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR || tpm->model == VIR_DOMAIN_TPM_MODEL_CRB || + qemuDomainIsRISCVVirt(def) || qemuDomainIsARMVirt(def)) tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_2_0; else diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index ac1940cb31..7b871be05f 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -4765,10 +4765,12 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm, _("TPM 1.2 is not supported with the SPAPR device model")); return -1; } - /* TPM 1.2 + ARM does not work */ - if (qemuDomainIsARMVirt(def)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("TPM 1.2 is not supported on ARM")); + /* TPM 1.2 does not work on certain modern architectures */ + if (qemuDomainIsARMVirt(def) || + qemuDomainIsRISCVVirt(def)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("TPM 1.2 is not supported on architecture '%1$s'"), + virArchToString(def->os.arch)); return -1; } break; diff --git a/tests/qemuxmlconfdata/aarch64-tpm-wrong-model.aarch64-latest.err b/tests/qemuxmlconfdata/aarch64-tpm-wrong-model.aarch64-latest.err index a3a82fdcf5..44c6e7372b 100644 --- a/tests/qemuxmlconfdata/aarch64-tpm-wrong-model.aarch64-latest.err +++ b/tests/qemuxmlconfdata/aarch64-tpm-wrong-model.aarch64-latest.err @@ -1 +1 @@ -unsupported configuration: TPM 1.2 is not supported on ARM +unsupported configuration: TPM 1.2 is not supported on architecture 'aarch64' diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml index a3a701b8e4..6712c2d831 100644 --- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml +++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml @@ -59,7 +59,7 @@ <target type='serial' port='0'/> </console> <tpm model='tpm-tis'> - <backend type='emulator' version='1.2'/> + <backend type='emulator' version='2.0'/> </tpm> <audio id='1' type='none'/> <video> diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml index a3a701b8e4..6712c2d831 100644 --- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml +++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml @@ -59,7 +59,7 @@ <target type='serial' port='0'/> </console> <tpm model='tpm-tis'> - <backend type='emulator' version='1.2'/> + <backend type='emulator' version='2.0'/> </tpm> <audio id='1' type='none'/> <video> -- 2.45.1
On Mon, May 27, 2024 at 07:31:36PM +0200, Andrea Bolognani wrote:
We've made similar changes for aarch64 a few years back (see d8a1c059e0ed and previous commits), and the rationale is the same: the architecture is new enough that TPM 2.0 predates it, so TPM 1.2 support was never considered and will just not work.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> --- src/qemu/qemu_domain.c | 1 + src/qemu/qemu_validate.c | 10 ++++++---- .../aarch64-tpm-wrong-model.aarch64-latest.err | 2 +- ...4-virt-default-models.riscv64-latest.abi-update.xml | 2 +- .../riscv64-virt-default-models.riscv64-latest.xml | 2 +- 5 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index bda62f2e5c..6bb18ad5a8 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -6182,6 +6182,7 @@ qemuDomainTPMDefPostParse(virDomainTPMDef *tpm, tpm->data.emulator.version == VIR_DOMAIN_TPM_VERSION_DEFAULT) { if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR || tpm->model == VIR_DOMAIN_TPM_MODEL_CRB || + qemuDomainIsRISCVVirt(def) || qemuDomainIsARMVirt(def)) tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_2_0; else diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index ac1940cb31..7b871be05f 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -4765,10 +4765,12 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm, _("TPM 1.2 is not supported with the SPAPR device model")); return -1; } - /* TPM 1.2 + ARM does not work */ - if (qemuDomainIsARMVirt(def)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("TPM 1.2 is not supported on ARM")); + /* TPM 1.2 does not work on certain modern architectures */ + if (qemuDomainIsARMVirt(def) || + qemuDomainIsRISCVVirt(def)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("TPM 1.2 is not supported on architecture '%1$s'"), + virArchToString(def->os.arch)); return -1; }
Hmm, what architectures /do/ allow 1.2 ? x86, s390x, ppc ? Should we consider just doing an "allow list" for arches, given that going forward nothing new should be allowed. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Mon, Jun 03, 2024 at 10:50:40AM GMT, Daniel P. Berrangé wrote:
On Mon, May 27, 2024 at 07:31:36PM +0200, Andrea Bolognani wrote:
+ /* TPM 1.2 does not work on certain modern architectures */ + if (qemuDomainIsARMVirt(def) || + qemuDomainIsRISCVVirt(def)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("TPM 1.2 is not supported on architecture '%1$s'"), + virArchToString(def->os.arch)); return -1; }
Hmm, what architectures /do/ allow 1.2 ? x86, s390x, ppc ? Should we consider just doing an "allow list" for arches, given that going forward nothing new should be allowed.
ppc64 defaults to 2.0 already and s390x doesn't do TPM. Flipping things around so that 1.2 becomes the special case and is only allowed for x86 would make sense. The only remaining question mark is loongarch64. I assume that, just like riscv64 and aarch64 before it, it wouldn't bother with 1.2 at all, but I'm not 100% sure. On the other hand, TPM support is currently compiled out by default in the QEMU system binary for that architecture, so we could go ahead with the change under that assumption and revisit things later if necessary. Does that sound good? -- Andrea Bolognani / Red Hat / Virtualization
On Mon, Jun 03, 2024 at 08:32:39AM -0400, Andrea Bolognani wrote:
On Mon, Jun 03, 2024 at 10:50:40AM GMT, Daniel P. Berrangé wrote:
On Mon, May 27, 2024 at 07:31:36PM +0200, Andrea Bolognani wrote:
+ /* TPM 1.2 does not work on certain modern architectures */ + if (qemuDomainIsARMVirt(def) || + qemuDomainIsRISCVVirt(def)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("TPM 1.2 is not supported on architecture '%1$s'"), + virArchToString(def->os.arch)); return -1; }
Hmm, what architectures /do/ allow 1.2 ? x86, s390x, ppc ? Should we consider just doing an "allow list" for arches, given that going forward nothing new should be allowed.
ppc64 defaults to 2.0 already and s390x doesn't do TPM. Flipping things around so that 1.2 becomes the special case and is only allowed for x86 would make sense.
The only remaining question mark is loongarch64. I assume that, just like riscv64 and aarch64 before it, it wouldn't bother with 1.2 at all, but I'm not 100% sure. On the other hand, TPM support is currently compiled out by default in the QEMU system binary for that architecture, so we could go ahead with the change under that assumption and revisit things later if necessary. Does that sound good?
Yes, lets limit to x86. Better to unlock more valid cases later, than to be too loose and let things through by mistake, as we'll easily forget this when adding new arches later. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
participants (3)
-
Andrea Bolognani -
Daniel P. Berrangé -
Peter Krempa