On 01/19/2013 10:31 AM, Eric Blake wrote:
On 01/18/2013 05:55 PM, Stefan Berger wrote:
On 01/18/2013 07:14 PM, Stefan Berger wrote:
On 01/18/2013 01:18 PM, Eric Blake wrote:
On 01/18/2013 09:02 AM, Stefan Berger wrote:
When libvirt forks, the child process inherits the file descriptors,
among them those of the taps and /dev/tpm0. The subsequent execve
keeps the file descriptor open. QEMU then reads the TPM file
descriptor from the command line into above TPMInfo->fd. This also
works with 'exec 100<>/dev/tpm0' via command line.
Similar to the SELinux labeling of all the other file descriptors I
also use the one for the TPM device for SELinux labeling.
I have to correct this: The libvirt patches for this use path= on the
command line and also apply the SELinux label on the path rather than
the fd. So, this patch then adds file descriptor passing support to have
equivalent functionality to other devices.
You _still_ don't need extra handling for fd passing; neither on the
command line, nor in QMP. Remember, we added --add-fd to the command
line, precisely so we could use:
qemu -add-fd set=1,fd=100 -tpmdev passthrough,path=/dev/fdset/1 \
100<>/dev/tpm0
This helps. /dev/fdset/1 is just a string and not a real device
following what I see in the code. Then the problem seems to be solved by
replacing open() with qemu_open() and we can drop this patch. Thanks for
the hint. Obviously I don't follow all the developments in QEMU close
enough...
Regards,
Stefan