This patch adds support for an external swtpm TPM emulator. The XML for
this type of TPM looks as follows:
The XML will currently only define a TPM 1.2.
Extend the documentation.
Add a test case testing the XML parser and formatter.
Signed-off-by: Stefan Berger
---
docs/formatdomain.html.in | 30 +++
docs/schemas/domaincommon.rng | 5 +
src/conf/domain_audit.c | 2 ++
src/conf/domain_conf.c| 28 ++---
src/conf/domain_conf.h| 7 +++
src/qemu/qemu_cgroup.c| 1 +
src/qemu/qemu_command.c | 1 +
src/qemu/qemu_domain.c| 1 +
src/security/security_dac.c | 2 ++
src/security/security_selinux.c | 2 ++
tests/qemuxml2argvdata/tpm-emulator.xml | 30 +++
tests/qemuxml2xmloutdata/tpm-emulator.xml | 34 +++
tests/qemuxml2xmltest.c | 1 +
13 files changed, 137 insertions(+), 7 deletions(-)
create mode 100644 tests/qemuxml2argvdata/tpm-emulator.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator.xml
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 6a0110e..2a8912f 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -7649,6 +7649,26 @@ qemu-kvm -net nic,model=? /dev/null
...
+
+
+ The emulator device type gives access to a TPM emulator providing
+ TPM functionlity for each VM. QEMU talks to it over a Unix socket. With
+ the emulator device type each guest gets its own private TPM.
+ 'emulator' since 4.4.0
+
+
+ Example: usage of the TPM Emulator
+
+
+ ...
+
+
+
+
+
+
+ ...
+
model
@@ -7682,6 +7702,16 @@ qemu-kvm -net nic,model=? /dev/null
+
+ emulator
+
+
+ For this backend type the 'swtpm' TPM Emulator must be installed
on the
+ host. Libvirt will automatically start an independent TPM
emulator
+ for each QEMU guest requesting access to it.
+
+
+
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 7bad7dd..c65a9a3 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -4137,6 +4137,11 @@
+
+
+ emulator
+
+
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 82868bc..25cccdd 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -586,6 +586,8 @@ virDomainAuditTPM(virDomainObjPtr vm, virDomainTPMDefPtr
tpm,
"virt=%s resrc=dev reason=%s %s uuid=%s %s",
virt, reason, vmname, uuidstr, device);
break;
+case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+break;
case VIR_DOMAIN_TPM_TYPE_LAST:
default:
break;
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 0ea3e4c..d9945dd 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -864,7 +864,8 @@ VIR_ENUM_IMPL(virDomainTPMModel, VIR_DOMAIN_TPM_MODEL_LAST,
"tpm-crb")
VIR_ENUM_IMPL(virDomainTPMBackend, VIR_DOMAIN_TPM_TYPE_LAST,
- "passthrough")
+ "passthrough",
+ "emulator")
VIR_ENUM_IMPL(virDomainIOMMUModel, VIR_DOMAIN_IOMMU_MODEL_LAST,
"intel")
@@ -2601,6 +2602,11 @@ void virDomainTPMDefFree(virDomainTPMDefPtr def)
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
VIR_FREE(def->data.passthrough.source.data.file.path);
break;
+case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+VIR_FREE(def->data.emulator.source.data.nix.path);
+VIR_FREE(def->data.emulator.storagepath);
+VIR_FREE(def->data.emulator.logfile);
+break;
case VIR_DOMAIN_TPM_TYPE_LAST:
break;
}
@@ -12582,6 +12588,11 @@ virDomainSmartcardDefParseXML(virDomainXMLOptionPtr
xmlopt,
*
*
*
+ * or like this:
+ *
+ *
+ *
+ *
*/
static virDomainTPMDefPtr
virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
@@ -12648,6 +12659,8 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
def->data.passthrough.source.type = VIR_DOMAIN_CHR_TYPE_DEV;
path = NULL;
break;
+case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+break;
case VIR_DOMAIN_TPM_TYPE_LAST:
goto error;
}
@@ -24815,22 +24828,23 @@ virDomainTPMDefFormat(virBufferPtr buf,
virBufferAsprintf(buf, "\n",
virDomainTPMModelTypeToString(def->model));
virBufferAdjustIndent(buf, 2);
-virBufferAsprintf(buf, "\n",
+virBufferAsprintf(buf, "type));
-virBufferAdjustIndent(buf,
