[libvirt] [PATCH 18/18] docs: Extend TPM docs with new encryption element
Marc-André Lureau
marcandre.lureau at redhat.com
Tue Jul 9 20:28:56 UTC 2019
On Tue, Jul 9, 2019 at 9:24 PM Stefan Berger <stefanb at linux.vnet.ibm.com> wrote:
>
> Describe the encryption element in the TPM's domain XML.
>
> Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
> ---
> docs/formatdomain.html.in | 16 ++++++++++++++++
> 1 file changed, 16 insertions(+)
>
> diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
> index a7a6ec32a5..b53ea7d6f4 100644
> --- a/docs/formatdomain.html.in
> +++ b/docs/formatdomain.html.in
> @@ -8212,6 +8212,9 @@ qemu-kvm -net nic,model=? /dev/null
> TPM functionality for each VM. QEMU talks to it over a Unix socket. With
> the emulator device type each guest gets its own private TPM.
> <span class="since">'emulator' since 4.5.0</span>
> + The state of the TPM emulator can be encrypted by providing an
> + <code>encryption</code> element.
> + <span class="since">'encryption' since 5.5.0</span>
here too, 5.6.0 I presume
Reviewed-by: Marc-André Lureau <marcandre.lureau at redhat.com>
> </p>
> <p>
> Example: usage of the TPM Emulator
> @@ -8221,6 +8224,9 @@ qemu-kvm -net nic,model=? /dev/null
> <devices>
> <tpm model='tpm-tis'>
> <backend type='emulator' version='2.0'>
> + <encryption format='vtpm'>
> + <secret type='passphrase' usage='VTPM_example'/>
> + </encryption>
> </backend>
> </tpm>
> </devices>
> @@ -8283,6 +8289,16 @@ qemu-kvm -net nic,model=? /dev/null
> <li>'2.0' : creates a TPM 2.0</li>
> </ul>
> </dd>
> + <dt><code>encryption</code></dt>
> + <dd>
> + <p>
> + The <code>encryption</code> element allows the state of a TPM emulator
> + to be encrypted. The <code>format</code> attribute must be <code>vtpm</code>.
> + The <code>secret</code> element must reference a secret object using
> + either its <code>usage</code> or <code>uuid</code>. The <code>type</code>
> + attribute must be set to <code>passphrase</code>.
> + </p>
> + </dd>
> </dl>
>
> <h4><a id="elementsNVRAM">NVRAM device</a></h4>
> --
> 2.20.1
>
More information about the libvir-list
mailing list