[PATCH v1 0/8] Introducing TPM Proxy device support

Fri May 8 20:18:32 UTC 2020

On 5/8/20 8:06 AM, Daniel Henrique Barboza wrote:
> Hello,
>
> This series implements a new device type for Libvirt called
> "TPM Proxy". This device acts as a proxy for TPM requisitions
> that the guest can make for an existing TPM Resource Manager
> in the host. The TPM Resource Manager multiplexes TPM access
> to multiple processes, allowing more than one process (guest)
> to use the host TPM at the same time.
>
> A guest using a TPM Proxy device does not have access to all
> possible TPM features. In that case the guest will need to

'... does not have access to all possible TPM features': Is this device 
filtering? Since I never used this device, I am wondering what does this 
mean? What is the usage model of this device and in what case do you 
intend to use it?

Do you give any guest now access to the host HW TPM and its PCRs and let 
the guest extend them? That's not something you would want, at least not 
for untrusted guests... keeping the device busy creating keys or loading 
it up with keys is another possible issue.

> assign a vTPM device (tpm-spapr for PPC64). There is no restrictions
> of using both a vTPM and a TPM Proxy device at the same time,
> but only one TPM Proxy is allowed per guest.
>
> At this moment, this device exists only for QEMU pSeries guests.
> A "model" field was added device to allow more models to be added
> when/if other architectures implements it.
>
>
> Daniel Henrique Barboza (8):
>    docs: documentation and schema for the new TPM Proxy device
>    qemu: Extend QEMU capabilities with 'spapr-tpm-proxy'
>    conf, qemu: adding VIR_DOMAIN_DEVICE_TPMPROXY device
>    domain_conf.c: XML parsing for VIR_DOMAIN_DEVICE_TPMPROXY
>    tests: add test for domain XML with TPM Proxy device model
>    qemu: build command line for the TPM Proxy device
>    tests/qemuxml2argvtest.c: add TPM Proxy command line test
>    docs/news.xml: update for the new TPM Proxy device
>
>   docs/formatdomain.html.in                     |  42 +++++
>   docs/news.xml                                 |  14 ++
>   docs/schemas/domaincommon.rng                 |  18 ++
>   src/conf/domain_capabilities.c                |   1 +
>   src/conf/domain_conf.c                        | 160 ++++++++++++++++++
>   src/conf/domain_conf.h                        |  18 ++
>   src/conf/virconftypes.h                       |   3 +
>   src/libvirt_private.syms                      |   2 +
>   src/qemu/qemu_alias.c                         |  16 ++
>   src/qemu/qemu_capabilities.c                  |   2 +
>   src/qemu/qemu_capabilities.h                  |   1 +
>   src/qemu/qemu_command.c                       |  21 +++
>   src/qemu/qemu_domain.c                        |  14 ++
>   src/qemu/qemu_domain_address.c                |   2 +
>   src/qemu/qemu_driver.c                        |   5 +
>   src/qemu/qemu_hotplug.c                       |   3 +
>   src/qemu/qemu_validate.c                      |  37 ++++
>   .../qemucapabilitiesdata/caps_4.2.0.ppc64.xml |   1 +
>   .../qemucapabilitiesdata/caps_5.0.0.ppc64.xml |   1 +
>   tests/qemuxml2argvdata/ppc64-tpmproxy.args    |  28 +++
>   tests/qemuxml2argvdata/ppc64-tpmproxy.xml     |  31 ++++
>   tests/qemuxml2argvtest.c                      |   4 +
>   tests/qemuxml2xmloutdata/ppc64-tpmproxy.xml   |  37 ++++
>   tests/qemuxml2xmltest.c                       |   4 +
>   24 files changed, 465 insertions(+)
>   create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy.args
>   create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy.xml
>   create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy.xml
>