[PATCH v5 00/10] Introducing TPM Proxy device support for PPC64

Satheesh Rajendran sathnaga at linux.vnet.ibm.com
Fri May 22 09:43:51 UTC 2020


On Thu, May 21, 2020 at 10:07:20AM -0300, Daniel Henrique Barboza wrote:
> changes in v5:
> - rebased and fixed commits to master at d265171b5784
> - moved two TPMs validation from domain_conf.c (patch 05) to
>   qemu_domain.c (patch 06)
> 
> Gitlab tree: https://gitlab.com/danielhb/libvirt/tree/spapr_tpm_proxy_v5
> 

Tested-by: Satheesh Rajendran <sathnaga at linux.vnet.ibm.com>


libvirt xml:
...
    <tpm model='spapr-tpm-proxy'>
      <backend type='passthrough'>
        <device path='/dev/tpm0'/>
      </backend>
      <alias name='tpmproxy0'/>
    </tpm>
...
<qemu:commandline>
    <qemu:arg value='-trace'/>
    <qemu:arg value='events=/home/sath/tpm_events_log/tpm_events'/>
</qemu:commandline>

...

$ cat /home/sath/tpm_events_log/tpm_events
spapr_tpm_execute
spapr_h_tpm_comm

qemu log, trace outputs:
...
4359 at 1590140133.539001:spapr_tpm_execute data_in=0x2ff40000, data_in_sz=63, data_out=0x2ff40000, data_out_sz=4096
4359 at 1590140133.556488:spapr_h_tpm_comm tpm_device_path=/dev/tpm0 operation=0x1
..
..
4359 at 1590140133.576494:spapr_tpm_execute data_in=0x2ff40000, data_in_sz=14, data_out=0x2ff40000, data_out_sz=4096
4359 at 1590140133.585730:spapr_h_tpm_comm tpm_device_path=/dev/tpm0 operation=0x1
...
4359 at 1590140133.585740:spapr_tpm_execute data_in=0x2ff40000, data_in_sz=86, data_out=0x2ff40000, data_out_sz=4096
4359 at 1590140133.602373:spapr_h_tpm_comm tpm_device_path=/dev/tpm0 operation=0x1
...
---

Regards,
-Satheesh.

> v4 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00814.html
> v3 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00642.html
> v2 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00604.html
> v1 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00604.html
> 
> Daniel Henrique Barboza (10):
>   docs: documentation and schema for the new TPM Proxy model
>   qemu: Extend QEMU capabilities with 'spapr-tpm-proxy'
>   qemu_extdevice.c: remove unneeded 'ret' variable
>   qemu_tpm, security, tests: change 'switch' clauses for 'if'
>   conf, qemu, security, tests: introducing 'def->tpms' array
>   qemu: add validations after TPM Proxy model introduction
>   tests: add XML schema tests for the TPM Proxy device
>   qemu: build command line for the TPM Proxy device
>   tests/qemuxml2argvtest.c: add TPM Proxy command line tests
>   docs/news.xml: update for the new TPM Proxy device
> 
>  docs/formatdomain.html.in                     | 19 ++++-
>  docs/news.xml                                 | 17 +++++
>  docs/schemas/domaincommon.rng                 |  1 +
>  src/conf/domain_audit.c                       |  4 +-
>  src/conf/domain_conf.c                        | 50 +++++++-----
>  src/conf/domain_conf.h                        |  6 +-
>  src/qemu/qemu_alias.c                         |  9 ++-
>  src/qemu/qemu_capabilities.c                  |  4 +
>  src/qemu/qemu_capabilities.h                  |  3 +
>  src/qemu/qemu_cgroup.c                        | 10 ++-
>  src/qemu/qemu_command.c                       | 59 +++++++++++---
>  src/qemu/qemu_domain.c                        | 68 ++++++++++++++---
>  src/qemu/qemu_domain_address.c                | 11 ++-
>  src/qemu/qemu_extdevice.c                     | 24 +++---
>  src/qemu/qemu_tpm.c                           | 76 +++++++++----------
>  src/qemu/qemu_validate.c                      | 19 +++++
>  src/security/security_dac.c                   |  8 +-
>  src/security/security_selinux.c               | 44 +++++------
>  src/security/virt-aa-helper.c                 | 14 ++--
>  .../qemucapabilitiesdata/caps_4.2.0.ppc64.xml |  1 +
>  .../qemucapabilitiesdata/caps_5.0.0.ppc64.xml |  1 +
>  tests/qemuxml2argvdata/ppc64-tpm-double.xml   | 34 +++++++++
>  .../ppc64-tpmproxy-double.xml                 | 38 ++++++++++
>  .../ppc64-tpmproxy-single.ppc64-latest.args   | 34 +++++++++
>  .../ppc64-tpmproxy-single.xml                 | 33 ++++++++
>  .../ppc64-tpmproxy-with-tpm.ppc64-latest.args | 37 +++++++++
>  .../ppc64-tpmproxy-with-tpm.xml               | 36 +++++++++
>  tests/qemuxml2argvtest.c                      | 33 +++++---
>  .../ppc64-tpmproxy-single.ppc64-latest.xml    | 42 ++++++++++
>  .../ppc64-tpmproxy-with-tpm.ppc64-latest.xml  | 46 +++++++++++
>  tests/qemuxml2xmltest.c                       |  2 +
>  31 files changed, 631 insertions(+), 152 deletions(-)
>  create mode 100644 tests/qemuxml2argvdata/ppc64-tpm-double.xml
>  create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml
>  create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args
>  create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml
>  create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args
>  create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml
>  create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml
>  create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml
> 
> -- 
> 2.26.2
> 




More information about the libvir-list mailing list