[PATCH v5 00/10] Introducing TPM Proxy device support for PPC64
Satheesh Rajendran
sathnaga at linux.vnet.ibm.com
Fri May 22 09:43:51 UTC 2020
On Thu, May 21, 2020 at 10:07:20AM -0300, Daniel Henrique Barboza wrote:
> changes in v5:
> - rebased and fixed commits to master at d265171b5784
> - moved two TPMs validation from domain_conf.c (patch 05) to
> qemu_domain.c (patch 06)
>
> Gitlab tree: https://gitlab.com/danielhb/libvirt/tree/spapr_tpm_proxy_v5
>
Tested-by: Satheesh Rajendran <sathnaga at linux.vnet.ibm.com>
libvirt xml:
...
<tpm model='spapr-tpm-proxy'>
<backend type='passthrough'>
<device path='/dev/tpm0'/>
</backend>
<alias name='tpmproxy0'/>
</tpm>
...
<qemu:commandline>
<qemu:arg value='-trace'/>
<qemu:arg value='events=/home/sath/tpm_events_log/tpm_events'/>
</qemu:commandline>
...
$ cat /home/sath/tpm_events_log/tpm_events
spapr_tpm_execute
spapr_h_tpm_comm
qemu log, trace outputs:
...
4359 at 1590140133.539001:spapr_tpm_execute data_in=0x2ff40000, data_in_sz=63, data_out=0x2ff40000, data_out_sz=4096
4359 at 1590140133.556488:spapr_h_tpm_comm tpm_device_path=/dev/tpm0 operation=0x1
..
..
4359 at 1590140133.576494:spapr_tpm_execute data_in=0x2ff40000, data_in_sz=14, data_out=0x2ff40000, data_out_sz=4096
4359 at 1590140133.585730:spapr_h_tpm_comm tpm_device_path=/dev/tpm0 operation=0x1
...
4359 at 1590140133.585740:spapr_tpm_execute data_in=0x2ff40000, data_in_sz=86, data_out=0x2ff40000, data_out_sz=4096
4359 at 1590140133.602373:spapr_h_tpm_comm tpm_device_path=/dev/tpm0 operation=0x1
...
---
Regards,
-Satheesh.
> v4 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00814.html
> v3 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00642.html
> v2 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00604.html
> v1 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00604.html
>
> Daniel Henrique Barboza (10):
> docs: documentation and schema for the new TPM Proxy model
> qemu: Extend QEMU capabilities with 'spapr-tpm-proxy'
> qemu_extdevice.c: remove unneeded 'ret' variable
> qemu_tpm, security, tests: change 'switch' clauses for 'if'
> conf, qemu, security, tests: introducing 'def->tpms' array
> qemu: add validations after TPM Proxy model introduction
> tests: add XML schema tests for the TPM Proxy device
> qemu: build command line for the TPM Proxy device
> tests/qemuxml2argvtest.c: add TPM Proxy command line tests
> docs/news.xml: update for the new TPM Proxy device
>
> docs/formatdomain.html.in | 19 ++++-
> docs/news.xml | 17 +++++
> docs/schemas/domaincommon.rng | 1 +
> src/conf/domain_audit.c | 4 +-
> src/conf/domain_conf.c | 50 +++++++-----
> src/conf/domain_conf.h | 6 +-
> src/qemu/qemu_alias.c | 9 ++-
> src/qemu/qemu_capabilities.c | 4 +
> src/qemu/qemu_capabilities.h | 3 +
> src/qemu/qemu_cgroup.c | 10 ++-
> src/qemu/qemu_command.c | 59 +++++++++++---
> src/qemu/qemu_domain.c | 68 ++++++++++++++---
> src/qemu/qemu_domain_address.c | 11 ++-
> src/qemu/qemu_extdevice.c | 24 +++---
> src/qemu/qemu_tpm.c | 76 +++++++++----------
> src/qemu/qemu_validate.c | 19 +++++
> src/security/security_dac.c | 8 +-
> src/security/security_selinux.c | 44 +++++------
> src/security/virt-aa-helper.c | 14 ++--
> .../qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 +
> .../qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 +
> tests/qemuxml2argvdata/ppc64-tpm-double.xml | 34 +++++++++
> .../ppc64-tpmproxy-double.xml | 38 ++++++++++
> .../ppc64-tpmproxy-single.ppc64-latest.args | 34 +++++++++
> .../ppc64-tpmproxy-single.xml | 33 ++++++++
> .../ppc64-tpmproxy-with-tpm.ppc64-latest.args | 37 +++++++++
> .../ppc64-tpmproxy-with-tpm.xml | 36 +++++++++
> tests/qemuxml2argvtest.c | 33 +++++---
> .../ppc64-tpmproxy-single.ppc64-latest.xml | 42 ++++++++++
> .../ppc64-tpmproxy-with-tpm.ppc64-latest.xml | 46 +++++++++++
> tests/qemuxml2xmltest.c | 2 +
> 31 files changed, 631 insertions(+), 152 deletions(-)
> create mode 100644 tests/qemuxml2argvdata/ppc64-tpm-double.xml
> create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml
> create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args
> create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml
> create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args
> create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml
> create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml
> create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml
>
> --
> 2.26.2
>
More information about the libvir-list
mailing list