tpm-tis device for ARM virt

Andrea Bolognani abologna at redhat.com
Tue Feb 9 09:20:17 UTC 2021 

On Mon, 2021-02-08 at 17:30 -0700, Jim Fehlig wrote:
> Hi All,
> 
> I received a private bug report that starting a VM with swtpm device fails with 
> qemu-system-aarch64. The VM config has
> 
>      <tpm model='tpm-tis'>
>        <backend type='emulator' version='2.0'/>
>       </tpm>
> 
> QEMU reports the following error
> 
> error: internal error: process exited while connecting to monitor: 
> 2021-02-07T05:15:35.378927Z qemu-system-aarch64: -device 
> tpm-tis,tpmdev=tpm-tpm0,id=tpm0: 'tpm-tis' is not a valid device model name
> 
> Indeed it appears the device name is 'tpm-tis-device' [1][2] for ARM virt. The 
> similar yet different device naming between x86 and ARM is unfortunate. IIUC, 
> the devices are the same between the architectures, i.e. they both emulate a TPM 
> device conforming to the TIS spec. If so, adding a 'tpm-tis-device' to 
> virDomainTPMModel seems redundant. I assume the naming difference should be 
> handled internally, e.g. something like the below patch to qemuBuildTPMDevStr? I 
> can send a proper patch if this is an acceptable approach.
> 
> Regards,
> Jim
> 
> [1] https://qemu.readthedocs.io/en/latest/specs/tpm.html
> [2] https://github.com/qemu/qemu/commit/c294ac327ca99342b90bd3a83d2cef9b447afaa7
> 
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index 92036d26c0..5154611ccd 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -9198,6 +9198,9 @@ qemuBuildTPMDevStr(const virDomainDef *def,
>       g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
>       const char *model = virDomainTPMModelTypeToString(tpm->model);
> 
> +    if (tpm->model == VIR_DOMAIN_TPM_MODEL_TIS && def->os.arch == VIR_ARCH_AARCH64)
> +        model = "tpm-tis-device";
> +
>       virBufferAsprintf(&buf, "%s,tpmdev=tpm-%s,id=%s",
>                         model, tpm->info.alias, tpm->info.alias);
> 

This looks fairly reasonable. Please make sure you also include a
test case for this usage.

If you're feeling fancy, you might consider augmenting
qemuValidateDomainDeviceDefTPM() to ensure VIR_DOMAIN_TPM_MODEL_TIS
is only used on x86 or with the aarch64 virt machine type.

-- 
Andrea Bolognani / Red Hat / Virtualization

More information about the libvir-list mailing list