[PATCH 2/2] qemu: Validate TPM TIS device
Jim Fehlig
jfehlig at suse.com
Wed Feb 10 17:34:10 UTC 2021
TPM devices with model='tpm-tis' are only valid with x86 and aarch64
virt machines. Add a check to qemuValidateDomainDeviceDefTPM() to
ensure VIR_DOMAIN_TPM_MODEL_TIS is only used with these architectures.
Signed-off-by: Jim Fehlig <jfehlig at suse.com>
---
The conditional is a bit distasteful, but so far I haven't come up with
anything better. I aslo worry about future architectures gaining support
for emulated TPM TIS devices.
src/qemu/qemu_validate.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index a70737327e..d6ff5e5eef 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -4299,6 +4299,13 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
switch (tpm->model) {
case VIR_DOMAIN_TPM_MODEL_TIS:
+ if (!ARCH_IS_X86(def->os.arch) && (def->os.arch != VIR_ARCH_AARCH64)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("TPM model %s is only available for "
+ "x86 and aarch64 guests"),
+ virDomainTPMModelTypeToString(tpm->model));
+ return -1;
+ }
flag = QEMU_CAPS_DEVICE_TPM_TIS;
break;
case VIR_DOMAIN_TPM_MODEL_CRB:
--
2.29.2
More information about the libvir-list
mailing list