[libvirt PATCH 5/5] qemu: Reject TPM 1.2 for ARM virt guests

Tue Jun 29 02:55:00 UTC 2021

It works. Thanks.

Tested-by: liuyd.fnst at fujitsu.com

On 6/25/21 10:27 PM, Andrea Bolognani wrote:
> We already reject TPM 1.2 in a number of scenarios; let's add
> ARM virt guests to the list.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1970310
>
> Signed-off-by: Andrea Bolognani <abologna at redhat.com>
> ---
>   src/qemu/qemu_validate.c                          |  6 ++++++
>   .../qemuxml2argvdata/aarch64-tpm-wrong-model.err  |  1 +
>   .../qemuxml2argvdata/aarch64-tpm-wrong-model.xml  | 15 +++++++++++++++
>   tests/qemuxml2argvtest.c                          |  1 +
>   4 files changed, 23 insertions(+)
>   create mode 100644 tests/qemuxml2argvdata/aarch64-tpm-wrong-model.err
>   create mode 100644 tests/qemuxml2argvdata/aarch64-tpm-wrong-model.xml
>
> diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
> index 382473d03b..b133ce3cd6 100644
> --- a/src/qemu/qemu_validate.c
> +++ b/src/qemu/qemu_validate.c
> @@ -4517,6 +4517,12 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
>                              _("TPM 1.2 is not supported with the SPAPR device model"));
>               return -1;
>           }
> +        /* TPM 1.2 + ARM does not work */
> +        if (qemuDomainIsARMVirt(def)) {
> +            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
> +                           _("TPM 1.2 is not supported on ARM"));
> +            return -1;
> +        }
>           break;
>       case VIR_DOMAIN_TPM_VERSION_2_0:
>       case VIR_DOMAIN_TPM_VERSION_DEFAULT:
> diff --git a/tests/qemuxml2argvdata/aarch64-tpm-wrong-model.err b/tests/qemuxml2argvdata/aarch64-tpm-wrong-model.err
> new file mode 100644
> index 0000000000..a3a82fdcf5
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/aarch64-tpm-wrong-model.err
> @@ -0,0 +1 @@
> +unsupported configuration: TPM 1.2 is not supported on ARM
> diff --git a/tests/qemuxml2argvdata/aarch64-tpm-wrong-model.xml b/tests/qemuxml2argvdata/aarch64-tpm-wrong-model.xml
> new file mode 100644
> index 0000000000..9441c4d05a
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/aarch64-tpm-wrong-model.xml
> @@ -0,0 +1,15 @@
> +<domain type="qemu">
> +  <name>aarch64test</name>
> +  <uuid>496d7ea8-9739-544b-4ebd-ef08be936e8b</uuid>
> +  <memory>1048576</memory>
> +  <vcpu placement='static'>1</vcpu>
> +  <os>
> +    <type arch="aarch64" machine="virt">hvm</type>
> +  </os>
> +  <devices>
> +    <emulator>/usr/bin/qemu-system-aarch64</emulator>
> +    <tpm model='tpm-tis'>
> +      <backend type='emulator' version='1.2'/>
> +    </tpm>
> +  </devices>
> +</domain>
> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
> index 9df28658b9..16236f0331 100644
> --- a/tests/qemuxml2argvtest.c
> +++ b/tests/qemuxml2argvtest.c
> @@ -2565,6 +2565,7 @@ mymain(void)
>       DO_TEST_CAPS_LATEST("tpm-emulator-tpm2-pstate");
>       DO_TEST_CAPS_LATEST_PPC64("tpm-emulator-spapr");
>       DO_TEST_CAPS_ARCH_LATEST("aarch64-tpm", "aarch64");
> +    DO_TEST_PARSE_ERROR("aarch64-tpm-wrong-model", "aarch64");
>   
>       DO_TEST_PARSE_ERROR("pci-domain-invalid", NONE);
>       DO_TEST_PARSE_ERROR("pci-bus-invalid", NONE);

-- 
Best Regards.
Yiding Liu