This series of patches adds support for the TPM emulator backend that
is available in QEMU and based on swtpm + libtpms. It allows to attach a
TPM 1.2 or 2 to a QEMU VM. sVirt labels are used for labeling the swtpm
process, its Unix socket, and log file with the same label that the
QEMU process gets. Besides that swtpm is added to the emulator cgroup to
restrict its CPU usage.
The device XML can be changed from a TPM 1.2 to a TPM 2 and back to a
TPM 1.2. The device state is not removed during those changes but only
when the domain is undefined.
The swtpm needs persistent storage to store its state. For that I am
using the uuid of the VM as part of the path since the name of the VM
can be changed. Logfiles, PID files, and socket names are based on the
name of the VM, though.
Stefan
v7->v8:
- Delaying this series for 4.5; adjusted references to 4.4
- Fixed a test case since version='1.2' is now formatted as well
- Appended patches for AppArmor and auditing
- Appended patches that improve / fix existing code
- patch for validating the TPM configuration rather than overwriting it;
a particular case is the CRB interface does not work with a TPM 1.2
- swtpm_setup can be run for a TPM 2 in unprivileged mode as well
v6->v7:
- followed Jan Tomko's suggestion with resulting changing to patch
10/12.
- re-added missing parts related to swtpm_setup and TPM that got lost
in v4
v5->v6:
- Addressed John Ferlan's comments
- rebased on latest tip
- Added patch 12.
v4->v5:
- Addressed John Ferlan's, Boris Fiuczysnki's and Marc Hartmayer's comments
- rebased on latest tip
v3->v4:
- Addressed John Ferlan's comments
- Fixed bugs I found while testing
- rebased on latest tip
Stefan Berger (18):
conf: Add support for external swtpm TPM emulator to domain XML
qemu: Extend QEMU capabilities with 'tpm-emulator'
util: Implement virFileChownFiles()
security: Add DAC and SELinux security for tpm-emulator
qemu: Extend qemu_conf with tpm-emulator support
qemu: Extend QEMU with external TPM support
qemu: Add support for external swtpm TPM emulator
tests: Add test cases for external swtpm TPM emulator
security: Label the external swtpm with SELinux labels
conf: Add support for choosing emulation of a TPM 2
qemu: Add swtpm to emulator cgroup
news: Update news with new TPM emulator feature
security: Add swtpm paths to the domain's AppArmor profile
qemu: Run swtpm_setup in unprivileged mode for a TPM 2
qemu: Validate chosen TPM model rather than overwriting it
conf: Audit TPM emulator device at domain startup
conf: Use resrc=tpm in case of TPM passthrough following docs
conf: Use virDomainChrSourceDefClear() rather than VIR_FREE()
docs/auditlog.html.in | 2 +-
docs/formatdomain.html.in | 43 +
docs/news.xml | 13 +
docs/schemas/domaincommon.rng | 17 +
examples/apparmor/libvirt-qemu | 3 +
libvirt.spec.in | 2 +
src/conf/domain_audit.c | 20 +-
src/conf/domain_conf.c | 49 +-
src/conf/domain_conf.h | 15 +
src/libvirt_private.syms | 3 +
src/qemu/Makefile.inc.am | 10 +
src/qemu/libvirtd_qemu.aug | 5 +
src/qemu/qemu.conf | 8 +
src/qemu/qemu_capabilities.c | 5 +
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_cgroup.c | 36 +
src/qemu/qemu_cgroup.h | 2 +
src/qemu/qemu_command.c | 34 +-
src/qemu/qemu_conf.c | 43 +
src/qemu/qemu_conf.h | 6 +
src/qemu/qemu_domain.c | 31 +-
src/qemu/qemu_extdevice.c | 180 ++++
src/qemu/qemu_extdevice.h | 59 ++
src/qemu/qemu_process.c | 16 +
src/qemu/qemu_security.c | 69 ++
src/qemu/qemu_security.h | 11 +
src/qemu/qemu_tpm.c | 922 +++++++++++++++++++++
src/qemu/qemu_tpm.h | 56 ++
src/qemu/test_libvirtd_qemu.aug.in | 2 +
src/security/security_dac.c | 7 +
src/security/security_driver.h | 7 +
src/security/security_manager.c | 36 +
src/security/security_manager.h | 6 +
src/security/security_selinux.c | 172 ++++
src/security/security_stack.c | 40 +
src/security/virt-aa-helper.c | 24 +
src/util/virfile.c | 55 ++
src/util/virfile.h | 3 +
tests/qemucapabilitiesdata/caps_2.11.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.s390x.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 1 +
.../tpm-emulator-tpm2.x86_64-latest.args | 33 +
tests/qemuxml2argvdata/tpm-emulator-tpm2.xml | 30 +
.../tpm-emulator.x86_64-latest.args | 33 +
tests/qemuxml2argvdata/tpm-emulator.xml | 30 +
tests/qemuxml2argvtest.c | 16 +-
tests/qemuxml2xmloutdata/tpm-emulator-tpm2.xml | 34 +
tests/qemuxml2xmloutdata/tpm-emulator.xml | 34 +
tests/qemuxml2xmltest.c | 1 +
51 files changed, 2212 insertions(+), 17 deletions(-)
create mode 100644 src/qemu/qemu_extdevice.c
create mode 100644 src/qemu/qemu_extdevice.h
create mode 100644 src/qemu/qemu_tpm.c
create mode 100644 src/qemu/qemu_tpm.h
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2.xml
create mode 100644 tests/qemuxml2argvdata/tpm-emulator.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/tpm-emulator.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator-tpm2.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator.xml
--
2.14.3
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
