[PATCH v5 03/20] conf: Extend TPM XML parser with encryption support

Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx> · Fri, 12 Jul 2019 12:23:37 -0400

Extend the TPM device XML parser and XML generator with emulator
state encryption support.

Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
---
 src/conf/domain_conf.c | 31 ++++++++++++++++++++++++++++++-
 src/conf/domain_conf.h |  2 ++
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 3323c9a5b1..7b0de160a6 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -13048,6 +13048,14 @@ virDomainSmartcardDefParseXML(virDomainXMLOptionPtr xmlopt,
  * <tpm model='tpm-tis'>
  *   <backend type='emulator' version='2'/>
  * </tpm>
+ *
+ * Emulator state encryption is supported with the following:
+ *
+ * <tpm model='tpm-tis'>
+ *   <backend type='emulator' version='2'>
+ *     <encryption uuid='32ee7e76-2178-47a1-ab7b-269e6e348015'/>
+ *   </backend>
+ * </tpm>
  */
 static virDomainTPMDefPtr
 virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
@@ -13062,6 +13070,7 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
     VIR_AUTOFREE(char *) model = NULL;
     VIR_AUTOFREE(char *) backend = NULL;
     VIR_AUTOFREE(char *) version = NULL;
+    VIR_AUTOFREE(char *) secretuuid = NULL;
     VIR_AUTOFREE(xmlNodePtr *) backends = NULL;
 
     if (VIR_ALLOC(def) < 0)
@@ -13126,6 +13135,15 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
         def->data.passthrough.source.type = VIR_DOMAIN_CHR_TYPE_DEV;
         break;
     case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+        secretuuid = virXPathString("string(./backend/encryption/@secret)", ctxt);
+        if (secretuuid) {
+            if (virUUIDParse(secretuuid, def->data.emulator.secretuuid) < 0) {
+                virReportError(VIR_ERR_INTERNAL_ERROR,
+                               _("Unable to parse secret uuid '%s'"), secretuuid);
+                goto error;
+            }
+            def->data.emulator.hassecretuuid = true;
+        }
         break;
     case VIR_DOMAIN_TPM_TYPE_LAST:
         goto error;
@@ -25949,8 +25967,19 @@ virDomainTPMDefFormat(virBufferPtr buf,
         virBufferAddLit(buf, "</backend>\n");
         break;
     case VIR_DOMAIN_TPM_TYPE_EMULATOR:
-        virBufferAsprintf(buf, " version='%s'/>\n",
+        virBufferAsprintf(buf, " version='%s'",
                           virDomainTPMVersionTypeToString(def->version));
+        if (def->data.emulator.hassecretuuid) {
+            char uuidstr[VIR_UUID_STRING_BUFLEN];
+            virBufferAddLit(buf, ">\n");
+            virBufferAdjustIndent(buf, 2);
+            virBufferAsprintf(buf, "<encryption secret='%s'/>\n",
+                virUUIDFormat(def->data.emulator.secretuuid, uuidstr));
+            virBufferAdjustIndent(buf, -2);
+            virBufferAddLit(buf, "</backend>\n");
+        } else {
+            virBufferAddLit(buf, "/>\n");
+        }
         break;
     case VIR_DOMAIN_TPM_TYPE_LAST:
         break;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index c1b5fc1337..3facf506ce 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1270,6 +1270,8 @@ struct _virDomainTPMDef {
             virDomainChrSourceDef source;
             char *storagepath;
             char *logfile;
+            unsigned char secretuuid[VIR_UUID_BUFLEN];
+            bool hassecretuuid;
         } emulator;
     } data;
 };
-- 
2.20.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list






