Re: tpm-tis device for ARM virt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2/9/21 2:20 AM, Andrea Bolognani wrote:

On Mon, 2021-02-08 at 17:30 -0700, Jim Fehlig wrote:

Hi All,

I received a private bug report that starting a VM with swtpm device fails with
qemu-system-aarch64. The VM config has

      <tpm model='tpm-tis'>
        <backend type='emulator' version='2.0'/>
       </tpm>

QEMU reports the following error

error: internal error: process exited while connecting to monitor:
2021-02-07T05:15:35.378927Z qemu-system-aarch64: -device
tpm-tis,tpmdev=tpm-tpm0,id=tpm0: 'tpm-tis' is not a valid device model name

Indeed it appears the device name is 'tpm-tis-device' [1][2] for ARM virt. The
similar yet different device naming between x86 and ARM is unfortunate. IIUC,
the devices are the same between the architectures, i.e. they both emulate a TPM
device conforming to the TIS spec. If so, adding a 'tpm-tis-device' to
virDomainTPMModel seems redundant. I assume the naming difference should be
handled internally, e.g. something like the below patch to qemuBuildTPMDevStr? I
can send a proper patch if this is an acceptable approach.

Regards,
Jim

[1] https://qemu.readthedocs.io/en/latest/specs/tpm.html
[2] https://github.com/qemu/qemu/commit/c294ac327ca99342b90bd3a83d2cef9b447afaa7

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 92036d26c0..5154611ccd 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -9198,6 +9198,9 @@ qemuBuildTPMDevStr(const virDomainDef *def,
       g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
       const char *model = virDomainTPMModelTypeToString(tpm->model);

+    if (tpm->model == VIR_DOMAIN_TPM_MODEL_TIS && def->os.arch == VIR_ARCH_AARCH64)
+        model = "tpm-tis-device";
+
       virBufferAsprintf(&buf, "%s,tpmdev=tpm-%s,id=%s",
                         model, tpm->info.alias, tpm->info.alias);



This looks fairly reasonable. Please make sure you also include a
test case for this usage.


Thanks for taking a look! I've included a test case.


If you're feeling fancy, you might consider augmenting
qemuValidateDomainDeviceDefTPM() to ensure VIR_DOMAIN_TPM_MODEL_TIS
is only used on x86 or with the aarch64 virt machine type.
I've done this as well and provided packages to the reporter to test in his environment. I'll send the patches to the list after hearing the test results. 

Regards,
Jim
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux