TPM 1.2 is a pretty bad default these days, especially for
architectures which were introduced when TPM 2.0 already existed.
We're already carving out exceptions for several scenarios, but
that's basically backwards: at this point, using TPM 1.2 is the
exception.
Restructure the code so that it reflects reality and we don't
have to remember to update it every time a new architecture is
introduced.
Signed-off-by: Andrea Bolognani <abologna@xxxxxxxxxx>
---
src/qemu/qemu_domain.c | 13 ++++++++-----
...irt-default-models.riscv64-latest.abi-update.xml | 2 +-
.../riscv64-virt-default-models.riscv64-latest.xml | 2 +-
3 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index bda62f2e5c..7ba2ea4a5e 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -6180,12 +6180,15 @@ qemuDomainTPMDefPostParse(virDomainTPMDef *tpm,
/* TPM 1.2 and 2 are not compatible, so we choose a specific version here */
if (tpm->type == VIR_DOMAIN_TPM_TYPE_EMULATOR &&
tpm->data.emulator.version == VIR_DOMAIN_TPM_VERSION_DEFAULT) {
- if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR ||
- tpm->model == VIR_DOMAIN_TPM_MODEL_CRB ||
- qemuDomainIsARMVirt(def))
- tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_2_0;
- else
+ /* tpm-tis on x86 defaults to TPM 1.2 to preserve the
+ * historical behavior, but in all other scenarios we want
+ * TPM 2.0 instead */
+ if (tpm->model == VIR_DOMAIN_TPM_MODEL_TIS &&
+ ARCH_IS_X86(def->os.arch)) {
tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_1_2;
+ } else {
+ tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_2_0;
+ }
}
return 0;
diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml
index a3a701b8e4..6712c2d831 100644
--- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml
+++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml
@@ -59,7 +59,7 @@
<target type='serial' port='0'/>
</console>
<tpm model='tpm-tis'>
- <backend type='emulator' version='1.2'/>
+ <backend type='emulator' version='2.0'/>
</tpm>
<audio id='1' type='none'/>
<video>
diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml
index a3a701b8e4..6712c2d831 100644
--- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml
+++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml
@@ -59,7 +59,7 @@
<target type='serial' port='0'/>
</console>
<tpm model='tpm-tis'>
- <backend type='emulator' version='1.2'/>
+ <backend type='emulator' version='2.0'/>
</tpm>
<audio id='1' type='none'/>
<video>
--
2.45.1
