ping! On Tue, Oct 22, 2024 at 6:15 PM <marcandre.lureau@xxxxxxxxxx> wrote: > > From: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> > > Hi, > > When swtpm capabilities reports "nvram-backend-dir", it can accepts a single > file or block device where TPM state will be stored. > > --tpmstate must be backend-uri=file://. > > v5: > - fix indentation > - update doc about state sharing/locking > - add r-b from Stefan > > v4: > - add "qemu: explicit swtpm state locking" > - add r-b from Stefan, first patch only atm > > v3: > - changed to <source type='file/dir' path='..'/> > > v2: > - add <source dir='..'/> support as well (Daniel) > > Related: https://issues.redhat.com/browse/CNV-35250 > > Marc-André Lureau (6): > util: check swtpm nvram-backend-{dir,file} capabilities > tpm: rename 'storagepath' to 'source_path' > schema: add TPM emulator <source type='file' path='..'> > schema: add TPM emulator <source type='dir' path='..'> > qemu_tpm: handle file/block storage source > qemu: explicit swtpm state locking > > docs/formatdomain.rst | 22 ++++ > src/conf/domain_conf.c | 31 ++++- > src/conf/domain_conf.h | 12 +- > src/conf/schemas/domaincommon.rng | 26 ++++ > src/qemu/qemu_tpm.c | 114 +++++++++++++----- > src/security/security_selinux.c | 6 +- > src/util/virtpm.c | 3 + > src/util/virtpm.h | 3 + > .../qemuxmlconfdata/tpm-emulator-tpm2-enc.xml | 1 + > tests/qemuxmlconfdata/tpm-emulator-tpm2.xml | 1 + > tests/testutilsqemu.c | 1 + > 11 files changed, 187 insertions(+), 33 deletions(-) > > -- > 2.47.0 >
