1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-12 15:52:55 +00:00

qemu: Reject TPM 1.2 in most scenarios

Everywhere we use TPM 2.0 as our default, the chances of TPM
1.2 being supported by the guest OS are very slim. Just reject
such configurations outright.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
Andrea Bolognani 2024-05-27 18:38:52 +02:00
parent 220b2690da
commit 971e767805
2 changed files with 10 additions and 14 deletions

@ -4755,23 +4755,19 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
switch (version) { switch (version) {
case VIR_DOMAIN_TPM_VERSION_1_2: case VIR_DOMAIN_TPM_VERSION_1_2:
/* TPM 1.2 + CRB do not work */ /* Only tpm-tis supports TPM 1.2, and even that is only
if (tpm->model == VIR_DOMAIN_TPM_MODEL_CRB) { * on x86: for all other models and architectures, we
* want TPM 2.0 */
if (tpm->model != VIR_DOMAIN_TPM_MODEL_TIS) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Unsupported interface '%1$s' for TPM 1.2"), _("TPM 1.2 is not supported for model '%1$s'"),
virDomainTPMModelTypeToString(tpm->model)); virDomainTPMModelTypeToString(tpm->model));
return -1; return -1;
} }
/* TPM 1.2 + SPAPR do not work with any 'type' (backend) */ if (!ARCH_IS_X86(def->os.arch)) {
if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("TPM 1.2 is not supported on architecture '%1$s'"),
_("TPM 1.2 is not supported with the SPAPR device model")); virArchToString(def->os.arch));
return -1;
}
/* TPM 1.2 + ARM does not work */
if (qemuDomainIsARMVirt(def)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("TPM 1.2 is not supported on ARM"));
return -1; return -1;
} }
break; break;

@ -1 +1 @@
unsupported configuration: TPM 1.2 is not supported on ARM unsupported configuration: TPM 1.2 is not supported on architecture 'aarch64'