conf: Extend TPM XML parser with encryption support

Extend the TPM device XML parser and XML generator with emulator state encryption support. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-07-25 14:21:59 -04:00 · 2019-07-25 14:21:59 -04:00 · fc60a0c78e
commit fc60a0c78e
parent 84ab02063c
3 changed files with 43 additions and 1 deletions
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@ -4317,6 +4317,7 @@
          <attribute name="type">
             <value>emulator</value>
          </attribute>
          <ref name="tpm-backend-emulator-encryption"/>
        </group>
      </choice>
      <choice>
@ -4346,6 +4347,16 @@
    </optional>
  </define>
  <define name="tpm-backend-emulator-encryption">
    <optional>
      <element name="encryption">
        <attribute name="secret">
          <ref name="UUID"/>
        </attribute>
      </element>
    </optional>
  </define>
  <define name="vsock">
    <element name="vsock">
      <optional>
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@ -13049,6 +13049,14 @@ virDomainSmartcardDefParseXML(virDomainXMLOptionPtr xmlopt,
 * <tpm model='tpm-tis'>
 *   <backend type='emulator' version='2'/>
 * </tpm>
 *
 * Emulator state encryption is supported with the following:
 *
 * <tpm model='tpm-tis'>
 *   <backend type='emulator' version='2'>
 *     <encryption uuid='32ee7e76-2178-47a1-ab7b-269e6e348015'/>
 *   </backend>
 * </tpm>
 */
 static virDomainTPMDefPtr
 virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
@ -13063,6 +13071,7 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
    VIR_AUTOFREE(char *) model = NULL;
    VIR_AUTOFREE(char *) backend = NULL;
    VIR_AUTOFREE(char *) version = NULL;
    VIR_AUTOFREE(char *) secretuuid = NULL;
    VIR_AUTOFREE(xmlNodePtr *) backends = NULL;
    if (VIR_ALLOC(def) < 0)
@ -13127,6 +13136,15 @@ virDomainTPMDefParseXML(virDomainXMLOptionPtr xmlopt,
        def->data.passthrough.source.type = VIR_DOMAIN_CHR_TYPE_DEV;
        break;
    case VIR_DOMAIN_TPM_TYPE_EMULATOR:
        secretuuid = virXPathString("string(./backend/encryption/@secret)", ctxt);
        if (secretuuid) {
            if (virUUIDParse(secretuuid, def->data.emulator.secretuuid) < 0) {
                virReportError(VIR_ERR_INTERNAL_ERROR,
                               _("Unable to parse secret uuid '%s'"), secretuuid);
                goto error;
            }
            def->data.emulator.hassecretuuid = true;
        }
        break;
    case VIR_DOMAIN_TPM_TYPE_LAST:
        goto error;
@ -25953,8 +25971,19 @@ virDomainTPMDefFormat(virBufferPtr buf,
        virBufferAddLit(buf, "</backend>\n");
        break;
    case VIR_DOMAIN_TPM_TYPE_EMULATOR:
-        virBufferAsprintf(buf, " version='%s'/>\n",
+        virBufferAsprintf(buf, " version='%s'",
                          virDomainTPMVersionTypeToString(def->version));
        if (def->data.emulator.hassecretuuid) {
            char uuidstr[VIR_UUID_STRING_BUFLEN];
            virBufferAddLit(buf, ">\n");
            virBufferAdjustIndent(buf, 2);
            virBufferAsprintf(buf, "<encryption secret='%s'/>\n",
                virUUIDFormat(def->data.emulator.secretuuid, uuidstr));
            virBufferAdjustIndent(buf, -2);
            virBufferAddLit(buf, "</backend>\n");
        } else {
            virBufferAddLit(buf, "/>\n");
        }
        break;
    case VIR_DOMAIN_TPM_TYPE_LAST:
        break;
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@ -1269,6 +1269,8 @@ struct _virDomainTPMDef {
            virDomainChrSourceDef source;
            char *storagepath;
            char *logfile;
            unsigned char secretuuid[VIR_UUID_BUFLEN];
            bool hassecretuuid;
        } emulator;
    } data;
 };