IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The commit 6baa327d added active_pcr_banks support, but put it under the child
element <tpm>, which is wrong, It should be under sub child element <backend>.
Before:
--tpm model=tpm-tis,backend.type=emulator,backend.version=2.0,\
active_pcr_banks.sha1=on,\
active_pcr_banks.sha256=yes,\
active_pcr_banks.sha384=yes,\
active_pcr_banks.sha512=yes
It results in the following domain xml:
<tpm model='tpm-tis'>
<backend type='emulator' version='2.0'/>
<alias name='tpm0'/>
</tpm>
After:
--tpm model=tpm-tis,backend.type=emulator,backend.version=2.0,\
backend.active_pcr_banks.sha1=on,\
backend.active_pcr_banks.sha256=yes,\
backend.active_pcr_banks.sha384=yes,\
backend.active_pcr_banks.sha512=yes
It results in the following domain xml:
<tpm model='tpm-tis'>
<backend type='emulator' version='2.0'>
<active_pcr_banks>
<sha1/>
<sha256/>
<sha384/>
<sha512/>
</active_pcr_banks>
</backend>
<alias name='tpm0'/>
</tpm>
Signed-off-by: Lin Ma <lma@suse.de>
E.g.
virt-install \
... \
--tpm model=tpm-tis,backend.type=emulator,backend.version=2.0,\
backend.source.type=dir,backend.source.path=/some/dir
It results in the following domain xml:
<backend type="emulator" version="2.0">
<source type="dir" path="/some/dir"/>
</backend>
Signed-off-by: Lin Ma <lma@suse.de>
E.g.
virt-install \
... \
--tpm model=tpm-tis,backend.type=emulator,backend.version=2.0,backend.debug=3
It results in the following domain xml:
<tpm model="tpm-tis">
<backend type="emulator" version="2.0" debug="3"/>
</tpm>
Signed-off-by: Lin Ma <lma@suse.de>
The code previously was just encoding the same defaults as libvirt,
which doesn't really add anything.
Instead, let's prefer type='emulator' model='tpm-crb', which
gives the most modern virtualization friendly config. When we don't
know if that will work, we mostly leave things up to libvirt to fill
in.
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Users are fond of using "--tpm /dev/tpm0" to create a TPM device
for their VMs. ppc64 users, however, are experiencing errors because
the default TPM model is 'tpm-tis', which does not work in ppc64, and
they need to specify 'model=tpm-spapr' to work around that.
This patch makes the default TPM model change to 'tpm-spapr' when
running virt-install on a ppc64 host. A new test was added in test_cli.py
to test this new condition. This also keeps the 100% coverage of
the tpm.py file.
Reviewed-by: Cole Robinson <crobinso@redhat.com>
CC: Satheesh Rajendran <sathnaga@linux.vnet.ibm.com>
CC: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Add support for the tpm-spapr device model for pSeries VMs.
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
It's not a pattern I think is worth extending in the future, and
make internal refactorings more difficult. Drop it, and drop it
from tpm and char devices since it is now unused
An emulated backend doesn't require any path, since libvirt will take
care of finding the emulator and managing the storage. However, the
version to emulate can be specified.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
There is only one for now, but we are adding CRB next (and SPAPR is
being added too in qemu/libvirt).
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
The copyright headers in every file were chjanged in this previous commit
commit b6dcee8eb7ec4de999058c187162fe4aedef36b4
Author: Cole Robinson <crobinso@redhat.com>
Date: Tue Mar 20 15:00:02 2018 -0400
Use consistent and minimal license header for every file
Where before this they said "
"either version 2 of the License, or (at your option) any later version."
Now they just say
"GNU GPLv2"
This fixes it to say "GNU GPLv2 or later" again.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
