NuKVM/vagrant-libvirt
3
0
Fork 0
mirror of https://github.com/vagrant-libvirt/vagrant-libvirt.git synced 2025-02-25 18:55:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add ability to use emulated tpm (#1166)

Browse Source 
Qemu has supported tpm 2 and the ability to start swtpm. Additionally 
it expands the tests for the tpm configuration to ensure that only when 
the options cause a change to the domain XML will the domain be updated 
on a subsequent start. This change just allows passing through the 
necessary config.

Vagrant.configure("2") do |config|
  config.vm.provider :libvirt do |libvirt|
    libvirt.tpm_model = "tpm-crb"
    libvirt.tpm_type = "emulator"
    libvirt.tpm_version = "2.0"
  end
end

closes #965
This commit is contained in:
Jason Tarasovic
2020-12-15 06:43:46 -06:00
committed by GitHub
parent 20067be0d2
commit 1251189145
10 changed files with 333 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/vagrant-libvirt/action/create_domain.rb
View File

@@ -81,6 +81,7 @@ module VagrantPlugins
@tpm_model = config.tpm_model
@tpm_type = config.tpm_type
@tpm_path = config.tpm_path
@tpm_version = config.tpm_version
# Boot order
@boot_order = config.boot_order
@@ -254,7 +255,13 @@ module VagrantPlugins
env[:ui].info(" -- Video VRAM: #{@video_vram}")
env[:ui].info(" -- Sound Type: #{@sound_type}")
env[:ui].info(" -- Keymap: #{@keymap}")
env[:ui].info(" -- TPM Path: #{@tpm_path}")
env[:ui].info(" -- TPM Backend: #{@tpm_type}")
if @tpm_type == 'emulator'
env[:ui].info(" -- TPM Model: #{@tpm_model}")
env[:ui].info(" -- TPM Version: #{@tpm_version}")
else
env[:ui].info(" -- TPM Path: #{@tpm_path}")
end
@boot_order.each do |device|
env[:ui].info(" -- Boot device: #{device}")

51
lib/vagrant-libvirt/action/start_domain.rb
View File

@@ -193,36 +193,31 @@ module VagrantPlugins
end
# TPM
if config.tpm_path
raise Errors::FogCreateServerError, 'The TPM Path must be fully qualified' unless config.tpm_path[0].chr == '/'
if [config.tpm_path, config.tpm_version].any?
if config.tpm_path
raise Errors::FogCreateServerError, 'The TPM Path must be fully qualified' unless config.tpm_path[0].chr == '/'
end
tpm = REXML::XPath.first(xml_descr, '/domain/devices/tpm')
if tpm.nil?
@logger.debug "tpm created from previously not defined"
# just build the tpm element every time
# check at the end if it is different
oldtpm = REXML::XPath.first(xml_descr, '/domain/devices/tpm')
REXML::XPath.first(xml_descr, '/domain/devices').delete_element("tpm")
newtpm = REXML::Element.new('tpm', REXML::XPath.first(xml_descr, '/domain/devices'))
newtpm.attributes['model'] = config.tpm_model
backend = newtpm.add_element('backend')
backend.attributes['type'] = config.tpm_type
case config.tpm_type
when 'emulator'
backend.attributes['version'] = config.tpm_version
when 'passthrough'
backend.add_element('device').attributes['path'] = config.tpm_path
end
unless "'#{newtpm}'".eql? "'#{oldtpm}'"
@logger.debug "tpm config changed"
descr_changed = true
tpm = REXML::Element.new('tpm', REXML::XPath.first(xml_descr, '/domain/devices'))
tpm.attributes['model'] = config.tpm_model
tpm_backend_type = tpm.add_element('backend')
tpm_backend_type.attributes['type'] = config.tpm_type
tpm_device_path = tpm_backend_type.add_element('device')
tpm_device_path.attributes['path'] = config.tpm_path
else
if tpm.attributes['model'] != config.tpm_model
@logger.debug "tpm model updated from '#{tpm.attributes['model']}' to '#{config.tpm_model}'"
descr_changed = true
tpm.attributes['model'] = config.tpm_model
end
backend = tpm.elements['backend']
if backend.attributes['type'] != config.tpm_type
@logger.debug "tpm type updated from '#{backend.attributes['type']}' to '#{config.tpm_type}'"
descr_changed = true
backend.attributes['type'] = config.tpm_type
end
if backend.elements['device'].attributes['path'] != config.tpm_path
@logger.debug "tpm path updated from '#{backend.elements['device'].attributes['path']}' to '#{config.tpm_path}'"
descr_changed = true
backend.elements['device'].attributes['path'] = config.tpm_path
end
end
end

3
lib/vagrant-libvirt/config.rb
View File

@@ -117,6 +117,7 @@ module VagrantPlugins
attr_accessor :tpm_model
attr_accessor :tpm_type
attr_accessor :tpm_path
attr_accessor :tpm_version
# Sets the max number of NICs that can be created
# Default set to 8. Don't change the default unless you know
@@ -245,6 +246,7 @@ module VagrantPlugins
@tpm_model = UNSET_VALUE
@tpm_type = UNSET_VALUE
@tpm_path = UNSET_VALUE
@tpm_version = UNSET_VALUE
@nic_adapter_count = UNSET_VALUE
@@ -781,6 +783,7 @@ module VagrantPlugins
@tpm_model = 'tpm-tis' if @tpm_model == UNSET_VALUE
@tpm_type = 'passthrough' if @tpm_type == UNSET_VALUE
@tpm_path = nil if @tpm_path == UNSET_VALUE
@tpm_version = nil if @tpm_version == UNSET_VALUE
@nic_adapter_count = 8 if @nic_adapter_count == UNSET_VALUE
@emulator_path = nil if @emulator_path == UNSET_VALUE

6
lib/vagrant-libvirt/templates/domain.xml.erb
View File

@@ -257,11 +257,13 @@
<% end %>
<% end -%>
<% if @tpm_path -%>
<% if @tpm_path || @tpm_version -%>
<%# TPM Device -%>
<tpm model='<%= @tpm_model %>'>
<backend type='<%= @tpm_type %>'>
<backend type='<%= @tpm_type %>'<% if @tpm_version %> version='<%= @tpm_version %>'<% end %>>
<% if @tpm_path -%>
<device path='<%= @tpm_path %>'/>
<% end -%>
</backend>
</tpm>
<% end -%>