[libvirt] [PATCH 3/3] qemu: Pass file descriptor when using TPM passthrough

Tue Feb 24 14:15:40 UTC 2015

On 02/24/2015 09:08 AM, Martin Kletzander wrote:
> On Mon, Feb 23, 2015 at 06:50:48AM -0500, Stefan Berger wrote:
>> Pass the TPM file descriptor to QEMU via command line.
>> Instead of passing /dev/tpm0 we now pass /dev/fdset/10 and the 
>> additional
>> parameters -add-fd set=10,fd=20.
>>
>> This addresses the use case when QEMU is started with non-root 
>> privileges
>> and QEMU cannot open /dev/tpm0 for example.
>>
>> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
>> ---
>> src/qemu/qemu_command.c | 121 
>> ++++++++++++++++++++++++++++++++++++++++++++++--
>> 1 file changed, 117 insertions(+), 4 deletions(-)
>>
>> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
>> index 539c956..12e2e2f 100644
>> --- a/src/qemu/qemu_command.c
>> +++ b/src/qemu/qemu_command.c
>> @@ -161,6 +161,58 @@ VIR_ENUM_IMPL(qemuNumaPolicy, 
>> VIR_DOMAIN_NUMATUNE_MEM_LAST,
>>               "interleave");
>>
>> /**
>> + * qemuVirCommandGetFDSet:
>> + * @cmd: the command to modify
>> + * @fd: fd to reassign to the child
>> + *
>> + * Get the parameters for the QEMU -add-fd command line option
>> + * for the given file descriptor. The file descriptor must previously
>> + * have been 'transferred' in a virCommandPassFD() call.
>> + * This function for example returns "set=10,fd=20".
>> + */
>> +static char *
>> +qemuVirCommandGetFDSet(virCommandPtr cmd, int fd)
>> +{
>> +    char *result = NULL;
>> +    int idx = virCommandPassFDGetFDIndex(cmd, fd);
>> +
>> +    if (idx >= 0) {
>> +        ignore_value(virAsprintf(&result, "set=%d,fd=%d", idx, fd) < 
>> 0);
> ^
> This line doesn't make much sense, I guess you just wanted to do it  |
> without the comparison to zero here ---------------------------------+
>
> Anyway, is there a reason for passing "set=X,fd=Y" instead of just
> doing fd=Y and being done with it?  I must admit I don't know the
> details of /dev/fdset, so that might've just missed me.

Passing fd by itself is not supported with this device. I guess back 
then when I implemented I knew I could pass the fd via this /dev/fdset 
and so fd= doesn't need to be implemented on top of that.