qemu: Default to TPM 2.0 in most scenarios

TPM 1.2 is a pretty bad default these days, especially for
architectures which were introduced when TPM 2.0 already existed.

We're already carving out exceptions for several scenarios, but
that's basically backwards: at this point, using TPM 1.2 is the
exception.

Restructure the code so that it reflects reality and we don't
have to remember to update it every time a new architecture is
introduced.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index bda62f2e5c8c5a9a00f5c05d31cd7608fd6056c1..7ba2ea4a5e3d8d19fe9802238c1f6c624b9804f0 100644 (file)
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -6180,12 +6180,15 @@ qemuDomainTPMDefPostParse(virDomainTPMDef *tpm,
     /* TPM 1.2 and 2 are not compatible, so we choose a specific version here */
     if (tpm->type == VIR_DOMAIN_TPM_TYPE_EMULATOR &&
         tpm->data.emulator.version == VIR_DOMAIN_TPM_VERSION_DEFAULT) {
-        if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR ||
-            tpm->model == VIR_DOMAIN_TPM_MODEL_CRB ||
-            qemuDomainIsARMVirt(def))
-            tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_2_0;
-        else
+        /* tpm-tis on x86 defaults to TPM 1.2 to preserve the
+         * historical behavior, but in all other scenarios we want
+         * TPM 2.0 instead */
+        if (tpm->model == VIR_DOMAIN_TPM_MODEL_TIS &&
+            ARCH_IS_X86(def->os.arch)) {
             tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_1_2;
+        } else {
+            tpm->data.emulator.version = VIR_DOMAIN_TPM_VERSION_2_0;
+        }
     }
 
     return 0;

diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml
index a3a701b8e4bb0eea8165fc05e48a02e2b40ed723..6712c2d831eb6eba9c6d5b86d94e19feda3b4492 100644 (file)
--- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml
+++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.abi-update.xml
@@ -59,7 +59,7 @@
       <target type='serial' port='0'/>
     </console>
     <tpm model='tpm-tis'>
-      <backend type='emulator' version='1.2'/>
+      <backend type='emulator' version='2.0'/>
     </tpm>
     <audio id='1' type='none'/>
     <video>

diff --git a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml
index a3a701b8e4bb0eea8165fc05e48a02e2b40ed723..6712c2d831eb6eba9c6d5b86d94e19feda3b4492 100644 (file)
--- a/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml
+++ b/tests/qemuxmlconfdata/riscv64-virt-default-models.riscv64-latest.xml
@@ -59,7 +59,7 @@
       <target type='serial' port='0'/>
     </console>
     <tpm model='tpm-tis'>
-      <backend type='emulator' version='1.2'/>
+      <backend type='emulator' version='2.0'/>
     </tpm>
     <audio id='1' type='none'/>
     <video>