From d5712c54a6dc42e06e8c8679b3af59db75845116 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Mon, 18 Jul 2022 09:55:08 +0200
Subject: [PATCH] conf: Report error when default TPM version is provided

When "default" version of TPM was provided, our parses accepts it
happily even though the value is forbidden by our RNG and not
documented as accepted value. This is because of < 0 vs <= 0
comparison of virDomainTPMModelTypeFromString() retval.

Make the parser error out explicitly in this case. Users can
always chose to not specify the attribute in which case we pick a
sane default (in qemuDomainDefTPMsPostParse()).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
---
 src/conf/domain_conf.c | 8 +++++---
 src/conf/domain_conf.h | 2 +-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 6d806a39a9..bc8dedf817 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -10417,7 +10417,7 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt,
     if (!version) {
         def->version = VIR_DOMAIN_TPM_VERSION_DEFAULT;
     } else {
-        if ((def->version = virDomainTPMVersionTypeFromString(version)) < 0) {
+        if ((def->version = virDomainTPMVersionTypeFromString(version)) <= 0) {
             virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                            _("Unsupported TPM version '%s'"),
                            version);
@@ -24244,8 +24244,10 @@ virDomainTPMDefFormat(virBuffer *buf,
                               def->data.passthrough.source->data.file.path);
         break;
     case VIR_DOMAIN_TPM_TYPE_EMULATOR:
-        virBufferAsprintf(&backendAttrBuf, " version='%s'",
-                          virDomainTPMVersionTypeToString(def->version));
+        if (def->version != VIR_DOMAIN_TPM_VERSION_DEFAULT) {
+            virBufferAsprintf(&backendAttrBuf, " version='%s'",
+                              virDomainTPMVersionTypeToString(def->version));
+        }
         if (def->data.emulator.persistent_state)
             virBufferAddLit(&backendAttrBuf, " persistent_state='yes'");
         if (def->data.emulator.hassecretuuid) {
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 3c58ea6d7e..21bd47634d 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1417,7 +1417,7 @@ typedef enum {
 } virDomainTPMBackendType;
 
 typedef enum {
-    VIR_DOMAIN_TPM_VERSION_DEFAULT,
+    VIR_DOMAIN_TPM_VERSION_DEFAULT = 0,
     VIR_DOMAIN_TPM_VERSION_1_2,
     VIR_DOMAIN_TPM_VERSION_2_0,
 
-- 
2.39.5