From: Michal Privoznik <mprivozn@redhat.com>
Date: Mon, 18 Jul 2022 07:55:08 +0000 (+0200)
Subject: conf: Report error when default TPM version is provided
X-Git-Tag: v8.7.0-rc1~249
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d5712c54a6dc42e06e8c8679b3af59db75845116;p=thirdparty%2Flibvirt.git

conf: Report error when default TPM version is provided

When "default" version of TPM was provided, our parses accepts it
happily even though the value is forbidden by our RNG and not
documented as accepted value. This is because of < 0 vs <= 0
comparison of virDomainTPMModelTypeFromString() retval.

Make the parser error out explicitly in this case. Users can
always chose to not specify the attribute in which case we pick a
sane default (in qemuDomainDefTPMsPostParse()).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
---

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 6d806a39a9..bc8dedf817 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -10417,7 +10417,7 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt,
     if (!version) {
         def->version = VIR_DOMAIN_TPM_VERSION_DEFAULT;
     } else {
-        if ((def->version = virDomainTPMVersionTypeFromString(version)) < 0) {
+        if ((def->version = virDomainTPMVersionTypeFromString(version)) <= 0) {
             virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                            _("Unsupported TPM version '%s'"),
                            version);
@@ -24244,8 +24244,10 @@ virDomainTPMDefFormat(virBuffer *buf,
                               def->data.passthrough.source->data.file.path);
         break;
     case VIR_DOMAIN_TPM_TYPE_EMULATOR:
-        virBufferAsprintf(&backendAttrBuf, " version='%s'",
-                          virDomainTPMVersionTypeToString(def->version));
+        if (def->version != VIR_DOMAIN_TPM_VERSION_DEFAULT) {
+            virBufferAsprintf(&backendAttrBuf, " version='%s'",
+                              virDomainTPMVersionTypeToString(def->version));
+        }
         if (def->data.emulator.persistent_state)
             virBufferAddLit(&backendAttrBuf, " persistent_state='yes'");
         if (def->data.emulator.hassecretuuid) {
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 3c58ea6d7e..21bd47634d 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1417,7 +1417,7 @@ typedef enum {
 } virDomainTPMBackendType;
 
 typedef enum {
-    VIR_DOMAIN_TPM_VERSION_DEFAULT,
+    VIR_DOMAIN_TPM_VERSION_DEFAULT = 0,
     VIR_DOMAIN_TPM_VERSION_1_2,
     VIR_DOMAIN_TPM_VERSION_2_0,