1359862 – TPM passthru uses wrong cancel-path: should be /sys/class/tpm/tpm0/device/cancel

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1359862 - TPM passthru uses wrong cancel-path: should be /sys/class/tpm/tpm0/device/cancel

Summary: TPM passthru uses wrong cancel-path: should be /sys/class/tpm/tpm0/device/cancel

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	7.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Libvirt Maintainers
QA Contact:	Fangge Jin
Docs Contact:
URL:
Whiteboard:
Depends On:	1327947 1519016 1595018 1654486 1654490 1668199
Blocks:
TreeView+	depends on / blocked

Reported:	2016-07-25 14:51 UTC by emahoney
Modified:	2019-05-09 20:59 UTC (History)
CC List:	12 users (show)
Fixed In Version:	libvirt-1.3.1-1.el7
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-05-26 11:04:36 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1182709	1	None	None	None	2022-10-03 14:27:29 UTC
Red Hat Bugzilla	1244895	0	unspecified	CLOSED	TPM passthru uses wrong cancel-path: should be /sys/class/tpm/tpm0/device/cancel	2021-02-22 00:41:40 UTC

Internal Links: 1182709

Description emahoney 2016-07-25 14:51:21 UTC

Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
map a physical TPM as passthrough to a virtual machine

Steps to Reproduce:
1.
2.
3.

Actual results:
Error starting domain: internal error: early end of file from monitor: possible problem:
2015-07-20T17:32:36.870094Z qemu-system-x86_64: -tpmdev passthrough,id=tpm-tpm0,path=/dev/tpm0,cancel-path=/sys/class/misc/tpm0/device/cancel: Cannot access TPM device using '/dev/tpm0': Device or resource busy

When tpm dev is added through virtManager it displays the bellow error upon domain start. 

Error starting domain: unable to set security context 'system_u:object_r:svirt_image_t:s0:c121,c372' on '/sys/class/misc/tpm0/device/cancel': No such file or directory

Traceback (most recent call last):
  File "/usr/share/virt-manager/virtManager/asyncjob.py", line 89, in cb_wrapper
    callback(asyncjob, *args, **kwargs)
  File "/usr/share/virt-manager/virtManager/asyncjob.py", line 125, in tmpcb
    callback(*args, **kwargs)
  File "/usr/share/virt-manager/virtManager/libvirtobject.py", line 83, in newfn
    ret = fn(self, *args, **kwargs)
  File "/usr/share/virt-manager/virtManager/domain.py", line 1423, in startup
    self._backend.create()
  File "/usr/lib64/python2.7/site-packages/libvirt.py", line 1007, in create
    if ret == -1: raise libvirtError ('virDomainCreate() failed', dom=self)
libvirtError: unable to set security context 'system_u:object_r:svirt_image_t:s0:c121,c372' on '/sys/class/misc/tpm0/device/cancel': No such file or directory


Expected results:
cancel path for kernel >= 4.0 should be /sys/class/tpm/tpm0/device/cancel

Additional info:
qemu-system-x86_64 supports passing the TPM cancel path on the command line with -tpmdev passthrough,cancel-path=<path>, but it doesn't look like libvirt will recognize this when using virt-install.  It might be worth supporting the cancel-path parameter.

Comment 2 Peter Krempa 2016-07-26 07:39:14 UTC

Upstream fixed this by commit:

commit 5ed7afa9de4e8d2b7e83fee334a0c3f2bddc6a48
Author: Stefan Berger <stefanb.com>
Date:   Tue Nov 17 19:44:13 2015 -0500

    tpm: adapt sysfs cancel path for new TPM driver
    
    This patch addresses BZ 1244895.
    
    Adapt the sysfs TPM command cancel path for the TPM driver that
    does not use a miscdevice anymore since Linux 4.0. Support old
    and new paths and check their availability.
    
    Add a mockup for the test cases to avoid the testing for
    availability of the cancel path.

$ git describe 5ed7afa9de4e8d2b7e83fee334a0c3f2bddc6a48
v1.2.21-67-g5ed7afa

Comment 3 Fangge Jin 2016-08-08 07:38:16 UTC

1. On RHEL7, guest can't start successfully with tpm device, qemu version is qemu-kvm-rhev-2.6.0-17.el7.x86_64
# virsh start rhel7.2
error: Failed to start domain rhel7.2
error: unsupported configuration: The QEMU executable /usr/libexec/qemu-kvm does not support TPM backend type passthrough


2. On fedora, guest can start successfully with tpm device
1) The versions I used on fedora is:
# /usr/bin/qemu-system-x86_64 --version
QEMU emulator version 2.4.1 (qemu-2.4.1-5.fc23), Copyright (c) 2003-2008 Fabrice Bellard

# libvirtd --version
libvirtd (libvirt) 1.3.2

2) Guest can start successfully and qemu cml is:
-tpmdev passthrough,id=tpm-tpm0,path=/dev/fdset/2,cancel-path=/dev/fdset/3
-add-fd set=2,fd=29
-add-fd set=3,fd=30
-device tpm-tis,tpmdev=tpm-tpm0,id=tpm0



More info about guest xml and qemu command line:
1) The guest xml libvirt uses is:
    <tpm model='tpm-tis'>
      <backend type='passthrough'>
        <device path='/dev/tpm0'/>
      </backend>
      <alias name='tpm0'/>
    </tpm>

2) The complete qemu command line is as below in case I miss something above:
 /usr/bin/qemu-system-x86_64 -name rhel7 -S -machine pc-i440fx-2.4,accel=kvm,usb=off -cpu Opteron_G2,+popcnt,+monitor,+ht,+vme,-svm -m size=512000k,slots=16,maxmem=1524736k -realtime mlock=off -smp 4,sockets=4,cores=1,threads=1 -numa node,nodeid=0,cpus=0-3,mem=500 -uuid 7cae86d2-88a2-4c94-95ee-5fdf08e07370 -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/usr/local/var/lib/libvirt/qemu/domain-rhel7/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=discard -no-hpet -no-shutdown -global PIIX4_PM.disable_s3=0 -global PIIX4_PM.disable_s4=0 -boot strict=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x9.0x7 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x5 -drive file=/90121/fjin/rhel7.2.qcow2,format=qcow2,if=none,id=drive-virtio-disk0,cache=none -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x7,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=26,id=hostnet0,vhost=on,vhostfd=28 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:f1:2c:ed,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,path=/usr/local/var/lib/libvirt/qemu/channel/target/domain-rhel7/org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -chardev spicevmc,id=charchannel1,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.0 -tpmdev passthrough,id=tpm-tpm0,path=/dev/fdset/2,cancel-path=/dev/fdset/3 -add-fd set=2,fd=29 -add-fd set=3,fd=30 -device tpm-tis,tpmdev=tpm-tpm0,id=tpm0 -vnc 127.0.0.1:0 -device qxl-vga,id=video0,ram_size=67108864,vram_size=16777216,vgamem_mb=16,bus=pci.0,addr=0x2 -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 -device pvpanic,ioport=1285 -msg timestamp=on

Comment 9 Fangge Jin 2016-09-14 06:17:21 UTC

Reproduce this bug with libvirt-1.2.17-13.el7.x86_64, kernel-3.10.0-493.el7.x86_64 and upstream qemu(v2.7.0-217-g7263da7)

Steps:
1. Prepare a guest with tpm device:
# virsh dumpxml rhel7.3-0817
...
    <tpm model='tpm-tis'>
      <backend type='passthrough'>
        <device path='/dev/tpm0'/>
      </backend>
    </tpm>

2. Start guest
# virsh start rhel7.3-0817
error: Failed to start domain rhel7.3-0817
error: Could not open TPM device's cancel path /sys/class/misc/tpm0/device/cancel: No such file or directory

Comment 10 Fangge Jin 2016-09-14 06:32:45 UTC

Verify this bug with libvirt-2.0.0-8.el7.x86_64 and upstream qemu(v2.7.0-217-g7263da7) 

And also test on two different kernel versions: 
For kerne-3.10.0-493.el7.x86_64, the tpm device cancel path is: /sys/class/tpm/tpm0/device/cancel
For kernel-3.10.0-229.el7.x86_64, the tpm device cancel path is:/sys/class/misc/tpm0/device/cancel

Steps:
1.Prepare a guest with tpm device:

# virsh dumpxml rhel7.3-0817

    <tpm model='tpm-tis'>
      <backend type='passthrough'>
        <device path='/dev/tpm0'/>
      </backend>
      <alias name='tpm0'/>
    </tpm>

2. Start guest

# virsh start rhel7.3-0817

3. Check qemu command line:

...-tpmdev passthrough,id=tpm-tpm0,path=/dev/fdset/3,cancel-path=/dev/fdset/4 -add-fd set=3,fd=30 -add-fd set=4,fd=32 -device tpm-tis,tpmdev=tpm-tpm0,id=tpm0...

4. Check the opened file descriptors:

For kerne-3.10.0-493.el7.x86_64:
# lsof /sys/class/tpm/tpm0/device/cancel
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
      Output information may be incomplete.
COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF  NODE NAME
qemu-syst 15117 qemu   11w   REG   0,16     4096 10212 /sys/class/tpm/../../devices/pnp0/00:09/tpm/tpm0/../../../00:09/cancel
qemu-syst 15117 qemu   24w   REG   0,16     4096 10212 /sys/class/tpm/../../devices/pnp0/00:09/tpm/tpm0/../../../00:09/cancel


# lsof /dev/tpm0
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
      Output information may be incomplete.
COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
qemu-syst 15117 qemu   10u   CHR 10,224      0t0 1143 /dev/tpm0
qemu-syst 15117 qemu   23u   CHR 10,224      0t0 1143 /dev/tpm0


For kernel-3.10.0-229.el7.x86_64:
# lsof /sys/class/misc/tpm0/device/cancel
COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF  NODE NAME
qemu-syst 31727 qemu   10w   REG   0,16     4096 10111 /sys/class/misc/../../devices/pnp0/00:0d/misc/tpm0/../../../00:0d/cancel
qemu-syst 31727 qemu   23w   REG   0,16     4096 10111 /sys/class/misc/../../devices/pnp0/00:0d/misc/tpm0/../../../00:0d/cancel

\ # lsof /dev/tpm0
COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
qemu-syst 31727 qemu    9u   CHR 10,224      0t0 1144 /dev/tpm0
qemu-syst 31727 qemu   22u   CHR 10,224      0t0 1144 /dev/tpm0

Comment 11 Fangge Jin 2016-09-20 08:49:49 UTC

Test with builds qemu-kvm-1.5.3-125.el7.x86_64 and libvirt-2.0.0-9.el7.x86_64.

# virsh start mig1
error: Failed to start domain mig1
error: unsupported configuration: The QEMU executable /usr/libexec/qemu-kvm does not support TPM backend type passthrough

So it seems that qemu-kvm also doesn't support TPM passthrough device.

Comment 12 Xuesong Zhang 2016-09-20 09:17:46 UTC

hi, Evan,

As you can see from the above comments 9 to 11, libvirt component implement this feature support in RHEL7.3, but qemu do not implement this feature in current RHEL7.3, qemu implement it in upstream now.


I have 2 concerns need to confirm with you:
1. from the comment 4 to 7, it seems we should test and verify this bug with qemu-kvm in RHEL OS, not with qemu-kvm-rhev in RHEL OS, right?

2. Can we move this libvirt bug to RHEL7.4 and add Testonly keyword? since qemu-kvm do not support this feature in RHEL7.3 now. Since this bug is from the Customer Portal, we'd like to double condirm with you if it is ok to deal this bug per current support status of libvirt and qemu.
And can we file one corresponding qemu bug to RHEL7.4 for better tracking?

Comment 14 Xuesong Zhang 2016-09-22 03:10:24 UTC

Move this bug to RHEL7.4 with Testonly keyword for better tracking, since qemu do not implement this feature in downstream in RHEL7.3.

Comment 17 Fangge Jin 2017-05-26 10:53:58 UTC

TPM is not supported in RHEL7.4 by either qemu-kvm-rhev or qemu-kvm. So move this bug to RHEL7.5

Comment 24 Marina Kalinin 2017-06-06 21:11:39 UTC

Thank you!
Here is the qemu-kvm-rhev rfe: https://bugzilla.redhat.com/show_bug.cgi?id=1327947

And here is the kcs documenting current support status:
https://access.redhat.com/solutions/2623641

Note You need to log in before you can comment on or make changes to this bug.