From 27087d6d4305e88d445442d5e0930978f9e3816e Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Fri, 2 Jan 2026 09:26:36 -0600 Subject: [PATCH 01/16] Add Trusted Computing Module (TPM) support Signed-off-by: Jerone Young jyoung@redhat.com --- lib/fog/libvirt/compute.rb | 1 + lib/fog/libvirt/models/compute/server.rb | 31 ++++++++++++ lib/fog/libvirt/models/compute/tpm.rb | 64 ++++++++++++++++++++++++ 3 files changed, 96 insertions(+) create mode 100644 lib/fog/libvirt/models/compute/tpm.rb diff --git a/lib/fog/libvirt/compute.rb b/lib/fog/libvirt/compute.rb index 14f6c20..c12f579 100644 --- a/lib/fog/libvirt/compute.rb +++ b/lib/fog/libvirt/compute.rb @@ -22,6 +22,7 @@ class Compute < Fog::Service collection :nodes model :nic collection :nics + model :tpm request_path 'fog/libvirt/requests/compute' request :list_domains diff --git a/lib/fog/libvirt/models/compute/server.rb b/lib/fog/libvirt/models/compute/server.rb index 805898f..01d8429 100644 --- a/lib/fog/libvirt/models/compute/server.rb +++ b/lib/fog/libvirt/models/compute/server.rb @@ -36,6 +36,8 @@ class Server < Fog::Compute::Server attribute :guest_agent attribute :video attribute :virtio_rng + attribute :tpm + attribute :tpm_device attribute :state @@ -58,6 +60,7 @@ def initialize(attributes={} ) super defaults.merge(attributes) initialize_nics initialize_volumes + initialize_tpm @user_data = attributes.delete(:user_data) end @@ -411,6 +414,27 @@ def to_xml xml.backend(virtio_rng[:backend_path], :model => virtio_rng.fetch(:backend_model, "random")) end + if tpm[:enable] + if tpm_device.model == "spapr-tpm-proxy" + tpm_model_type = "spapr-tpm-proxy" + else + tpm_model_type = "tpm-#{tpm_device.model}" + end + + xml.tpm(:model => tpm_model_type) do + if tpm_device.type == "passthrough" + xml.backend(:type => tpm_device.type) do + xml.device(:path => tpm_device.device_path) + end + else + xml.backend(:type => tpm_device.type, :version => tpm_device.version) + end + if tpm_device.model == "spapr" || tpm_device.model == "spapr-tpm-proxy" + xml.address(:type => tpm_device.par_address_type, :reg => tpm_device.spar_address_reg) + end + end + end + if arch == "s390x" xml.controller(:type => "scsi", :index => "0", :model => "virtio-scsi") xml.console(:type => "pty") do @@ -504,6 +528,12 @@ def initialize_volumes end end + def initialize_tpm + if tpm[:enable] + self.tpm_device = TPM.new(tpm) + end + end + def create_or_clone_volume options = {:name => volume_name || default_volume_name} # Check if a disk template was specified @@ -561,6 +591,7 @@ def defaults :video => {:type => "virtio", :heads => 1}, :virtio_rng => {}, :firmware_features => { "secure-boot" => "no" }, + :tpm => {:enable => false, :id => "tpm0"} } end diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb new file mode 100644 index 0000000..b672466 --- /dev/null +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -0,0 +1,64 @@ +require 'fog/core/model' + +module Fog + module Libvirt + class Compute + class TPM < Fog::Model + # Currently Qemu only allows for one TPM device + + identity :id + attribute :model + attribute :type + attribute :version + attribute :device_path + attribute :spapr_address_type + attribute :spapr_address_reg + + # Models + # crb - TCG PC Client Platform TPM Profile (PTP) Specification (2017) + # tis - TCG PC Client Specific TPM Interface Specification (TIS) (2013) + # spapr - Used with pSeries (ppc64) + # spapr-tpm-proxy - Used with pSeries (ppc64), this is only used with 'passthrough' type + # + MODELS = ['crb', 'tis', 'spapr', 'spapr-tpm-proxy'] + + # Versions + # + VERSIONS = ['1.2', '2.0'] + + # Types + # + TYPES = ['emulator', 'passthrough'] + + def initialize(attributes={}) + super defaults.merge(attributes) + raise Fog::Errors::Error.new("#{model} is not a supported tpm model") if new? && !MODELS.include?(model) + raise Fog::Errors::Error.new("#{type} is not a supported tpm type") if new? && !TYPES.include?(type) + end + + def new? + id.nil? + end + + def save + raise Fog::Errors::Error.new('Creating a new tpm device is not yet implemented. Contributions welcome!') + end + + def destroy + raise Fog::Errors::Error.new('Destroying a tpm device is not yet implemented. Contributions welcome!') + end + + def defaults + { + :model => "crb", + :type => "emulator", + :version => "2.0", + :device_path => "/dev/tpm0", + :spapr_address_type => "spapr-vio", + :spapr_address_reg => "0x00004000" + } + end + end + end + end +end \ No newline at end of file From 10dd02e81d743bb5d39c53808efa8b7794d599b6 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Fri, 2 Jan 2026 09:31:34 -0600 Subject: [PATCH 02/16] Update tpm.rb Remove trailing white space --- lib/fog/libvirt/models/compute/tpm.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index b672466..1b8f80f 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -32,7 +32,7 @@ class TPM < Fog::Model def initialize(attributes={}) super defaults.merge(attributes) - raise Fog::Errors::Error.new("#{model} is not a supported tpm model") if new? && !MODELS.include?(model) + raise Fog::Errors::Error.new("#{model} is not a supported tpm model") if new? && !MODELS.include?(model) raise Fog::Errors::Error.new("#{type} is not a supported tpm type") if new? && !TYPES.include?(type) end @@ -61,4 +61,4 @@ def defaults end end end -end \ No newline at end of file +end From 943a25b44138e96b08ffc1c22e55d7036c07c634 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 16:31:08 -0600 Subject: [PATCH 03/16] Update variables to include .freeze --- lib/fog/libvirt/models/compute/tpm.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index 1b8f80f..7853f67 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -20,15 +20,15 @@ class TPM < Fog::Model # spapr - Used with pSeries (ppc64) # spapr-tpm-proxy - Used with pSeries (ppc64), this is only used with 'passthrough' type # - MODELS = ['crb', 'tis', 'spapr', 'spapr-tpm-proxy'] + MODELS = ['crb', 'tis', 'spapr', 'spapr-tpm-proxy'].freeze # Versions # - VERSIONS = ['1.2', '2.0'] + VERSIONS = ['1.2', '2.0'].freeze # Types # - TYPES = ['emulator', 'passthrough'] + TYPES = ['emulator', 'passthrough'].freeze def initialize(attributes={}) super defaults.merge(attributes) From 9589372ab576319e4ec4aa6da96d56239f583c3d Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 18:47:13 -0600 Subject: [PATCH 04/16] update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 62 +++++++++++++++++++++------ 1 file changed, 49 insertions(+), 13 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index 7853f67..66779c3 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -7,6 +7,7 @@ class TPM < Fog::Model # Currently Qemu only allows for one TPM device identity :id + attribute :arch attribute :model attribute :type attribute :version @@ -20,7 +21,10 @@ class TPM < Fog::Model # spapr - Used with pSeries (ppc64) # spapr-tpm-proxy - Used with pSeries (ppc64), this is only used with 'passthrough' type # - MODELS = ['crb', 'tis', 'spapr', 'spapr-tpm-proxy'].freeze + MODELS_X86_64 = ['crb', 'tis'].freeze + MODELS_PPC64 = ['spapr', 'spapr-tpm-proxy'].freeze + MODELS_ARM64 = ['tis'].freeze + # Versions # @@ -30,9 +34,10 @@ class TPM < Fog::Model # TYPES = ['emulator', 'passthrough'].freeze - def initialize(attributes={}) + def initialize(attributes = {}, arch = "") + @arch = arch super defaults.merge(attributes) - raise Fog::Errors::Error.new("#{model} is not a supported tpm model") if new? && !MODELS.include?(model) + raise Fog::Errors::Error.new("#{model} is not a supported tpm model") if new? && !supported_models.include?(model) raise Fog::Errors::Error.new("#{type} is not a supported tpm type") if new? && !TYPES.include?(type) end @@ -41,24 +46,55 @@ def new? end def save - raise Fog::Errors::Error.new('Creating a new tpm device is not yet implemented. Contributions welcome!') + raise Fog::Errors::Error.new('Creating a new TPM device is not yet implemented. Contributions welcome!') end def destroy - raise Fog::Errors::Error.new('Destroying a tpm device is not yet implemented. Contributions welcome!') + raise Fog::Errors::Error.new('Destroying a TPM device is not yet implemented. Contributions welcome!') + end + + def supported_models + if @arch == "x86_64" + return MODELS_X86_64 + elsif @arch == "ppc64" + return MODELS_PPC64 + elsif @arch == "arm64" || arch == "aarch64" + return MODELS_ARM64 + else + raise Fog::Errors::Error.new('CPU Architecture does not have any supported TPM models!') + end end def defaults - { - :model => "crb", - :type => "emulator", - :version => "2.0", - :device_path => "/dev/tpm0", - :spapr_address_type => "spapr-vio", - :spapr_address_reg => "0x00004000" - } + if @arch == "x86_64" + { + :model => "crb", + :type => "emulator", + :version => "2.0", + :passthrough_device_path => "/dev/tpm0" + } + elsif @arch == "ppc64" + { + :model => "spapr", + :type => "emulator", + :version => "2.0", + :passthrough_device_path => "/dev/tpmrm0", + :spapr_address_type => "spapr-vio", + :spapr_address_reg => "0x00004000" + } + elsif @arch == "arm64" || @arch == "aarch64" + { + :model => "tis", + :type => "emulator", + :version => "2.0", + :passthrough_device_path => "/dev/tpm0" + } + else + raise Fog::Errors::Error.new('CPU Architecture does not have any TPM default values!') + end end end end end end + From 17993a46bad03d4d3a0901129cb47754020528fd Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 18:52:17 -0600 Subject: [PATCH 05/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index 66779c3..29d9a5b 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -55,11 +55,11 @@ def destroy def supported_models if @arch == "x86_64" - return MODELS_X86_64 + MODELS_X86_64 elsif @arch == "ppc64" - return MODELS_PPC64 + MODELS_PPC64 elsif @arch == "arm64" || arch == "aarch64" - return MODELS_ARM64 + MODELS_ARM64 else raise Fog::Errors::Error.new('CPU Architecture does not have any supported TPM models!') end From daba91649ff1a54eaca123690313a4e765abc4a3 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 18:54:31 -0600 Subject: [PATCH 06/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index 29d9a5b..52c060c 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -55,11 +55,11 @@ def destroy def supported_models if @arch == "x86_64" - MODELS_X86_64 + MODELS_X86_64 elsif @arch == "ppc64" - MODELS_PPC64 + MODELS_PPC64 elsif @arch == "arm64" || arch == "aarch64" - MODELS_ARM64 + MODELS_ARM64 else raise Fog::Errors::Error.new('CPU Architecture does not have any supported TPM models!') end From 1745f0f8f53bfd972d0e3ab882c731cd9fe6f1cf Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 18:59:46 -0600 Subject: [PATCH 07/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 24 ++++-------------------- 1 file changed, 4 insertions(+), 20 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index 52c060c..ec2919d 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -67,28 +67,12 @@ def supported_models def defaults if @arch == "x86_64" - { - :model => "crb", - :type => "emulator", - :version => "2.0", - :passthrough_device_path => "/dev/tpm0" - } + {:model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0"} elsif @arch == "ppc64" - { - :model => "spapr", - :type => "emulator", - :version => "2.0", - :passthrough_device_path => "/dev/tpmrm0", - :spapr_address_type => "spapr-vio", - :spapr_address_reg => "0x00004000" - } + {:model => "spapr", :type => "emulator",:version => "2.0", :passthrough_device_path => "/dev/tpmrm0", + :spapr_address_type => "spapr-vio", :spapr_address_reg => "0x00004000"} elsif @arch == "arm64" || @arch == "aarch64" - { - :model => "tis", - :type => "emulator", - :version => "2.0", - :passthrough_device_path => "/dev/tpm0" - } + {:model => "tis", :type => "emulator", :version => "2.0",:passthrough_device_path => "/dev/tpm0"} else raise Fog::Errors::Error.new('CPU Architecture does not have any TPM default values!') end From e4a9cb0df210077cf1c45f3acd712d913dca37d3 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 19:20:08 -0600 Subject: [PATCH 08/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 28 +++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index ec2919d..3867ef5 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -25,7 +25,6 @@ class TPM < Fog::Model MODELS_PPC64 = ['spapr', 'spapr-tpm-proxy'].freeze MODELS_ARM64 = ['tis'].freeze - # Versions # VERSIONS = ['1.2', '2.0'].freeze @@ -54,11 +53,12 @@ def destroy end def supported_models - if @arch == "x86_64" + if @arch + when "x86_64" MODELS_X86_64 - elsif @arch == "ppc64" + when "ppc64" MODELS_PPC64 - elsif @arch == "arm64" || arch == "aarch64" + when "arm64" || arch == "aarch64" MODELS_ARM64 else raise Fog::Errors::Error.new('CPU Architecture does not have any supported TPM models!') @@ -66,19 +66,19 @@ def supported_models end def defaults - if @arch == "x86_64" - {:model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0"} - elsif @arch == "ppc64" - {:model => "spapr", :type => "emulator",:version => "2.0", :passthrough_device_path => "/dev/tpmrm0", - :spapr_address_type => "spapr-vio", :spapr_address_reg => "0x00004000"} - elsif @arch == "arm64" || @arch == "aarch64" - {:model => "tis", :type => "emulator", :version => "2.0",:passthrough_device_path => "/dev/tpm0"} + if @arch + when "x86_64" + { :model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0" } + when "ppc64" + { :model => "spapr", :type => "emulator",:version => "2.0", :passthrough_device_path => "/dev/tpmrm0", + :spapr_address_type => "spapr-vio", :spapr_address_reg => "0x00004000" } + when "arm64" || "aarch64" + { :model => "tis", :type => "emulator", :version => "2.0",:passthrough_device_path => "/dev/tpm0" } else - raise Fog::Errors::Error.new('CPU Architecture does not have any TPM default values!') - end + { } + end end end end end end - From b1c9d4aa18a387dfbd079fade9907bab2045d458 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 19:23:53 -0600 Subject: [PATCH 09/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index 3867ef5..b561bf1 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -54,12 +54,12 @@ def destroy def supported_models if @arch - when "x86_64" + when "x86_64" then MODELS_X86_64 when "ppc64" - MODELS_PPC64 + MODELS_PPC64 then when "arm64" || arch == "aarch64" - MODELS_ARM64 + MODELS_ARM64 then else raise Fog::Errors::Error.new('CPU Architecture does not have any supported TPM models!') end @@ -67,12 +67,12 @@ def supported_models def defaults if @arch - when "x86_64" + when "x86_64" then { :model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0" } - when "ppc64" + when "ppc64" then { :model => "spapr", :type => "emulator",:version => "2.0", :passthrough_device_path => "/dev/tpmrm0", :spapr_address_type => "spapr-vio", :spapr_address_reg => "0x00004000" } - when "arm64" || "aarch64" + when "arm64" || "aarch64" then { :model => "tis", :type => "emulator", :version => "2.0",:passthrough_device_path => "/dev/tpm0" } else { } From 8a0955528ed096cc528de701b2fab217bcbb1d5f Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 19:27:24 -0600 Subject: [PATCH 10/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index b561bf1..7b3f38f 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -53,11 +53,11 @@ def destroy end def supported_models - if @arch + case @arch when "x86_64" then MODELS_X86_64 - when "ppc64" - MODELS_PPC64 then + when "ppc64" then + MODELS_PPC64 when "arm64" || arch == "aarch64" MODELS_ARM64 then else @@ -66,7 +66,7 @@ def supported_models end def defaults - if @arch + case @arch when "x86_64" then { :model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0" } when "ppc64" then From 861698d8416d0646569b5d5a99dce746693d5393 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 19:32:22 -0600 Subject: [PATCH 11/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index 7b3f38f..fa21af6 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -54,12 +54,12 @@ def destroy def supported_models case @arch - when "x86_64" then + when "x86_64" MODELS_X86_64 - when "ppc64" then + when "ppc64" MODELS_PPC64 - when "arm64" || arch == "aarch64" - MODELS_ARM64 then + when "arm64" || "aarch64" + MODELS_ARM64 else raise Fog::Errors::Error.new('CPU Architecture does not have any supported TPM models!') end @@ -67,12 +67,12 @@ def supported_models def defaults case @arch - when "x86_64" then + when "x86_64" { :model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0" } - when "ppc64" then + when "ppc64" { :model => "spapr", :type => "emulator",:version => "2.0", :passthrough_device_path => "/dev/tpmrm0", :spapr_address_type => "spapr-vio", :spapr_address_reg => "0x00004000" } - when "arm64" || "aarch64" then + when "arm64" || "aarch64" { :model => "tis", :type => "emulator", :version => "2.0",:passthrough_device_path => "/dev/tpm0" } else { } From a0445c692e1ebfa4e2a9dac6c72d7c19c23a1d09 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 19:37:12 -0600 Subject: [PATCH 12/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index fa21af6..37fae47 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -70,8 +70,13 @@ def defaults when "x86_64" { :model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0" } when "ppc64" - { :model => "spapr", :type => "emulator",:version => "2.0", :passthrough_device_path => "/dev/tpmrm0", - :spapr_address_type => "spapr-vio", :spapr_address_reg => "0x00004000" } + { :model => "spapr", + :type => "emulator", + :version => "2.0", + :passthrough_device_path => "/dev/tpmrm0", + :spapr_address_type => "spapr-vio", + :spapr_address_reg => "0x00004000" + } when "arm64" || "aarch64" { :model => "tis", :type => "emulator", :version => "2.0",:passthrough_device_path => "/dev/tpm0" } else From d92fda56d4d26a8e847ed85068f70a84546a3e24 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 19:40:58 -0600 Subject: [PATCH 13/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index 37fae47..faef011 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -70,7 +70,8 @@ def defaults when "x86_64" { :model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0" } when "ppc64" - { :model => "spapr", + { + :model => "spapr", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpmrm0", @@ -78,7 +79,7 @@ def defaults :spapr_address_reg => "0x00004000" } when "arm64" || "aarch64" - { :model => "tis", :type => "emulator", :version => "2.0",:passthrough_device_path => "/dev/tpm0" } + { :model => "tis", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0" } else { } end From ac6ce6c8b2b1ea38593975071d9d9ef1e09c296c Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 19:43:21 -0600 Subject: [PATCH 14/16] Update tpm.rb --- lib/fog/libvirt/models/compute/tpm.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/fog/libvirt/models/compute/tpm.rb b/lib/fog/libvirt/models/compute/tpm.rb index faef011..43094a5 100644 --- a/lib/fog/libvirt/models/compute/tpm.rb +++ b/lib/fog/libvirt/models/compute/tpm.rb @@ -70,7 +70,7 @@ def defaults when "x86_64" { :model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0" } when "ppc64" - { + { :model => "spapr", :type => "emulator", :version => "2.0", @@ -81,7 +81,7 @@ def defaults when "arm64" || "aarch64" { :model => "tis", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0" } else - { } + {} end end end From e847f376538b7834bd71474525370b3da7d04279 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 19:45:20 -0600 Subject: [PATCH 15/16] Update server.rb --- lib/fog/libvirt/models/compute/server.rb | 38 ++++++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) diff --git a/lib/fog/libvirt/models/compute/server.rb b/lib/fog/libvirt/models/compute/server.rb index 01d8429..0932ddb 100644 --- a/lib/fog/libvirt/models/compute/server.rb +++ b/lib/fog/libvirt/models/compute/server.rb @@ -419,12 +419,46 @@ def to_xml tpm_model_type = "spapr-tpm-proxy" else tpm_model_type = "tpm-#{tpm_device.model}" + + def destroy + raise Fog::Errors::Error.new('Destroying a TPM device is not yet implemented. Contributions welcome!') + end + + def supported_models + if @arch == "x86_64" + MODELS_X86_64 + elsif @arch == "ppc64" + MODELS_PPC64 + elsif @arch == "arm64" || arch == "aarch64" + MODELS_ARM64 + else + raise Fog::Errors::Error.new('CPU Architecture does not have any supported TPM models!') + end + end + + def defaults + if @arch == "x86_64" + {:model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0"} + elsif @arch == "ppc64" + {:model => "spapr", :type => "emulator",:version => "2.0", :passthrough_device_path => "/dev/tpmrm0", + :spapr_address_type => "spapr-vio", :spapr_address_reg => "0x00004000"} + elsif @arch == "arm64" || @arch == "aarch64" + {:model => "tis", :type => "emulator", :version => "2.0",:passthrough_device_path => "/dev/tpm0"} + else + raise Fog::Errors::Error.new('CPU Architecture does not have any TPM default values!') + end + end + end + end + end +end + end xml.tpm(:model => tpm_model_type) do if tpm_device.type == "passthrough" xml.backend(:type => tpm_device.type) do - xml.device(:path => tpm_device.device_path) + xml.device(:path => tpm_device.passthrough_device_path) end else xml.backend(:type => tpm_device.type, :version => tpm_device.version) @@ -530,7 +564,7 @@ def initialize_volumes def initialize_tpm if tpm[:enable] - self.tpm_device = TPM.new(tpm) + self.tpm_device = TPM.new(tpm, arch) end end From 35c827d282ce909f0c55cd94e5a1d7f5b3567309 Mon Sep 17 00:00:00 2001 From: Jerone Young Date: Wed, 7 Jan 2026 19:54:42 -0600 Subject: [PATCH 16/16] Update server.rb --- lib/fog/libvirt/models/compute/server.rb | 34 ------------------------ 1 file changed, 34 deletions(-) diff --git a/lib/fog/libvirt/models/compute/server.rb b/lib/fog/libvirt/models/compute/server.rb index 0932ddb..d691b70 100644 --- a/lib/fog/libvirt/models/compute/server.rb +++ b/lib/fog/libvirt/models/compute/server.rb @@ -419,40 +419,6 @@ def to_xml tpm_model_type = "spapr-tpm-proxy" else tpm_model_type = "tpm-#{tpm_device.model}" - - def destroy - raise Fog::Errors::Error.new('Destroying a TPM device is not yet implemented. Contributions welcome!') - end - - def supported_models - if @arch == "x86_64" - MODELS_X86_64 - elsif @arch == "ppc64" - MODELS_PPC64 - elsif @arch == "arm64" || arch == "aarch64" - MODELS_ARM64 - else - raise Fog::Errors::Error.new('CPU Architecture does not have any supported TPM models!') - end - end - - def defaults - if @arch == "x86_64" - {:model => "crb", :type => "emulator", :version => "2.0", :passthrough_device_path => "/dev/tpm0"} - elsif @arch == "ppc64" - {:model => "spapr", :type => "emulator",:version => "2.0", :passthrough_device_path => "/dev/tpmrm0", - :spapr_address_type => "spapr-vio", :spapr_address_reg => "0x00004000"} - elsif @arch == "arm64" || @arch == "aarch64" - {:model => "tis", :type => "emulator", :version => "2.0",:passthrough_device_path => "/dev/tpm0"} - else - raise Fog::Errors::Error.new('CPU Architecture does not have any TPM default values!') - end - end - end - end - end -end - end xml.tpm(:model => tpm_model_type) do