commit afb823fc501cf5b17d2d2b555487abf67c225a7c Author: Jim Fehlig Date: Tue Feb 9 15:47:30 2021 -0700 qemu: Validate TPM TIS device TPM devices with model='tpm-tis' are only valid with x86 and aarch64 virt machines. Add a check to qemuValidateDomainDeviceDefTPM() to ensure VIR_DOMAIN_TPM_MODEL_TIS is only used with these architectures. Signed-off-by: Jim Fehlig Reviewed-by: Andrea Bolognani diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index a70737327e..bf4901bf89 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -4299,6 +4299,12 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm, switch (tpm->model) { case VIR_DOMAIN_TPM_MODEL_TIS: + if (!ARCH_IS_X86(def->os.arch) && (def->os.arch != VIR_ARCH_AARCH64)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("TPM model '%s' is only available for x86 and aarch64 guests"), + virDomainTPMModelTypeToString(tpm->model)); + return -1; + } flag = QEMU_CAPS_DEVICE_TPM_TIS; break; case VIR_DOMAIN_TPM_MODEL_CRB: