commit afb823fc501cf5b17d2d2b555487abf67c225a7c
Author: Jim Fehlig <jfehlig@suse.com>
Date:   Tue Feb 9 15:47:30 2021 -0700

    qemu: Validate TPM TIS device
    
    TPM devices with model='tpm-tis' are only valid with x86 and aarch64
    virt machines. Add a check to qemuValidateDomainDeviceDefTPM() to
    ensure VIR_DOMAIN_TPM_MODEL_TIS is only used with these architectures.
    
    Signed-off-by: Jim Fehlig <jfehlig@suse.com>
    Reviewed-by: Andrea Bolognani <abologna@redhat.com>

Index: libvirt-7.0.0/src/qemu/qemu_validate.c
===================================================================
--- libvirt-7.0.0.orig/src/qemu/qemu_validate.c
+++ libvirt-7.0.0/src/qemu/qemu_validate.c
@@ -4251,6 +4251,12 @@ qemuValidateDomainDeviceDefTPM(virDomain
 
     switch (tpm->model) {
     case VIR_DOMAIN_TPM_MODEL_TIS:
+        if (!ARCH_IS_X86(def->os.arch) && (def->os.arch != VIR_ARCH_AARCH64)) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("TPM model '%s' is only available for x86 and aarch64 guests"),
+                          virDomainTPMModelTypeToString(tpm->model));
+            return -1;
+        }
         flag = QEMU_CAPS_DEVICE_TPM_TIS;
         break;
     case VIR_DOMAIN_TPM_MODEL_CRB: