From 1964a67be2217e6c0e2ce11397d0d9590fb81584 Mon Sep 17 00:00:00 2001
From: causand22 <107427279+causand22@users.noreply.github.com>
Date: Wed, 2 Aug 2023 14:38:21 -0700
Subject: [PATCH] [minimega] Add virtual TPM support (#1510)

* initial tpm commit

* fixing command line args

* collapse tpm args to one; get to print in vm info

---------

Co-authored-by: root <root@ccc5.40g>
Co-authored-by: jacdavi <86626873+jacdavi@users.noreply.github.com>
---
 cmd/minimega/kvm.go            | 13 +++++++++++++
 cmd/minimega/vm.go             |  1 +
 cmd/minimega/vm_cli.go         |  1 +
 cmd/minimega/vmconfiger_cli.go | 34 ++++++++++++++++++++++++++++++++++
 4 files changed, 49 insertions(+)

diff --git a/cmd/minimega/kvm.go b/cmd/minimega/kvm.go
index 086042386..1d25a815a 100644
--- a/cmd/minimega/kvm.go
+++ b/cmd/minimega/kvm.go
@@ -185,6 +185,10 @@ type KVMConfig struct {
 	// Default: true
 	UsbUseXHCI bool
 
+	// If specified, will configure VM to use virtual Trusted Platform Module (TPM)
+	// socket at the path provided
+	TpmSocketPath string
+
 	// Add additional arguments to be passed to the QEMU instance. For example:
 	//
 	// 	vm config qemu-append -serial tcp:localhost:4001
@@ -542,6 +546,7 @@ func (vm *KVMConfig) String() string {
 	fmt.Fprintf(w, "Sockets:\t%v\n", vm.Sockets)
 	fmt.Fprintf(w, "VGA:\t%v\n", vm.Vga)
 	fmt.Fprintf(w, "Usb Use XHCI:\t%v\n", vm.UsbUseXHCI)
+	fmt.Fprintf(w, "TPM Socket: \t%v\n", vm.TpmSocketPath)
 	w.Flush()
 	fmt.Fprintln(&o)
 	return o.String()
@@ -1316,6 +1321,14 @@ func (vm VMConfig) qemuArgs(id int, vmPath string) []string {
 	// this allows absolute pointers in vnc, and works great on android vms
 	args = append(args, "-device", "usb-tablet,bus=usb-bus.0")
 
+	if vm.TpmSocketPath != "" {
+		args = append(args, "-chardev")
+		args = append(args, fmt.Sprintf("socket,id=chrtpm,path=%v,nowait", vm.TpmSocketPath))
+		args = append(args, "-tpmdev")
+		args = append(args, "emulator,id=tpm0,chardev=chrtpm")
+		args = append(args, "-device")
+		args = append(args, "tpm-tis,tpmdev=tpm0")
+	}
 	// this is non-virtio serial ports
 	// for virtio-serial, look below near the net code
 	for i := uint64(0); i < vm.SerialPorts; i++ {
diff --git a/cmd/minimega/vm.go b/cmd/minimega/vm.go
index 3d4fdba75..3a0a6a468 100644
--- a/cmd/minimega/vm.go
+++ b/cmd/minimega/vm.go
@@ -145,6 +145,7 @@ var vmInfo = []string{
 	// kvm fields
 	"vcpus", "disks", "snapshot", "initrd", "kernel", "cdrom", "migrate",
 	"append", "serial-ports", "virtio-ports", "vnc_port", "usb-use-xhci",
+	"tpm-socket",
 	// container fields
 	"filesystem", "hostname", "init", "preinit", "fifo", "volume",
 	"console_port",
diff --git a/cmd/minimega/vm_cli.go b/cmd/minimega/vm_cli.go
index 655650100..3de4b1779 100644
--- a/cmd/minimega/vm_cli.go
+++ b/cmd/minimega/vm_cli.go
@@ -63,6 +63,7 @@ Additional fields are available for KVM-based VMs:
 - virtio-serial : number of virtio ports
 - vnc_port      : port for VNC shim
 - usb-use-xhci  : usb controller (true = xhci; false = ehci)
+- tpm-socket	: path of emulated tpm socket
 
 Additional fields are available for container-based VMs:
 
diff --git a/cmd/minimega/vmconfiger_cli.go b/cmd/minimega/vmconfiger_cli.go
index 666233a38..8f2b5a759 100644
--- a/cmd/minimega/vmconfiger_cli.go
+++ b/cmd/minimega/vmconfiger_cli.go
@@ -628,6 +628,28 @@ Default: true
 			return nil
 		}),
 	},
+	{
+		HelpShort: "configures tpm-socket",
+		HelpLong: `If specified, will configure VM to use virtual Trusted Platform Module (TPM)
+socket at the path provided
+`,
+		Patterns: []string{
+			"vm config tpm-socket [value]",
+		},
+
+		Call: wrapSimpleCLI(func(ns *Namespace, c *minicli.Command, r *minicli.Response) error {
+			if len(c.StringArgs) == 0 {
+				r.Response = ns.vmConfig.TpmSocketPath
+				return nil
+			}
+
+			v := checkPath(c.StringArgs["value"])
+
+			ns.vmConfig.TpmSocketPath = v
+
+			return nil
+		}),
+	},
 	{
 		HelpShort: "configures qemu-append",
 		HelpLong: `Add additional arguments to be passed to the QEMU instance. For example:
@@ -925,6 +947,7 @@ Default: empty map
 			"clear vm config <sockets,>",
 			"clear vm config <tags,>",
 			"clear vm config <threads,>",
+			"clear vm config <tpm-socket,>",
 			"clear vm config <uuid,>",
 			"clear vm config <usb-use-xhci,>",
 			"clear vm config <vcpus,>",
@@ -1258,6 +1281,9 @@ func (v *KVMConfig) Info(field string) (string, error) {
 	if field == "usb-use-xhci" {
 		return strconv.FormatBool(v.UsbUseXHCI), nil
 	}
+	if field == "tpm-socket" {
+		return v.TpmSocketPath, nil
+	}
 	if field == "qemu-append" {
 		return fmt.Sprintf("%v", v.QemuAppend), nil
 	}
@@ -1317,6 +1343,9 @@ func (v *KVMConfig) Clear(mask string) {
 	if mask == Wildcard || mask == "usb-use-xhci" {
 		v.UsbUseXHCI = true
 	}
+	if mask == Wildcard || mask == "tpm-socket" {
+		v.TpmSocketPath = ""
+	}
 	if mask == Wildcard || mask == "qemu-append" {
 		v.QemuAppend = nil
 	}
@@ -1374,6 +1403,9 @@ func (v *KVMConfig) WriteConfig(w io.Writer) error {
 	if v.UsbUseXHCI != true {
 		fmt.Fprintf(w, "vm config usb-use-xhci %t\n", v.UsbUseXHCI)
 	}
+	if v.TpmSocketPath != "" {
+		fmt.Fprintf(w, "vm config tpm-socket %v\n", v.TpmSocketPath)
+	}
 	if len(v.QemuAppend) > 0 {
 		fmt.Fprintf(w, "vm config qemu-append %v\n", quoteJoin(v.QemuAppend, " "))
 	}
@@ -1430,6 +1462,8 @@ func (v *KVMConfig) ReadConfig(r io.Reader, ns string) error {
 			v.ReadFieldConfig(strings.NewReader(line), "disks", ns)
 		case "usb-use-xhci":
 			v.UsbUseXHCI, _ = strconv.ParseBool(config[1])
+		case "tpm-socket":
+			v.TpmSocketPath = config[1]
 		case "qemu-append":
 			v.QemuAppend = strings.Fields(config[1])
 		case "qemu-override":