On Mon, Jun 08, 2026 at 04:08:11PM +0200, Ján Tomko via Devel wrote: > On a Wednesday in 2026, Michal Privoznik via Devel wrote: > > From: Michal Privoznik <[email protected]> > > > > The aim of domaincapstest is to check domain capabilities XML > > with respect to qemu capabilities. And we used to have old qemu > > capabilities where only TPM-1.2 was supported. But as of > > v12.4.0-rc1~130 QEMU-7.2 or newer is required which means the > > code that's handling older QEMUs is required no more. Drop it. > > The wording is unclear here - does QEMU 7.2 not support TPM 1.2 > or do we just not care about testing it anymore?
AFAIK, QEMU mostly doesn't care about versions. The TPM device is just a simple command/response message passing protocol. QEMU's device impl just marshalls the messages to/from swtpm where the interesting logic lives. swtpm supports both 1.2 and 2.0, and I doubt 1.2 swill go away. At the same time no one should be using 1.2 unless their use case is around compat with obsolete OS versons, as 1.2 offers no meaningful security given it hardcodes sha1 everywhere. With regards, Daniel -- |: https://berrange.com ~~ https://hachyderm.io/@berrange :| |: https://libvirt.org ~~ https://entangle-photo.org :| |: https://pixelfed.art/berrange ~~ https://fstop138.berrange.com :|
