From nobody Mon Feb 9 13:00:10 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1562792999; cv=none; d=zoho.com; s=zohoarc; b=QCY02EoqOn/t1zqxwbgkFgwpFt/gAFUZNrDgfSJeZz+gDeqCDM9YF/eT3NKrhbqEMsn57DA2C1A7VwVV/PElngd9kiBGg11Pfmo17d1vyV6kcakcItdreaSeoBW3KG4DL5pc3zgi8b9URR+kBW6UB7fKJ2LcgZdxCbg01AUxbzw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1562792999; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=rE7323TOqhVVUpMLOBC4wSNoLDuMbumwtI6owZJQa7Q=; b=L4Q/eI95IEivkpH107nncOA7rYYKfhQbKF4vcvuihDGRPk/adWzMnQmbEAM9Up3V3obvisMBdKD60iTepePEIwyLwtNZ2f5ass/lwiPM+od8A1g8o5pFEhzINHRmSFxMWyrXdm2Cm2srWmn0WhVe1Px+Nrxe1QmSChFePXiSv5c= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1562792999914942.4121803914204; Wed, 10 Jul 2019 14:09:59 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C5BB7307BA56; Wed, 10 Jul 2019 21:09:57 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7CEB31001B28; Wed, 10 Jul 2019 21:09:57 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 22FECC59A; Wed, 10 Jul 2019 21:09:57 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x6AL9AlV010661 for ; Wed, 10 Jul 2019 17:09:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id 539555DC1A; Wed, 10 Jul 2019 21:09:10 +0000 (UTC) Received: from mx1.redhat.com (ext-mx15.extmail.prod.ext.phx2.redhat.com [10.5.110.44]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 59DA15DD8D; Wed, 10 Jul 2019 21:09:08 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6B4CB30860AF; Wed, 10 Jul 2019 21:09:06 +0000 (UTC) Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x6AL6nQ4139852; Wed, 10 Jul 2019 17:09:06 -0400 Received: from ppma03dal.us.ibm.com (b.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.11]) by mx0a-001b2d01.pphosted.com with ESMTP id 2tnqdy0hwn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 10 Jul 2019 17:09:05 -0400 Received: from pps.filterd (ppma03dal.us.ibm.com [127.0.0.1]) by ppma03dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id x6AL56DK027597; Wed, 10 Jul 2019 21:09:05 GMT Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma03dal.us.ibm.com with ESMTP id 2tjk96xeqx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 10 Jul 2019 21:09:05 +0000 Received: from b01ledav005.gho.pok.ibm.com (b01ledav005.gho.pok.ibm.com [9.57.199.110]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x6AL94T451577328 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 10 Jul 2019 21:09:04 GMT Received: from b01ledav005.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0030CAE05F; Wed, 10 Jul 2019 21:09:04 +0000 (GMT) Received: from b01ledav005.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id DD14EAE062; Wed, 10 Jul 2019 21:09:03 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by b01ledav005.gho.pok.ibm.com (Postfix) with ESMTP; Wed, 10 Jul 2019 21:09:03 +0000 (GMT) From: Stefan Berger To: libvir-list@redhat.com Date: Wed, 10 Jul 2019 17:08:57 -0400 Message-Id: <20190710210859.1713840-20-stefanb@linux.vnet.ibm.com> In-Reply-To: <20190710210859.1713840-1-stefanb@linux.vnet.ibm.com> References: <20190710210859.1713840-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-07-10_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1907100243 X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Wed, 10 Jul 2019 21:09:06 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Wed, 10 Jul 2019 21:09:06 +0000 (UTC) for IP:'148.163.156.1' DOMAIN:'mx0a-001b2d01.pphosted.com' HELO:'mx0a-001b2d01.pphosted.com' FROM:'stefanb@linux.vnet.ibm.com' RCPT:'' X-RedHat-Spam-Score: -0.698 (RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_NONE) 148.163.156.1 mx0a-001b2d01.pphosted.com 148.163.156.1 mx0a-001b2d01.pphosted.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.44 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Cc: marcandre.lureau@redhat.com, Stefan Berger Subject: [libvirt] [PATCH v3 19/21] tpm: Check TPM XML device configuration changes after edit X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.43]); Wed, 10 Jul 2019 21:09:58 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Since swtpm does not support getting started once it was created with encrypted enabled, we don't allow encryption to be removed. Similarly, we do not allow encrypted to be added once swtpm has run. Signed-off-by: Stefan Berger --- src/conf/domain_conf.c | 56 +++++++++++++++++++++++++++++++++++++++ src/conf/domain_conf.h | 4 +++ src/libvirt_private.syms | 1 + src/qemu/qemu_driver.c | 28 ++++++++++++++++++++ src/qemu/qemu_extdevice.c | 2 +- src/qemu/qemu_extdevice.h | 3 +++ 6 files changed, 93 insertions(+), 1 deletion(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index df6238c299..dba8da0e5d 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -31435,3 +31435,59 @@ virDomainGraphicsNeedsAutoRenderNode(const virDoma= inGraphicsDef *graphics) =20 return true; } + + +static int +virDomainCheckTPMChanges(virDomainDefPtr def, + virDomainDefPtr newDef) +{ + bool oldEnc, newEnc; + + if (!def->tpm) + return 0; + + switch (def->tpm->type) { + case VIR_DOMAIN_TPM_TYPE_EMULATOR: + if (virFileExists(def->tpm->data.emulator.storagepath)) { + /* VM has been started */ + /* Once a VM was started with an encrypted state we allow + * less configuration changes. + */ + oldEnc =3D def->tpm->data.emulator.encryption; + if (oldEnc && def->tpm->type !=3D newDef->tpm->type) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Changing the type of TPM is not allowed"= )); + return -1; + } + if (oldEnc && !newDef->tpm) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Removing an encrypted TPM is not allowed= ")); + return -1; + } + newEnc =3D newDef->tpm->data.emulator.encryption; + if (oldEnc !=3D newEnc) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("TPM state encryption cannot be changed " + "once VM was started")); + return -1; + } + } + break; + case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: + case VIR_DOMAIN_TPM_TYPE_LAST: + break; + } + + return 0; +} + + +int +virDomainCheckDeviceChanges(virDomainDefPtr def, + virDomainDefPtr newDef) +{ + if (!def || !newDef) + return 0; + + return virDomainCheckTPMChanges(def, newDef); +} diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index a03986623a..a61faa7d57 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -3623,3 +3623,7 @@ virDomainGraphicsGetRenderNode(const virDomainGraphic= sDef *graphics); =20 bool virDomainGraphicsNeedsAutoRenderNode(const virDomainGraphicsDef *graphics); + +int +virDomainCheckDeviceChanges(virDomainDefPtr def, virDomainDefPtr newDef) + ATTRIBUTE_NONNULL(2); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 804d244313..d8e99ad566 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -205,6 +205,7 @@ virDomainBootTypeFromString; virDomainBootTypeToString; virDomainCapabilitiesPolicyTypeToString; virDomainCapsFeatureTypeToString; +virDomainCheckDeviceChanges; virDomainChrConsoleTargetTypeFromString; virDomainChrConsoleTargetTypeToString; virDomainChrDefForeach; diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index ef2e980216..8f224582b6 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -52,6 +52,7 @@ #include "qemu_migration_params.h" #include "qemu_blockjob.h" #include "qemu_security.h" +#include "qemu_extdevice.h" =20 #include "virerror.h" #include "virlog.h" @@ -7568,6 +7569,30 @@ qemuDomainCreate(virDomainPtr dom) return qemuDomainCreateWithFlags(dom, 0); } =20 +static int +qemuDomainCheckDeviceChanges(virQEMUDriverPtr driver, + virDomainDefPtr def) +{ + virDomainObjPtr vm; + int ret; + + vm =3D virDomainObjListFindByUUID(driver->domains, def->uuid); + if (!vm) + return 0; + + if (qemuExtDevicesInitPaths(driver, vm->def) < 0) { + ret =3D -1; + goto cleanup; + } + + ret =3D virDomainCheckDeviceChanges(vm->def, def); + + cleanup: + virDomainObjEndAPI(&vm); + + return ret; +} + static virDomainPtr qemuDomainDefineXMLFlags(virConnectPtr conn, const char *xml, @@ -7604,6 +7629,9 @@ qemuDomainDefineXMLFlags(virConnectPtr conn, if (virDomainDefineXMLFlagsEnsureACL(conn, def) < 0) goto cleanup; =20 + if (qemuDomainCheckDeviceChanges(driver, def) < 0) + goto cleanup; + if (!(vm =3D virDomainObjListAdd(driver->domains, def, driver->xmlopt, 0, &oldDef))) diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c index a21caefaba..e576bca165 100644 --- a/src/qemu/qemu_extdevice.c +++ b/src/qemu/qemu_extdevice.c @@ -79,7 +79,7 @@ qemuExtDeviceLogCommand(qemuDomainLogContextPtr logCtxt, * stored and we can remove directories and files in case of domain XML * changes. */ -static int +int qemuExtDevicesInitPaths(virQEMUDriverPtr driver, virDomainDefPtr def) { diff --git a/src/qemu/qemu_extdevice.h b/src/qemu/qemu_extdevice.h index a72e05ce63..bbdb9a1cc2 100644 --- a/src/qemu/qemu_extdevice.h +++ b/src/qemu/qemu_extdevice.h @@ -53,3 +53,6 @@ bool qemuExtDevicesHasDevice(virDomainDefPtr def); int qemuExtDevicesSetupCgroup(virQEMUDriverPtr driver, virDomainDefPtr def, virCgroupPtr cgroup); + +int qemuExtDevicesInitPaths(virQEMUDriverPtr driver, + virDomainDefPtr def); --=20 2.20.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list