From nobody Sun May 5 23:18:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1664978852; cv=none; d=zohomail.com; s=zohoarc; b=KnlL54BCNe4awEfIkRTZLYcqgUMrCoYf5YuVekhpQ372lGEgG+p8TfkiAKDRT1HBkeoYZ0l6WvsvpZkUpFn6DE7LV+822bycXNSrvd5SsDIkIYXnieQ87+wbfrwS6QaDDAeaEytxAAQlBQL4lboQM30AvKkZlCs+2TgdzvlsM2o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664978852; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=N7wBg8e1ZXfsg92PZaP6aNwT6vRoaZZfCJ6aBjr+C6g=; b=HpycueGGe5pxdZiOeq4y28hTGx3YuJn8vlHNYoxFV1LijWP5GrlCoXfDz86TjWimiAFczF+znwyA8Lgp827WIAq64P34fr4FrebsZxasDQbDjGdA6qX87g795GcCOSumQ0RCb1/H7I6inPGANA970tJ1RzRk6ITShX0WyIliWNw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1664978852966302.0945849329298; Wed, 5 Oct 2022 07:07:32 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-567-zNy96ICkM0uRn81FcfXFXw-1; Wed, 05 Oct 2022 10:07:27 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7F7B538149C9; Wed, 5 Oct 2022 14:07:18 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 66C2B200E1FA; Wed, 5 Oct 2022 14:07:18 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D01EB1946A5A; Wed, 5 Oct 2022 14:07:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B48321946A4E for ; Wed, 5 Oct 2022 14:07:16 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id A75CD2141839; Wed, 5 Oct 2022 14:07:15 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A08702141835 for ; Wed, 5 Oct 2022 14:07:15 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 669C587B2A2 for ; Wed, 5 Oct 2022 14:07:08 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-470-kLWF4rLhOISUKipEagfPKw-1; Wed, 05 Oct 2022 10:07:05 -0400 Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 295E70OL012242; Wed, 5 Oct 2022 14:07:04 GMT Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3k1auks8b9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:07:03 +0000 Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 295DpW10027589; Wed, 5 Oct 2022 14:02:11 GMT Received: from b01cxnp23033.gho.pok.ibm.com (b01cxnp23033.gho.pok.ibm.com [9.57.198.28]) by ppma05wdc.us.ibm.com with ESMTP id 3jxd69kvbj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:11 +0000 Received: from smtpav02.wdc07v.mail.ibm.com ([9.208.128.114]) by b01cxnp23033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 295E2AIT8979094 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Oct 2022 14:02:10 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 161E05806B; Wed, 5 Oct 2022 14:02:10 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 98C3958060; Wed, 5 Oct 2022 14:02:09 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Oct 2022 14:02:09 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664978852; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=N7wBg8e1ZXfsg92PZaP6aNwT6vRoaZZfCJ6aBjr+C6g=; b=JU3glBjadJP+wV97WEszBuS6MvURBGeiQoGeCb6It7zm9U3WcV+p9il09UXxD9VRJ7C2QQ gRFJQ7dOidr1sOwUlwcZI3UaXlceQFJXKKCNTJh8vpJs4hoKRC7IhZL9uCLkKTuJn2QLkW yoAwoWdtQMPAdMcIJhy3pcSK30n4X7w= X-MC-Unique: zNy96ICkM0uRn81FcfXFXw-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: kLWF4rLhOISUKipEagfPKw-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 1/9] util: Add parsing support for swtpm's cmdarg-migration capability Date: Wed, 5 Oct 2022 10:01:59 -0400 Message-Id: <20221005140207.3599989-2-stefanb@linux.ibm.com> In-Reply-To: <20221005140207.3599989-1-stefanb@linux.ibm.com> References: <20221005140207.3599989-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: PXeBJBv3N5jAkdEoPEdIWwqySLxEx2PE X-Proofpoint-GUID: PXeBJBv3N5jAkdEoPEdIWwqySLxEx2PE X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-05_03,2022-10-05_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 adultscore=0 bulkscore=0 priorityscore=1501 clxscore=1015 suspectscore=0 mlxlogscore=999 spamscore=0 mlxscore=0 lowpriorityscore=0 phishscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210050088 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefan Berger Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1664978853546100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Add support for parsing swtpm 'cmdarg-migration' capability (since v0.8). Signed-off-by: Stefan Berger --- src/util/virtpm.c | 1 + src/util/virtpm.h | 1 + 2 files changed, 2 insertions(+) diff --git a/src/util/virtpm.c b/src/util/virtpm.c index 91db0f31eb..19850de1c8 100644 --- a/src/util/virtpm.c +++ b/src/util/virtpm.c @@ -39,6 +39,7 @@ VIR_LOG_INIT("util.tpm"); VIR_ENUM_IMPL(virTPMSwtpmFeature, VIR_TPM_SWTPM_FEATURE_LAST, "cmdarg-pwd-fd", + "cmdarg-migration", ); =20 VIR_ENUM_IMPL(virTPMSwtpmSetupFeature, diff --git a/src/util/virtpm.h b/src/util/virtpm.h index a873881b23..fb330effa8 100644 --- a/src/util/virtpm.h +++ b/src/util/virtpm.h @@ -30,6 +30,7 @@ bool virTPMHasSwtpm(void); =20 typedef enum { VIR_TPM_SWTPM_FEATURE_CMDARG_PWD_FD, + VIR_TPM_SWTPM_FEATURE_CMDARG_MIGRATION, =20 VIR_TPM_SWTPM_FEATURE_LAST } virTPMSwtpmFeature; --=20 2.37.3 From nobody Sun May 5 23:18:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1664978556; cv=none; d=zohomail.com; s=zohoarc; b=ECPJctBi5rkO5LDlcrezkvUarVi0+EGXTRoJoHbYQHR1zEmyAkiu16HRMKzEw0yRP2j+oQlVMWLJpvzIM0WkArFQSCDG4NXnp1r9P2F7g1cSHHgnjiCEraIeW5+HRUEoyKZklhm8k9ymN6v8sFSrFULXYkV6idbOTkGyjcWR1Pw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664978556; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=BMSvjD1Zx963MQZo73QShp0+IRw8XUWvPlG9Zs1Ro0w=; b=R/JtvjYaJUSLJFxPmGPkVw578vuFJb6+Qj2kSxmskCY4Z0e/YPJBPvtI3gkZTSw8IkVxxM8iN8sA4muFzx1xfpFwJ/t++lLTcl6jOED95j+x5qWKokv1J4FeccXWqavAUBIUSQ5d9owuqDkOaVOnkjVpF1bLiMU+O7qb5JSxeQk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1664978556727677.5068371711758; Wed, 5 Oct 2022 07:02:36 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-642-i4ldtuk6O4q9-qN6htO5ug-1; Wed, 05 Oct 2022 10:02:29 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 97C33384C6DC; Wed, 5 Oct 2022 14:02:21 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7683F2024CBB; Wed, 5 Oct 2022 14:02:21 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 153A41947B94; Wed, 5 Oct 2022 14:02:21 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 16CBD1946A4E for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 081C0111F3C7; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 012BD1121333 for ; Wed, 5 Oct 2022 14:02:19 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D5821100F800 for ; Wed, 5 Oct 2022 14:02:19 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-437-yCC9grP7NnCBzoG9Sbk1ew-1; Wed, 05 Oct 2022 10:02:16 -0400 Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 295D0JYp020720; Wed, 5 Oct 2022 14:02:14 GMT Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3k1ae8aa4w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:13 +0000 Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1]) by ppma02wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 295Dp5UZ028897; Wed, 5 Oct 2022 14:02:12 GMT Received: from b01cxnp23033.gho.pok.ibm.com (b01cxnp23033.gho.pok.ibm.com [9.57.198.28]) by ppma02wdc.us.ibm.com with ESMTP id 3jxd69uxnn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:12 +0000 Received: from smtpav02.wdc07v.mail.ibm.com ([9.208.128.114]) by b01cxnp23033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 295E2BTl64684518 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Oct 2022 14:02:11 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A915E58067; Wed, 5 Oct 2022 14:02:10 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3986B58068; Wed, 5 Oct 2022 14:02:10 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Oct 2022 14:02:10 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664978555; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=BMSvjD1Zx963MQZo73QShp0+IRw8XUWvPlG9Zs1Ro0w=; b=MgHgmbXbtj2MSWRe3iGVQI9tLgkNsHadXlHcVx7Zg0rkiWfI12ECjrsiCJQuHphPAooxs4 va4NDb/UJ9MUUo55rRBc0vhXN0TC1g/TKBhq4XIi7Hw89ppJqC2OZ13HnERo79XBfevFhm JBvaQQ0Xb9IDB3vIxS83NUxWmFlI5JE= X-MC-Unique: i4ldtuk6O4q9-qN6htO5ug-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: yCC9grP7NnCBzoG9Sbk1ew-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 2/9] qemu: Introduced VIR_MIGRATE_TPM_SHARED_STORAGE for TPM migration Date: Wed, 5 Oct 2022 10:02:00 -0400 Message-Id: <20221005140207.3599989-3-stefanb@linux.ibm.com> In-Reply-To: <20221005140207.3599989-1-stefanb@linux.ibm.com> References: <20221005140207.3599989-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: GmscVgJ4X0M3t0DMRT3MxfWVckv-z9e9 X-Proofpoint-GUID: GmscVgJ4X0M3t0DMRT3MxfWVckv-z9e9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-05_03,2022-10-05_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 priorityscore=1501 phishscore=0 malwarescore=0 bulkscore=0 mlxlogscore=772 clxscore=1015 impostorscore=0 lowpriorityscore=0 spamscore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210050088 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefan Berger Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1664978556991100002 Content-Type: text/plain; charset="utf-8"; x-default="true" Introduced VIR_MIGRATE_TPM_SHARED_STORAGE for migrating a TPM across shared storage. At this point do not support this flag in 'virsh', yet. Signed-off-by: Stefan Berger --- include/libvirt/libvirt-domain.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-dom= ain.h index 8357aea797..110929039d 100644 --- a/include/libvirt/libvirt-domain.h +++ b/include/libvirt/libvirt-domain.h @@ -1098,6 +1098,14 @@ typedef enum { * Since: 8.5.0 */ VIR_MIGRATE_ZEROCOPY =3D (1 << 20), + + /* Support TPM migration across hosts that have shared storage setup f= or + * the directory structure holding the state of TPMs. Typically this w= ould + * mean that the directory /var/lib/libvirt/swtpm is shared. + * + * Since: 8.9.0 + */ + VIR_MIGRATE_TPM_SHARED_STORAGE =3D (1 << 21), } virDomainMigrateFlags; =20 =20 --=20 2.37.3 From nobody Sun May 5 23:18:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1664978570; cv=none; d=zohomail.com; s=zohoarc; b=QF2G7mLx3QirCUFIAPTHnn+xLUbzL6sgJvqT2yhLZSK+awygm+yf/W8ylNIuXs20wxb9C1YhtLiyTdSaVfyGbIGtrDOxKFDupcVflpTKZX4OXdipdT+hASYHPwLvVEcJb6XsnrLJPRmA0Mga2JMfPBqwF++nqCECLGfp+eSrrvo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664978570; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=9lVtwBZeDZ/41yTpJzsR5HfDR6GX4uJy49TjlaiP8PE=; b=MFyUL0dHIvDj39JVGxDFVNAuM+DFjr2iUT8T7uZdeF6Q6EsVktonfW5E/u30y9830OV9/c+y+Sf1CgL9JeAa0N+aNPMJm7j8Y0/i+NQJdRhwOt7+o5BUfl9s7FOLikp2wZiThJtP347tTKKaCtF1LPQiLpRATZLf9i6oci1fU0I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1664978570697260.04136142313064; Wed, 5 Oct 2022 07:02:50 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-640-BOq3t27XOreDrmmkyJT54w-1; Wed, 05 Oct 2022 10:02:40 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 77ECF3C0D19C; Wed, 5 Oct 2022 14:02:29 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5D8EB1402BDC; Wed, 5 Oct 2022 14:02:29 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 3D4B41946A5A; Wed, 5 Oct 2022 14:02:29 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 4E7CB1946A5A for ; Wed, 5 Oct 2022 14:02:28 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 3269C1402BDE; Wed, 5 Oct 2022 14:02:28 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast07.extmail.prod.ext.rdu2.redhat.com [10.11.55.23]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2A89D1402BDD for ; Wed, 5 Oct 2022 14:02:28 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0916A3C025BB for ; Wed, 5 Oct 2022 14:02:28 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-615-YuT48H7DMKOQDHNu-9wwuA-1; Wed, 05 Oct 2022 10:02:18 -0400 Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 295CqJ79015994; Wed, 5 Oct 2022 14:02:15 GMT Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3k1aafjd9u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:14 +0000 Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 295Dpc6Y027621; Wed, 5 Oct 2022 14:02:13 GMT Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma05wdc.us.ibm.com with ESMTP id 3jxd69kvbs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:13 +0000 Received: from smtpav02.wdc07v.mail.ibm.com ([9.208.128.114]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 295E2CsP8913576 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Oct 2022 14:02:12 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 437C158076; Wed, 5 Oct 2022 14:02:11 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D01955807C; Wed, 5 Oct 2022 14:02:10 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Oct 2022 14:02:10 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664978569; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=9lVtwBZeDZ/41yTpJzsR5HfDR6GX4uJy49TjlaiP8PE=; b=Qc1gm5tueKqIyNbBL9X1Jnw+WFy+lW5fTVP281UdqGjbxi5goEYFSEsKqRkNsb6AZeJyE1 Xi9zO5P9ZVxj3IlfSSp+6DVBEE2DZW2adG+C8yJkUhutYm41AsiIhqGiUSV1OXhU58w79E mh43OKc9o4VIF4JSOBe1JhqsZ/rh7xY= X-MC-Unique: BOq3t27XOreDrmmkyJT54w-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: YuT48H7DMKOQDHNu-9wwuA-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 3/9] qemu: tpm: Conditionally create storage on incoming migration Date: Wed, 5 Oct 2022 10:02:01 -0400 Message-Id: <20221005140207.3599989-4-stefanb@linux.ibm.com> In-Reply-To: <20221005140207.3599989-1-stefanb@linux.ibm.com> References: <20221005140207.3599989-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: dUPz9c3iljN55E63IMjDezX1nR5vYoCU X-Proofpoint-ORIG-GUID: dUPz9c3iljN55E63IMjDezX1nR5vYoCU X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-05_03,2022-10-05_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 suspectscore=0 clxscore=1015 mlxscore=0 bulkscore=0 adultscore=0 mlxlogscore=779 spamscore=0 impostorscore=0 phishscore=0 priorityscore=1501 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210050088 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefan Berger Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1664978571106100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Do not create storage if TPM_SHARED_STORAGE migration flag is set and on incoming migration since in this case the storage directory must already exist. Also do not run swtpm_setup in this case. Pass the migration flag from migration related functions all the way down to TPM related functions. If no migration flags exist on higher layers, pass down '0'. Signed-off-by: Stefan Berger --- src/qemu/qemu_driver.c | 4 ++-- src/qemu/qemu_extdevice.c | 5 +++-- src/qemu/qemu_extdevice.h | 3 ++- src/qemu/qemu_migration.c | 2 +- src/qemu/qemu_process.c | 10 ++++++---- src/qemu/qemu_process.h | 6 ++++-- src/qemu/qemu_saveimage.c | 2 +- src/qemu/qemu_snapshot.c | 4 ++-- src/qemu/qemu_tpm.c | 27 +++++++++++++++++++++------ src/qemu/qemu_tpm.h | 3 ++- 10 files changed, 44 insertions(+), 22 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 40d23b5723..3f163a4664 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -1633,7 +1633,7 @@ static virDomainPtr qemuDomainCreateXML(virConnectPtr= conn, if (qemuProcessStart(conn, driver, vm, NULL, VIR_ASYNC_JOB_START, NULL, -1, NULL, NULL, VIR_NETDEV_VPORT_PROFILE_OP_CREATE, - start_flags) < 0) { + start_flags, 0) < 0) { virDomainAuditStart(vm, "booted", false); qemuDomainRemoveInactive(driver, vm, 0); qemuProcessEndJob(vm); @@ -6555,7 +6555,7 @@ qemuDomainObjStart(virConnectPtr conn, =20 ret =3D qemuProcessStart(conn, driver, vm, NULL, asyncJob, NULL, -1, NULL, NULL, - VIR_NETDEV_VPORT_PROFILE_OP_CREATE, start_flags= ); + VIR_NETDEV_VPORT_PROFILE_OP_CREATE, start_flags= , 0); virDomainAuditStart(vm, "booted", ret >=3D 0); if (ret >=3D 0) { virObjectEvent *event =3D diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c index 24a57b0f74..0bafe2b7b0 100644 --- a/src/qemu/qemu_extdevice.c +++ b/src/qemu/qemu_extdevice.c @@ -168,7 +168,8 @@ qemuExtDevicesCleanupHost(virQEMUDriver *driver, int qemuExtDevicesStart(virQEMUDriver *driver, virDomainObj *vm, - bool incomingMigration) + bool incomingMigration, + virDomainMigrateFlags flags) { virDomainDef *def =3D vm->def; size_t i; @@ -186,7 +187,7 @@ qemuExtDevicesStart(virQEMUDriver *driver, virDomainTPMDef *tpm =3D def->tpms[i]; =20 if (tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR && - qemuExtTPMStart(driver, vm, tpm, incomingMigration) < 0) + qemuExtTPMStart(driver, vm, tpm, incomingMigration, flags) < 0) return -1; } =20 diff --git a/src/qemu/qemu_extdevice.h b/src/qemu/qemu_extdevice.h index 6b05b59cd6..723e21d42c 100644 --- a/src/qemu/qemu_extdevice.h +++ b/src/qemu/qemu_extdevice.h @@ -47,7 +47,8 @@ void qemuExtDevicesCleanupHost(virQEMUDriver *driver, =20 int qemuExtDevicesStart(virQEMUDriver *driver, virDomainObj *vm, - bool incomingMigration) + bool incomingMigration, + virDomainMigrateFlags flags) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) G_GNUC_WARN_UNUSED_RESULT; =20 diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 33105cf07b..efb27a24aa 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -3095,7 +3095,7 @@ qemuMigrationDstPrepareActive(virQEMUDriver *driver, rv =3D qemuProcessLaunch(dconn, driver, vm, VIR_ASYNC_JOB_MIGRATION_IN, incoming, NULL, VIR_NETDEV_VPORT_PROFILE_OP_MIGRATE_IN_START, - startFlags); + startFlags, flags); if (rv < 0) { if (rv =3D=3D -2) relabel =3D true; diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 97336e2622..f278b73858 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -7421,7 +7421,8 @@ qemuProcessLaunch(virConnectPtr conn, qemuProcessIncomingDef *incoming, virDomainMomentObj *snapshot, virNetDevVPortProfileOp vmop, - unsigned int flags) + unsigned int flags, + virDomainMigrateFlags migFlags) { int ret =3D -1; int rv; @@ -7485,7 +7486,7 @@ qemuProcessLaunch(virConnectPtr conn, if (qemuProcessGenID(vm, flags) < 0) goto cleanup; =20 - if (qemuExtDevicesStart(driver, vm, incoming !=3D NULL) < 0) + if (qemuExtDevicesStart(driver, vm, incoming !=3D NULL, migFlags) < 0) goto cleanup; =20 if (!(cmd =3D qemuBuildCommandLine(vm, @@ -7849,7 +7850,8 @@ qemuProcessStart(virConnectPtr conn, const char *migratePath, virDomainMomentObj *snapshot, virNetDevVPortProfileOp vmop, - unsigned int flags) + unsigned int flags, + virDomainMigrateFlags migFlags) { qemuDomainObjPrivate *priv =3D vm->privateData; qemuProcessIncomingDef *incoming =3D NULL; @@ -7901,7 +7903,7 @@ qemuProcessStart(virConnectPtr conn, } =20 if ((rv =3D qemuProcessLaunch(conn, driver, vm, asyncJob, incoming, - snapshot, vmop, flags)) < 0) { + snapshot, vmop, flags, migFlags)) < 0) { if (rv =3D=3D -2) relabel =3D true; goto stop; diff --git a/src/qemu/qemu_process.h b/src/qemu/qemu_process.h index 421efc6016..76fcbd56e6 100644 --- a/src/qemu/qemu_process.h +++ b/src/qemu/qemu_process.h @@ -88,7 +88,8 @@ int qemuProcessStart(virConnectPtr conn, const char *stdin_path, virDomainMomentObj *snapshot, virNetDevVPortProfileOp vmop, - unsigned int flags); + unsigned int flags, + virDomainMigrateFlags migFlags); =20 int qemuProcessCreatePretendCmdPrepare(virQEMUDriver *driver, virDomainObj *vm, @@ -130,7 +131,8 @@ int qemuProcessLaunch(virConnectPtr conn, qemuProcessIncomingDef *incoming, virDomainMomentObj *snapshot, virNetDevVPortProfileOp vmop, - unsigned int flags); + unsigned int flags, + virDomainMigrateFlags migFlags); =20 int qemuProcessFinishStartup(virQEMUDriver *driver, virDomainObj *vm, diff --git a/src/qemu/qemu_saveimage.c b/src/qemu/qemu_saveimage.c index 79567bf17d..af2394f829 100644 --- a/src/qemu/qemu_saveimage.c +++ b/src/qemu/qemu_saveimage.c @@ -632,7 +632,7 @@ qemuSaveImageStartVM(virConnectPtr conn, if (qemuProcessStart(conn, driver, vm, cookie ? cookie->cpu : NULL, asyncJob, "stdio", *fd, path, NULL, VIR_NETDEV_VPORT_PROFILE_OP_RESTORE, - start_flags) =3D=3D 0) + start_flags, 0) =3D=3D 0) started =3D true; =20 if (intermediatefd !=3D -1) { diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c index 06b5c180ff..471e14e22c 100644 --- a/src/qemu/qemu_snapshot.c +++ b/src/qemu/qemu_snapshot.c @@ -1999,7 +1999,7 @@ qemuSnapshotRevertActive(virDomainObj *vm, cookie ? cookie->cpu : NULL, VIR_ASYNC_JOB_START, NULL, -1, NULL, snap, VIR_NETDEV_VPORT_PROFILE_OP_CREATE, - start_flags); + start_flags, 0); virDomainAuditStart(vm, "from-snapshot", rc >=3D 0); detail =3D VIR_DOMAIN_EVENT_STARTED_FROM_SNAPSHOT; event =3D virDomainEventLifecycleNewFromObj(vm, @@ -2122,7 +2122,7 @@ qemuSnapshotRevertInactive(virDomainObj *vm, rc =3D qemuProcessStart(snapshot->domain->conn, driver, vm, NULL, VIR_ASYNC_JOB_START, NULL, -1, NULL, NULL, VIR_NETDEV_VPORT_PROFILE_OP_CREATE, - start_flags); + start_flags, 0); virDomainAuditStart(vm, "from-snapshot", rc >=3D 0); if (rc < 0) { qemuDomainRemoveInactive(driver, vm, 0); diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index dc09c94a4d..07def3c840 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -536,6 +536,7 @@ qemuTPMEmulatorReconfigure(const char *storagepath, * @swtpm_user: The uid for the swtpm to run as (drop privileges to from r= oot) * @swtpm_group: The gid for the swtpm to run as * @incomingMigration: whether we have an incoming migration + * @flags: migration flags * * Create the virCommand use for starting the emulator * Do some initializations on the way, such as creation of storage @@ -548,7 +549,8 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm, bool privileged, uid_t swtpm_user, gid_t swtpm_group, - bool incomingMigration) + bool incomingMigration, + virDomainMigrateFlags flags) { g_autoptr(virCommand) cmd =3D NULL; bool created =3D false; @@ -556,11 +558,19 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm, int pwdfile_fd =3D -1; int migpwdfile_fd =3D -1; const unsigned char *secretuuid =3D NULL; + bool create_storage =3D true; =20 if (!swtpm) return NULL; =20 - if (qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_grou= p) < 0) + /* Do not create storage and run swtpm_setup on incoming migration over + * shared storage + */ + if (incomingMigration && (flags & VIR_MIGRATE_TPM_SHARED_STORAGE)) + create_storage =3D false; + + if (create_storage && + qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_grou= p) < 0) return NULL; =20 if (tpm->data.emulator.hassecretuuid) @@ -854,6 +864,7 @@ qemuExtTPMEmulatorSetupCgroup(const char *swtpmStateDir, * @tpm: TPM definition * @shortName: short and unique name of the domain * @incomingMigration: whether we have an incoming migration + * @flags: migration flags * * Start the external TPM Emulator: * - have the command line built @@ -864,7 +875,8 @@ qemuTPMEmulatorStart(virQEMUDriver *driver, virDomainObj *vm, const char *shortName, virDomainTPMDef *tpm, - bool incomingMigration) + bool incomingMigration, + virDomainMigrateFlags flags) { g_autoptr(virCommand) cmd =3D NULL; VIR_AUTOCLOSE errfd =3D -1; @@ -884,7 +896,8 @@ qemuTPMEmulatorStart(virQEMUDriver *driver, driver->privileged, cfg->swtpm_user, cfg->swtpm_group, - incomingMigration))) + incomingMigration, + flags))) return -1; =20 if (qemuExtDeviceLogCommand(driver, vm, cmd, "TPM Emulator") < 0) @@ -1011,14 +1024,16 @@ int qemuExtTPMStart(virQEMUDriver *driver, virDomainObj *vm, virDomainTPMDef *tpm, - bool incomingMigration) + bool incomingMigration, + virDomainMigrateFlags flags) { g_autofree char *shortName =3D virDomainDefGetShortName(vm->def); =20 if (!shortName) return -1; =20 - return qemuTPMEmulatorStart(driver, vm, shortName, tpm, incomingMigrat= ion); + return qemuTPMEmulatorStart(driver, vm, shortName, tpm, incomingMigrat= ion, + flags); } =20 =20 diff --git a/src/qemu/qemu_tpm.h b/src/qemu/qemu_tpm.h index f068f3ca5a..410c9ec1c6 100644 --- a/src/qemu/qemu_tpm.h +++ b/src/qemu/qemu_tpm.h @@ -42,7 +42,8 @@ void qemuExtTPMCleanupHost(virDomainTPMDef *tpm, int qemuExtTPMStart(virQEMUDriver *driver, virDomainObj *vm, virDomainTPMDef *def, - bool incomingMigration) + bool incomingMigration, + virDomainMigrateFlags flags) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) G_GNUC_WARN_UNUSED_RESULT; --=20 2.37.3 From nobody Sun May 5 23:18:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1664978577; cv=none; d=zohomail.com; s=zohoarc; b=YzUBIu5JRKz8AXUEG2v4WQuwJLlkd0fK0QKBT+2fIS4645K5Zl1CsCjwMD73ntM/R/BUhOdZqREUqQcY++UvEpYZfFhj9uGpL1Gi7Nlvt6tO7eIUxJXCL5lZLJx2V+fw9hwB/nfr1/UtI0sFURgG6POkyBjvY4zr1PN/ov0PE38= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664978577; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=9k173YZf1Ek+3jv2sjEhFJ9XbN8E2yr4QmbpEKBWtAQ=; b=MxuaEgp6RubnnmE90eKrYCQ66kbSrREXK9hKHask6KP/0u/WxNOMBQ3otPQsxFaNQcMVy9U/mEr6hI0RvGXZzhWg8duMnQUDyvWwbNiyZoR65JY18z9X6mWxrJ/jaE4CUH1eXAAHw7YQk6QbCs6Od45hRmMpNojQvLMYPd2sBec= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1664978577536782.633006092299; Wed, 5 Oct 2022 07:02:57 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-578-V-HShV_sOpCSrizg9DbMgQ-1; Wed, 05 Oct 2022 10:02:43 -0400 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E818B196EFA4; Wed, 5 Oct 2022 14:02:23 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id D18D84B3FDF; Wed, 5 Oct 2022 14:02:23 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 96F2A194338A; Wed, 5 Oct 2022 14:02:23 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 5A4981947BBD for ; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 471811402BDC; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast08.extmail.prod.ext.rdu2.redhat.com [10.11.55.24]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3FD531402BDF for ; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 23A4E384C6C7 for ; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-25-4y7OvtaWPsayakZubgbaeg-1; Wed, 05 Oct 2022 10:02:20 -0400 Received: from pps.filterd (m0098419.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 295DmEBL009840; Wed, 5 Oct 2022 14:02:15 GMT Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0b-001b2d01.pphosted.com (PPS) with ESMTPS id 3k1b4q0ga3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:15 +0000 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 295DpL7V027851; Wed, 5 Oct 2022 14:02:14 GMT Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma01dal.us.ibm.com with ESMTP id 3jxd6a2ua5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:14 +0000 Received: from smtpav02.wdc07v.mail.ibm.com ([9.208.128.114]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 295E2CKv9962170 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Oct 2022 14:02:13 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C46B65805E; Wed, 5 Oct 2022 14:02:11 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6748F58071; Wed, 5 Oct 2022 14:02:11 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Oct 2022 14:02:11 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664978576; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=9k173YZf1Ek+3jv2sjEhFJ9XbN8E2yr4QmbpEKBWtAQ=; b=O0lidzTLYx3OVKkQ6ZjeJtGoECmRTcN6aRQHAM7vTslUhXQZeYZ1yQ/UlhZKOE4sDHUMGK yM0eldqbiahe1mIWaxuPfEZBPXkxcKVi7ZTCepHJxd2WIk+GoQJSLCZDGvWUqOp7+4xtXh PGX5ox+Ljjj208EQiI5YXbddeYFo/RY= X-MC-Unique: V-HShV_sOpCSrizg9DbMgQ-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: 4y7OvtaWPsayakZubgbaeg-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 4/9] qemu: tpm: Pass --migration option to swtpm if supported Date: Wed, 5 Oct 2022 10:02:02 -0400 Message-Id: <20221005140207.3599989-5-stefanb@linux.ibm.com> In-Reply-To: <20221005140207.3599989-1-stefanb@linux.ibm.com> References: <20221005140207.3599989-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: QrZ8-08awioM57MLNWEbbxBX6JrgVN8e X-Proofpoint-ORIG-GUID: QrZ8-08awioM57MLNWEbbxBX6JrgVN8e X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-05_03,2022-10-05_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 impostorscore=0 lowpriorityscore=0 malwarescore=0 bulkscore=0 spamscore=0 clxscore=1015 priorityscore=1501 suspectscore=0 phishscore=0 mlxscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210050085 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefan Berger Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1664978579153100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Always pass the --migration option to swtpm, if swptm supports it (staring with v0.8). Always apply the 'release-lock-outgoing' parameter with this option and apply the 'incoming' parameter for incoming migration so that swtpm releases the file lock on the source side when the state is migrated and locks the file on the destination side when the state is received. If a started swtpm instance is capable of migrating with share storage then remember this with a flag in the virDomainTPMDef. This flag allows for modifications of the installed swtpm, such as installing a version that does not support migration with shared storage. Report an error if swtpm does not support the --migration option and an incoming migration across shared storage is requested. Signed-off-by: Stefan Berger --- src/conf/domain_conf.h | 1 + src/qemu/qemu_migration.c | 8 ++++++++ src/qemu/qemu_tpm.c | 40 +++++++++++++++++++++++++++++++++++++++ src/qemu/qemu_tpm.h | 3 +++ 4 files changed, 52 insertions(+) diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 352b88eae5..4f9b5c6686 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1461,6 +1461,7 @@ struct _virDomainTPMDef { bool hassecretuuid; bool persistent_state; virBitmap *activePcrBanks; + bool canMigrateWithSharedStorage; } emulator; } data; }; diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index efb27a24aa..431b1b0bcb 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -38,6 +38,7 @@ #include "qemu_security.h" #include "qemu_slirp.h" #include "qemu_block.h" +#include "qemu_tpm.h" =20 #include "domain_audit.h" #include "virlog.h" @@ -2789,6 +2790,13 @@ qemuMigrationSrcBegin(virConnectPtr conn, goto cleanup; } =20 + if ((flags & VIR_MIGRATE_TPM_SHARED_STORAGE) && + !qemuTPMCanMigrateSharedStorage(vm->def)) { + virReportError(VIR_ERR_NO_SUPPORT, "%s", + _("the running swtpm does not support migration wit= h shared storage")); + goto cleanup; + } + if (flags & VIR_MIGRATE_POSTCOPY_RESUME) { ret =3D qemuMigrationSrcBeginResumePhase(conn, driver, vm, xmlin, cookieout, cookieoutlen, fl= ags); diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 07def3c840..fde15b7587 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -644,6 +644,32 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm, virCommandAddArgFormat(cmd, "pwdfd=3D%d,mode=3Daes-256-cbc", migpw= dfile_fd); } =20 + /* If swtpm supports it, start it with --migration release-lock-outgoi= ng + * so it can migrate across shared storage if needed. + */ + tpm->data.emulator.canMigrateWithSharedStorage =3D false; + if (virTPMSwtpmCapsGet(VIR_TPM_SWTPM_FEATURE_CMDARG_MIGRATION)) { + bool incoming =3D false; + + if (incomingMigration && (flags & VIR_MIGRATE_TPM_SHARED_STORAGE)) + incoming =3D true; + virCommandAddArg(cmd, "--migration"); + virCommandAddArgFormat(cmd, "release-lock-outgoing%s", + incoming ? ",incoming": ""); + tpm->data.emulator.canMigrateWithSharedStorage =3D true; + } else { + /* Report an error if there's an incoming migration across shared + * storage and swtpm does not support the --migration option. + */ + if (incomingMigration && (flags & VIR_MIGRATE_TPM_SHARED_STORAGE))= { + virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, + _("%s (on destination side) does not support the --migrati= on option " + "needed for migration with shared storage"), + swtpm); + goto error; + } + } + return g_steal_pointer(&cmd); =20 error: @@ -967,6 +993,20 @@ qemuTPMEmulatorStart(virQEMUDriver *driver, } =20 =20 +bool +qemuTPMCanMigrateSharedStorage(virDomainDef *def) +{ + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR && + !def->tpms[i]->data.emulator.canMigrateWithSharedStorage) { + return false; + } + } + return true; +} + /* --------------------- * Module entry points * --------------------- diff --git a/src/qemu/qemu_tpm.h b/src/qemu/qemu_tpm.h index 410c9ec1c6..630fa7074f 100644 --- a/src/qemu/qemu_tpm.h +++ b/src/qemu/qemu_tpm.h @@ -57,3 +57,6 @@ int qemuExtTPMSetupCgroup(virQEMUDriver *driver, virCgroup *cgroup) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) G_GNUC_WARN_UNUSED_RESULT; + +bool qemuTPMCanMigrateSharedStorage(virDomainDef *def) + ATTRIBUTE_NONNULL(1); --=20 2.37.3 From nobody Sun May 5 23:18:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1664978589; cv=none; d=zohomail.com; s=zohoarc; b=WN6fopno+IPr+a8o/jFZ83KMCI+L/XYsn0CW5wIH3RQb9DpkCyqKogDdHHMqmQwdqIsUWizSsYEHBd13CDwcTvnAhx9SjucYnRsraCBLqxE2lHlR2btXgfa84319RvNerBbYnr+zGKHZ9NJOqS6mpmI3382SSuy9lbR2Equ/gho= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664978589; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=yE+h2jltMWPKag/WWvFTAgWnaOUHcoZZp3zk29oXxsQ=; b=DbEWe9dEXMqvjzNPLYjoAXfA2QarVflgrmm/RrIXZs2GFKtsqI4p8pptuNFk78lzgKyIWzle1nJA7I8SQtIrzT0xcL9m/7718PesaHH1CRjn1vcMNzkPCrUR8ROyDDLAg73U9di7IZQnPW9g215MwFAfXHPi1kJZhoicnEmLQDs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1664978589025329.18029703294405; Wed, 5 Oct 2022 07:03:09 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-104-nSqHjxBFMqaEAeYotEI2Ng-1; Wed, 05 Oct 2022 10:03:01 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E29E7803D4A; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id CDB91440F1; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 677B71947BAF; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D8AEB1946A4E for ; Wed, 5 Oct 2022 14:02:19 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id BC1A91415307; Wed, 5 Oct 2022 14:02:19 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B4AE21415139 for ; Wed, 5 Oct 2022 14:02:19 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9A782811E81 for ; Wed, 5 Oct 2022 14:02:19 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-526-fAkQSwYDMT2fsJXlgnb5MA-1; Wed, 05 Oct 2022 10:02:16 -0400 Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 295D0JVL020732; Wed, 5 Oct 2022 14:02:15 GMT Received: from ppma01wdc.us.ibm.com (fd.55.37a9.ip4.static.sl-reverse.com [169.55.85.253]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3k1ae8aa5w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:15 +0000 Received: from pps.filterd (ppma01wdc.us.ibm.com [127.0.0.1]) by ppma01wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 295DoZQr010941; Wed, 5 Oct 2022 14:02:14 GMT Received: from b01cxnp22033.gho.pok.ibm.com (b01cxnp22033.gho.pok.ibm.com [9.57.198.23]) by ppma01wdc.us.ibm.com with ESMTP id 3jyqae9bp8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:13 +0000 Received: from smtpav02.wdc07v.mail.ibm.com ([9.208.128.114]) by b01cxnp22033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 295E2CYG62652842 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Oct 2022 14:02:13 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6632758059; Wed, 5 Oct 2022 14:02:12 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F3E7F58071; Wed, 5 Oct 2022 14:02:11 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Oct 2022 14:02:11 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664978587; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=yE+h2jltMWPKag/WWvFTAgWnaOUHcoZZp3zk29oXxsQ=; b=AUjB6ptz5w4TjvTBKex0JIMNBiaQ8CjEY3tzPzioMVI2RonDMq82Is40c3LwFGi6PV7nh9 bDHWY+mkVKdA7tW1r6iyxBdAKLZSgyjPSKapwrCgVwVSWqutu2eRh76c9r8dX8Btx9hxeG b7/CdRtBmxidv1qqfLukp9oIwyBvGtI= X-MC-Unique: nSqHjxBFMqaEAeYotEI2Ng-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: fAkQSwYDMT2fsJXlgnb5MA-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 5/9] qemu: tpm: Avoid security labels on incoming migration with shared storage Date: Wed, 5 Oct 2022 10:02:03 -0400 Message-Id: <20221005140207.3599989-6-stefanb@linux.ibm.com> In-Reply-To: <20221005140207.3599989-1-stefanb@linux.ibm.com> References: <20221005140207.3599989-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: m0UxWClW5XhIu1P9C2pked6tnVBiQeQy X-Proofpoint-GUID: m0UxWClW5XhIu1P9C2pked6tnVBiQeQy X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-05_03,2022-10-05_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 priorityscore=1501 phishscore=0 malwarescore=0 bulkscore=0 mlxlogscore=820 clxscore=1015 impostorscore=0 lowpriorityscore=0 spamscore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210050088 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefan Berger Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1664978591161100001 Content-Type: text/plain; charset="utf-8"; x-default="true" When using shared storage there is no need to apply security labels on the storage since the files have to have been labeled already on the source side and we must assume that the source and destination side have been setup to use the same uid and gid for running swtpm as well as share the same security labels. Whether the security labels can be used at all depends on the shared storage and whether and how it supports them. Signed-off-by: Stefan Berger --- src/qemu/qemu_tpm.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index fde15b7587..2b2d2eba5a 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -937,10 +937,18 @@ qemuTPMEmulatorStart(virQEMUDriver *driver, virCommandSetPidFile(cmd, pidfile); virCommandSetErrorFD(cmd, &errfd); =20 - if (qemuSecurityStartTPMEmulator(driver, vm, cmd, - cfg->swtpm_user, cfg->swtpm_group, - NULL, &cmdret) < 0) - return -1; + if (incomingMigration && (flags & VIR_MIGRATE_TPM_SHARED_STORAGE)) { + /* security labels must have been set up on source already */ + if (qemuSecurityCommandRun(driver, vm, cmd, + cfg->swtpm_user, cfg->swtpm_group, + NULL, &cmdret) < 0) { + goto error; + } + } else if (qemuSecurityStartTPMEmulator(driver, vm, cmd, + cfg->swtpm_user, cfg->swtpm_gr= oup, + NULL, &cmdret) < 0) { + goto error; + } =20 if (cmdret < 0) { /* virCommandRun() hidden in qemuSecurityStartTPMEmulator() --=20 2.37.3 From nobody Sun May 5 23:18:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1664978555; cv=none; d=zohomail.com; s=zohoarc; b=U9CmKjv9g92jGDX9m6ua/5UhdcMwkZ1UyjXnLTkecN/Req1YiHRpeK4Su2DOrjHcRUWZ0lWiCrliz8IL2UuUySDdQYaRvoczc0aS/FkWseMyKxY7zVhv3vrIL66JuNAWjGVX7doV4AIprb8iXKWVMCnCDh616C5f15QNZBCCMJc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664978555; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=DLaGnEWCeqbwZD0ymGwRg2t5svbLPNbP1LZJkYEJKu8=; b=DTnrSji/PPOUx9nFw2yDJaJ9MlMjq6eO4F+82InU9eFMxyVgQtMjxwH423VkbEJBixXx5YiNvF2NQP67i7kvqWPxvNyRdwuWObjfse4g9QMvw9xzM9qiWcR/xmXy4yjsTIGUA3IdvKovQNOMkeiUVQTuwIJtcCNHmTt4r2HudIM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1664978555000195.6801730613289; Wed, 5 Oct 2022 07:02:35 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-292-ymXc7GHrMJS7SDO0n88ATg-1; Wed, 05 Oct 2022 10:02:31 -0400 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 81FE9100F81E; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 64262492B0B; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 1444E1943389; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 734151946A6E for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 611C51402BDC; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 594111402BDF for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3DC7085A583 for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-449-EHwUEr5uNQ-Ujrpi_vdv5Q-1; Wed, 05 Oct 2022 10:02:18 -0400 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 295DQrdo018921; Wed, 5 Oct 2022 14:02:16 GMT Received: from ppma04dal.us.ibm.com (7a.29.35a9.ip4.static.sl-reverse.com [169.53.41.122]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3k1atnhaaq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:15 +0000 Received: from pps.filterd (ppma04dal.us.ibm.com [127.0.0.1]) by ppma04dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 295DoohU011174; Wed, 5 Oct 2022 14:02:14 GMT Received: from b01cxnp22034.gho.pok.ibm.com (b01cxnp22034.gho.pok.ibm.com [9.57.198.24]) by ppma04dal.us.ibm.com with ESMTP id 3jxd6aat0w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:14 +0000 Received: from smtpav02.wdc07v.mail.ibm.com ([9.208.128.114]) by b01cxnp22034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 295E2Dgp19989008 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Oct 2022 14:02:13 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F17C058068; Wed, 5 Oct 2022 14:02:12 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8BC615805F; Wed, 5 Oct 2022 14:02:12 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Oct 2022 14:02:12 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664978553; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=DLaGnEWCeqbwZD0ymGwRg2t5svbLPNbP1LZJkYEJKu8=; b=eBcaKMr7NPYIUEZoYCKFRPRhIpDEgTeU1sxeOEqNBH49oBWpcmdNNFvCxLM7YcFJ2vbD77 aApCehFfC9qFPKQszh/RT1kyD2PsVK0YWQPVQj/RoxvRFhIZs4lc2ANKpNmYg8pKWf6Kyn frF/7lBnydTbdoLOTITeRXUL/bE6syI= X-MC-Unique: ymXc7GHrMJS7SDO0n88ATg-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: EHwUEr5uNQ-Ujrpi_vdv5Q-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 6/9] qemu: tpm: Require UNDEFINE_TPM to be set to remove TPM state Date: Wed, 5 Oct 2022 10:02:04 -0400 Message-Id: <20221005140207.3599989-7-stefanb@linux.ibm.com> In-Reply-To: <20221005140207.3599989-1-stefanb@linux.ibm.com> References: <20221005140207.3599989-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: FFIX4_CVWPoPbAAK07hwAMhMPqlLb322 X-Proofpoint-GUID: FFIX4_CVWPoPbAAK07hwAMhMPqlLb322 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-05_03,2022-10-05_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 spamscore=0 suspectscore=0 lowpriorityscore=0 phishscore=0 priorityscore=1501 bulkscore=0 clxscore=1015 mlxlogscore=796 mlxscore=0 adultscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210050088 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefan Berger Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1664978556984100001 Content-Type: text/plain; charset="utf-8"; x-default="true" When migrating the TPM in a setup that has shared storage for the TPM state files setup between hosts we never remove the state. Signed-off-by: Stefan Berger --- src/qemu/qemu_tpm.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 2b2d2eba5a..59de13061a 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -737,6 +737,10 @@ static void qemuTPMEmulatorCleanupHost(virDomainTPMDef *tpm, virDomainUndefineFlagsValues flags) { + /* Never remove the state in case of migration with shared storage. */ + if ((flags & VIR_MIGRATE_TPM_SHARED_STORAGE)) + return; + /* * remove TPM state if: * - persistent_state flag is set and the UNDEFINE_TPM flag is set --=20 2.37.3 From nobody Sun May 5 23:18:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1664978557; cv=none; d=zohomail.com; s=zohoarc; b=XHHOEy6MQdtAbA9SkS49xGx8BCdbEgucuvtAvvN4my4s+ghKeb08VVZfluFBbz9RTPNCzX7sn0kMu3YtA0W/e+ZXU70DHIDBA153OCvl63sGjEjLMpx1r9QKvLufCWIhpDcaaKFzz3wLOQp45Sj5wejrrZmtV2e577sFBryxrpo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664978557; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=+ILoaJhdgrP2oS6r8cLEUV34II3TeDh5jxKpx22yE+k=; b=QJSl6Ud7LffnIfN9h1bL7MKyMukYqTwYfcCUz3GupOIteRNPUgvmu3y+HVwFlywyz7NoHdvO0Fkj7qCuEf6XnKAcEk1+WPlCOnSAjdK6NtWgkBPyDsz8aXskrS9g1cst9M50/oF/D4xzKzYYyE3RazART4LZZj5OteTNSzrWETA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1664978557645588.3474308105884; Wed, 5 Oct 2022 07:02:37 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-21-EdqGEOSSPBqNDlu0z4QKfw-1; Wed, 05 Oct 2022 10:02:33 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 025003C6EAA5; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id DBFD142220; Wed, 5 Oct 2022 14:02:21 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B71A11946A6E; Wed, 5 Oct 2022 14:02:21 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 39F5C1946A4E for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 2C15FC15BAB; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast07.extmail.prod.ext.rdu2.redhat.com [10.11.55.23]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2451EC15BA4 for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 071CB3C6EAA7 for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-561-Snlrx1XiOA-rlFVAZvkDpQ-1; Wed, 05 Oct 2022 10:02:18 -0400 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 295DQmA9018592; Wed, 5 Oct 2022 14:02:16 GMT Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3k1atnhaav-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:16 +0000 Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1]) by ppma02wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 295Dp3oi028876; Wed, 5 Oct 2022 14:02:15 GMT Received: from b01cxnp22034.gho.pok.ibm.com (b01cxnp22034.gho.pok.ibm.com [9.57.198.24]) by ppma02wdc.us.ibm.com with ESMTP id 3jxd69uxp0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:15 +0000 Received: from smtpav02.wdc07v.mail.ibm.com ([9.208.128.114]) by b01cxnp22034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 295E2DeQ18612852 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Oct 2022 14:02:14 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 93BA95805E; Wed, 5 Oct 2022 14:02:13 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2D1DA5805F; Wed, 5 Oct 2022 14:02:13 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Oct 2022 14:02:13 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664978556; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=+ILoaJhdgrP2oS6r8cLEUV34II3TeDh5jxKpx22yE+k=; b=NfKLvw1o5W+1gWcLB6QBjXdibW/LYbgO+fX1MwSiUQvLjwcmUAtx+/G3S9dgOvGk0RRzJU shg2i8ijBvETwyNVoqoCmQnK4XhtP14ngrnHOFiitJgrhbdyvrkvz9jC+h03YhzQdHg046 vmahYu+iinv8m1Evn2i0rdH9KlfmIKY= X-MC-Unique: EdqGEOSSPBqNDlu0z4QKfw-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: Snlrx1XiOA-rlFVAZvkDpQ-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 7/9] qemu: tpm: Determine whether to remove TPM state during migration Date: Wed, 5 Oct 2022 10:02:05 -0400 Message-Id: <20221005140207.3599989-8-stefanb@linux.ibm.com> In-Reply-To: <20221005140207.3599989-1-stefanb@linux.ibm.com> References: <20221005140207.3599989-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 4xoO9XMQ5rGdRlfC-mgaAj1bfpNSS4E- X-Proofpoint-GUID: 4xoO9XMQ5rGdRlfC-mgaAj1bfpNSS4E- X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-05_03,2022-10-05_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 spamscore=0 suspectscore=0 lowpriorityscore=0 phishscore=0 priorityscore=1501 bulkscore=0 clxscore=1015 mlxlogscore=818 mlxscore=0 adultscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210050088 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefan Berger Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1664978559024100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Implement functions to determine whether to remove the TPM state upon migration failure on the destination side or migration success on the source side. In both cases always keep the state when shared storage is used and always remove the state if no shared storage is used. Signed-off-by: Stefan Berger --- src/qemu/qemu_migration.c | 13 ++++++++++--- src/qemu/qemu_tpm.h | 18 ++++++++++++++++++ 2 files changed, 28 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 431b1b0bcb..44e0488303 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -3996,6 +3996,7 @@ qemuMigrationSrcConfirm(virQEMUDriver *driver, { qemuMigrationJobPhase phase; g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + virDomainUndefineFlagsValues undefFlags =3D 0; int ret =3D -1; =20 VIR_DEBUG("vm=3D%p, flags=3D0x%x, cancelled=3D%d", vm, flags, cancelle= d); @@ -4044,7 +4045,9 @@ qemuMigrationSrcConfirm(virQEMUDriver *driver, virDomainDeleteConfig(cfg->configDir, cfg->autostartDir, vm); vm->persistent =3D 0; } - qemuDomainRemoveInactive(driver, vm, VIR_DOMAIN_UNDEFINE_TPM); + if (!qemuTPMCheckKeepTPMStateMigrationSrcSuccess(flags)) + undefFlags |=3D VIR_DOMAIN_UNDEFINE_TPM; + qemuDomainRemoveInactive(driver, vm, undefFlags); } =20 cleanup: @@ -6633,6 +6636,7 @@ qemuMigrationDstFinishActive(virQEMUDriver *driver, virObjectEvent *event; bool inPostCopy =3D false; bool doKill =3D vm->job->phase !=3D QEMU_MIGRATION_PHASE_FINISH_RESUME; + virDomainUndefineFlagsValues undefFlags =3D 0; int rc; =20 VIR_DEBUG("vm=3D%p, flags=3D0x%lx, retcode=3D%d", @@ -6709,8 +6713,11 @@ qemuMigrationDstFinishActive(virQEMUDriver *driver, jobPriv->migParams, vm->job->apiFlags); } =20 - if (!virDomainObjIsActive(vm)) - qemuDomainRemoveInactive(driver, vm, VIR_DOMAIN_UNDEFINE_TPM); + if (!virDomainObjIsActive(vm)) { + if (!qemuTPMCheckKeepTPMStateMigrationDstFailure(flags)) + undefFlags |=3D VIR_DOMAIN_UNDEFINE_TPM; + qemuDomainRemoveInactive(driver, vm, undefFlags); + } =20 virErrorRestore(&orig_err); return NULL; diff --git a/src/qemu/qemu_tpm.h b/src/qemu/qemu_tpm.h index 630fa7074f..0cee08cd5c 100644 --- a/src/qemu/qemu_tpm.h +++ b/src/qemu/qemu_tpm.h @@ -60,3 +60,21 @@ int qemuExtTPMSetupCgroup(virQEMUDriver *driver, =20 bool qemuTPMCanMigrateSharedStorage(virDomainDef *def) ATTRIBUTE_NONNULL(1); + +static inline bool +qemuTPMCheckKeepTPMStateMigrationSrcSuccess(virDomainMigrateFlags flags) +{ + /* always keep state when migrating across shared storage */ + if ((flags & VIR_MIGRATE_TPM_SHARED_STORAGE)) + return true; + return false; +} + +static inline bool +qemuTPMCheckKeepTPMStateMigrationDstFailure(virDomainMigrateFlags flags) +{ + /* always keep state when migrating across shared storage */ + if ((flags & VIR_MIGRATE_TPM_SHARED_STORAGE)) + return true; + return false; +} --=20 2.37.3 From nobody Sun May 5 23:18:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1664978559; cv=none; d=zohomail.com; s=zohoarc; b=INNfos3ams2t6GNpUCjEUZOboROBwqi84+l+HQN8we3s0Upxl8K8dURF0guErIOsbNTsGvVqrE0iGZz03LlZbRjEYUMnj5D8l6XobZzbybdxG534L6PaECjrGeJnfCfDqPbJRSq/NAwCDz/DUYPLV8L0q6x3raCbEfwPz/1L7GE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664978559; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ooPHTv4t+asWX2RSydeXGw3o181/2bWJu43DErFjgTc=; b=CiaYUJCDIdFuM4r/z5B1yWKN8xPoBrNp5Ffo76CHqLmRFrvXmxcm8mvWQbRj/FEGX55FBALGPatIQB8aQiQ236RQJtxX1r1xtR6I7vREzhdIWE9C32A99Q53fliTs/qcRLLttX5D8/rlFVj/25KzT5zfIxJIHZHUKjNof2lVHZk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1664978559499720.1890352543288; Wed, 5 Oct 2022 07:02:39 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-399-FcJ6N575MIWz5m1DMgp_BA-1; Wed, 05 Oct 2022 10:02:35 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5F1BC3C6EAD3; Wed, 5 Oct 2022 14:02:23 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 40827C15BB5; Wed, 5 Oct 2022 14:02:23 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id BF05819433AB; Wed, 5 Oct 2022 14:02:22 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id E62811943382 for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id D5557492B08; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C8E88492B05 for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AE4D685A583 for ; Wed, 5 Oct 2022 14:02:20 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-658-xQpf36HoOM6eAq7DbTMb2g-1; Wed, 05 Oct 2022 10:02:18 -0400 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 295DQnZO018664; Wed, 5 Oct 2022 14:02:17 GMT Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3k1atnhab8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:16 +0000 Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1]) by ppma02wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 295Dp3oj028876; Wed, 5 Oct 2022 14:02:15 GMT Received: from b01cxnp22035.gho.pok.ibm.com (b01cxnp22035.gho.pok.ibm.com [9.57.198.25]) by ppma02wdc.us.ibm.com with ESMTP id 3jxd69uxp2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:15 +0000 Received: from smtpav02.wdc07v.mail.ibm.com ([9.208.128.114]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 295E2EBd6357550 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Oct 2022 14:02:14 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 351E85806E; Wed, 5 Oct 2022 14:02:14 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B985358059; Wed, 5 Oct 2022 14:02:13 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Oct 2022 14:02:13 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664978558; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ooPHTv4t+asWX2RSydeXGw3o181/2bWJu43DErFjgTc=; b=e16jO4JYFQTX/0iO12toPc9KnFKmt1wSDJ0aVwRZ7MB51/XqR573017/7D7b40cEIo+CCe OM/ym1XC5CdMIMRGsMd58ssmhJ5DSZHj2UoKZod917WnAjwwP88vh0dZwli4Rg3OB/x4Ff TTyzt16iN7Prc4E9/BUWS+6EKw1ixNA= X-MC-Unique: FcJ6N575MIWz5m1DMgp_BA-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: xQpf36HoOM6eAq7DbTMb2g-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 8/9] qemu: tpm: Enable migration with VIR_MIGRATE_TPM_SHARED_STORAGE Date: Wed, 5 Oct 2022 10:02:06 -0400 Message-Id: <20221005140207.3599989-9-stefanb@linux.ibm.com> In-Reply-To: <20221005140207.3599989-1-stefanb@linux.ibm.com> References: <20221005140207.3599989-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: _PTu5hRxLY_LF9DQOoi91Lnlf9vmqCi_ X-Proofpoint-GUID: _PTu5hRxLY_LF9DQOoi91Lnlf9vmqCi_ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-05_03,2022-10-05_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 spamscore=0 suspectscore=0 lowpriorityscore=0 phishscore=0 priorityscore=1501 bulkscore=0 clxscore=1015 mlxlogscore=672 mlxscore=0 adultscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210050088 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefan Berger Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1664978560979100003 Content-Type: text/plain; charset="utf-8"; x-default="true" Add the flag VIR_MIGRATE_TPM_SHARED_STORAGE to the collection of supported flags for QEMU VM migration. Signed-off-by: Stefan Berger --- src/qemu/qemu_migration.h | 1 + 1 file changed, 1 insertion(+) diff --git a/src/qemu/qemu_migration.h b/src/qemu/qemu_migration.h index fbea45ad4e..4203abcb1a 100644 --- a/src/qemu/qemu_migration.h +++ b/src/qemu/qemu_migration.h @@ -62,6 +62,7 @@ VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES | \ VIR_MIGRATE_POSTCOPY_RESUME | \ VIR_MIGRATE_ZEROCOPY | \ + VIR_MIGRATE_TPM_SHARED_STORAGE | \ 0) =20 /* All supported migration parameters and their types. */ --=20 2.37.3 From nobody Sun May 5 23:18:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1664978561; cv=none; d=zohomail.com; s=zohoarc; b=Rc8GUnCb+psM8xuCIxWsyESMP4KvjBfg+9Tv+b2stW83ZFrr2njsOik2wSlzfgCpQkyUDVo0aiabAyf3FsPT9KYyTpakzv1JLUkDvZVpOThaWxJSIQG2dmarn3QPRSRqfh8eLrJmz7d2UtI2GQp5wUhPoS/pt5YHdpen6UZTgqQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664978561; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FzbkKF0zLEDCRx2mCWbHb7tu7YoUJsAe0TgHRghdMA0=; b=dzGAZRFBTe1vUzg0xGG+fFD9y34jx5s/9Qfiao2imIYUuOI6zNj08NH0uCjwcdQQ+bQ6rVLA8NPKpYvyDCD4eNw8mjPrKpzNRZVqSuFtH1PRpT961A7KLHc/JWlZ/uIH4b6pKulPsPhJK2XwdCpZhEUAL6IwReVLyPtpfyq4LGw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1664978561977730.3877497195315; Wed, 5 Oct 2022 07:02:41 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-553-jENU4hJGOVuAyDNgYRq8hw-1; Wed, 05 Oct 2022 10:02:36 -0400 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2F9C7858282; Wed, 5 Oct 2022 14:02:26 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1BA4C4B3FC7; Wed, 5 Oct 2022 14:02:26 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id E8A7E1946A5A; Wed, 5 Oct 2022 14:02:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id EDBF51946A4E for ; Wed, 5 Oct 2022 14:02:24 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id D111F1121333; Wed, 5 Oct 2022 14:02:24 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C93491121330 for ; Wed, 5 Oct 2022 14:02:24 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id ADEA0855423 for ; Wed, 5 Oct 2022 14:02:24 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-615-0Z1howdxPnysGtIcgh2Y0A-1; Wed, 05 Oct 2022 10:02:20 -0400 Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 295CqJw4015966; Wed, 5 Oct 2022 14:02:18 GMT Received: from ppma04wdc.us.ibm.com (1a.90.2fa9.ip4.static.sl-reverse.com [169.47.144.26]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3k1aafjdbw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:17 +0000 Received: from pps.filterd (ppma04wdc.us.ibm.com [127.0.0.1]) by ppma04wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 295DopHs031716; Wed, 5 Oct 2022 14:02:16 GMT Received: from b01cxnp22035.gho.pok.ibm.com (b01cxnp22035.gho.pok.ibm.com [9.57.198.25]) by ppma04wdc.us.ibm.com with ESMTP id 3jxd69uwuk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 05 Oct 2022 14:02:16 +0000 Received: from smtpav02.wdc07v.mail.ibm.com ([9.208.128.114]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 295E2Fgv47841626 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 5 Oct 2022 14:02:15 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C0F5158061; Wed, 5 Oct 2022 14:02:14 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5A69058059; Wed, 5 Oct 2022 14:02:14 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Wed, 5 Oct 2022 14:02:14 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1664978560; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=FzbkKF0zLEDCRx2mCWbHb7tu7YoUJsAe0TgHRghdMA0=; b=cjtY/HtpacyXG8J155Hso1kIDebKn+ek7nXNZedN6FMt+aOPmGBsXslCZ5S7RKUn/WwlYI IItsqMx7vfHsfVmfd5BVSHlwfBaqTba23fJM+GTnuOKXOr5jT+LmYa2C93H8KnqxMBPGbq Ry9kQ0N3R7uvcDTsLWY8Z1RmXvQ6zNI= X-MC-Unique: jENU4hJGOVuAyDNgYRq8hw-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: 0Z1howdxPnysGtIcgh2Y0A-1 From: Stefan Berger To: libvir-list@redhat.com Subject: [PATCH v2 9/9] virsh: Add support for --tpm-shared-storage flag for migration Date: Wed, 5 Oct 2022 10:02:07 -0400 Message-Id: <20221005140207.3599989-10-stefanb@linux.ibm.com> In-Reply-To: <20221005140207.3599989-1-stefanb@linux.ibm.com> References: <20221005140207.3599989-1-stefanb@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: QQuWCbFqW9QV5tDJDgV7izgDSkIuGn6q X-Proofpoint-ORIG-GUID: QQuWCbFqW9QV5tDJDgV7izgDSkIuGn6q X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-10-05_03,2022-10-05_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 suspectscore=0 clxscore=1015 mlxscore=0 bulkscore=0 adultscore=0 mlxlogscore=999 spamscore=0 impostorscore=0 phishscore=0 priorityscore=1501 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210050088 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Stefan Berger Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1664978563120100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Add support for --tpm-shared-storage flag for migration across hosts that have shared storage set up for storing the state. Add documentation to the virsh man page. Signed-off-by: Stefan Berger --- docs/manpages/virsh.rst | 6 ++++++ tools/virsh-domain.c | 7 +++++++ 2 files changed, 13 insertions(+) diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst index 5d11c48803..79626f2510 100644 --- a/docs/manpages/virsh.rst +++ b/docs/manpages/virsh.rst @@ -3297,6 +3297,7 @@ migrate [--parallel [--parallel-connections connections]] [--bandwidth bandwidth] [--tls-destination hostname] [--disks-uri URI] [--copy-storage-synchronous-writes] + [--tpm-shared-storage] =20 Migrate domain to another host. Add *--live* for live migration; <--p2p> for peer-2-peer migration; *--direct* for direct migration; or *--tunnelle= d* @@ -3367,6 +3368,11 @@ For QEMU/KVM this means QEMU will be temporarily all= owed to lock all guest pages in host's memory, although only those that are queued for transfer w= ill be locked at the same time. =20 +*--tpm-shared-storage* enables migration of a QEMU VM with TPM whose +persistents state is saved on shared storage set up between the source +and destination hosts. This option must be given when shared storage +is used and must not be given otherwise. + ``Note``: Individual hypervisors usually do not support all possible types= of migration. For example, QEMU does not support direct migration. =20 diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index 2d22547cc6..05c4a827c3 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -11041,6 +11041,10 @@ static const vshCmdOptDef opts_migrate[] =3D { .completer =3D virshCompleteEmpty, .help =3D N_("override the destination host name used for TLS verific= ation") }, + {.name =3D "tpm-shared-storage", + .type =3D VSH_OT_BOOL, + .help =3D N_("migrate TPM between hosts that have shared storage setu= p for the TPM's state") + }, {.name =3D NULL} }; =20 @@ -11345,6 +11349,9 @@ doMigrate(void *opaque) if (vshCommandOptBool(cmd, "parallel")) flags |=3D VIR_MIGRATE_PARALLEL; =20 + if (vshCommandOptBool(cmd, "tpm-shared-storage")) + flags |=3D VIR_MIGRATE_TPM_SHARED_STORAGE; + if (flags & VIR_MIGRATE_PEER2PEER || vshCommandOptBool(cmd, "direct"))= { if (virDomainMigrateToURI3(dom, desturi, params, nparams, flags) = =3D=3D 0) data->ret =3D 0; --=20 2.37.3