[v3] qemu: tpm: Add support for migration across shared storage

[PATCH v3 2/6] qemu: tpm: Conditionally create storage on incoming migration

Posted by Stefan Berger 3 years, 3 months ago

Do not create storage if the TPM state files are on shared storage and
there's an incoming migration since in this case the storage directory
must already exist. Also do not run swtpm_setup in this case.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 src/qemu/qemu_tpm.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index dc09c94a4d..a45ad599aa 100644
--- a/src/qemu/qemu_tpm.c
+++ b/src/qemu/qemu_tpm.c
@@ -556,11 +556,19 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm,
     int pwdfile_fd = -1;
     int migpwdfile_fd = -1;
     const unsigned char *secretuuid = NULL;
+    bool create_storage = true;
 
     if (!swtpm)
         return NULL;
 
-    if (qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_group) < 0)
+    /* Do not create storage and run swtpm_setup on incoming migration over
+     * shared storage
+     */
+    if (incomingMigration && virFileIsSharedFS(tpm->data.emulator.storagepath))
+        create_storage = false;
+
+    if (create_storage &&
+        qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_group) < 0)
         return NULL;
 
     if (tpm->data.emulator.hassecretuuid)
-- 
2.37.3

Re: [PATCH v3 2/6] qemu: tpm: Conditionally create storage on incoming migration

Posted by Michal Prívozník 3 years, 3 months ago

On 10/18/22 19:04, Stefan Berger wrote:
> Do not create storage if the TPM state files are on shared storage and
> there's an incoming migration since in this case the storage directory
> must already exist. Also do not run swtpm_setup in this case.
> 
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> ---
>  src/qemu/qemu_tpm.c | 10 +++++++++-
>  1 file changed, 9 insertions(+), 1 deletion(-)
> 
> diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
> index dc09c94a4d..a45ad599aa 100644
> --- a/src/qemu/qemu_tpm.c
> +++ b/src/qemu/qemu_tpm.c
> @@ -556,11 +556,19 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm,
>      int pwdfile_fd = -1;
>      int migpwdfile_fd = -1;
>      const unsigned char *secretuuid = NULL;
> +    bool create_storage = true;
>  
>      if (!swtpm)
>          return NULL;
>  
> -    if (qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_group) < 0)
> +    /* Do not create storage and run swtpm_setup on incoming migration over
> +     * shared storage
> +     */
> +    if (incomingMigration && virFileIsSharedFS(tpm->data.emulator.storagepath))

Here and everywhere else, this needs to be virFileIsSharedFS() == 1,
because the function may return -1, 0, 1 and we do not want to treat -1
as 1.

> +        create_storage = false;
> +
> +    if (create_storage &&
> +        qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_group) < 0)
>          return NULL;
>  
>      if (tpm->data.emulator.hassecretuuid)

Michal

Re: [PATCH v3 2/6] qemu: tpm: Conditionally create storage on incoming migration

Posted by Stefan Berger 3 years, 3 months ago


On 10/21/22 06:55, Michal Prívozník wrote:
> On 10/18/22 19:04, Stefan Berger wrote:
>> Do not create storage if the TPM state files are on shared storage and
>> there's an incoming migration since in this case the storage directory
>> must already exist. Also do not run swtpm_setup in this case.
>>
>> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
>> ---
>>   src/qemu/qemu_tpm.c | 10 +++++++++-
>>   1 file changed, 9 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
>> index dc09c94a4d..a45ad599aa 100644
>> --- a/src/qemu/qemu_tpm.c
>> +++ b/src/qemu/qemu_tpm.c
>> @@ -556,11 +556,19 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm,
>>       int pwdfile_fd = -1;
>>       int migpwdfile_fd = -1;
>>       const unsigned char *secretuuid = NULL;
>> +    bool create_storage = true;
>>   
>>       if (!swtpm)
>>           return NULL;
>>   
>> -    if (qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_group) < 0)
>> +    /* Do not create storage and run swtpm_setup on incoming migration over
>> +     * shared storage
>> +     */
>> +    if (incomingMigration && virFileIsSharedFS(tpm->data.emulator.storagepath))
> 
> Here and everywhere else, this needs to be virFileIsSharedFS() == 1,
> because the function may return -1, 0, 1 and we do not want to treat -1
> as 1.

Thanks, I will fix it.

> 
>> +        create_storage = false;
>> +
>> +    if (create_storage &&
>> +        qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_group) < 0)
>>           return NULL;
>>   
>>       if (tpm->data.emulator.hassecretuuid)
> 
> Michal
> 

    Stefan

[PATCH v3 1/6] util: Add parsing support for swtpm's cmdarg-migration capability
[PATCH v3 2/6] qemu: tpm: Conditionally create storage on incoming migration
[PATCH v3 3/6] qemu: tpm: Add support for storing private TPM-related data
[PATCH v3 4/6] qemu: tpm: Pass --migration option to swtpm if supported and needed
[PATCH v3 5/6] qemu: tpm: Avoid security labels on incoming migration with shared storage
[PATCH v3 6/6] qemu: tpm: Never remove state on outgoing migration and shared storage