From nobody Fri Dec 12 12:55:09 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1764599258; cv=none; d=zohomail.com; s=zohoarc; b=LOZyU1xEU55z9HfkCOK/mJyPysBUO0LmI78hd+FQjgmGULIMlvPrgPDMImUeTatX145/GdJAR8lq9S+bvNNwlnCq3LSIKfHBkiIpuiIulYlNmY5C9PIrnhcoTud/BtCqH+VC7+6gLSZk76K7OKDLv/nTxkkAFQ/RZgLgI1PnmwY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1764599258; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:Subject:Subject:To:To:Message-Id:Cc; bh=XLv3hxQkDt+J45e3Lqc1mzPmmTQ8GcH333JQNYq5rO0=; b=P3f69laJii70wViOAAG4JRdIyHT9FV/qfjGgczLswYVoMR2kcFxOvvJyJqF9w4N6twfX1Uoc2ZD3k2axRDpffMYRW3hOwvUT5syZxDsAK56/Jg8stWayBWxQ0GQ4OCzqQBg32/vv1Dwa/tEDYLQrs7BW/vSV/CwMdJZ/WoAggdA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1764599258854851.7501178692063; Mon, 1 Dec 2025 06:27:38 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 92B7841D79; Mon, 1 Dec 2025 09:27:35 -0500 (EST) Received: from [172.19.199.74] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 13C7444B18; Mon, 1 Dec 2025 09:26:40 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id B456744412; Mon, 1 Dec 2025 09:26:07 -0500 (EST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 228D0443F3 for ; Mon, 1 Dec 2025 09:26:02 -0500 (EST) Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-91-eAfCXOLANxmUylOYeSvvAQ-1; Mon, 01 Dec 2025 09:25:59 -0500 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 4E2951800342 for ; Mon, 1 Dec 2025 14:25:58 +0000 (UTC) Received: from speedmetal.openshiftapps.com (unknown [10.44.22.6]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 8966619560A7 for ; Mon, 1 Dec 2025 14:25:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1764599161; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XLv3hxQkDt+J45e3Lqc1mzPmmTQ8GcH333JQNYq5rO0=; b=N67hyvkW3z1QSn37NjvDOkvmjSHEClXauZYRf26lIM/ist71++Q7OCCW6PjblHOtTaPu+B qTgFsESQJbVvIOqGLQS3oOnky8hlSiqq/Q5qyKuR9fnaczAT1F762N5hHpPx8pLdzY9eoB Hee9VS7qzhD/kM7nMvKIxDhwnAgavSA= X-MC-Unique: eAfCXOLANxmUylOYeSvvAQ-1 X-Mimecast-MFC-AGG-ID: eAfCXOLANxmUylOYeSvvAQ_1764599158 To: devel@lists.libvirt.org Subject: [PATCH] qemu: tpm: Account for possible migration without actually sharing storage Date: Mon, 1 Dec 2025 15:25:55 +0100 Message-ID: <7daadad52b6dfee93676916f1f77cea42b63befd.1764599155.git.pkrempa@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: _KSlKZZMs2axoH6sluv9smyyc7_TVb3oZhzimOKG3xs_1764599158 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: OHUIJBVYHOOB2KKRJBWJDHOWSYVIRIVW X-Message-ID-Hash: OHUIJBVYHOOB2KKRJBWJDHOWSYVIRIVW X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Peter Krempa via Devel Reply-To: Peter Krempa X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1764599260408019200 Content-Type: text/plain; charset="utf-8" From: Peter Krempa The current logic in 'qemuTPMEmulatorBuildCommand' skips all setup if the *location* of the data is on what we'd consider shared storage. This means that if the location is not actually shared (e.g. it's shared betweeh some other hosts than the two doing the migration) and the path wasn't ever used (e.g. by migrating out) from the host where we're migrating into the complete setup of the location would be skipped even when it doesn't exist. Fix the logic by skipping only some of the setup steps so that 'qemuTPMEmulatorCreateStorage' can still create the storage if it doesn't exist. The rest of the code then needs to take the 'created' flag returned from 'qemuTPMEmulatorCreateStorage' into account. Fixes: 68103e9daf633b789428fedef56f816c92f6ee75 Signed-off-by: Peter Krempa Reviewed-by: Michal Privoznik --- src/qemu/qemu_tpm.c | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 4c9445d72c..1ce6390fd5 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -158,6 +158,7 @@ qemuTPMEmulatorGetPid(const char *swtpmStateDir, /** * qemuTPMEmulatorCreateStorage: * @tpm: TPM definition for an emulator type + * @sharedStorageMigration: VM is being migrated with possibly shared stor= age * @created: a pointer to a bool that will be set to true if the * storage was created because it did not exist yet * @swtpm_user: The uid that needs to be able to access the directory @@ -169,6 +170,7 @@ qemuTPMEmulatorGetPid(const char *swtpmStateDir, */ static int qemuTPMEmulatorCreateStorage(virDomainTPMDef *tpm, + bool sharedStorageMigration, bool *created, uid_t swtpm_user, gid_t swtpm_group) @@ -187,8 +189,14 @@ qemuTPMEmulatorCreateStorage(virDomainTPMDef *tpm, *created =3D false; if (!virFileExists(source_path) || - virDirIsEmpty(source_path, true) > 0) + virDirIsEmpty(source_path, true) > 0) { *created =3D true; + } else { + /* If the location exists and is shared, we don't need to create it + * during migration */ + if (sharedStorageMigration) + return 0; + } if (virDirCreate(source_path, 0700, swtpm_user, swtpm_group, VIR_DIR_CREATE_ALLOW_EXIST) < 0) { @@ -809,16 +817,13 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm, run_setup =3D true; } - /* Do not create storage and run swtpm_setup on incoming migration over - * shared storage - */ on_shared_storage =3D virFileIsSharedFS(tpm->data.emulator.source_path, cfg->sharedFilesystems) =3D=3D 1; - if (incomingMigration && on_shared_storage) - create_storage =3D false; if (create_storage) { - if (qemuTPMEmulatorCreateStorage(tpm, &created, + if (qemuTPMEmulatorCreateStorage(tpm, + incomingMigration && on_shared_st= orage, + &created, cfg->swtpm_user, cfg->swtpm_group= ) < 0) return NULL; run_setup =3D created; @@ -885,6 +890,9 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm, /* If swtpm supports it and the TPM state is stored on shared storage, * start swtpm with --migration release-lock-outgoing so it can migrate * across shared storage if needed. + * + * Note that if 'created' is true, the location didn't exist so the st= orage + * is not actually shared. */ QEMU_DOMAIN_TPM_PRIVATE(tpm)->swtpm.can_migrate_shared_storage =3D fal= se; if (on_shared_storage && @@ -892,13 +900,13 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm, virCommandAddArg(cmd, "--migration"); virCommandAddArgFormat(cmd, "release-lock-outgoing%s", - incomingMigration ? ",incoming": ""); + incomingMigration && !created ? ",incoming"= : ""); QEMU_DOMAIN_TPM_PRIVATE(tpm)->swtpm.can_migrate_shared_storage =3D= true; } else { /* Report an error if there's an incoming migration across shared * storage and swtpm does not support the --migration option. */ - if (incomingMigration && on_shared_storage) { + if (incomingMigration && on_shared_storage && !created) { virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, _("%1$s (on destination side) does not support = the --migration option needed for migration with shared storage"), swtpm); --=20 2.52.0