[libvirt] [PATCH v5 18/20] tpm: Check TPM XML device configuration changes after edit
Daniel P. Berrangé
berrange at redhat.com
Thu Jul 25 10:03:22 UTC 2019
On Fri, Jul 12, 2019 at 12:23:52PM -0400, Stefan Berger wrote:
> Since swtpm does not support getting started without password
> once it was created with encryption enabled, we don't allow
> encryption to be removed. Similarly, we do not allow encryption
> to be added once swtpm has run. We also prevent chaning the type
> of the TPM backend since the encrypted state is still around and
> the next time one was to switch back to the emulator backend
> and forgot the encryption the TPM would not work.
>
> Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
> ---
> src/conf/domain_conf.c | 56 +++++++++++++++++++++++++++++++++++++++
> src/conf/domain_conf.h | 4 +++
> src/libvirt_private.syms | 1 +
> src/qemu/qemu_driver.c | 28 ++++++++++++++++++++
> src/qemu/qemu_extdevice.c | 2 +-
> src/qemu/qemu_extdevice.h | 3 +++
> 6 files changed, 93 insertions(+), 1 deletion(-)
Reviewed-by: Daniel P. Berrangé <berrange at redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list