[PATCH 2/2] qemu: tpm: Remove TPM state after successful migration

Stefan Berger stefanb at linux.ibm.com
Tue Aug 23 16:54:30 UTC 2022 


On 8/23/22 12:28, Stefan Berger wrote:
> This patch 'fixes' the behavior of the persistent_state TPM domain XML
> attribute that intends to preserve the state of the TPM but should not
> keep the state around on all the hosts a VM has been migrated to. It
> removes the TPM state directory structure from the source host upon
> successful migration when non-shared storage is used. Similarly, it
> removes it from the destination host upon migration failure when
> non-shared storage is used.
> 
> Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
> ---

> @@ -6590,6 +6594,7 @@ qemuMigrationDstFinishActive(virQEMUDriver *driver,
>       virObjectEvent *event;
>       bool inPostCopy = false;
>       bool doKill = priv->job.phase != QEMU_MIGRATION_PHASE_FINISH_RESUME;
> +    virDomainUndefineFlagsValues undefFlags = 0;
>       int rc;
>   
>       VIR_DEBUG("vm=%p, flags=0x%lx, retcode=%d",
> @@ -6666,8 +6671,11 @@ qemuMigrationDstFinishActive(virQEMUDriver *driver,
>                                    jobPriv->migParams, priv->job.apiFlags);
>       }
>   
> -    if (!virDomainObjIsActive(vm))
> -        qemuDomainRemoveInactive(driver, vm, 0);
> +    if (!virDomainObjIsActive(vm)) {
> +        if (!qemuTPMCheckKeepTPMStateMigrationDstFailure(vm))
> +            undefFlags |= VIR_DOMAIN_UNDEFINE_TPM;
> +        qemuDomainRemoveInactive(driver, vm, undefFlags);
> +    }
>   
>       virErrorRestore(&orig_err);
>       return NULL;
> diff --git a/src/qemu/qemu_tpm.h b/src/qemu/qemu_tpm.h
> index f068f3ca5a..c5d8774f07 100644
> --- a/src/qemu/qemu_tpm.h
> +++ b/src/qemu/qemu_tpm.h
> @@ -56,3 +56,15 @@ int qemuExtTPMSetupCgroup(virQEMUDriver *driver,
>                             virCgroup *cgroup)
>       ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
>       G_GNUC_WARN_UNUSED_RESULT;
> +
> +static inline bool
> +qemuTPMCheckKeepTPMStateMigrationSrcSuccess(virDomainObj *vm G_GNUC_UNUSED)
> +{
> +    return false;
> +}
> +
> +static inline bool
> +qemuTPMCheckKeepTPMStateMigrationDstFailure(virDomainObj *vm G_GNUC_UNUSED)
> +{
> +    return false;
> +}

For shared storage support these will become a bit more involved due to 
this here:

struct _virDomainDef {
     ...
     /* At maximum 2 TPMs on the domain if a TPM Proxy is present. */
     size_t ntpms;
     virDomainTPMDef **tpms;

}

We'll have to loop over the devices (afaik only ppc64 can have 2) to 
find the emulator.

PS: There's a loop again here that will be called by 
qemuDomainRemoveInactive(driver, vm, 0)   :-/

void
qemuExtDevicesCleanupHost(virQEMUDriver *driver,
                           virDomainDef *def,
                           virDomainUndefineFlagsValues flags)
{
     size_t i;

     if (qemuExtDevicesInitPaths(driver, def) < 0)
         return;

     for (i = 0; i < def->ntpms; i++) {
         qemuExtTPMCleanupHost(def->tpms[i], flags);
     }
}

More information about the libvir-list mailing list