[PATCH] qemu_tpm: Do async IO when starting swtpm emulator

Marc-André Lureau marcandre.lureau at gmail.com
Mon Mar 21 19:56:39 UTC 2022


Hi

On Mon, Mar 21, 2022 at 6:59 PM Michal Privoznik <mprivozn at redhat.com>
wrote:

> When vTPM is secured via virSecret libvirt passes the secret
> value via an FD when swtpm is started (arguments --key and
> --migration-key). The writing of the secret into the FDs is
> handled via virCommand, specifically qemu_tpm calls
> virCommandSetSendBuffer()) and then virCommandRunAsync() spawns a
> thread to handle writing into the FD via
> virCommandDoAsyncIOHelper. But the thread is not created unless
> VIR_EXEC_ASYNC_IO flag is set, which it isn't. In order to fix
> it, virCommandDoAsyncIO() must be called.
>
> The credit goes to Marc-André Lureau
> <marcandre.lureau at redhat.com> who has done all the debugging and
> proposed fix in the bugzilla.
>

(thanks for the credit :)

Wouldn't it make sense to return an error if SendBuffers is used without
AsyncIO then? Or just enable AsyncIO as necessary? (beware, I am not very
familiar with virCommand API. I don't know what this would imply)

Also it would be nice to cover that "behaviour" in a test (even better if
we could cover the swtpm setup & start handling too, although I realize
this is more work!)


> Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2064115
> Fixes: a9c500d2b50c5c041a1bb6ae9724402cf1cec8fe
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
>  src/qemu/qemu_tpm.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
> index 50f9caabf3..56bccee128 100644
> --- a/src/qemu/qemu_tpm.c
> +++ b/src/qemu/qemu_tpm.c
> @@ -899,6 +899,7 @@ qemuTPMEmulatorStart(virQEMUDriver *driver,
>      if (!(pidfile = qemuTPMEmulatorPidFileBuildPath(cfg->swtpmStateDir,
> shortName)))
>          return -1;
>
> +    virCommandDoAsyncIO(cmd);
>      virCommandDaemonize(cmd);
>      virCommandSetPidFile(cmd, pidfile);
>      virCommandSetErrorFD(cmd, &errfd);
> --
> 2.34.1
>
>

-- 
Marc-André Lureau
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20220321/b2041cbe/attachment.htm>


More information about the libvir-list mailing list