[PATCH v2 2/9] qemu: Introduced VIR_MIGRATE_TPM_SHARED_STORAGE for TPM migration
Daniel P. Berrangé
berrange at redhat.com
Fri Oct 14 15:28:20 UTC 2022
On Thu, Oct 06, 2022 at 04:07:13PM +0200, Michal Prívozník wrote:
> On 10/6/22 15:47, Daniel P. Berrangé wrote:
> > On Wed, Oct 05, 2022 at 10:02:00AM -0400, Stefan Berger wrote:
> >> Introduced VIR_MIGRATE_TPM_SHARED_STORAGE for migrating a TPM across
> >> shared storage.
> >>
> >> At this point do not support this flag in 'virsh', yet.
> >>
> >> Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
> >> ---
> >> include/libvirt/libvirt-domain.h | 8 ++++++++
> >> 1 file changed, 8 insertions(+)
> >>
> >> diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
> >> index 8357aea797..110929039d 100644
> >> --- a/include/libvirt/libvirt-domain.h
> >> +++ b/include/libvirt/libvirt-domain.h
> >> @@ -1098,6 +1098,14 @@ typedef enum {
> >> * Since: 8.5.0
> >> */
> >> VIR_MIGRATE_ZEROCOPY = (1 << 20),
> >> +
> >> + /* Support TPM migration across hosts that have shared storage setup for
> >> + * the directory structure holding the state of TPMs. Typically this would
> >> + * mean that the directory /var/lib/libvirt/swtpm is shared.
> >> + *
> >> + * Since: 8.9.0
> >> + */
> >> + VIR_MIGRATE_TPM_SHARED_STORAGE = (1 << 21),
> >
> > Why do we need this flag at all. We don't require users to set any flag
> > when dealing with shared storage for disks, we just make sure we detect
> > shared storage and "do the right thing" with it.
>
> That could work. Until the state is stored on a shared FS but not shared
> across migration hosts. But I guess our disk migration code would fail
> then too, wouldn't it?
Exactly, if our existing code is good enough for disks for the last
NNN years, then its good enough for TPM too. If someone finds a broken
scenario, then we'll need to fix it for all cases, and that'll require
something more general than a VIR_MIGRATE_TPM_SHARED_STORAGE flag.
It is basically akin to a "make it work=yes" setting, and actually
introduces failure scenarios that would not otherwise exist. eg
if someone sets VIR_MIGRATE_TPM_SHARED_STORAGE when the TPM is on
local only storage, or fails to set it when using shared storage.
Ergo, we should not add this flag to our public API.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list