Emulated TPM devices and snapshots of running VMs
Peter Krempa
pkrempa at redhat.com
Thu Jul 9 16:08:11 UTC 2020
On Thu, Jul 09, 2020 at 17:54:23 +0200, Milan Zamazal wrote:
> Peter Krempa <pkrempa at redhat.com> writes:
>
> > On Thu, Jul 09, 2020 at 14:14:32 +0200, Milan Zamazal wrote:
> >> Milan Zamazal <mzamazal at redhat.com> writes:
> >>
> >
> >> > Hi,
> >> >
> >> > I would like to clarify how to make snapshots of running VMs with
> >> > emulated TPM devices. As far as I understand QEMU documentation, it's
> >> > possible to make snapshots of running VMs with TPM, but it's important
> >> > to retain the state of swtpm. Does libvirt assist with that in any way
> >> > or is it completely user's responsibility? libvirt pauses the VM
> >> > internally when making a snapshot, which should be the right moment to
> >> > copy the swtpm data, but the user doesn't have control over it. Is
> >> > there a way to make a copy of swtpm data that is guaranteed to be
> >> > consistent with the snapshot?
> >>
> >> No idea?
> >
> > I can comment only on the fact that libvirt doesn't do anything
> > regarding snapshots on a VM with TPM.
>
> Thank you for the confirmation.
>
> Can anybody confirm there is no way to perform custom actions while a VM
> is frozen by libvirt when making a memory snapshot, before we start
> thinking about workarounds and/or filing a RFE?
No, currently we don't support any custom actions at the point when the
external memory snapshot is finalized prior to continuing the VM.
Please file a generic RFE for snapshoting including TPM rather than a
partial one where you'll request a way to do your hack.
More information about the libvirt-users
mailing list