On Fri, Jul 12, 2019 at 12:23:52PM -0400, Stefan Berger wrote: > Since swtpm does not support getting started without password > once it was created with encryption enabled, we don't allow > encryption to be removed. Similarly, we do not allow encryption > to be added once swtpm has run. We also prevent chaning the type > of the TPM backend since the encrypted state is still around and > the next time one was to switch back to the emulator backend > and forgot the encryption the TPM would not work. > > Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx> > --- > src/conf/domain_conf.c | 56 +++++++++++++++++++++++++++++++++++++++ > src/conf/domain_conf.h | 4 +++ > src/libvirt_private.syms | 1 + > src/qemu/qemu_driver.c | 28 ++++++++++++++++++++ > src/qemu/qemu_extdevice.c | 2 +- > src/qemu/qemu_extdevice.h | 3 +++ > 6 files changed, 93 insertions(+), 1 deletion(-) Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
