On 7/25/19 5:58 AM, Daniel P. Berrangé wrote:
On Fri, Jul 12, 2019 at 12:23:51PM -0400, Stefan Berger wrote:
This patch now passes the passphrase as a migration key to swtpm.
This now encrypts the state of the TPM while a VM is migrated between
hosts or when suspended into a file. Since the migration key secret
is the same as the state encryption secret, this now requires that
the migration destination host has the same secret value.
Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
---
src/qemu/qemu_tpm.c | 10 ++++++++++
1 file changed, 10 insertions(+)
@@ -651,6 +655,12 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDefPtr tpm,
pwdfile_fd);
virCommandPassFD(cmd, pwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT);
pwdfile_fd = -1;
+
+ virCommandAddArg(cmd, "--migration-key");
+ virCommandAddArgFormat(cmd, "pwdfd=%d,mode=aes-256-cbc,kdf=pbkdf2",
+ migpwdfile_fd);
Why do we have to specify a kdf for migration, but not for the original
on disk encryoptiuon ?
swtpm_setup doesn't have it, but it's the default. Let me remove it.
+ virCommandPassFD(cmd, migpwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT);
+ migpwdfile_fd = -1;
Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
Regards,
Daniel
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
