Add a shared_storage field to the emulator part of the virDomainTPMDef
used for indicating whether shared storage for TPM state is setup between
hosts.
Do not create storage if shared_storage flag is set and there's an incoming
migration since the storage directory in this case must already exist. As a
consequence also do not run swtpm_setup in this case.
Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
---
src/conf/domain_conf.h | 1 +
src/qemu/qemu_tpm.c | 10 +++++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index a1f6cf7a6f..29dc17a299 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1459,6 +1459,7 @@ struct _virDomainTPMDef {
unsigned char secretuuid[VIR_UUID_BUFLEN];
bool hassecretuuid;
bool persistent_state;
+ bool shared_storage;
virBitmap *activePcrBanks;
} emulator;
} data;
diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index d2ae3b9824..280307a14e 100644
--- a/src/qemu/qemu_tpm.c
+++ b/src/qemu/qemu_tpm.c
@@ -562,11 +562,19 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm,
int pwdfile_fd = -1;
int migpwdfile_fd = -1;
const unsigned char *secretuuid = NULL;
+ bool create_storage = true;
if (!swtpm)
return NULL;
- if (qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_group) < 0)
+ /* Do not create storage and run swtpm_setup on incoming migration over
+ * shared storage
+ */
+ if (incomingMigration && tpm->data.emulator.shared_storage)
+ create_storage = false;
+
+ if (create_storage &&
+ qemuTPMEmulatorCreateStorage(tpm, &created, swtpm_user, swtpm_group) < 0)
return NULL;
if (tpm->data.emulator.hassecretuuid)
--
2.37.1
