From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id AF2301FF16F for ; Thu, 27 Feb 2025 15:30:54 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id A1A21295EF; Thu, 27 Feb 2025 15:30:52 +0100 (CET) From: Fiona Ebner To: pve-devel@lists.proxmox.com Date: Thu, 27 Feb 2025 15:30:16 +0100 Message-Id: <20250227143016.63124-1-f.ebner@proxmox.com> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.044 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH qemu-server] hotplug pending: disallow deleting tpmstate and efidisk from configuration X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" When the VM is running, after deleting the tpmstate from the configuration, the TPM drive will still be active, because it is used by swtpm and QEMU will still have the TPM socket. Also, a subsequent live migration will fail, because the commandline for the target instance does not match the one for the source: > kvm: Unknown ramblock "tpm-ppi", cannot accept migration For efidisk, hotunplug would already fail with > can't unplug device 'efidisk0' but it's better to catch this early and queue the change as pending instead. For modifying the 'tpmstate0' and 'efidisk0' options, there are already checks to disallow live changes. Signed-off-by: Fiona Ebner --- PVE/QemuServer.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm index 9d06ac8b..b6fc1f17 100644 --- a/PVE/QemuServer.pm +++ b/PVE/QemuServer.pm @@ -4886,7 +4886,8 @@ sub vmconfig_hotplug_pending { PVE::Network::SDN::Vnets::del_ips_from_mac($net->{bridge}, $net->{macaddr}, $conf->{name}); } } elsif (is_valid_drivename($opt)) { - die "skip\n" if !$hotplug_features->{disk} || $opt =~ m/(ide|sata)(\d+)/; + die "skip\n" + if !$hotplug_features->{disk} || $opt =~ m/(efidisk|ide|sata|tpmstate)(\d+)/; vm_deviceunplug($vmid, $conf, $opt); vmconfig_delete_or_detach_drive($vmid, $storecfg, $conf, $opt, $force); } elsif ($opt =~ m/^memory$/) { -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel