From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 55CC01FF16F for ; Tue, 14 Oct 2025 16:39:59 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 98CFB774A; Tue, 14 Oct 2025 16:39:57 +0200 (CEST) From: Fiona Ebner To: pve-devel@lists.proxmox.com Date: Tue, 14 Oct 2025 16:39:11 +0200 Message-ID: <20251014143946.160679-1-f.ebner@proxmox.com> X-Mailer: git-send-email 2.47.3 MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1760452752729 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.021 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH-SERIES qemu/swtpm/storage/qemu-server 00/16] fix #4693: drive: allow non-raw image formats for TPM state drive X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" Add infrastructure for doing FUSE exports via QEMU storage daemon. This makes it possible to use non-raw formatted volumes for the TPM state, by exposing it to swtpm as raw via FUSE. A QEMU storage daemon instance is associated to a given VM. The swtpm_setup code tries to unlink files rather than just clear the header like it does for block devices. FUSE exports cannot be unlinked, align the behavior to also just remove the header for files. To have FUSE exports available, it's necessary to enable via QEMU build flags. A new standard option for VM image formats is introduced and in the end used for the TPM state drive. The need for that also came up already in the past for setting a format override when restoring and it's cleaner to use what the storage layer actually supports. Then there's two independent improvements for qemu-server. For the QMP client and wrappers, the QMP peer is better abstracted and the QEMU storage daemon is added as a possible peer. Blockdev code is updated to also support attaching a drive to the QEMU storage daemon rather than just the main QEMU instance for a VM. Then the QSD module is introduced and handling for TPM is added. Finally, non-raw formats are allowed in the schema for the TPM state drive. Smoke tested, but not yet in-depth. Build-dependency bump and dependency bump for pve-storage needed! Dependency bump for QEMU and swtpm needed! qemu: Fiona Ebner (1): d/rules: enable fuse debian/rules | 1 + 1 file changed, 1 insertion(+) swtpm: Fiona Ebner (1): swtpm setup: file: always just clear header rather than unlinking src/swtpm_setup/swtpm_backend_file.c | 42 +++++++++++----------------- 1 file changed, 17 insertions(+), 25 deletions(-) storage: Fiona Ebner (1): common: add pve-vm-image-format standard option for VM image formats src/PVE/Storage/Common.pm | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) qemu-server: Fiona Ebner (13): tests: cfg2cmd: remove invalid mocking of qmp_cmd migration: offline volumes: drop deprecated special casing for TPM state qmp client: better abstract peer in preparation for qemu-storage-daemon monitor: qmp: precise error message by logging peer type helpers: add functions for qemu-storage-daemon instances monitor: qmp: allow 'qsd' peer type for qemu-storage-daemon monitor: align interface of qmp_cmd() with other helpers machine: include +pve version when getting installed machine version blockdev: support attaching to qemu-storage-daemon blockdev: attach: also return whether attached blockdev is read-only introduce QSD module for qemu-storage-daemon functionality tpm: support non-raw volumes via FUSE exports for swtpm fix #4693: drive: allow non-raw image formats for TPM state drive src/PVE/API2/Qemu.pm | 8 +- src/PVE/QMPClient.pm | 39 ++++----- src/PVE/QemuMigrate.pm | 7 +- src/PVE/QemuServer.pm | 57 +++++++++--- src/PVE/QemuServer/BlockJob.pm | 2 +- src/PVE/QemuServer/Blockdev.pm | 33 ++++--- src/PVE/QemuServer/Drive.pm | 2 + src/PVE/QemuServer/Helpers.pm | 57 +++++++++--- src/PVE/QemuServer/Machine.pm | 19 ++-- src/PVE/QemuServer/Makefile | 1 + src/PVE/QemuServer/Monitor.pm | 76 +++++++++++----- src/PVE/QemuServer/QSD.pm | 124 +++++++++++++++++++++++++++ src/PVE/VZDump/QemuServer.pm | 9 +- src/test/run_config2command_tests.pl | 1 - src/test/snapshot-test.pm | 4 +- 15 files changed, 335 insertions(+), 104 deletions(-) create mode 100644 src/PVE/QemuServer/QSD.pm Summary over all repositories: 18 files changed, 370 insertions(+), 131 deletions(-) -- Generated by git-murpp 0.5.0 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel