From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 491FF1FF16F for ; Tue, 14 Oct 2025 16:40:25 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id B1CDA78D2; Tue, 14 Oct 2025 16:39:59 +0200 (CEST) From: Fiona Ebner To: pve-devel@lists.proxmox.com Date: Tue, 14 Oct 2025 16:39:26 +0200 Message-ID: <20251014143946.160679-16-f.ebner@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20251014143946.160679-1-f.ebner@proxmox.com> References: <20251014143946.160679-1-f.ebner@proxmox.com> MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1760452753055 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.021 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH qemu-server 15/16] tpm: support non-raw volumes via FUSE exports for swtpm X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" Signed-off-by: Fiona Ebner --- Dependency bump for swtpm needed! src/PVE/QemuServer.pm | 33 ++++++++++++++++++++++++++++++--- 1 file changed, 30 insertions(+), 3 deletions(-) diff --git a/src/PVE/QemuServer.pm b/src/PVE/QemuServer.pm index 613ab361..dcc5cafb 100644 --- a/src/PVE/QemuServer.pm +++ b/src/PVE/QemuServer.pm @@ -82,6 +82,7 @@ use PVE::QemuServer::OVMF; use PVE::QemuServer::PCI qw(print_pci_addr print_pcie_addr print_pcie_root_port parse_hostpci); use PVE::QemuServer::QemuImage; use PVE::QemuServer::QMPHelpers qw(qemu_deviceadd qemu_devicedel qemu_objectadd qemu_objectdel); +use PVE::QemuServer::QSD; use PVE::QemuServer::RNG qw(parse_rng print_rng_device_commandline print_rng_object_commandline); use PVE::QemuServer::RunState; use PVE::QemuServer::StateFile; @@ -2828,8 +2829,12 @@ sub start_swtpm { my ($storeid) = PVE::Storage::parse_volume_id($tpm->{file}, 1); if ($storeid) { my $format = checked_volume_format($storecfg, $tpm->{file}); - die "swtpm currently only supports 'raw' state volumes\n" if $format ne 'raw'; - $state = PVE::Storage::map_volume($storecfg, $tpm->{file}); + if ($format eq 'raw') { + $state = PVE::Storage::map_volume($storecfg, $tpm->{file}); + } else { + PVE::QemuServer::QSD::start($vmid); + $state = PVE::QemuServer::QSD::add_fuse_export($vmid, $tpm, 'tpmstate0'); + } } else { $state = $tpm->{file}; } @@ -5451,6 +5456,12 @@ sub vm_start_nolock { eval { clear_reboot_request($vmid); }; warn $@ if $@; + # terminate left-over storage daemon if still running + if (my $pid = PVE::QemuServer::Helpers::qsd_running_locally($vmid)) { + log_warn("left-over QEMU storage daemon for $vmid running with PID $pid - terminating now"); + PVE::QemuServer::QSD::quit($vmid); + } + if (!$statefile && scalar(keys %{ $conf->{pending} })) { vmconfig_apply_pending($vmid, $conf, $storecfg); $conf = PVE::QemuConfig->load_config($vmid); # update/reload @@ -5644,6 +5655,13 @@ sub vm_start_nolock { } $systemd_properties{timeout} = 10 if $statefile; # setting up the scope should be quick + my $cleanup_qsd = sub { + if (PVE::QemuServer::Helpers::qsd_running_locally($vmid)) { + eval { PVE::QemuServer::QSD::quit($vmid); }; + warn "stopping QEMU storage daemon failed - $@" if $@; + } + }; + my $run_qemu = sub { PVE::Tools::run_fork sub { PVE::Systemd::enter_systemd_scope($vmid, "Proxmox VE VM $vmid", @@ -5654,7 +5672,11 @@ sub vm_start_nolock { my $tpmpid; if ((my $tpm = $conf->{tpmstate0}) && !PVE::QemuConfig->is_template($conf)) { # start the TPM emulator so QEMU can connect on start - $tpmpid = start_swtpm($storecfg, $vmid, $tpm, $migratedfrom); + eval { $tpmpid = start_swtpm($storecfg, $vmid, $tpm, $migratedfrom); }; + if (my $err = $@) { + $cleanup_qsd->(); + die $err; + } } my $exitcode = run_command($cmd, %run_params); @@ -5665,6 +5687,8 @@ sub vm_start_nolock { warn "stopping swtpm instance (pid $tpmpid) due to QEMU startup error\n"; kill 'TERM', $tpmpid; } + $cleanup_qsd->(); + die "QEMU exited with code $exitcode\n"; } }; @@ -6026,6 +6050,9 @@ sub vm_stop_cleanup { my ($storecfg, $vmid, $conf, $keepActive, $apply_pending_changes, $noerr) = @_; eval { + PVE::QemuServer::QSD::quit($vmid) + if PVE::QemuServer::Helpers::qsd_running_locally($vmid); + # ensure that no dbus-vmstate helper is left running in any case # at this point, it should never be still running, so quiesce any warnings PVE::QemuServer::DBusVMState::qemu_del_dbus_vmstate($vmid, quiet => 1); -- 2.47.3 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel