From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 05AF51FF17E for ; Thu, 11 Dec 2025 13:31:55 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 747CE14999; Thu, 11 Dec 2025 13:32:25 +0100 (CET) From: Fiona Ebner To: pve-devel@lists.proxmox.com Date: Thu, 11 Dec 2025 13:31:21 +0100 Message-ID: <20251211123145.143908-2-f.ebner@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20251211123145.143908-1-f.ebner@proxmox.com> References: <20251211123145.143908-1-f.ebner@proxmox.com> MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1765456306589 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.018 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH qemu-server 1/6] qm enroll-efi-keys: do not remove EFI disk when config was modified during operation X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" The EFI disk is already pre-existing and should not be removed in case the VM configuration was modified during the enrollment operation. It's not critical if the new certs are enrolled but the marker is not written to the configuration. Worst case, the operation is just done again, where virt-fw-vars will just skip enrollment after detecting that the new certs are already on the disk. Fixes: 95eb95c3 ("qm enroll-efi-keys: move potential blocking operation out of lock") Signed-off-by: Fiona Ebner --- src/PVE/CLI/qm.pm | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/src/PVE/CLI/qm.pm b/src/PVE/CLI/qm.pm index 60fe318e..ca57409f 100755 --- a/src/PVE/CLI/qm.pm +++ b/src/PVE/CLI/qm.pm @@ -744,14 +744,7 @@ __PACKAGE__->register_method({ my $locked_conf = PVE::QemuConfig->load_config($vmid); eval { PVE::Tools::assert_if_modified($conf->{digest}, $locked_conf->{digest}) }; - if (my $err = $@) { - eval { - my $drive = PVE::QemuServer::Drive::parse_drive('efidisk0', $updated); - PVE::Storage::vdisk_free($storecfg, $drive->{file}); - }; - warn "failed to clean-up prepared efidisk volume - $@" if $@; - die "VM ${vmid}: $err"; - } + die "VM ${vmid}: $@" if $@; $locked_conf->{efidisk0} = $updated; PVE::QemuConfig->write_config($vmid, $locked_conf); -- 2.47.3 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel