From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id 4C46B1FF136
	for <inbox@lore.proxmox.com>; Mon, 04 May 2026 15:08:22 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 55D0821CCE;
	Mon,  4 May 2026 15:08:09 +0200 (CEST)
From: Fiona Ebner <f.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH qemu-server 3/3] ovmf: create temporary EFI disk below /run
 instead of /tmp to avoid migration issue
Date: Mon,  4 May 2026 15:03:48 +0200
Message-ID: <20260504130751.226845-4-f.ebner@proxmox.com>
X-Mailer: git-send-email 2.47.3
In-Reply-To: <20260504130751.226845-1-f.ebner@proxmox.com>
References: <20260504130751.226845-1-f.ebner@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1777899977896
X-SPAM-LEVEL: Spam detection results:  0
	AWL                     0.009 Adjusted score from AWL reputation of From:
 address
	BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
	DMARC_MISSING             0.1 Missing DMARC policy
	KAM_DMARC_STATUS         0.01 Test Rule for DKIM or SPF Failure with Strict
 Alignment
	SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
	SPF_PASS               -0.001 SPF: sender matches SPF record
Message-ID-Hash: MNYMO2AFJ57RI2YA4AAASVEXSRJNCTTO
X-Message-ID-Hash: MNYMO2AFJ57RI2YA4AAASVEXSRJNCTTO
X-MailFrom: f.ebner@proxmox.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Owner: <mailto:pve-devel-owner@lists.proxmox.com>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Subscribe: <mailto:pve-devel-join@lists.proxmox.com>
List-Unsubscribe: <mailto:pve-devel-leave@lists.proxmox.com>

As reported in the enterprise support, QEMU might fail to inactivate
the block node for the temporary EFI disk during migration:

> kvm: migration_block_inactivate: bdrv_inactivate_all() failed: -1
> kvm: Error in migration completion: Bad address

The issue occurs when the file for the temporary EFI disk has been
removed from the file system. This happens on new installations since
Debian Trixie [0], where files in /tmp are regularly cleaned.

Requires mocking file_copy() since unprivileged users are not allowed
to actually do the copying of the EFI vars to create the temporary EFI
disk. But there is no need to create the temporary test for the test
anyways.

[0]: https://www.debian.org/releases/trixie/release-notes/issues.html#the-directories-tmp-and-var-tmp-are-now-regularly-cleaned

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
 debian/tmpfiles                                    |  5 +++--
 src/PVE/QemuServer/OVMF.pm                         |  6 ++++--
 src/test/cfg2cmd/efi-ovmf-without-efidisk.conf.cmd |  2 +-
 src/test/run_config2command_tests.pl               | 12 ++++++++++++
 4 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/debian/tmpfiles b/debian/tmpfiles
index 3bbe100c..978205f3 100644
--- a/debian/tmpfiles
+++ b/debian/tmpfiles
@@ -1,2 +1,3 @@
-#Type Path             Mode User Group     Age Argument
-d     /run/qemu-server 0750 root www-data  -   -
+#Type Path                     Mode User Group     Age Argument
+d     /run/qemu-server         0750 root www-data  -   -
+d     /run/qemu-server/efidisk 0750 root www-data  -   -
diff --git a/src/PVE/QemuServer/OVMF.pm b/src/PVE/QemuServer/OVMF.pm
index f2faeb27..7a765fad 100644
--- a/src/PVE/QemuServer/OVMF.pm
+++ b/src/PVE/QemuServer/OVMF.pm
@@ -55,6 +55,8 @@ my $OVMF = {
     },
 };
 
+my $temporary_efidisk_dir = '/run/qemu-server/efidisk';
+
 my sub get_ovmf_files($$$$) {
     my ($arch, $efidisk, $smm, $cvm_type) = @_;
 
@@ -128,7 +130,7 @@ my sub print_ovmf_drive_commandlines {
         $var_drive_str .= ',readonly=on' if $readonly;
     } else {
         log_warn("no efidisk configured! Using temporary efivars disk.");
-        my $path = "/tmp/$vmid-ovmf.fd";
+        my $path = "${temporary_efidisk_dir}/${vmid}-ovmf.fd";
         PVE::File::file_copy($ovmf_vars, $path, $ovmf_vars_size);
         $var_drive_str .= ",format=raw,file=$path";
         $var_drive_str .= ",size=" . $ovmf_vars_size if $version_guard->(4, 1, 2);
@@ -220,7 +222,7 @@ my sub generate_ovmf_blockdev {
         }
     } else {
         log_warn("no efidisk configured! Using temporary efivars disk.");
-        my $path = "/tmp/$vmid-ovmf.fd";
+        my $path = "${temporary_efidisk_dir}/${vmid}-ovmf.fd";
         PVE::File::file_copy($ovmf_vars, $path, file_get_size($ovmf_vars));
         $drive = { file => $path, interface => 'efidisk', index => 0 };
         $format = 'raw';
diff --git a/src/test/cfg2cmd/efi-ovmf-without-efidisk.conf.cmd b/src/test/cfg2cmd/efi-ovmf-without-efidisk.conf.cmd
index 44362710..fdeb8ba5 100644
--- a/src/test/cfg2cmd/efi-ovmf-without-efidisk.conf.cmd
+++ b/src/test/cfg2cmd/efi-ovmf-without-efidisk.conf.cmd
@@ -11,7 +11,7 @@
   -smbios 'type=1,uuid=7b10d7af-b932-4c66-b2c3-3996152ec465' \
   -object '{"id":"throttle-drive-efidisk0","limits":{},"qom-type":"throttle-group"}' \
   -blockdev '{"driver":"raw","file":{"driver":"file","filename":"/usr/share/pve-edk2-firmware//OVMF_CODE.fd"},"node-name":"pflash0","read-only":true}' \
-  -blockdev '{"detect-zeroes":"on","discard":"ignore","driver":"throttle","file":{"cache":{"direct":false,"no-flush":false},"detect-zeroes":"on","discard":"ignore","driver":"raw","file":{"aio":"io_uring","cache":{"direct":false,"no-flush":false},"detect-zeroes":"on","discard":"ignore","driver":"file","filename":"/tmp/8006-ovmf.fd","node-name":"e5b5f7a29888341a35f0f1428e70ba5","read-only":false},"node-name":"f5b5f7a29888341a35f0f1428e70ba5","read-only":false,"size":131072},"node-name":"drive-efidisk0","read-only":false,"throttle-group":"throttle-drive-efidisk0"}' \
+  -blockdev '{"detect-zeroes":"on","discard":"ignore","driver":"throttle","file":{"cache":{"direct":false,"no-flush":false},"detect-zeroes":"on","discard":"ignore","driver":"raw","file":{"aio":"io_uring","cache":{"direct":false,"no-flush":false},"detect-zeroes":"on","discard":"ignore","driver":"file","filename":"/run/qemu-server/efidisk/8006-ovmf.fd","node-name":"e5ecb54a3863bf2f22d662c53f49ac4","read-only":false},"node-name":"f5ecb54a3863bf2f22d662c53f49ac4","read-only":false,"size":131072},"node-name":"drive-efidisk0","read-only":false,"throttle-group":"throttle-drive-efidisk0"}' \
   -smp '1,sockets=1,cores=1,maxcpus=1' \
   -nodefaults \
   -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \
diff --git a/src/test/run_config2command_tests.pl b/src/test/run_config2command_tests.pl
index 3c4a695c..ebe0dca1 100755
--- a/src/test/run_config2command_tests.pl
+++ b/src/test/run_config2command_tests.pl
@@ -420,6 +420,18 @@ $pve_common_tools->mock(
     },
 );
 
+my $pve_common_file;
+$pve_common_file = Test::MockModule->new('PVE::File');
+$pve_common_file->mock(
+    file_copy => sub {
+        my ($filename, $dst, $max, $perm) = @_;
+        if ($dst =~ m|^/run/qemu-server/efidisk|) {
+            return;
+        }
+        return $pve_common_file->original('file_copy')->($filename, $dst, $max, $perm);
+    },
+);
+
 my $pve_cpuconfig;
 $pve_cpuconfig = Test::MockModule->new('PVE::QemuServer::CPUConfig');
 $pve_cpuconfig->mock(
-- 
2.47.3