← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #93444

[Bug 2052761] [NEW] libvirt: swtpm_ioctl is required for vTPM support

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Description
===========
Libvirt uses swtpm_ioctl to shutdown the swtpm process at VM termination, because QEMU does not send shutdown command.
However the binary is not included in the required binaries (swtpm and swtpm_setup, at the time of writing) checked by libvirt driver. So users can use vTPM support without binaries, which leaves swtpm processes kept running.

Steps to reproduce
==================
* Deploy nova-compute with vTPM support
* Move swtpm_ioctl from PATH
* Restart nova-compute
* Check capabilities reported by nova-compute

Expected result
===============
The report shows no swtpm support

Actual result
=============
The report shows swtpm support

Environment
===========
This issue was initially found in master, but would be present in stable branches.

Logs & Configs
==============
N/A

** Affects: nova
     Importance: Undecided
     Assignee: Takashi Kajinami (kajinamit)
         Status: In Progress

** Changed in: nova
     Assignee: (unassigned) => Takashi Kajinami (kajinamit)

** Description changed:

  Description
  ===========
- 
  Libvirt uses swtpm_ioctl to shutdown the swtpm process at VM termination, because QEMU does not send shutdown command.
  However the binary is not included in the required binaries (swtpm and swtpm_setup, at the time of writing) checked by libvirt driver. So users can use vTPM support without binaries, which leaves swtpm processes kept running.
  
  Steps to reproduce
  ==================
  * Deploy nova-compute with vTPM support
  * Move swtpm_ioctl from PATH
  * Restart nova-compute
  * Check capabilities reported by nova-compute
  
  Expected result
  ===============
  The report shows no swtpm support
  
  Actual result
  =============
  The report shows swtpm support
  
  Environment
  ===========
  This issue was initially found in master, but would be present in stable branches.
  
  Logs & Configs
  ==============
  N/A

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/2052761

Title:
  libvirt: swtpm_ioctl is required for vTPM support

Status in OpenStack Compute (nova):
  In Progress

Bug description:
  Description
  ===========
  Libvirt uses swtpm_ioctl to shutdown the swtpm process at VM termination, because QEMU does not send shutdown command.
  However the binary is not included in the required binaries (swtpm and swtpm_setup, at the time of writing) checked by libvirt driver. So users can use vTPM support without binaries, which leaves swtpm processes kept running.

  Steps to reproduce
  ==================
  * Deploy nova-compute with vTPM support
  * Move swtpm_ioctl from PATH
  * Restart nova-compute
  * Check capabilities reported by nova-compute

  Expected result
  ===============
  The report shows no swtpm support

  Actual result
  =============
  The report shows swtpm support

  Environment
  ===========
  This issue was initially found in master, but would be present in stable branches.

  Logs & Configs
  ==============
  N/A

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/2052761/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next