Swtpm is being extended to release the lock on the storage where its state is written to upon migration of the last one of its state blobs. Signal swtpm to re-lock the storage upon migration fallback. An explicit signal helps swtpm to re-lock the storage earlier because otherwise it would have to wait for the next TPM command from the VM.
Releasing the lock on the storage is necessary for setups where the storage holding the TPM state is shared between hosts. Regards, Stefan Stefan Berger (2): tpm_emulator: Use latest tpm_ioctl.h from swtpm project tpm_emulator: Have swtpm relock storage upon migration fall-back backends/tpm/tpm_emulator.c | 59 ++++++++++++++++++++++- backends/tpm/tpm_ioctl.h | 96 +++++++++++++++++++++++++++++-------- backends/tpm/trace-events | 2 + 3 files changed, 136 insertions(+), 21 deletions(-) -- 2.37.2
