Reviewed:  https://review.opendev.org/c/openstack/nova/+/908546
Committed: 
https://opendev.org/openstack/nova/commit/9a11bb25238288139c4473d9d91bf365ed88f435
Submitter: "Zuul (22348)"
Branch:    master
commit 9a11bb25238288139c4473d9d91bf365ed88f435
Author: Takashi Kajinami <kajina...@oss.nttdata.com>
Date:   Fri Feb 9 12:16:45 2024 +0900

    libvirt: Ensure swtpm_ioctl is available for vTPM support
    
    Libvirt uses swtpm_ioctl to terminate swtpm processes. If the binary
    does not exist, swtpm processes are kept running after the associated
    VM terminates, because QEMU does not send shutdown to swtpm.
    
    Closes-Bug: #2052761
    Change-Id: I682f71512fc33a49b8dfe93894f144e48f33abe6


** Changed in: nova
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/2052761

Title:
  libvirt: swtpm_ioctl is required for vTPM support

Status in OpenStack Compute (nova):
  Fix Released

Bug description:
  Description
  ===========
  Libvirt uses swtpm_ioctl to shutdown the swtpm process at VM termination, 
because QEMU does not send shutdown command.
  However the binary is not included in the required binaries (swtpm and 
swtpm_setup, at the time of writing) checked by libvirt driver. So users can 
use vTPM support without binaries, which leaves swtpm processes kept running.

  Steps to reproduce
  ==================
  * Deploy nova-compute with vTPM support
  * Move swtpm_ioctl from PATH
  * Restart nova-compute

  Expected result
  ===============
  nova-compute fails to start because swtpm_ioctl is missing

  Actual result
  =============
  nova-compute starts without error and reports TPM traits.

  Environment
  ===========
  This issue was initially found in master, but would be present in stable 
branches.

  Logs & Configs
  ==============
  N/A

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/2052761/+subscriptions


-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to     : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp

Reply via email to