Bug 2150004
| Summary: | VMs requiring vTPM fails to create | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | Jaroslav Suchanek <jsuchane> | |
| Component: | libvirt | Assignee: | Michal Privoznik <mprivozn> | |
| libvirt sub component: | General | QA Contact: | Yanqiu Zhang <yanqzhan> | |
| Status: | CLOSED ERRATA | Docs Contact: | ||
| Severity: | high | |||
| Priority: | high | CC: | acardace, chhu, danken, fdeutsch, kbidarka, lmen, lpivarc, sgott, virt-maint, yanqzhan, ycui, ymankad | |
| Version: | 9.2 | Keywords: | Triaged, ZStream | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | All | |||
| OS: | All | |||
| Whiteboard: | ||||
| Fixed In Version: | libvirt-8.2.0-1.el9 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | 2149227 | |||
| : | 2150730 2150731 2152188 (view as bug list) | Environment: | ||
| Last Closed: | 2023-05-09 07:27:43 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2149227, 2150730, 2150731, 2152188 | |||
|
Description
Jaroslav Suchanek
2022-12-01 15:10:07 UTC
Please note that the CNV BZ that depends on this BZ is a blocker for us. Since all the patches needed are merged (the last one is in libvirt-8.2.0) this can go right into MODIFIED. Can we get qa_ack+ please in order to set release+ ? Although I believe it's mainly a formality because we're using this bug to get the z-stream for CNV as the patches in question were part of the RHEL 9.1 libvirt rebase bug 2060313 (In reply to John Ferlan from comment #4) Sure. Done. Tested on rhel9.2 with: libvirt-8.10.0-2.el9.x86_64 qemu-kvm-7.1.0-6.el9.x86_64 Steps same with bz2150731#c8: # virsh dumpxml avocado-vt-vm1 |grep /tpm -B2 <tpm model='tpm-crb'> <backend type='emulator' version='2.0'/> </tpm> # strace -o output.txt -T -tt -e trace=all -f -p `pidof virtqemud` [terminal2]# virsh start avocado-vt-vm1 Domain 'avocado-vt-vm1' started # cat output.txt |grep -nE 'swtpm.pid|"/usr/bin/swtpm", "socket"|capset|execve' ... 4946:361376 22:56:56.719985 capset({version=_LINUX_CAPABILITY_VERSION_3, pid=361376}, {effective=1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP, permitted=1<<CAP_SETGID|1<<CAP_SETUID|1<<CAP_SETPCAP, inheritable=0}) = 0 <0.000011> 4951:361376 22:56:56.720146 capset({version=_LINUX_CAPABILITY_VERSION_3, pid=361376}, {effective=0, permitted=0, inheritable=0}) = 0 <0.000010> 4952:361376 22:56:56.720183 execve("/usr/bin/swtpm", ["/usr/bin/swtpm", "socket", "--ctrl", "type=unixio,path=/run/libvirt/qe"..., "--tpmstate", "dir=/var/lib/libvirt/swtpm/477ac"..., "--log", "file=/var/log/swtpm/libvirt/qemu"..., "--terminate", "--tpm2"], 0x7ffc1ba5bbc8 /* 8 vars */ <unfinished ...> 4956:361172 22:56:56.720756 openat(AT_FDCWD, "/run/libvirt/qemu/swtpm/1-avocado-vt-vm1-swtpm.pid", O_RDONLY) = 24 <0.000019> 4964:361376 22:56:56.722214 <... execve resumed>) = 0 <0.001999> ... Ptrace capability not required. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (libvirt bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:2171 |