From 05980b7afb2ef4591212b6c8f8e7a03ec8fc8f3b Mon Sep 17 00:00:00 2001 From: Christian Lindig Date: Thu, 11 May 2023 11:18:25 +0100 Subject: [PATCH] CA-377169 block VM.checkpoint of running VM with VTPM The current VTPM implementation saves the TPM content only when the VM halts. THus, taking a checkpoint while the VM is running would not save the corrent TPM state. Block this. Signed-off-by: Christian Lindig --- ocaml/xapi/xapi_vm_snapshot.ml | 8 ++++++++ quality-gate.sh | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/ocaml/xapi/xapi_vm_snapshot.ml b/ocaml/xapi/xapi_vm_snapshot.ml index 9790d2725f2..8e0d20e011e 100644 --- a/ocaml/xapi/xapi_vm_snapshot.ml +++ b/ocaml/xapi/xapi_vm_snapshot.ml @@ -73,7 +73,15 @@ let compare_snapid_chunks s1 s2 = let checkpoint ~__context ~vm ~new_name = Xapi_vmss.show_task_in_xencenter ~__context ~vm ; let power_state = Db.VM.get_power_state ~__context ~self:vm in + let vtpms = Db.VM.get_VTPMs ~__context ~self:vm in let snapshot_info = ref [] in + ( match (power_state, vtpms) with + | `Running, _ :: _ -> + let message = "VM.checkpoint of running VM with VTPM" in + Helpers.maybe_raise_vtpm_unimplemented __FUNCTION__ message + | _ -> + () + ) ; (* live-suspend the VM if the VM is running *) ( if power_state = `Running then try diff --git a/quality-gate.sh b/quality-gate.sh index 4680156e4a7..4395123e58a 100755 --- a/quality-gate.sh +++ b/quality-gate.sh @@ -58,7 +58,7 @@ structural-equality () { } vtpm-unimplemented () { - N=6 + N=7 VTPM=$(git grep -r --count 'maybe_raise_vtpm_unimplemented' -- **/*.ml | cut -d ':' -f 2 | paste -sd+ - | bc) if [ "$VTPM" -eq "$N" ]; then echo "OK found $VTPM usages of vtpm unimplemented errors"