[pve-devel] [PATCH v13 qemu-server 3/8] api: clone vm: check against cloning running TPM state early

Fabian Ebner f.ebner at proxmox.com
Thu Mar 17 12:31:01 CET 2022


Drive keys are sorted when cloning and 'tpmstate0' comes late, so it
was likely that potentially large disks were already copied just to be
removed again, because of the TPM state restriction at the end.

Signed-off-by: Fabian Ebner <f.ebner at proxmox.com>
---

New in v13.

 PVE/API2/Qemu.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index cb6973f1..15592d7a 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -3130,6 +3130,9 @@ __PACKAGE__->register_method({
 		# no need to copy unused images, because VMID(owner) changes anyways
 		next if $opt =~ m/^unused\d+$/;
 
+		die "cannot clone TPM state while VM is running\n"
+		    if $full && $running && !$snapname && $opt eq 'tpmstate0';
+
 		# always change MAC! address
 		if ($opt =~ m/^net(\d+)$/) {
 		    my $net = PVE::QemuServer::parse_net($value);
-- 
2.30.2






More information about the pve-devel mailing list