[pve-devel] [PATCH-SERIES qemu/swtpm/storage/qemu-server/manager v2 00/16] fix #4693: drive: allow non-raw image formats for TPM state drive

Fiona Ebner f.ebner at proxmox.com
Mon Oct 20 16:12:47 CEST 2025 

Changes in v2:
* Attempt unmounting left-over mounted files (thanks @Dano).
* Add missing fuse dependencies for QEMU packaging (thanks @Dano).
* Improve commit message for QMP peer abstraction (thanks @Dano).
* Clean up files before starting new QSD instance.
* Further abstract QMP peer in QMP client/monitor modules:
  Replace 'vmid' by 'id' and allow specifying a peer name for error
  messages. This is preparation for use cases of the storage daemon
  where there might not be a single associated guest. For example,
  restoring from a backup provider via exports of a storage daemon,
  and a second storage daemon for the TPM of the VM itself.
* Add UI patch.

Add infrastructure for doing FUSE exports via QEMU storage daemon.
This makes it possible to use non-raw formatted volumes for the TPM
state, by exposing it to swtpm as raw via FUSE. A QEMU storage daemon
instance is associated to a given VM.

The swtpm_setup code tries to unlink files rather than just clear the
header like it does for block devices. FUSE exports cannot be
unlinked, align the behavior to also just remove the header for files.

To have FUSE exports available, it's necessary to enable via QEMU
build flags.

A new standard option for VM image formats is introduced and in the
end used for the TPM state drive. The need for that also came up
already in the past for setting a format override when restoring and
it's cleaner to use what the storage layer actually supports.

Then there's two independent improvements for qemu-server.

For the QMP client and wrappers, the QMP peer is better abstracted and
the QEMU storage daemon is added as a possible peer.

Blockdev code is updated to also support attaching a drive to the QEMU
storage daemon rather than just the main QEMU instance for a VM.

Then the QSD module is introduced and handling for TPM is added.

Finally, non-raw formats are allowed in the schema for the TPM state
drive.

Smoke tested, but not yet in-depth.

Build-dependency bump and dependency bump for pve-storage needed!
Dependency bump for QEMU and swtpm needed!

qemu:

Fiona Ebner (1):
  d/rules: enable fuse

 debian/control | 2 ++
 debian/rules   | 1 +
 2 files changed, 3 insertions(+)


swtpm:

Fiona Ebner (1):
  swtpm setup: file: always just clear header rather than unlinking

 src/swtpm_setup/swtpm_backend_file.c | 42 +++++++++++-----------------
 1 file changed, 17 insertions(+), 25 deletions(-)


storage:

Fiona Ebner (1):
  common: add pve-vm-image-format standard option for VM image formats

 src/PVE/Storage/Common.pm | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)


qemu-server:

Fiona Ebner (12):
  tests: cfg2cmd: remove invalid mocking of qmp_cmd
  migration: offline volumes: drop deprecated special casing for TPM
    state
  qmp client: better abstract peer in preparation for
    qemu-storage-daemon
  helpers: add functions for qemu-storage-daemon instances
  monitor: qmp: allow 'qsd' peer type for qemu-storage-daemon
  monitor: align interface of qmp_cmd() with other helpers
  machine: include +pve version when getting installed machine version
  blockdev: support attaching to qemu-storage-daemon
  blockdev: attach: also return whether attached blockdev is read-only
  introduce QSD module for qemu-storage-daemon functionality
  tpm: support non-raw volumes via FUSE exports for swtpm
  fix #4693: drive: allow non-raw image formats for TPM state drive

 src/PVE/API2/Qemu.pm                 |   8 +-
 src/PVE/QMPClient.pm                 |  56 ++++++------
 src/PVE/QemuMigrate.pm               |   7 +-
 src/PVE/QemuServer.pm                |  59 +++++++++---
 src/PVE/QemuServer/BlockJob.pm       |   2 +-
 src/PVE/QemuServer/Blockdev.pm       |  43 ++++++---
 src/PVE/QemuServer/Drive.pm          |   2 +
 src/PVE/QemuServer/Helpers.pm        |  72 ++++++++++++---
 src/PVE/QemuServer/Machine.pm        |  19 ++--
 src/PVE/QemuServer/Makefile          |   1 +
 src/PVE/QemuServer/Monitor.pm        |  80 ++++++++++++-----
 src/PVE/QemuServer/QSD.pm            | 130 +++++++++++++++++++++++++++
 src/PVE/VZDump/QemuServer.pm         |   9 +-
 src/test/run_config2command_tests.pl |   1 -
 src/test/snapshot-test.pm            |   4 +-
 15 files changed, 377 insertions(+), 116 deletions(-)
 create mode 100644 src/PVE/QemuServer/QSD.pm


manager:

Fiona Ebner (1):
  ui: qemu: tpm drive: follow back-end and allow non-raw formats

 www/manager6/form/DiskStorageSelector.js | 2 +-
 www/manager6/qemu/HDMove.js              | 1 -
 www/manager6/qemu/HDTPM.js               | 2 +-
 3 files changed, 2 insertions(+), 3 deletions(-)


Summary over all repositories:
  22 files changed, 416 insertions(+), 146 deletions(-)

-- 
Generated by git-murpp 0.5.0

More information about the pve-devel mailing list