Public bug reported: Description =========== Libvirt uses swtpm_ioctl to shutdown the swtpm process at VM termination, because QEMU does not send shutdown command. However the binary is not included in the required binaries (swtpm and swtpm_setup, at the time of writing) checked by libvirt driver. So users can use vTPM support without binaries, which leaves swtpm processes kept running.
Steps to reproduce ================== * Deploy nova-compute with vTPM support * Move swtpm_ioctl from PATH * Restart nova-compute * Check capabilities reported by nova-compute Expected result =============== The report shows no swtpm support Actual result ============= The report shows swtpm support Environment =========== This issue was initially found in master, but would be present in stable branches. Logs & Configs ============== N/A ** Affects: nova Importance: Undecided Assignee: Takashi Kajinami (kajinamit) Status: In Progress ** Changed in: nova Assignee: (unassigned) => Takashi Kajinami (kajinamit) ** Description changed: Description =========== - Libvirt uses swtpm_ioctl to shutdown the swtpm process at VM termination, because QEMU does not send shutdown command. However the binary is not included in the required binaries (swtpm and swtpm_setup, at the time of writing) checked by libvirt driver. So users can use vTPM support without binaries, which leaves swtpm processes kept running. Steps to reproduce ================== * Deploy nova-compute with vTPM support * Move swtpm_ioctl from PATH * Restart nova-compute * Check capabilities reported by nova-compute Expected result =============== The report shows no swtpm support Actual result ============= The report shows swtpm support Environment =========== This issue was initially found in master, but would be present in stable branches. Logs & Configs ============== N/A -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/2052761 Title: libvirt: swtpm_ioctl is required for vTPM support Status in OpenStack Compute (nova): In Progress Bug description: Description =========== Libvirt uses swtpm_ioctl to shutdown the swtpm process at VM termination, because QEMU does not send shutdown command. However the binary is not included in the required binaries (swtpm and swtpm_setup, at the time of writing) checked by libvirt driver. So users can use vTPM support without binaries, which leaves swtpm processes kept running. Steps to reproduce ================== * Deploy nova-compute with vTPM support * Move swtpm_ioctl from PATH * Restart nova-compute * Check capabilities reported by nova-compute Expected result =============== The report shows no swtpm support Actual result ============= The report shows swtpm support Environment =========== This issue was initially found in master, but would be present in stable branches. Logs & Configs ============== N/A To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/2052761/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp