libvirt: Ensure both swtpm and swtpm_setup exist for vTPM support

Libvirt requires both swtpm and swtpm_setup to launch instances with vTPM emulated by swtpm. However the driver now checks if "any" of these two binaries exist. This fixes the logic and ensure "both" of these two binaries exist, to meet the requirement by libvirt correctly. Closes-Bug: #2052760 Change-Id: I44453e69c88115868cda192c9ca17b92ba7b6556
2024-02-09 11:59:52 +09:00
parent 681f6872fb
commit 5b505dede9
2 changed files with 8 additions and 7 deletions
--- a/nova/tests/unit/virt/libvirt/test_driver.py
+++ b/nova/tests/unit/virt/libvirt/test_driver.py
@@ -1469,13 +1469,13 @@ class LibvirtConnTestCase(test.NoDBTestCase,
        exc = self.assertRaises(exception.InvalidConfiguration,
                                drvr.init_host, "dummyhost")
        self.assertIn(
-            "vTPM support is configured but the 'swtpm' and 'swtpm_setup' "
-            "binaries could not be found on PATH.",
+            "vTPM support is configured but one (or all) of the 'swtpm' "
+            "and 'swtpm_setup' binaries could not be found on PATH.",
            str(exc),
        )

        mock_which.assert_has_calls(
-            [mock.call('swtpm_setup'), mock.call('swtpm')],
+            [mock.call('swtpm_setup')],
        )

    @mock.patch.object(host.Host, 'has_min_version', return_value=True)
@@ -1546,12 +1546,13 @@ class LibvirtConnTestCase(test.NoDBTestCase,
        correctly.
        """
        self.flags(swtpm_enabled=True, virt_type='kvm', group='libvirt')
+        mock_which.return_value = True

        drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
        drvr.init_host('dummyhost')

        mock_which.assert_has_calls(
-            [mock.call('swtpm_setup'), mock.call().__bool__()],
+            [mock.call('swtpm_setup'), mock.call('swtpm')],
        )

    @mock.patch.object(libvirt_driver.LOG, 'warning')
--- a/nova/virt/libvirt/driver.py
+++ b/nova/virt/libvirt/driver.py
@@ -1052,10 +1052,10 @@ class LibvirtDriver(driver.ComputeDriver):
        # NOTE(stephenfin): This checks using the PATH of the user running
        # nova-compute rather than the libvirtd service, meaning it's an
        # imperfect check but the best we can do
-        if not any(shutil.which(cmd) for cmd in ('swtpm_setup', 'swtpm')):
+        if not all(shutil.which(cmd) for cmd in ('swtpm_setup', 'swtpm')):
            msg = _(
-                "vTPM support is configured but the 'swtpm' and "
-                "'swtpm_setup' binaries could not be found on PATH.")
+                "vTPM support is configured but one (or all) of the 'swtpm' "
+                "and 'swtpm_setup' binaries could not be found on PATH.")
            raise exception.InvalidConfiguration(msg)

        # The user and group must be valid on this host for cold migration and