Skip to content

dom0-tweaks: Add delayed-seal initscript #1493

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dpsmith wants to merge 1 commit into
base: master
Choose a base branch
from
Open

dom0-tweaks: Add delayed-seal initscript #1493

dpsmith wants to merge 1 commit into from

Conversation

@dpsmith
Copy link
Member

@dpsmith dpsmith commented Apr 19, 2024

delayed-seal is an initscript to run on shutdown after VMs have been stopped. We don't want dom0 doing MMIO operations with the TPM while a guest is running that could potentially snoop on the data.

It has additional code to try destroying any still-running VMs as a safety measure.

Needs the installer to touch /tmp/upgrade-delayed-seal to trigger the sealing.

@jandryuk @dpsmith
dom0-tweaks: Add delayed-seal initscript
98dd847 
delayed-seal is an initscript to run on shutdown after VMs have been
stopped.  We don't want dom0 doing MMIO operations with the TPM while a
guest is running that could potentially snoop on the data.

It has additional code to try destroying any still-running VMs as a
safety measure.

Needs the installer to touch /tmp/upgrade-delayed-seal to trigger the
sealing.

Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
@dpsmith dpsmith mentioned this pull request Apr 19, 2024
Open
@dpsmith dpsmith requested a review from shahs-ais July 29, 2025 17:07
@crogers1
Copy link
Contributor

crogers1 commented Aug 7, 2025

Back in 2014 it looks like updatemgr was open sourced with disabled logic to detect running guest VMs. At this point it's set to just error out but we could easily have it shutdown non-UIVM guests instead before proceeding with the update stage in the installer.git code. Despite it being a haskell change, it should be relatively small, and it avoids adding the initscript and signaling with the /tmp/upgrade-delayed-seal flag.

I can code up something for updatemgr if you're cool with that @dpsmith

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dozylynx dozylynx Awaiting requested review from dozylynx

@crogers1 crogers1 Awaiting requested review from crogers1

@pearsonk pearsonk Awaiting requested review from pearsonk

@shahs-ais shahs-ais Awaiting requested review from shahs-ais

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dpsmith @crogers1 @jandryuk