<fix>[kvm]: mark TPM VM host files changed on start/shutdown

Zhang Wenhao · Zhang Wenhao · commit 0a5630d0c5e4 · 2026-04-11T18:15:17.000+08:00
When a VM with TPM starts or shuts down, NvRam/TpmState
data must have changed. Preemptively set changeDate on the
corresponding VmHostFileVO so the periodic tracker knows
to sync them, even if the direct sync fails.

Also add ResourceDestinationMaker check to all VM canonical
event handlers in KvmSecureBootManager to ensure only the
owning management node processes each event.

Resolves: ZSV-11779
Related: ZSV-11310

Change-Id: I6e6d6c6c647175716669756b75756a6f72657277
diff --git a/plugin/kvm/src/main/java/org/zstack/kvm/efi/KvmSecureBootManager.java b/plugin/kvm/src/main/java/org/zstack/kvm/efi/KvmSecureBootManager.java
@@ -8,6 +8,7 @@
 import org.zstack.core.cloudbus.EventCallback;
 import org.zstack.core.cloudbus.EventFacadeImpl;
 import org.zstack.core.cloudbus.MessageSafe;
+import org.zstack.core.cloudbus.ResourceDestinationMaker;
 import org.zstack.core.db.DatabaseFacade;
 import org.zstack.core.db.Q;
 import org.zstack.core.db.SQL;
@@ -104,6 +105,8 @@ public class KvmSecureBootManager extends AbstractService {
     private KvmVmHostFileFactory vmHostFileFactory;
     @Autowired
     private TimeHelper timeHelper;
+    @Autowired
+    private ResourceDestinationMaker resourceDestinationMaker;
 
     @Override
     public boolean start() {
@@ -118,10 +121,28 @@ public boolean stop() {
 
     @SuppressWarnings("rawtypes")
     private void setupCanonicalEvents() {
+        eventFacade.on(VmCanonicalEvents.VM_LIBVIRT_REPORT_START, new EventCallback<Object>() {
+            @Override
+            protected void run(Map tokens, Object data) {
+                String vmUuid = (String) data;
+                boolean managedByMe = resourceDestinationMaker.isManagedByUs(vmUuid);
+                if (!managedByMe) {
+                    return;
+                }
+                markVmHostFilesChanged(vmUuid);
+            }
+        });
+
         eventFacade.on(VmCanonicalEvents.VM_LIBVIRT_REPORT_SHUTDOWN, new EventCallback<Object>() {
             @Override
             protected void run(Map tokens, Object data) {
                 String vmUuid = (String) data;
+                boolean managedByMe = resourceDestinationMaker.isManagedByUs(vmUuid);
+                if (!managedByMe) {
+                    return;
+                }
+                markVmHostFilesChanged(vmUuid);
+
                 Tuple tuple = Q.New(VmInstanceVO.class)
                         .select(VmInstanceVO_.hostUuid, VmInstanceVO_.lastHostUuid)
                         .eq(VmInstanceVO_.uuid, vmUuid)
@@ -173,6 +194,47 @@ public void run(MessageReply reply) {
         });
     }
 
+    /**
+     * Preemptive judgment: when a VM with TPM (or enabled secure boot) starts or shuts down,
+     * the NvRam/TpmState data must have changed, so mark the corresponding
+     * VmHostFileVO.changeDate to current time.
+     */
+    private void markVmHostFilesChanged(String vmUuid) {
+        final Set<VmHostFileType> types = vmHostFileFactory.vmHostFileTypeNeedRegisterForVm(vmUuid);
+        if (types.isEmpty()) {
+            return;
+        }
+
+        Tuple tuple = Q.New(VmInstanceVO.class)
+                .select(VmInstanceVO_.hostUuid, VmInstanceVO_.lastHostUuid)
+                .eq(VmInstanceVO_.uuid, vmUuid)
+                .findTuple();
+        if (tuple == null) {
+            return;
+        }
+
+        String hostUuid = (String) tuple.get(0);
+        if (hostUuid == null) {
+            hostUuid = (String) tuple.get(1);
+        }
+        if (hostUuid == null) {
+            return;
+        }
+
+        Timestamp now = new Timestamp(timeHelper.getCurrentTimeMillis());
+        long updated = SQL.New(VmHostFileVO.class)
+                .eq(VmHostFileVO_.vmInstanceUuid, vmUuid)
+                .eq(VmHostFileVO_.hostUuid, hostUuid)
+                .in(VmHostFileVO_.type, types)
+                .set(VmHostFileVO_.changeDate, now)
+                .update();
+
+        if (updated > 0) {
+            logger.debug(String.format("preemptively marked VmHostFiles as changed for TPM vm[uuid:%s] on host[uuid:%s], %d records updated",
+                    vmUuid, hostUuid, updated));
+        }
+    }
+
     @Override
     public String getId() {
         return bus.makeLocalServiceId(VmInstanceConstant.SECURE_BOOT_SERVICE_ID);
diff --git a/plugin/kvm/src/main/java/org/zstack/kvm/efi/KvmVmHostFileFactory.java b/plugin/kvm/src/main/java/org/zstack/kvm/efi/KvmVmHostFileFactory.java
@@ -1,15 +1,32 @@
 package org.zstack.kvm.efi;
 
+import org.springframework.beans.factory.annotation.Autowired;
+import org.zstack.core.db.Q;
+import org.zstack.header.tpm.entity.TpmVO;
+import org.zstack.header.tpm.entity.TpmVO_;
 import org.zstack.header.vm.additions.VmHostBackupFileVO;
+import org.zstack.header.vm.additions.VmHostFileType;
 import org.zstack.header.vm.additions.VmHostFileVO;
 import org.zstack.kvm.tpm.TpmStateVmHostBackupFileBase;
 import org.zstack.kvm.tpm.TpmStateVmHostFileBase;
 import org.zstack.kvm.vmfiles.AbstractVmHostBackupFileBase;
 import org.zstack.kvm.vmfiles.AbstractVmHostFileBase;
+import org.zstack.resourceconfig.ResourceConfig;
+import org.zstack.resourceconfig.ResourceConfigFacade;
 
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+import static org.zstack.compute.vm.VmGlobalConfig.ENABLE_UEFI_SECURE_BOOT;
 import static org.zstack.core.Platform.operr;
+import static org.zstack.header.vm.additions.VmHostFileType.*;
+import static org.zstack.utils.CollectionDSL.list;
 
 public class KvmVmHostFileFactory {
+    @Autowired
+    private ResourceConfigFacade resourceConfigFacade;
+
     public AbstractVmHostFileBase createBase(VmHostFileVO file) {
         switch (file.getType()) {
         case NvRam: return new NvRamVmHostFileBase(file);
@@ -25,4 +42,16 @@ public AbstractVmHostBackupFileBase createBackupBase(VmHostBackupFileVO backupFi
         default: throw operr("invalid VM host file type: " + backupFile.getType()).toException();
         }
     }
+
+    public Set<VmHostFileType> vmHostFileTypeNeedRegisterForVm(String vmUuid) {
+        boolean hasTpm = Q.New(TpmVO.class)
+                .eq(TpmVO_.vmInstanceUuid, vmUuid)
+                .isExists();
+        if (hasTpm) {
+            return new HashSet<>(list(NvRam, TpmState));
+        }
+        ResourceConfig resourceConfig = resourceConfigFacade.getResourceConfig(ENABLE_UEFI_SECURE_BOOT.getIdentity());
+        return resourceConfig.getResourceConfigValue(vmUuid, Boolean.class) ?
+                new HashSet<>(list(NvRam)) : Collections.emptySet();
+    }
 }
