Merge branch 'zsv-ldap' into 'feature-zsv-5.0.0-vm-support-vtpm-and-secuceboot'

<refactor>[vm]: move nvram to devices spec and add backup support

See merge request zstackio/zstack!9518

Author: gitlab

compute/src/main/java/org/zstack/compute/vm/devices/VmTpmExtensions.java

@@ -9,19 +9,18 @@
 import org.zstack.header.tpm.entity.TpmVO;
 import org.zstack.header.tpm.entity.TpmVO_;
 import org.zstack.header.vm.CreateVmInstanceMsg;
-import org.zstack.header.vm.DiskAO;
 import org.zstack.header.vm.VmInstanceCreateExtensionPoint;
 import org.zstack.header.vm.VmInstanceSpec;
 import org.zstack.header.vm.VmInstanceVO;
 import org.zstack.header.vm.VmMachineType;
+import org.zstack.header.vm.devices.NvRamSpec;
 import org.zstack.header.vm.devices.VmDevicesSpec;
 import org.zstack.resourceconfig.ResourceConfig;
 import org.zstack.resourceconfig.ResourceConfigFacade;
 import org.zstack.utils.Utils;
 import org.zstack.utils.logging.CLogger;
 
 import static org.zstack.compute.vm.VmGlobalConfig.ENABLE_UEFI_SECURE_BOOT;
-import static org.zstack.header.vm.VmInstanceConstant.NV_RAM_DEFAULT_SIZE;
 
 public class VmTpmExtensions implements VmInstanceCreateExtensionPoint,
         BuildVmSpecExtensionPoint {
@@ -97,20 +96,23 @@ public void afterBuildVmSpec(VmInstanceSpec spec) {
             }
         }
 
-        if (needRegisterNvRam) {
-            DiskAO nvRamSpec = new DiskAO();
-            nvRamSpec.setSize(NV_RAM_DEFAULT_SIZE);
-            nvRamSpec.setName("NvRam-of-VM-" + vmUuid);
-            spec.setNvRamSpec(nvRamSpec);
+        VmDevicesSpec devicesSpec = spec.getDevicesSpec();
+        if (devicesSpec == null) {
+            devicesSpec = new VmDevicesSpec();
+            spec.setDevicesSpec(devicesSpec);
         }
 
-        if (tpmUuid != null) {
-            VmDevicesSpec devicesSpec = spec.getDevicesSpec();
-            if (devicesSpec == null) {
-                devicesSpec = new VmDevicesSpec();
-                spec.setDevicesSpec(devicesSpec);
+        if (needRegisterNvRam) {
+            NvRamSpec nvRamSpec = devicesSpec.getNvRam();
+            if (nvRamSpec == null) {
+                nvRamSpec = new NvRamSpec();
+                devicesSpec.setNvRam(nvRamSpec);
             }
 
+            nvRamSpec.setNeedRegister(true);
+        }
+
+        if (tpmUuid != null) {
             TpmSpec tpmSpec = devicesSpec.getTpm();
             if (tpmSpec == null) {
                 tpmSpec = new TpmSpec();

header/src/main/java/org/zstack/header/vm/VmInstanceConstant.java

@@ -27,8 +27,6 @@ public interface VmInstanceConstant {
     String SHUTDOWN_DETAIL_BY_GUEST = "by guest";
     String SHUTDOWN_DETAIL_FINISHED = "finished";
 
-    long NV_RAM_DEFAULT_SIZE = SizeUnit.MEGABYTE.toByte(1);
-
     enum Params {
         VmInstanceSpec,
         AttachingVolumeInventory,

header/src/main/java/org/zstack/header/vm/VmInstanceSpec.java

@@ -404,8 +404,7 @@ public void setCandidatePrimaryStorageUuidsForDataVolume(List<String> candidateP
     private List<DiskAO> dataDisks;
     private List<DiskAO> deprecatedDisksSpecs = new ArrayList<>();
     private VmCustomSpecificationStruct vmCustomSpecification;
-    private VmDevicesSpec devicesSpec;
-    private DiskAO nvRamSpec;
+    private VmDevicesSpec devicesSpec = new VmDevicesSpec();
     private OperatingSystemBootingSpec osSpec = new OperatingSystemBootingSpec();
 
     public DiskAO getRootDisk() {
@@ -448,14 +447,6 @@ public void setDevicesSpec(VmDevicesSpec devicesSpec) {
         this.devicesSpec = devicesSpec;
     }
 
-    public DiskAO getNvRamSpec() {
-        return nvRamSpec;
-    }
-
-    public void setNvRamSpec(DiskAO nvRamSpec) {
-        this.nvRamSpec = nvRamSpec;
-    }
-
     public OperatingSystemBootingSpec getOsSpec() {
         return osSpec;
     }

header/src/main/java/org/zstack/header/vm/devices/NvRamSpec.java

@@ -3,9 +3,18 @@
 import org.zstack.header.rest.APINoSee;
 
 public class NvRamSpec {
+    private boolean needRegister;
     @APINoSee
     private String backupFileUuid;
 
+    public boolean isNeedRegister() {
+        return needRegister;
+    }
+
+    public void setNeedRegister(boolean needRegister) {
+        this.needRegister = needRegister;
+    }
+
     public String getBackupFileUuid() {
         return backupFileUuid;
     }

plugin/kvm/src/main/java/org/zstack/kvm/efi/KvmSecureBootExtensions.java

@@ -53,6 +53,7 @@
 import org.zstack.header.storage.snapshot.VolumeSnapshotCreationExtensionPoint;
 import org.zstack.header.storage.snapshot.VolumeSnapshotInventory;
 import org.zstack.header.storage.snapshot.group.VolumeSnapshotGroupInventory;
+import org.zstack.header.vm.devices.NvRamSpec;
 import org.zstack.header.volume.VolumeInventory;
 import org.zstack.kvm.KVMAgentCommands;
 import org.zstack.kvm.KVMAgentCommands.*;
@@ -119,19 +120,21 @@ public void beforeStartVmOnKvm(KVMHostInventory host, VmInstanceSpec spec, KVMAg
             }
         }
 
-        if (spec.getNvRamSpec() != null) {
-            prepareNvRamToStartVmCmd(cmd, spec.getNvRamSpec(), host);
+        final NvRamSpec nvRam = spec.getDevicesSpec().getNvRam();
+        if (nvRam != null && nvRam.isNeedRegister()) {
+            prepareNvRamToStartVmCmd(cmd, nvRam, host);
         }
     }
 
-    private void prepareNvRamToStartVmCmd(KVMAgentCommands.StartVmCmd cmd, DiskAO nvRamSpec, KVMHostInventory host) {
+    private void prepareNvRamToStartVmCmd(KVMAgentCommands.StartVmCmd cmd, NvRamSpec nvRam, KVMHostInventory host) {
         VolumeTO volume = new VolumeTO();
         volume.setDeviceType(VolumeTO.FILE);
         volume.setInstallPath(buildNvramFilePath(cmd.getVmInstanceUuid()));
         volume.setVolumeUuid(null); // not a volume
         cmd.setNvRam(volume);
 
         synchronized (hostFileLock) {
+            final Timestamp now = Timestamp.from(Instant.now());
             VmHostFileVO nvRamFile = Q.New(VmHostFileVO.class)
                     .eq(VmHostFileVO_.vmInstanceUuid, cmd.getVmInstanceUuid())
                     .eq(VmHostFileVO_.type, VmHostFileType.NvRam)
@@ -144,14 +147,14 @@ private void prepareNvRamToStartVmCmd(KVMAgentCommands.StartVmCmd cmd, DiskAO nv
                 nvRamFile.setVmInstanceUuid(cmd.getVmInstanceUuid());
                 nvRamFile.setType(VmHostFileType.NvRam);
                 nvRamFile.setPath(volume.getInstallPath());
-                nvRamFile.setCreateDate(Timestamp.from(Instant.now()));
+                nvRamFile.setCreateDate(now);
                 nvRamFile.setResourceName("NvRam file for " + cmd.getVmInstanceUuid());
                 databaseFacade.persist(nvRamFile);
             } else {
                 SQL.New(VmHostFileVO.class)
                         .eq(VmHostFileVO_.uuid, nvRamFile.getUuid())
                         .set(VmHostFileVO_.path, volume.getInstallPath())
-                        .set(VmHostFileVO_.lastOpDate, Timestamp.from(Instant.now()))
+                        .set(VmHostFileVO_.lastOpDate, now)
                         .update();
             }
         }
@@ -265,7 +268,7 @@ public void preBeforeInstantiateVmResource(VmInstanceSpec spec) throws VmInstant
 
     @Override
     public void preInstantiateVmResource(VmInstanceSpec spec, Completion completion) {
-        final DiskAO nvRamSpec = spec.getNvRamSpec();
+        final NvRamSpec nvRamSpec = spec.getDevicesSpec() == null ? null : spec.getDevicesSpec().getNvRam();
         if (nvRamSpec == null) {
             completion.success();
             return;
@@ -275,6 +278,7 @@ public void preInstantiateVmResource(VmInstanceSpec spec, Completion completion)
         context.hostUuid = spec.getDestHost().getUuid();
         context.vmUuid = spec.getVmInventory().getUuid();
         context.type = VmHostFileType.NvRam;
+        context.backupUuid = nvRamSpec.getBackupFileUuid();
         context.syncReason = "pre-instantiate VM resource";
         prepareHostFileOnHost(context, completion);
     }

plugin/kvm/src/main/java/org/zstack/kvm/tpm/KvmTpmExtensions.java

@@ -137,6 +137,7 @@ public void preInstantiateVmResource(VmInstanceSpec spec, Completion completion)
         clearRollbackInfo(spec);
         final PrepareTpmResourceContext context = new PrepareTpmResourceContext();
         context.tpmUuid = tpmSpec.getTpmUuid();
+        context.backupFileUuid = tpmSpec.getBackupFileUuid(); // maybe null
         context.providerUuid = resourceKeyBackend.findKeyProviderUuidByTpm(context.tpmUuid);
         context.providerName = resourceKeyBackend.findKeyProviderNameByTpm(context.tpmUuid);
 
@@ -151,6 +152,7 @@ public void run(FlowTrigger trigger, Map data) {
                 innerContext.hostUuid = spec.getDestHost().getUuid();
                 innerContext.vmUuid = spec.getVmInventory().getUuid();
                 innerContext.type = VmHostFileType.TpmState;
+                innerContext.backupUuid = context.backupFileUuid;
                 innerContext.syncReason = "pre-instantiate VM resource";
                 secureBootExtensions.prepareHostFileOnHost(innerContext, new Completion(trigger) {
                     @Override
@@ -265,6 +267,7 @@ static class PrepareTpmStateHostFileContext {
 
     static class PrepareTpmResourceContext {
         String tpmUuid;
+        String backupFileUuid;
         String providerUuid;
         String providerName;
         String dekBase64;