Am 14.11.25 um 12:47 PM schrieb Thomas Lamprecht: > Am 14.11.25 um 12:03 schrieb Fiona Ebner: >> Yes, we will need to be careful down the line. A clean option is using >> different QSD IDs for different tasks (the ID for a QSD can be any >> string and does not need to be a VMID). Currently, we only use QSD for >> EFI enrollment here and for TPM which are both part of the same start >> task. I will add a comment to note this and that >> ensure_ms_2023_cert_enrolled() may currently only be called as part of >> VM start. > > > Oh, and what I just noticed: the QSD is currently not running inside of > the qemu.slice/$vmid.scope? > > Not a blocker at all now, but that might be nice to have to ensure it's > resource (mainly memory) usage is accounted for.
The one started for enrollment is not, but that one is very short-lived. The one for started for swtpm should actually be? It's part of the start_swtpm() function. _______________________________________________ pve-devel mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
