From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 19 Apr 2024 12:54:12 +0000 (+0200)
Subject: vmspawn: enable vmgenid for all VMs
X-Git-Tag: v256-rc1~93^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9573c0ba569e8b4cc237776a7008979c23719fac;p=thirdparty%2Fsystemd.git

vmspawn: enable vmgenid for all VMs

This passes an ID derived from the vmgenid down to all VMs. This is
useful to have an identifier for this VM generation id. We derive it
from the invocation ID, if we have one, otherwise we randomize it.

Eventually we should make use of the vmgenid changing to re-acquire MAC
addresses, DHCP leases as such. Let's for now enable the VMM side of the
concept as first step towards that.
---

diff --git a/src/vmspawn/vmspawn.c b/src/vmspawn/vmspawn.c
index 2ebb158640e..9366ce111da 100644
--- a/src/vmspawn/vmspawn.c
+++ b/src/vmspawn/vmspawn.c
@@ -1294,6 +1294,24 @@ static int run_virtual_machine(int kvm_device_fd, int vhost_device_fd) {
                 if (strv_extend_many(&cmdline, "-uuid", SD_ID128_TO_UUID_STRING(arg_uuid)) < 0)
                         return log_oom();
 
+        /* Derive a vmgenid automatically from the invocation ID, in a deterministic way. */
+        sd_id128_t vmgenid;
+        r = sd_id128_get_invocation_app_specific(SD_ID128_MAKE(bd,84,6d,e3,e4,7d,4b,6c,a6,85,4a,87,0f,3c,a3,a0), &vmgenid);
+        if (r < 0) {
+                log_debug_errno(r, "Failed to get invocation ID, making up randomized vmgenid: %m");
+
+                r = sd_id128_randomize(&vmgenid);
+                if (r < 0)
+                        return log_error_errno(r, "Failed to make up randomized vmgenid: %m");
+        }
+
+        _cleanup_free_ char *vmgenid_device = NULL;
+        if (asprintf(&vmgenid_device, "vmgenid,guid=" SD_ID128_UUID_FORMAT_STR, SD_ID128_FORMAT_VAL(vmgenid)) < 0)
+                return log_oom();
+
+        if (strv_extend_many(&cmdline, "-device", vmgenid_device) < 0)
+                return log_oom();
+
         /* if we are going to be starting any units with state then create our runtime dir */
         if (arg_tpm != 0 || arg_directory || arg_runtime_mounts.n_mounts != 0) {
                 r = runtime_directory(&arg_runtime_directory, arg_privileged ? RUNTIME_SCOPE_SYSTEM : RUNTIME_SCOPE_USER, "systemd/vmspawn");