CP-40190: vTPM - Fix xenopsd to indicate correct state file format to…

… swtpm-wrapper. Signed-off-by: Jennifer Herbert <jennifer.herbert@citrix.com>
xapi-project · Nov 3, 2022 · f6ac1ba · f6ac1ba
1 parent 3b6613b
commit f6ac1ba
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/ocaml/xenopsd/xc/service.ml b/ocaml/xenopsd/xc/service.ml
@@ -707,10 +707,12 @@ module Swtpm = struct
  in
  (* the uri here is relative to the chroot path, if chrooting is disabled then
  swtpm-wrapper should modify the uri accordingly.
+ There are two modes in dictated by dir:// and file://. The latter indicates
+ a linear file storage, and allows further permissions to be restricted.
  xenopsd needs to be in charge of choosing the scheme according to the backend
  *)
  let state_uri =
- Filename.concat "file://"
+ Filename.concat "dir://"
  @@ Xenops_sandbox.Chroot.chroot_path_inside state_path
  in
  let args = Fe_argv.Add.many [string_of_int domid; tpm_root; state_uri] in