From dc313c89d1c13a9c729aa20b79b539125db52a23 Mon Sep 17 00:00:00 2001 From: cx Date: Thu, 27 Nov 2025 11:16:26 +0800 Subject: [PATCH 1/5] fix: add TransDupPub interface. update result code of CheckMeasure. --- virtrust/src/tsb_agent/tsb_agent.h | 22 +++++++++ virtrust/src/tsb_agent/tsb_agent_adaptor.cpp | 14 ++++++ virtrust/src/virtrust/api/domain.cpp | 10 +++- virtrust/src/virtrust/dllib/tsb_agent.h | 2 + .../src/virtrust/link/migration_session.cpp | 47 +++++++++++++++++++ .../src/virtrust/link/migration_session.h | 4 ++ .../src/virtrust/link/proto/migrate.proto | 1 + 7 files changed, 98 insertions(+), 2 deletions(-) diff --git a/virtrust/src/tsb_agent/tsb_agent.h b/virtrust/src/tsb_agent/tsb_agent.h index ff3381f..9e26faf 100644 --- a/virtrust/src/tsb_agent/tsb_agent.h +++ b/virtrust/src/tsb_agent/tsb_agent.h @@ -54,6 +54,19 @@ enum ErrorCode { ERR_VUUID_MISMATCH, }; +enum EnDirection { + EN_IMPORT = 0, + EN_EXPORT, + EN_DIRECTION_MAX, +}; + +enum CheckMeasureRc { + IMPORT_SUCCESS = 1, + CHECK_SUCCESS, + IMPORT_FAILURE, + CHECK_FAILURE, +}; + struct Description { int state = 0; // 启动,挂起等状态 char name[255]; // 名称,创建时有hw设置 @@ -197,6 +210,15 @@ int MigrationImportVrootCipher(char *pUuid, int MigrationNotify(char *vUuid, // 虚拟机的uuid int status); +// 迁移时目的端调用以导出tcm2密钥,再在源端导入该密钥 +int TransDupPub(int type, // 输入/输入,对应EnDirection中的枚举 + char *vUuid, // 虚拟机的uuid,仅type=EN_IMPORT时需要 + char **tcm2bOut, // 导出tcm2秘钥,仅type=EN_EXPORT时需要 + int *tcm2bLenOut, // 导出tcm2秘钥长度,仅type=EN_EXPORT时需要 + char *tcm2bIn, // 导入tcm2秘钥,仅type=EN_IMPORT时需要 + int tcm2bLenIn // 导入tcm2秘钥长度,仅type=EN_IMPORT时需要 +); + #ifdef __cplusplus } #endif diff --git a/virtrust/src/tsb_agent/tsb_agent_adaptor.cpp b/virtrust/src/tsb_agent/tsb_agent_adaptor.cpp index e1f3c90..c702837 100644 --- a/virtrust/src/tsb_agent/tsb_agent_adaptor.cpp +++ b/virtrust/src/tsb_agent/tsb_agent_adaptor.cpp @@ -159,3 +159,17 @@ int MigrationNotify(char *vUuid, // 虚拟机的uuid } return virtrust::TsbAgent::GetInstance().MigrationNotify(vUuid, status); } + +int TransDupPub(int type, // 输入/输入,对应EnDirection中的枚举 + char *vUuid, // 虚拟机的uuid,仅type=EN_IMPORT时需要 + char **tcm2bOut, // 导出tcm2秘钥,仅type=EN_EXPORT时需要 + int *tcm2bLenOut, // 导出tcm2秘钥长度,仅type=EN_EXPORT时需要 + char *tcm2bIn, // 导入tcm2秘钥,仅type=EN_IMPORT时需要 + int tcm2bLenIn // 导入tcm2秘钥长度,仅type=EN_IMPORT时需要 +) +{ + if (!CheckTsbAgentDlopen()) { + return -1; + } + return virtrust::TsbAgent::GetInstance().TransDupPub(type, vUuid, tcm2bOut, tcm2bLenOut, tcm2bIn, tcm2bLenIn); +} diff --git a/virtrust/src/virtrust/api/domain.cpp b/virtrust/src/virtrust/api/domain.cpp index caa67a0..a110ac8 100644 --- a/virtrust/src/virtrust/api/domain.cpp +++ b/virtrust/src/virtrust/api/domain.cpp @@ -221,10 +221,16 @@ bool CheckGuestBeforeStart(std::string_view domainName, std::string &uuid) // 检查度量值是否通过 auto tsbRc = CheckMeasure(uuid.data(), bios, shim, grub, grubCfg, kernel, initrd); FreeMeasureInfo(bios, shim, grub, grubCfg, kernel, initrd); - if (tsbRc != 0) { - VIRTRUST_LOG_ERROR("CheckMeasure failed:{}", domainName); + + if (tsbRc == IMPORT_FAILURE) { + VIRTRUST_LOG_ERROR("|CheckGuestBeforeStart|End|returnF|domainName:{}|CheckMeasure: import failed", domainName); return false; } + if (tsbRc == CHECK_FAILURE) { + VIRTRUST_LOG_ERROR("|CheckGuestBeforeStart|End|returnF|domainName:{}|CheckMeasure: verify failed", domainName); + return false; + } + return true; } diff --git a/virtrust/src/virtrust/dllib/tsb_agent.h b/virtrust/src/virtrust/dllib/tsb_agent.h index 2ceabd6..1c9425a 100644 --- a/virtrust/src/virtrust/dllib/tsb_agent.h +++ b/virtrust/src/virtrust/dllib/tsb_agent.h @@ -69,6 +69,7 @@ public: DlFun MigrationGetVrootCipher; DlFun MigrationImportVrootCipher; DlFun MigrationNotify; + DlFun TransDupPub; private: void LoadAll() @@ -97,6 +98,7 @@ private: DLLIB_SELF_DLSYM(MigrationGetVrootCipher); DLLIB_SELF_DLSYM(MigrationImportVrootCipher); DLLIB_SELF_DLSYM(MigrationNotify); + DLLIB_SELF_DLSYM(TransDupPub); } TsbAgent() : DlLibBase(LIB_NAME) diff --git a/virtrust/src/virtrust/link/migration_session.cpp b/virtrust/src/virtrust/link/migration_session.cpp index 11af490..deaf3b9 100644 --- a/virtrust/src/virtrust/link/migration_session.cpp +++ b/virtrust/src/virtrust/link/migration_session.cpp @@ -159,6 +159,15 @@ MigrateSessionRc MigrationSession::OnExchangeKeyResponseReceived(protos::EXchang return MigrateSessionRc::ERROR; } + // 3.导入tcm2 key + rc = ImportTcm2Key(res.tcm2key()); + if (rc != MigrateSessionRc::OK) { + VIRTRUST_LOG_ERROR("|OnExchangeKeyResponseReceived|END|returnF|domain name: {}|Import tcm2 key failed.", + domainName_); + OnFail(); + return MigrateSessionRc::ERROR; + } + return SendStartMigration(); } @@ -527,6 +536,34 @@ MigrateSessionRc MigrationSession::GetVmInfo(Description &vmInfo) return MigrateSessionRc::ERROR; } +MigrateSessionRc MigrationSession::ExportTcm2Key(std::string &tcm2Key) +{ + char *key = nullptr; + int keyLen = 0; + + auto ret = TransDupPub(EN_EXPORT, nullptr, &key, &keyLen, nullptr, 0); + if (ret != 0 || key == nullptr || keyLen <= 0) { + VIRTRUST_LOG_ERROR("|ExportTcm2Key|END|returnF|uuid: {}|TransDupPub: export tcm2 key failed.", sessionId_); + return MigrateSessionRc::ERROR; + } + + tcm2Key = std::string(key, keyLen); + free(key); + return MigrateSessionRc::OK; +} + +MigrateSessionRc MigrationSession::ImportTcm2Key(std::string_view tcm2Key) +{ + auto ret = TransDupPub(EN_IMPORT, sessionId_.data(), nullptr, nullptr, + std::string(tcm2Key).data(), tcm2Key.size()); + if (ret != 0) { + VIRTRUST_LOG_ERROR("|ImportTcm2Key|END|returnF|uuid: {}|TransDupPub: import tcm2 key failed.", sessionId_); + return MigrateSessionRc::ERROR; + } + + return MigrateSessionRc::OK; +} + void MigrationSession::EnterState(State s) { state_ = s; @@ -644,6 +681,16 @@ MigrateSessionRc MigrationSession::OnExchangeKeyRequestReceived(const protos::EX return MigrateSessionRc::ERROR; } + // 4. 导出tcm2密钥,返回给源 + std::string tcm2Key; + rc = ExportTcm2Key(tcm2Key); + if (rc != MigrateSessionRc::OK) { + VIRTRUST_LOG_ERROR("|OnExchangeKeyRequestReceived|END|returnF|domain name: {}|Export tcm2 key failed.", + domainName_); + return MigrateSessionRc::ERROR; + } + response->set_tcm2key(tcm2Key); + // 等待对端校验证书后的进一步信号:开始迁移信号 EnterState(State::CertVerify); return MigrateSessionRc::OK; diff --git a/virtrust/src/virtrust/link/migration_session.h b/virtrust/src/virtrust/link/migration_session.h index c35c097..0673005 100644 --- a/virtrust/src/virtrust/link/migration_session.h +++ b/virtrust/src/virtrust/link/migration_session.h @@ -120,6 +120,10 @@ private: MigrateSessionRc NotifyVRMigration(bool success); + MigrateSessionRc ExportTcm2Key(std::string &tcm2Key); + + MigrateSessionRc ImportTcm2Key(std::string_view tcm2Key); + private: Role role_; State state_; diff --git a/virtrust/src/virtrust/link/proto/migrate.proto b/virtrust/src/virtrust/link/proto/migrate.proto index 7c646f1..ea749ed 100644 --- a/virtrust/src/virtrust/link/proto/migrate.proto +++ b/virtrust/src/virtrust/link/proto/migrate.proto @@ -67,6 +67,7 @@ message EXchangePkAndReportReply{ bytes publicKey = 5; //公钥 TrustReportNew hostReport = 6; // struct TrustReportNew vmReport = 7; // struct + bytes tcm2Key = 8; } message StartMigRequest { -- Gitee From a1a1ea37f4512f89106ac9555225576e974fa272 Mon Sep 17 00:00:00 2001 From: cx Date: Thu, 27 Nov 2025 23:35:04 +0800 Subject: [PATCH 2/5] fix: process error code of TSB interface. obtain real firmware version. --- virtrust/src/tsb_agent/tsb_agent.h | 16 +++++++++++----- virtrust/src/virtrust/api/domain.cpp | 10 +++++++--- virtrust/src/virtrust/link/migration_session.cpp | 4 ++++ 3 files changed, 22 insertions(+), 8 deletions(-) diff --git a/virtrust/src/tsb_agent/tsb_agent.h b/virtrust/src/tsb_agent/tsb_agent.h index 9e26faf..f04da40 100644 --- a/virtrust/src/tsb_agent/tsb_agent.h +++ b/virtrust/src/tsb_agent/tsb_agent.h @@ -60,11 +60,17 @@ enum EnDirection { EN_DIRECTION_MAX, }; -enum CheckMeasureRc { - IMPORT_SUCCESS = 1, - CHECK_SUCCESS, - IMPORT_FAILURE, - CHECK_FAILURE, +enum EN_STATE { + VM_SHUTUP = 0, // 虚机停止状态,Description.state状态码 + VM_RUNNING, // 虚机运行状态 + VM_MIGRATION, // 虚机迁移状态 + + IMPORT_BM_SUCCESS, // 基线值设置成功,CheckMeasure返回值 + CHECK_BM_SUCCESS, // 基线值校验成功,CheckMeasure返回值 + IMPORT_BM_FAILURE, // 基线值设置失败,CheckMeasure返回值 + CHECK_BM_FAILURE, // 基线值校验失败,CheckMeasure返回值 + + ERR_VM_NOT_STARTED, // 虚机未启动错误,MigrationGetVrootCipher 返回值 }; struct Description { diff --git a/virtrust/src/virtrust/api/domain.cpp b/virtrust/src/virtrust/api/domain.cpp index a110ac8..9eaca20 100644 --- a/virtrust/src/virtrust/api/domain.cpp +++ b/virtrust/src/virtrust/api/domain.cpp @@ -61,6 +61,8 @@ VirtrustRc GetVirshMeasureSummary(virtrust::ForeignMounter &mounter, virtrust::V return VirtrustRc::ERROR; } + // FIXME: get bios version + measureSummary.bios.version_ = "0.0.0"; measureSummary.bios.content_ = std::string(reinterpret_cast(loaderSm3.data()), loaderSm3.size()); // grubcfg需要提供文件内容 而不是摘要 std::string grubCfgContent; @@ -74,7 +76,6 @@ VirtrustRc GetVirshMeasureSummary(virtrust::ForeignMounter &mounter, virtrust::V std::vector shimSm3(Sm3::DigestSize(), 0); rc = mounter.DoSm3OnVmFile(config.GetShimPath(), shimSm3); if (rc != ForeignMounterRc::OK && rc != ForeignMounterRc::FILE_NOT_EXIST) { - VIRTRUST_LOG_ERROR("|GetVirshMeasureSummary|END|returnF||do sm3 failed: {}", config.GetShimPath()); return VirtrustRc::ERROR; } @@ -86,6 +87,7 @@ VirtrustRc GetVirshMeasureSummary(virtrust::ForeignMounter &mounter, virtrust::V VIRTRUST_LOG_ERROR("|GetVirshMeasureSummary|END|returnF||do sm3 by file failed: {}", config.GetGrubPath()); return VirtrustRc::ERROR; } + // FIXME: get grub version measureSummary.grub.content_ = std::string(reinterpret_cast(grubSm3.data()), grubSm3.size()); std::vector initrdSm3(Sm3::DigestSize(), 0); @@ -94,6 +96,7 @@ VirtrustRc GetVirshMeasureSummary(virtrust::ForeignMounter &mounter, virtrust::V VIRTRUST_LOG_ERROR("|GetVirshMeasureSummary|END|returnF||do sm3 by file failed: {}", config.GetInitrdPath()); return VirtrustRc::ERROR; } + measureSummary.initrd.version_ = config.GetInitrdVersion(); measureSummary.initrd.content_ = std::string(reinterpret_cast(initrdSm3.data()), initrdSm3.size()); std::vector kernelSm3(Sm3::DigestSize(), 0); @@ -102,6 +105,7 @@ VirtrustRc GetVirshMeasureSummary(virtrust::ForeignMounter &mounter, virtrust::V VIRTRUST_LOG_ERROR("|GetVirshMeasureSummary|END|returnF||do sm3 by file failed: {}", config.GetLinuzPath()); return VirtrustRc::ERROR; } + measureSummary.kernel.version_ = config.GetLinuzVersion(); measureSummary.kernel.content_ = std::string(reinterpret_cast(kernelSm3.data()), kernelSm3.size()); return VirtrustRc::OK; } @@ -222,11 +226,11 @@ bool CheckGuestBeforeStart(std::string_view domainName, std::string &uuid) auto tsbRc = CheckMeasure(uuid.data(), bios, shim, grub, grubCfg, kernel, initrd); FreeMeasureInfo(bios, shim, grub, grubCfg, kernel, initrd); - if (tsbRc == IMPORT_FAILURE) { + if (tsbRc == IMPORT_BM_FAILURE) { VIRTRUST_LOG_ERROR("|CheckGuestBeforeStart|End|returnF|domainName:{}|CheckMeasure: import failed", domainName); return false; } - if (tsbRc == CHECK_FAILURE) { + if (tsbRc == CHECK_BM_FAILURE) { VIRTRUST_LOG_ERROR("|CheckGuestBeforeStart|End|returnF|domainName:{}|CheckMeasure: verify failed", domainName); return false; } diff --git a/virtrust/src/virtrust/link/migration_session.cpp b/virtrust/src/virtrust/link/migration_session.cpp index deaf3b9..f05812e 100644 --- a/virtrust/src/virtrust/link/migration_session.cpp +++ b/virtrust/src/virtrust/link/migration_session.cpp @@ -206,6 +206,9 @@ MigrateSessionRc MigrationSession::OnStartMigrationResponseReceived() VIRTRUST_LOG_ERROR( "|OnStartMigrationResponseReceived|END|returnF|domain name: {}|MigrationGetVRootCipher failed.", domainName_); + if (ret == ERR_VM_NOT_STARTED) { + VIRTRUST_LOG_ERROR("call MigrationGetVRootCipher failed: the VM has not been started yet."); + } OnFail(); return MigrateSessionRc::ERROR; } @@ -739,6 +742,7 @@ MigrateSessionRc MigrationSession::OnTransferDataRequestReceived(const protos::V // 导入服务端发来的虚拟机描述信息 校验秘钥成功才导入 auto protosDesc = request->vtpcminfo(); auto vmInfo = DescriptionFromProto(protosDesc); + vmInfo.state = VM_SHUTUP; ret = CreateVRoot(&vmInfo); if (ret != 0) { result = ret; -- Gitee From a4d6e4e1a18f32a36eec8f4c7dce7c62876e5356 Mon Sep 17 00:00:00 2001 From: cx Date: Fri, 28 Nov 2025 11:10:26 +0800 Subject: [PATCH 3/5] fix: update version obtain. --- virtrust/src/virtrust/api/domain.cpp | 5 ++-- .../src/virtrust/utils/foreign_mounter.cpp | 25 +++++++++++++++---- virtrust/src/virtrust/utils/foreign_mounter.h | 1 + 3 files changed, 23 insertions(+), 8 deletions(-) diff --git a/virtrust/src/virtrust/api/domain.cpp b/virtrust/src/virtrust/api/domain.cpp index 9eaca20..9ceabd3 100644 --- a/virtrust/src/virtrust/api/domain.cpp +++ b/virtrust/src/virtrust/api/domain.cpp @@ -61,8 +61,7 @@ VirtrustRc GetVirshMeasureSummary(virtrust::ForeignMounter &mounter, virtrust::V return VirtrustRc::ERROR; } - // FIXME: get bios version - measureSummary.bios.version_ = "0.0.0"; + measureSummary.bios.version_ = config.GetBiosVersion(); measureSummary.bios.content_ = std::string(reinterpret_cast(loaderSm3.data()), loaderSm3.size()); // grubcfg需要提供文件内容 而不是摘要 std::string grubCfgContent; @@ -87,7 +86,7 @@ VirtrustRc GetVirshMeasureSummary(virtrust::ForeignMounter &mounter, virtrust::V VIRTRUST_LOG_ERROR("|GetVirshMeasureSummary|END|returnF||do sm3 by file failed: {}", config.GetGrubPath()); return VirtrustRc::ERROR; } - // FIXME: get grub version + measureSummary.grub.version_ = config.GetGrubVersion(mounter); measureSummary.grub.content_ = std::string(reinterpret_cast(grubSm3.data()), grubSm3.size()); std::vector initrdSm3(Sm3::DigestSize(), 0); diff --git a/virtrust/src/virtrust/utils/foreign_mounter.cpp b/virtrust/src/virtrust/utils/foreign_mounter.cpp index 2d9a129..7f3a4a1 100644 --- a/virtrust/src/virtrust/utils/foreign_mounter.cpp +++ b/virtrust/src/virtrust/utils/foreign_mounter.cpp @@ -8,6 +8,7 @@ #include #include #include +#include #include "spdlog/fmt/fmt.h" @@ -15,6 +16,7 @@ #include "virtrust/base/str_utils.h" #include "virtrust/crypto/sm3.h" #include "virtrust/dllib/common.h" +#include "virtrust/utils/file_io.h" namespace virtrust { @@ -28,7 +30,7 @@ constexpr std::string_view DEFAULT_LINUZ_PREFIX = "linux"; constexpr char PATH_SEPARATOR = '/'; constexpr std::string_view BACKEND_VALUE = "direct"; constexpr std::string_view BIOS_VERSION_FILE_PATH = "/sys/class/dmi/id/bios_version"; -constexpr std::string_view TARGET_GRUB_VERSION = "GRUB version"; +const std::regex GRUB_VERSION_REGEX(R"(GRUB\s+version)"); inline ForeignMounterRc ParseRc(DllibRc rc) { @@ -190,7 +192,7 @@ std::string VerifyConfig::ParseGrubCfgLine(const std::string &line) return fmt::format("{}/{}", DEFAULT_BOOT_PATH, StrTrim(filename, PATH_SEPARATOR)); } - +// read from vm std::string VerifyConfig::GetBiosVersion(ForeignMounter &mounter) { if (!mounter.CheckMount()) { @@ -208,6 +210,19 @@ std::string VerifyConfig::GetBiosVersion(ForeignMounter &mounter) return StrTrimWhitespace(biosVersion); } +// read from host +std::string VerifyConfig::GetBiosVersion() +{ + std::string filePath(BIOS_VERSION_FILE_PATH); + FileInputStream fis(filePath); + auto biosVersion = fis.ReadAll(); + if (biosVersion.empty()) { + VIRTRUST_LOG_ERROR("|GetBiosVersion|END|||Read BIOS version from {} failed.", BIOS_VERSION_FILE_PATH); + return ""; + } + return StrTrimWhitespace(biosVersion); +} + // 从grubaa64.efi文件中获取 GRUB 版本号 std::string VerifyConfig::GetGrubVersion(ForeignMounter &mounter) { if (!mounter.CheckMount()) { @@ -225,7 +240,7 @@ std::string VerifyConfig::GetGrubVersion(ForeignMounter &mounter) { auto lines = ExtractStringsFromBinary(content); std::string grubVersion; for (size_t i = 0; i < lines.size(); ++i) { - if (lines[i].find(TARGET_GRUB_VERSION) != std::string::npos) { + if (std::regex_search(lines[i], GRUB_VERSION_REGEX)) { if (i + 1 < lines.size()) { grubVersion = lines[i + 1]; // 下一行即版本号 break; @@ -236,8 +251,8 @@ std::string VerifyConfig::GetGrubVersion(ForeignMounter &mounter) { // 未找到 if (grubVersion.empty()) { VIRTRUST_LOG_ERROR( - "|GetGrubVersion|END|||Failed to extract version: '{}', not found or has no following line in {}.", - TARGET_GRUB_VERSION, GetGrubPath()); + "|GetGrubVersion|END|||Failed to extract grub version, not found or has no following line in {}.", + GetGrubPath()); return ""; } diff --git a/virtrust/src/virtrust/utils/foreign_mounter.h b/virtrust/src/virtrust/utils/foreign_mounter.h index 338b974..54e1a99 100644 --- a/virtrust/src/virtrust/utils/foreign_mounter.h +++ b/virtrust/src/virtrust/utils/foreign_mounter.h @@ -105,6 +105,7 @@ public: std::string GetLinuzPath(); std::string GetBiosVersion(ForeignMounter &mounter); + std::string GetBiosVersion(); std::string GetGrubVersion(ForeignMounter &mounter); std::string GetInitrdVersion(); std::string GetLinuzVersion(); -- Gitee From dbcd8fb14a71006a4e76a7e6ff9983c24571f051 Mon Sep 17 00:00:00 2001 From: cx Date: Sat, 29 Nov 2025 17:53:28 +0800 Subject: [PATCH 4/5] fix: ensure char array ends with '\0' --- virtrust/src/virtrust/api/domain.cpp | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/virtrust/src/virtrust/api/domain.cpp b/virtrust/src/virtrust/api/domain.cpp index 9ceabd3..d165b0c 100644 --- a/virtrust/src/virtrust/api/domain.cpp +++ b/virtrust/src/virtrust/api/domain.cpp @@ -154,21 +154,24 @@ bool ConvertTsbStruct(const VirshMeasureInfo &src, struct MeasureInfo *&target) VIRTRUST_LOG_ERROR("malloc failed:{},size:{}", src.name_, totalSize); return false; } - if (memcpy_s(target->uuid, sizeof(target->uuid) - 1, src.uuid_.data(), src.uuid_.size()) != EOK) { + // must ensure char array ends with '\0' + if (memcpy_s(target->uuid, sizeof(target->uuid), src.uuid_.c_str(), src.uuid_.size() + 1) != EOK) { VIRTRUST_LOG_ERROR("memcpy uuid to tsb struct failed:{},uuidSize:{}", src.name_, sizeof(target->uuid)); return false; } + // content has its size filed target->size = contentSize; - - if (memcpy_s(target->content, contentSize, src.content_.data(), contentSize) != EOK) { + if (memcpy_s(target->content, contentSize, src.content_.c_str(), contentSize) != EOK) { VIRTRUST_LOG_ERROR("memcpy content to tsb struct failed:{},contentSize:{}", src.name_, contentSize); return false; } - if (memcpy_s(target->name, sizeof(target->name) - 1, src.name_.data(), src.name_.size()) != EOK) { + // must ensure char array ends with '\0' + if (memcpy_s(target->name, sizeof(target->name), src.name_.c_str(), src.name_.size() + 1) != EOK) { VIRTRUST_LOG_ERROR("memcpy name to tsb struct failed:{}", src.name_); return false; } - if (memcpy_s(target->version, sizeof(target->version) - 1, src.version_.data(), src.version_.size()) != EOK) { + // must ensure char array ends with '\0' + if (memcpy_s(target->version, sizeof(target->version), src.version_.c_str(), src.version_.size() + 1) != EOK) { VIRTRUST_LOG_ERROR("memcpy version to tsb struct failed:{},version:{}", src.name_, src.version_); return false; } -- Gitee From bc640780613ce03c16f5dcf4033962841021b46a Mon Sep 17 00:00:00 2001 From: cx Date: Tue, 2 Dec 2025 10:07:06 +0800 Subject: [PATCH 5/5] fix: extend RPC transmission timeout --- virtrust/src/virtrust/link/migration_session.cpp | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/virtrust/src/virtrust/link/migration_session.cpp b/virtrust/src/virtrust/link/migration_session.cpp index f05812e..a9d1137 100644 --- a/virtrust/src/virtrust/link/migration_session.cpp +++ b/virtrust/src/virtrust/link/migration_session.cpp @@ -18,6 +18,10 @@ namespace virtrust { namespace { +// RPC timeout unit: seconds +constexpr uint32_t RPC_SIGNAL_TIMEOUT = 5; +constexpr uint32_t RPC_TRANSFER_TIMEOUT = 10; + unsigned int GetFlagCleard(const unsigned int &flags, const unsigned int &clear) { return flags & ~clear; @@ -94,7 +98,7 @@ MigrateSessionRc MigrationSession::SendMigrateRequest() protos::PrepareMigReply reply; - int32_t rc = rpcClient_->PrepareMigration(5, req, &reply); + int32_t rc = rpcClient_->PrepareMigration(RPC_SIGNAL_TIMEOUT, req, &reply); bool ok = (rc == 0 && reply.result() == 0); if (!ok) { @@ -125,7 +129,7 @@ MigrateSessionRc MigrationSession::SendExchangeKey() } protos::EXchangePkAndReportReply res; - int32_t ret = rpcClient_->ExchangePkAndReport(5, req, &res); + int32_t ret = rpcClient_->ExchangePkAndReport(RPC_TRANSFER_TIMEOUT, req, &res); if (ret != 0 || res.result() != 0) { VIRTRUST_LOG_ERROR("|SendExchangeKey|END|returnF|domain name: {}|Exchange cert and report failed.", domainName_); @@ -179,7 +183,7 @@ MigrateSessionRc MigrationSession::SendStartMigration() req.set_uuid(sessionId_); protos::StartMigReply res; - int32_t ret = rpcClient_->StartMigration(5, req, &res); + int32_t ret = rpcClient_->StartMigration(RPC_SIGNAL_TIMEOUT, req, &res); if (ret != 0) { VIRTRUST_LOG_ERROR("|SendStartMigration|END|returnF|domain name: {}|Send start migration signal failed.", domainName_); @@ -249,7 +253,7 @@ MigrateSessionRc MigrationSession::SendTransferOnce(const std::string &cipher, c DescriptionToProto(vmInfo, protosDesc); protos::VRsourceInfoReply res; - int32_t ret = rpcClient_->SendVRsourceData(5, req, &res); + int32_t ret = rpcClient_->SendVRsourceData(RPC_TRANSFER_TIMEOUT, req, &res); // 传输数据失败 if (ret != 0) { VIRTRUST_LOG_ERROR("|SendTransferOnce|END|returnF||failed to tansfer data for: {}, ret {}.", domainName_, ret); @@ -308,7 +312,7 @@ MigrateSessionRc MigrationSession::SendFinishedNotify(bool success) req.set_result(success ? 0 : 1); req.set_uuid(sessionId_); protos::MigrateResultReply res; - auto ret = rpcClient_->NotifyVRMigrateResult(5, req, &res); + auto ret = rpcClient_->NotifyVRMigrateResult(RPC_SIGNAL_TIMEOUT, req, &res); if (ret != 0) { VIRTRUST_LOG_ERROR("|SendFinishedNotify|END|returnF|domain name: {}|Send notify failed.", domainName_); return MigrateSessionRc::ERROR; -- Gitee