From 6955a858753da1164f6532dedcdbe4e9b9c91bdb Mon Sep 17 00:00:00 2001 From: cx Date: Wed, 3 Dec 2025 14:13:42 +0800 Subject: [PATCH 1/3] fix: clear const_cast in domain.cpp; solve memory leak. --- virtrust/src/virtrust/api/domain.cpp | 38 +++++++++++++++++----------- 1 file changed, 23 insertions(+), 15 deletions(-) diff --git a/virtrust/src/virtrust/api/domain.cpp b/virtrust/src/virtrust/api/domain.cpp index d165b0c..30db202 100644 --- a/virtrust/src/virtrust/api/domain.cpp +++ b/virtrust/src/virtrust/api/domain.cpp @@ -34,6 +34,10 @@ constexpr uint32_t VIR_UUID_STRING_BUFLEN = 200; constexpr int LIST_DOMAINS_MASK = DomainListFlags::LIST_DOMAINS_ACTIVE | DomainListFlags::LIST_DOMAINS_INACTIVE; namespace { +constexpr std::string_view VIRT_INSTALL_ARG_NO_AUTO_CONSOLE = "--noautoconsole"; +constexpr std::string_view VIRT_INSTALL_ARG_NO_REBOOT = "--noreboot"; +constexpr std::string_view VIRT_INSTALL_ARG_CONNECT = "--connect"; + inline std::string GetNameStr(const virDomainPtr domian) { auto &libvirt = Libvirt::GetInstance(); @@ -331,12 +335,10 @@ void GetConnectArgs(const std::string &arg, std::string &value, size_t i, const } } -VirtrustRc ValidateAndPrepareArgs(const std::vector &args, std::vector &execArgs, +VirtrustRc ValidateAndPrepareArgs(const std::vector &args, std::vector &execArgs, std::string &domainName, bool &allowStoreMeasurements, const std::unique_ptr &conn) { - - execArgs.reserve(args.size() + 3); std::string connectArgs; for (size_t i = 0; i < args.size(); ++i) { const auto &arg = args[i]; @@ -356,22 +358,20 @@ VirtrustRc ValidateAndPrepareArgs(const std::vector &args, std::vec return VirtrustRc::ERROR; } (void)GetConnectArgs(arg, connectArgs, i, args); - execArgs.push_back(const_cast(arg.data())); + execArgs.push_back(arg.data()); } - execArgs.push_back(const_cast("--noautoconsole")); - execArgs.push_back(const_cast("--noreboot")); + execArgs.push_back(std::string(VIRT_INSTALL_ARG_NO_AUTO_CONSOLE)); + execArgs.push_back(std::string(VIRT_INSTALL_ARG_NO_REBOOT)); if (domainName.empty()) { VIRTRUST_LOG_ERROR("|DomainCreate|END|returnF||domain name must be given."); return VirtrustRc::ERROR; } if (connectArgs.empty()) { - execArgs.reserve(args.size() + 5); - execArgs.push_back(const_cast("--connect")); - execArgs.push_back(strdup(conn->GetUri().data())); + execArgs.push_back(std::string(VIRT_INSTALL_ARG_CONNECT)); + execArgs.push_back(conn->GetUri()); } else { conn->SetUri(connectArgs); } - execArgs.push_back(nullptr); return VirtrustRc::OK; } @@ -643,13 +643,23 @@ VirtrustRc DomainCreate(const std::unique_ptr &conn, const std::vector< if (CheckMaxDomainCount() != VirtrustRc::OK) { return VirtrustRc::ERROR; } - std::vector execArgs; + + std::vector execArgsStr; + execArgsStr.reserve(args.size() + 2); // +2 for --noautoconsole, --noreboot std::string domainName; bool allowStoreMeasurements = false; - execArgs.reserve(args.size() + 3); // +3 for --noautoconsole, --noreboot and nullptr - if (ValidateAndPrepareArgs(args, execArgs, domainName, allowStoreMeasurements, conn) != VirtrustRc::OK) { + if (ValidateAndPrepareArgs(args, execArgsStr, domainName, allowStoreMeasurements, conn) != VirtrustRc::OK) { return VirtrustRc::ERROR; } + + // string to char* for execv + std::vector execArgs; + execArgs.reserve(execArgsStr.size() + 1); // +1 for nullptr + for (auto &s : execArgsStr) { + execArgs.push_back(s.data()); + } + execArgs.push_back(nullptr); // end with nullptr + std::string argStr = MakeString(execArgs); // run virt-install in a child progress VIRTRUST_LOG_INFO("|DomainCreate|RUNNING|||Execute cmd: {},allowStoreMeasurements:{}", argStr, @@ -658,9 +668,7 @@ VirtrustRc DomainCreate(const std::unique_ptr &conn, const std::vector< if (pid == -1) { VIRTRUST_LOG_ERROR("|DomainCreate|END|returnF||Failed to create fork, msg:{}", strerror(errno)); return VirtrustRc::ERROR; - } else if (pid == 0) { - if (execv(execArgs[0], execArgs.data()) == -1) { VIRTRUST_LOG_ERROR("|DomainCreate|END|returnF||Failed to execute cmd:{}, msg: {}", argStr, strerror(errno)); -- Gitee From a7a586d96c12b98712023bfdbd26cfd9845445e9 Mon Sep 17 00:00:00 2001 From: cx Date: Wed, 3 Dec 2025 14:44:09 +0800 Subject: [PATCH 2/3] fix: extend RPC transmission timeout to 20 seconds. --- virtrust/src/virtrust/link/migration_session.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/virtrust/src/virtrust/link/migration_session.cpp b/virtrust/src/virtrust/link/migration_session.cpp index 9c96cdf..a61491d 100644 --- a/virtrust/src/virtrust/link/migration_session.cpp +++ b/virtrust/src/virtrust/link/migration_session.cpp @@ -20,7 +20,7 @@ namespace virtrust { namespace { // RPC timeout unit: seconds constexpr uint32_t RPC_SIGNAL_TIMEOUT = 5; -constexpr uint32_t RPC_TRANSFER_TIMEOUT = 10; +constexpr uint32_t RPC_TRANSFER_TIMEOUT = 20; unsigned int GetFlagCleard(const unsigned int &flags, const unsigned int &clear) { -- Gitee From c1976ea92e13bd291209affedc16c75746b2dff4 Mon Sep 17 00:00:00 2001 From: cx Date: Wed, 3 Dec 2025 14:47:05 +0800 Subject: [PATCH 3/3] fix: update VM consistency log. --- virtrust/src/virtrust/api/domain.cpp | 8 ++++---- virtrust/src/virtrust/link/migration_session.cpp | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/virtrust/src/virtrust/api/domain.cpp b/virtrust/src/virtrust/api/domain.cpp index 30db202..b9e586c 100644 --- a/virtrust/src/virtrust/api/domain.cpp +++ b/virtrust/src/virtrust/api/domain.cpp @@ -540,11 +540,11 @@ bool ConsistencyCheck(const std::unordered_map &tsbVmM errMap.emplace( tsb.first, std::make_pair(LogLevel::ERROR, - fmt::format("Inconsistent vm (tsb uuid:{}, name {}) " - "its data is inconsistent with tsb, consider update this " - "instance by \"virsh start/destroy DOMAIN_NAME\", or \"virtrust-sh " + fmt::format("Inconsistent vm (tsb uuid:{}, name {}), " + "its state in the TSB is {}, but its actual state is {}. Consider update " + "this instance by \"virsh start/destroy DOMAIN_NAME\", or \"virtrust-sh " "start/destroy --only-tsb DOMAIN_UUID\".", - tsb.first, tsb.second.name))); + tsb.first, tsb.second.name, tsb.second.state, virtIter->second.state))); out = false; continue; } diff --git a/virtrust/src/virtrust/link/migration_session.cpp b/virtrust/src/virtrust/link/migration_session.cpp index a61491d..1003bae 100644 --- a/virtrust/src/virtrust/link/migration_session.cpp +++ b/virtrust/src/virtrust/link/migration_session.cpp @@ -770,10 +770,10 @@ MigrateSessionRc MigrationSession::OnTransferDataRequestReceived(const protos::V } VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: MigrationImportVrootCipher success.", domainName_); - // 导入服务端发来的虚拟机描述信息 校验秘钥成功才导入 + // 导入服务端发来的虚拟机描述信息 auto protosDesc = request->vtpcminfo(); auto vmInfo = DescriptionFromProto(protosDesc); - vmInfo.state = VM_SHUTUP; + vmInfo.state = VIR_DOMAIN_SHUTOFF; VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: CreateVRoot start", domainName_); ret = CreateVRoot(&vmInfo); if (ret != 0) { -- Gitee