From: Arun Menon <armenon@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Michael S. Tsirkin" <mst@redhat.com>,
"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
"Cornelia Huck" <cohuck@redhat.com>,
"Halil Pasic" <pasic@linux.ibm.com>,
"Eric Farman" <farman@linux.ibm.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"David Hildenbrand" <david@redhat.com>,
"Ilya Leoshkevich" <iii@linux.ibm.com>,
"Thomas Huth" <thuth@redhat.com>,
"Christian Borntraeger" <borntraeger@linux.ibm.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Fam Zheng" <fam@euphon.net>,
"Nicholas Piggin" <npiggin@gmail.com>,
"Daniel Henrique Barboza" <danielhb413@gmail.com>,
"Harsh Prateek Bora" <harshpb@linux.ibm.com>,
"Alex Williamson" <alex.williamson@redhat.com>,
"Cédric Le Goater" <clg@redhat.com>,
"Peter Xu" <peterx@redhat.com>, "Fabiano Rosas" <farosas@suse.de>,
"Hailiang Zhang" <zhanghailiang@xfusion.com>,
"Steve Sistare" <steven.sistare@oracle.com>,
qemu-s390x@nongnu.org, qemu-ppc@nongnu.org,
"Stefan Berger" <stefanb@linux.vnet.ibm.com>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Alex Bennée" <alex.bennee@linaro.org>,
"Akihiko Odaki" <odaki@rsg.ci.i.u-tokyo.ac.jp>,
"Dmitry Osipenko" <dmitry.osipenko@collabora.com>,
"Matthew Rosato" <mjrosato@linux.ibm.com>,
"Arun Menon" <armenon@redhat.com>,
"Stefan Berger" <stefanb@linux.vnet.ibm.com>
Subject: [PATCH v4 23/23] backends/tpm: Propagate vTPM error on migration failure
Date: Wed, 16 Jul 2025 16:13:13 +0530 [thread overview]
Message-ID: <20250716-propagate_tpm_error-v4-23-7141902077c0@redhat.com> (raw)
In-Reply-To: <20250716-propagate_tpm_error-v4-0-7141902077c0@redhat.com>
- When migration of a VM with encrypted vTPM fails on the
destination host, (e.g., due to a mismatch in secret values),
the error message displayed on the source host is generic and unhelpful.
- For example, a typical error looks like this:
"operation failed: job 'migration out' failed: Sibling indicated error 1.
operation failed: job 'migration in' failed: load of migration failed:
Input/output error"
- Such generic errors are logged using error_report(), which prints to
the console/monitor but does not make the detailed error accessible via
the QMP query-migrate command.
- This change, along with the set of changes of passing errp Error object
to the VM state loading functions, help in addressing the issue.
We use the post_load_errp hook of VMStateDescription to propagate errors
by setting Error **errp objects in case of failure in the TPM backend.
- It can then be retrieved using QMP command:
{"execute" : "query-migrate"}
Buglink: https://issues.redhat.com/browse/RHEL-82826
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Arun Menon <armenon@redhat.com>
---
backends/tpm/tpm_emulator.c | 39 ++++++++++++++++++++-------------------
1 file changed, 20 insertions(+), 19 deletions(-)
diff --git a/backends/tpm/tpm_emulator.c b/backends/tpm/tpm_emulator.c
index 4a234ab2c0b19b2604bf0dd8cb5f4540c72a9438..9bf5927e8e1542cf2e4f2275783d32853d5f1473 100644
--- a/backends/tpm/tpm_emulator.c
+++ b/backends/tpm/tpm_emulator.c
@@ -819,7 +819,8 @@ static int tpm_emulator_get_state_blobs(TPMEmulator *tpm_emu)
static int tpm_emulator_set_state_blob(TPMEmulator *tpm_emu,
uint32_t type,
TPMSizedBuffer *tsb,
- uint32_t flags)
+ uint32_t flags,
+ Error **errp)
{
ssize_t n;
ptm_setstate pss;
@@ -838,17 +839,17 @@ static int tpm_emulator_set_state_blob(TPMEmulator *tpm_emu,
/* write the header only */
if (tpm_emulator_ctrlcmd(tpm_emu, CMD_SET_STATEBLOB, &pss,
offsetof(ptm_setstate, u.req.data), 0, 0) < 0) {
- error_report("tpm-emulator: could not set state blob type %d : %s",
- type, strerror(errno));
+ error_setg(errp, "tpm-emulator: could not set state blob type %d : %s",
+ type, strerror(errno));
return -1;
}
/* now the body */
n = qemu_chr_fe_write_all(&tpm_emu->ctrl_chr, tsb->buffer, tsb->size);
if (n != tsb->size) {
- error_report("tpm-emulator: Writing the stateblob (type %d) "
- "failed; could not write %u bytes, but only %zd",
- type, tsb->size, n);
+ error_setg(errp, "tpm-emulator: Writing the stateblob (type %d) "
+ "failed; could not write %u bytes, but only %zd",
+ type, tsb->size, n);
return -1;
}
@@ -856,17 +857,17 @@ static int tpm_emulator_set_state_blob(TPMEmulator *tpm_emu,
n = qemu_chr_fe_read_all(&tpm_emu->ctrl_chr,
(uint8_t *)&pss, sizeof(pss.u.resp));
if (n != sizeof(pss.u.resp)) {
- error_report("tpm-emulator: Reading response from writing stateblob "
- "(type %d) failed; expected %zu bytes, got %zd", type,
- sizeof(pss.u.resp), n);
+ error_setg(errp, "tpm-emulator: Reading response from writing "
+ "stateblob (type %d) failed; expected %zu bytes, "
+ "got %zd", type, sizeof(pss.u.resp), n);
return -1;
}
tpm_result = be32_to_cpu(pss.u.resp.tpm_result);
if (tpm_result != 0) {
- error_report("tpm-emulator: Setting the stateblob (type %d) failed "
- "with a TPM error 0x%x %s", type, tpm_result,
- tpm_emulator_strerror(tpm_result));
+ error_setg(errp, "tpm-emulator: Setting the stateblob (type %d) "
+ "failed with a TPM error 0x%x %s", type, tpm_result,
+ tpm_emulator_strerror(tpm_result));
return -1;
}
@@ -880,7 +881,7 @@ static int tpm_emulator_set_state_blob(TPMEmulator *tpm_emu,
*
* Returns a negative errno code in case of error.
*/
-static int tpm_emulator_set_state_blobs(TPMBackend *tb)
+static int tpm_emulator_set_state_blobs(TPMBackend *tb, Error **errp)
{
TPMEmulator *tpm_emu = TPM_EMULATOR(tb);
TPMBlobBuffers *state_blobs = &tpm_emu->state_blobs;
@@ -894,13 +895,13 @@ static int tpm_emulator_set_state_blobs(TPMBackend *tb)
if (tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_PERMANENT,
&state_blobs->permanent,
- state_blobs->permanent_flags) < 0 ||
+ state_blobs->permanent_flags, errp) < 0 ||
tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_VOLATILE,
&state_blobs->volatil,
- state_blobs->volatil_flags) < 0 ||
+ state_blobs->volatil_flags, errp) < 0 ||
tpm_emulator_set_state_blob(tpm_emu, PTM_BLOB_TYPE_SAVESTATE,
&state_blobs->savestate,
- state_blobs->savestate_flags) < 0) {
+ state_blobs->savestate_flags, errp) < 0) {
return -EIO;
}
@@ -948,12 +949,12 @@ static void tpm_emulator_vm_state_change(void *opaque, bool running,
*
* Returns negative errno codes in case of error.
*/
-static int tpm_emulator_post_load(void *opaque, int version_id)
+static int tpm_emulator_post_load(void *opaque, int version_id, Error **errp)
{
TPMBackend *tb = opaque;
int ret;
- ret = tpm_emulator_set_state_blobs(tb);
+ ret = tpm_emulator_set_state_blobs(tb, errp);
if (ret < 0) {
return ret;
}
@@ -969,7 +970,7 @@ static const VMStateDescription vmstate_tpm_emulator = {
.name = "tpm-emulator",
.version_id = 0,
.pre_save = tpm_emulator_pre_save,
- .post_load = tpm_emulator_post_load,
+ .post_load_errp = tpm_emulator_post_load,
.fields = (const VMStateField[]) {
VMSTATE_UINT32(state_blobs.permanent_flags, TPMEmulator),
VMSTATE_UINT32(state_blobs.permanent.size, TPMEmulator),
--
2.50.0
next prev parent reply other threads:[~2025-07-16 10:52 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-16 10:42 [PATCH v4 00/23] migration: propagate vTPM errors using Error objects Arun Menon
2025-07-16 10:42 ` [PATCH v4 01/23] migration: push Error **errp into vmstate_subsection_load() Arun Menon
2025-07-16 10:42 ` [PATCH v4 02/23] migration: push Error **errp into vmstate_load_state() Arun Menon
2025-07-16 10:42 ` [PATCH v4 03/23] migration: push Error **errp into qemu_loadvm_state_header() Arun Menon
2025-07-16 10:42 ` [PATCH v4 04/23] migration: push Error **errp into vmstate_load() Arun Menon
2025-07-16 10:42 ` [PATCH v4 05/23] migration: push Error **errp into qemu_loadvm_section_start_full() Arun Menon
2025-07-16 10:42 ` [PATCH v4 06/23] migration: push Error **errp into qemu_loadvm_section_part_end() Arun Menon
2025-07-16 10:42 ` [PATCH v4 07/23] migration: push Error **errp into loadvm_process_command() Arun Menon
2025-07-16 10:42 ` [PATCH v4 08/23] migration: push Error **errp into loadvm_handle_cmd_packaged() Arun Menon
2025-07-16 10:42 ` [PATCH v4 09/23] migration: push Error **errp into ram_postcopy_incoming_init() Arun Menon
2025-07-16 10:43 ` [PATCH v4 10/23] migration: push Error **errp into loadvm_postcopy_handle_advise() Arun Menon
2025-07-16 10:43 ` [PATCH v4 11/23] migration: push Error **errp into loadvm_postcopy_handle_listen() Arun Menon
2025-07-16 10:43 ` [PATCH v4 12/23] migration: push Error **errp into loadvm_postcopy_handle_run() Arun Menon
2025-07-16 10:43 ` [PATCH v4 13/23] migration: push Error **errp into loadvm_postcopy_ram_handle_discard() Arun Menon
2025-07-16 10:43 ` [PATCH v4 14/23] migration: make loadvm_postcopy_handle_resume() void Arun Menon
2025-07-16 10:43 ` [PATCH v4 15/23] migration: push Error **errp into loadvm_handle_recv_bitmap() Arun Menon
2025-07-16 10:43 ` [PATCH v4 16/23] migration: push Error **errp into loadvm_process_enable_colo() Arun Menon
2025-07-16 10:43 ` [PATCH v4 17/23] migration: push Error **errp into loadvm_postcopy_handle_switchover_start() Arun Menon
2025-07-16 10:43 ` [PATCH v4 18/23] migration: push Error **errp into qemu_loadvm_state_main() Arun Menon
2025-07-16 10:43 ` [PATCH v4 19/23] migration: push Error **errp into qemu_loadvm_state() Arun Menon
2025-07-16 10:43 ` [PATCH v4 20/23] migration: push Error **errp into qemu_load_device_state() Arun Menon
2025-07-16 10:43 ` [PATCH v4 21/23] migration: Capture error in postcopy_ram_listen_thread() Arun Menon
2025-07-16 10:43 ` [PATCH v4 22/23] migration: Add error-parameterized function variants in VMSD struct Arun Menon
2025-07-16 10:43 ` Arun Menon [this message]
2025-07-16 19:58 ` [PATCH v4 00/23] migration: propagate vTPM errors using Error objects Fabiano Rosas
2025-07-16 22:38 ` Arun Menon
2025-07-17 12:30 ` Fabiano Rosas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250716-propagate_tpm_error-v4-23-7141902077c0@redhat.com \
--to=armenon@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=alex.williamson@redhat.com \
--cc=borntraeger@linux.ibm.com \
--cc=clg@redhat.com \
--cc=cohuck@redhat.com \
--cc=danielhb413@gmail.com \
--cc=david@redhat.com \
--cc=dmitry.osipenko@collabora.com \
--cc=fam@euphon.net \
--cc=farman@linux.ibm.com \
--cc=farosas@suse.de \
--cc=harshpb@linux.ibm.com \
--cc=iii@linux.ibm.com \
--cc=marcandre.lureau@redhat.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=mjrosato@linux.ibm.com \
--cc=mst@redhat.com \
--cc=npiggin@gmail.com \
--cc=odaki@rsg.ci.i.u-tokyo.ac.jp \
--cc=pasic@linux.ibm.com \
--cc=pbonzini@redhat.com \
--cc=peterx@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=stefanb@linux.vnet.ibm.com \
--cc=steven.sistare@oracle.com \
--cc=thuth@redhat.com \
--cc=zhanghailiang@xfusion.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).