Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-7041

Error message changed to a unhelpful message when QEMU fails with vtpm migration

XMLWordPrintable

    • None
    • Low
    • rhel-sst-virtualization
    • ssg_virtualization
    • 5
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • If docs needed, set a value
    • None

      Description of problem:
      Error message changed to a unhelpful message when QEMU fails with vtpm migration

      Version-Release number of selected component (if applicable):
      libvirt-8.0.0-6.el9.x86_64
      qemu-kvm-6.2.0-10.el9.x86_64

      How reproducible:
      100%

      Steps to Reproduce:
      1. Install swtpm and swtpm-tools on both hosts.

      1. yum install swtpm swtpm-tools

      2. Create vtpm secret with same uuid but different values on both hosts.

      1. virsh secret-list
        UUID Usage
        -----------------------------------------------------------
        1498c26a-fead-4b2f-8071-94f2aa6ca0c0 vtpm VTPM_example

      3. Start guest with encrypted vtpm on source host.
      <tpm model='tpm-crb'>
      <backend type='emulator' version='2.0'>
      <encryption secret='1498c26a-fead-4b2f-8071-94f2aa6ca0c0'/>
      </backend>
      <alias name='tpm0'/>
      </tpm>

      4. Migrate guest to target host.

      1. virsh -c 'qemu:///system' migrate --live --verbose --domain avocado-vt-vm1 --desturi qemu+ssh://X.X.X.X/system
        Migration: [ 98 %]error: operation failed: domain is no longer running

      5. Check guest log on target host.

      1. cat /var/log/libvirt/qemu/vm1.log
        ...
        2022-03-07T02:46:53.281294Z qemu-kvm: tpm-emulator: Setting the stateblob (type 1) failed with a TPM error 0x21 decryption error
        2022-03-07T02:46:53.281312Z qemu-kvm: error while loading state for instance 0x0 of device 'tpm-emulator'
        2022-03-07T02:46:53.281713Z qemu-kvm: load of migration failed: Input/output error
        2022-03-07 02:46:53.499+0000: shutting down, reason=crashed

      Actual results:
      libvirt report following error message:
      error: operation failed: domain is no longer running

      Expected results:
      libvirt report following error message:
      qemu-kvm: tpm-emulator: Setting the stateblob (type 1) failed with a TPM error 0x21 decryption error
      qemu-kvm: error while loading state for instance 0x0 of device 'tpm-emulator'
      qemu-kvm: load of migration failed: Input/output error

      Additional info:
      Cannot reproduce this issue on libvirt-7.10.0-1.

      1. virsh -c 'qemu:///system' migrate --live --verbose --domain avocado-vt-vm1 --desturi qemu+ssh://X.X.X.X/system
        Migration: [ 89 %]error: internal error: qemu unexpectedly closed the monitor: 2022-01-06T18:18:00.877274Z qemu-kvm: tpm-emulator: Setting the stateblob (type 1) failed with a TPM error 0x21 decryption error
        2022-01-06T18:18:00.877312Z qemu-kvm: error while loading state for instance 0x0 of device 'tpm-emulator'
        2022-01-06T18:18:00.877780Z qemu-kvm: load of migration failed: Input/output error

              jdenemar@redhat.com Jiri Denemark
              rhn-support-lcheng Liping Cheng
              Jiri Denemark Jiri Denemark
              Yanqiu Zhang Yanqiu Zhang
              Votes:
              0 Vote for this issue
              Watchers:
              12 Start watching this issue

                Created:
                Updated: