From 35b00b588f0bc6681469b17f68552ddc71c68f13 Mon Sep 17 00:00:00 2001
From: cx <chengxin65@huawei.com>
Date: Fri, 12 Dec 2025 16:00:06 +0800
Subject: [PATCH] fix: modify log error.

---
 0002-modify-log-error.patch | 2184 +++++++++++++++++++++++++++++++++++
 TSB-agent.spec              |   25 +-
 2 files changed, 2208 insertions(+), 1 deletion(-)
 create mode 100644 0002-modify-log-error.patch

diff --git a/0002-modify-log-error.patch b/0002-modify-log-error.patch
new file mode 100644
index 0000000..d737b9d
--- /dev/null
+++ b/0002-modify-log-error.patch
@@ -0,0 +1,2184 @@
+diff --git a/virtrust/build.sh b/virtrust/build.sh
+index f27df27..2078d85 100755
+--- a/virtrust/build.sh
++++ b/virtrust/build.sh
+@@ -78,8 +78,8 @@ function build_output() {
+     cmake .. -DCMAKE_BUILD_TYPE=${build_type} \
+         -DBUILD_TEST=${enable_test}\
+         -DUSE_MOCK_TSB_AGENT=Off \
+-        -DCMAKE_INSTALL_PREFIX=${OUTPUT_DIR}/virtrust \
+-    make
++        -DCMAKE_INSTALL_PREFIX=${OUTPUT_DIR}/virtrust
++    make -j$(nproc)
+     make install
+     popd
+ }
+diff --git a/virtrust/docs/002-virtrust-api.md b/virtrust/docs/002-virtrust-api.md
+index 8b12327..a20913e 100644
+--- a/virtrust/docs/002-virtrust-api.md
++++ b/virtrust/docs/002-virtrust-api.md
+@@ -30,7 +30,6 @@ VirtrustRc DomainCreate(const std::unique_ptr<ConnCtx> &conn, const std::vector<
+ - `args`：参数向量，参考 `virt-install --help` 的参数格式
+   - `args[0]`：必须为 virt-install 的路径，如 `/usr/bin/virt-install`
+   - 必须指定虚拟机名称字段
+-  - `--allow-store-measurements`：可选参数，允许更新 TSB 的度量值
+ 
+ **功能描述**：
+ 创建一个新的虚拟机实例。该函数内部调用 virt-install 工具来创建虚拟机，并处理相关的 TSB 资源初始化。
+@@ -71,11 +70,9 @@ VirtrustRc DomainDestroy(const std::unique_ptr<ConnCtx> &conn, const std::string
+ 
+ ### 3. DomainMigrate - 迁移虚拟机
+ 
+-将虚拟机迁移到其他主机。当前仅支持离线迁移，虚拟机在 running/shut-off 状态下，非共享存储需要用户手动复制磁盘文件，例如 qcow2 到目的端口，目标存在同名运行的虚拟机情况下不能迁移，可配置源虚拟机是否删除，重复迁移会覆盖目标端虚拟机。
+-
+ ```cpp
+ VirtrustRc DomainMigrate(const std::unique_ptr<ConnCtx> &conn, const std::string &domainName,
+-                         const std::string &destUri, unsigned int flags = 0);
++                         const std::string &destUri, unsigned int flags = MIGRATE_UNDEFINE_SOURCE);
+ ```
+ 
+ **参数说明**：
+@@ -83,12 +80,10 @@ VirtrustRc DomainMigrate(const std::unique_ptr<ConnCtx> &conn, const std::string
+ - `domainName`：虚拟机名称
+ - `destUri`：目标端地址，格式为 `<protocol>://<hostip>:<port>/<path>`
+   - 示例：`qemu+tls://7.7.7.7:8080/system`
+-- `flags`：迁移标志
+-  - 默认为 0：不删除源端虚拟机
+-  - `MIGRATE_UNDEFINE_SOURCE`：迁移成功后删除源端虚拟机
++- `flags`：迁移标志，目前仅支持MIGRATE_UNDEFINE_SOURCE（迁移成功后删除源端虚机）
+ 
+ **功能描述**：
+-将虚拟机从当前主机迁移到目标主机。支持安全的迁移过程，包括 TSB 资源的同步。
++将虚拟机从当前主机迁移到目标主机。支持安全的迁移过程，包括 TSB 资源的同步。当前仅支持离线迁移，并且需要确保虚拟机在 shut-off 状态下。如待迁移虚拟机配置了非共享存储，则用户需要手动复制磁盘文件（例如 qcow2）到目的节点。如果目标存在同名运行的虚拟机情况下不能迁移。当前仅支持迁移成功后删除源虚拟机。重复迁移会覆盖目标端虚拟机。
+ 
+ **返回值**：
+ - 成功返回 `VirtrustRc::OK`
+@@ -108,6 +103,7 @@ VirtrustRc DomainStart(const std::unique_ptr<ConnCtx> &conn, const std::string &
+   - 当 `isOnlyTsb` 为 true 时，使用 UUID 时将忽略 flags 入参
+ - `flags`：启动标志，参考 `DomainStartFlags`（当前仅定义 `DOMAIN_START_NONE = 0`）
+ - `isOnlyTsb`：是否只更新 TSB 资源的标志
++- 
+   - `true`：仅更新 TSB 资源
+   - `false`：执行完整的虚拟机启动操作
+ 
+@@ -117,8 +113,6 @@ VirtrustRc DomainStart(const std::unique_ptr<ConnCtx> &conn, const std::string &
+ **注意事项**：
+ - 当使用 `--only-tsb/isOnlyTsb` 选项时，入参 `domainName` 应传入对应虚拟机的 `uuid`
+ - `domainName` 长度为 [1, 200]
+-- `desturi` 为目标端 uri，格式为 `<protocol>://<hostip>:<port>/<path>`，如 `qemu+tls://<destip>/system`
+-
+ 
+ ### 5. DomainUndefine - 删除虚拟机
+ 
+diff --git a/virtrust/docs/003-virtrust-sh.md b/virtrust/docs/003-virtrust-sh.md
+index 2db5dcb..43b82bb 100644
+--- a/virtrust/docs/003-virtrust-sh.md
++++ b/virtrust/docs/003-virtrust-sh.md
+@@ -4,7 +4,7 @@
+ 
+ Virtrust Shell (virtrust-sh) 是 virtrust 项目的命令行界面工具，为用户提供了交互式的虚拟机管理功能。它基于 virtrust API 库构建，支持虚拟机的完整生命周期管理操作。
+ 
+-- **虚拟机生命周期管理**：创建、启动、停止、迁移、查询和删除虚拟机
++- **虚拟机生命周期管理**：创建、启动、停止、迁移、查询和删除虚拟机定义
+ 
+ ## 安装和使用
+ 
+@@ -29,11 +29,11 @@ virtrust-sh [options]... <command> [args...]
+ | 命令 | 描述 |
+ |------|------|
+ | `create` | 创建虚拟机实例 |
+-| `destroy` | 销毁（停止）虚拟机域 |
++| `destroy` | 强制关闭（停止）虚拟机域 |
+ | `list` | 列出虚拟机信息 |
+ | `migrate` | 迁移虚拟机到其他主机 |
+ | `start` | 启动（先前定义的）非活动虚拟机域 |
+-| `undefine` | 取消定义虚拟机域 |
++| `undefine` | 删除虚拟机定义 |
+ 
+ ## 详细命令说明
+ 
+@@ -43,12 +43,11 @@ virtrust-sh [options]... <command> [args...]
+ 
+ **基本语法**：
+ ```bash
+-virtrust-sh create [options] [virt-install 支持的参数...]
++virtrust-sh create [virt-install 支持的参数...]
+ ```
+ 
+ **选项说明**：
+ - `-h | --help`：显示帮助信息
+-- `--allow-store-measurements`：允许存储测量数据（使用此选项时必须提供 `--name` 参数）
+ 
+ **参数说明**：
+ - 必须包含虚拟机名称参数（使用 `--name` 指定）
+@@ -64,13 +63,6 @@ virtrust-sh create \
+   --disk path=/var/lib/libvirt/images/test-vm.qcow2,size=10 \
+   --cdrom /path/to/install.iso f
+   --network network=default
+-
+-# 使用自定义连接 URI
+-virtrust-sh -c qemu+tcp://host/system create \
+-  --name test-vm \
+-  --memory 1024 \
+-  --vcpus 1 \
+-  --disk path=/tmp/test.img,size=5
+ ```
+ 
+ ### 2. start - 启动虚拟机
+@@ -101,9 +93,9 @@ virtrust-sh -d start test-vm
+ virtrust-sh start --only-tsb <vm-uuid>
+ ```
+ 
+-### 3. destroy - 停止虚拟机
++### 3. destroy - 强制关闭（停止）虚拟机
+ 
+-强制停止运行中的虚拟机。
++强制关闭（停止）运行中的虚拟机。
+ 
+ **基本语法**：
+ ```bash
+@@ -115,11 +107,11 @@ virtrust-sh destroy [options] <domain_name>
+ - `--only-tsb`：仅更新 TSB 资源，需要提供虚拟机的 UUID 作为 domain_name
+ 
+ **参数说明**：
+-- `domain_name`：要停止的虚拟机名称或 UUID（使用 `--only-tsb` 选项时必须使用 UUID）
++- `domain_name`：要强制关闭（停止）的虚拟机名称或 UUID（使用 `--only-tsb` 选项时必须使用 UUID）
+ 
+ **示例**：
+ ```bash
+-# 停止虚拟机
++# 强制关闭（停止）虚拟机
+ virtrust-sh destroy test-vm
+ 
+ # 仅更新 TSB 资源
+@@ -128,7 +120,7 @@ virtrust-sh destroy --only-tsb <vm-uuid>
+ 
+ ### 4. undefine - 删除虚拟机定义
+ 
+-删除虚拟机的配置定义，但不会删除磁盘镜像文件。
++删除虚拟机定义，但不会删除磁盘镜像文件。
+ 
+ **基本语法**：
+ ```bash
+@@ -161,7 +153,7 @@ virtrust-sh undefine --only-tsb <vm-uuid>
+ 
+ ### 5. migrate - 迁移虚拟机
+ 
+-将虚拟机迁移到其他主机。当前仅支持离线迁移，虚拟机在 shut-off 状态下，非共享存储需要用户手动复制磁盘文件，例如 qcow2 到目的端口，可配置源虚拟机是否删除，不支持重复迁移（目的端已存在会迁移失败）。
++将虚拟机迁移到其他主机。当前仅支持离线迁移，虚拟机在 shut-off 状态下，非共享存储需要用户手动复制磁盘镜像文件到目的节点的相同木木目录下目的主机节点，；可配置源虚拟机是否删除，不支持重复迁移（目的端已存在会迁移失败）。
+ 
+ **基本语法**：
+ ```bash
+@@ -170,7 +162,7 @@ virtrust-sh migrate [options] <domain_name> <dest_uri>
+ 
+ **选项说明**：
+ - `-h | --help`：显示帮助信息
+-- `--undefinesource`：迁移完成后删除源主机的虚拟机定义
++- `--undefinesource`：迁移完成后删除源主机的虚拟机定义，当前仅支持且默认为该选项。
+ 
+ **参数说明**：
+ - `domain_name`：要迁移的虚拟机名称，长度为 [1, 200]
+@@ -183,9 +175,6 @@ virtrust-sh migrate test-vm qemu+tls://192.168.1.100:16509/system
+ 
+ # 使用 TLS 加密迁移
+ virtrust-sh migrate test-vm qemu+tls://dest-host/system
+-
+-# 迁移并删除源主机虚拟机定义
+-virtrust-sh migrate --undefinesource test-vm qemu+tls://dest-host/system
+ ```
+ 
+ ### 6. list - 列出虚拟机信息
+diff --git a/virtrust/rpm/TSB-agent.spec b/virtrust/rpm/TSB-agent.spec
+index bf05ab8..96ce820 100644
+--- a/virtrust/rpm/TSB-agent.spec
++++ b/virtrust/rpm/TSB-agent.spec
+@@ -71,6 +71,7 @@ export CFLAGS="%{optflags}"
+ export CXXFLAGS="%{optflags}"
+ 
+ cmake -S . -B build \
++    -DBUILD_TEST=Off \
+     -DCMAKE_BUILD_TYPE=RelWithDebInfo  \
+     -DCMAKE_CXX_STANDARD=17 \
+     -DCMAKE_CXX_STANDARD_REQUIRED=ON \
+diff --git a/virtrust/src/tsb_agent/CMakeLists.txt b/virtrust/src/tsb_agent/CMakeLists.txt
+index 3d1e4ac..3959da2 100644
+--- a/virtrust/src/tsb_agent/CMakeLists.txt
++++ b/virtrust/src/tsb_agent/CMakeLists.txt
+@@ -5,12 +5,11 @@ if(USE_MOCK_TSB_AGENT)
+   add_subdirectory(mock)
+ else()
+   add_library(tsb-agent STATIC tsb_agent_adaptor.cpp)
+-  set_target_properties(tsb-agent PROPERTIES
+-          POSITION_INDEPENDENT_CODE ON
+-  )
++  set_target_properties(tsb-agent PROPERTIES POSITION_INDEPENDENT_CODE ON)
+   target_link_libraries(tsb-agent PRIVATE dl)
+-  target_include_directories(tsb-agent PRIVATE ${CMAKE_DEPS_INCLUDEDIR}
+-          $<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/src>)
++  target_include_directories(
++    tsb-agent PRIVATE ${CMAKE_DEPS_INCLUDEDIR}
++                      $<BUILD_INTERFACE:${PROJECT_SOURCE_DIR}/src>)
+ endif()
+ 
+ # NOTE Make sure targets are linekd to tsb-agent
+diff --git a/virtrust/src/tsb_agent/mock/tsb_agent_adaptor.cpp b/virtrust/src/tsb_agent/mock/tsb_agent_adaptor.cpp
+index 794391e..ca39e71 100644
+--- a/virtrust/src/tsb_agent/mock/tsb_agent_adaptor.cpp
++++ b/virtrust/src/tsb_agent/mock/tsb_agent_adaptor.cpp
+@@ -35,7 +35,9 @@ int GetVRoots(int *vtpcmNums, struct Description **vtpcmInfo)
+     // 分配内存
+     if (*vtpcmNums > 0) {
+         *vtpcmInfo = static_cast<Description *>(malloc(*vtpcmNums * sizeof(Description)));
+-
++        if (vtpcmInfo == nullptr) {
++            return -1;
++        }
+         // 将 instances 中的数据复制到 *vtpcmInfo中
+         for (int i = 0; i < *vtpcmNums; i++) {
+             (*vtpcmInfo)[i] = instances[i];
+@@ -124,14 +126,24 @@ int MigrationGetCert(char *vUuid,   // 虚拟机的uuid
+     if (cert == nullptr || pubkey == nullptr || rc != TsbAgentRc::OK || *cert != nullptr || *pubkey != nullptr) {
+         return ParseTsbAgentRc(TsbAgentRc::ERROR);
+     }
+-
+-    *certLen = out_cert.size();
++    if (out_cert.size() > static_cast<size_t>(INT_MAX)) {
++        return ParseTsbAgentRc(TsbAgentRc::ERROR);
++    }
++    *certLen = static_cast<int>(out_cert.size());
+     *cert = static_cast<char *>(malloc(*certLen));
+-    memcpy(cert, out_cert.data(), out_cert.size());
+-
++    if (memcpy_s(*cert, *certLen, out_cert.data(), out_cert.size()) != EOK) {
++        free(*cert);
++        *cert = nullptr;
++        return ParseTsbAgentRc(TsbAgentRc::ERROR);
++    }
++    if (out_pubkey.size() > static_cast<size_t>(INT_MAX)) {
++        free(*cert);
++        *cert = nullptr;
++        return ParseTsbAgentRc(TsbAgentRc::ERROR);
++    }
+     *pubkeyLen = out_pubkey.size();
+     *pubkey = static_cast<char *>(malloc(out_pubkey.size()));
+-    memcpy(pubkey, out_pubkey.data(), out_pubkey.size());
++    memcpy(*pubkey, out_pubkey.data(), out_pubkey.size());
+ 
+     return ParseTsbAgentRc(rc);
+ }
+diff --git a/virtrust/src/tsb_agent/mock/tsb_agent_impl.cpp b/virtrust/src/tsb_agent/mock/tsb_agent_impl.cpp
+index 6191d22..6932bf1 100644
+--- a/virtrust/src/tsb_agent/mock/tsb_agent_impl.cpp
++++ b/virtrust/src/tsb_agent/mock/tsb_agent_impl.cpp
+@@ -114,6 +114,10 @@ std::unordered_map<std::string, std::unique_ptr<VRoot>> LoadVRootsFromFile(const
+             // decode line format
+             std::vector<std::string> lineVec;
+             StrSplit(line, TSB_AGENT_FILE_SEP, lineVec);
++            if (lineVec.size() < 10) {
++                SPDLOG_ERROR("[MOCK-TSB-AGENT] Invalid line format in file: {}, line: {}", file, line);
++                continue;
++            }
+             // decode descriptions
+             VRootData data;
+             data.uuid = FromStr<VROOT_VM_UUID_MAX_LEN>(lineVec[0]);                // uuid
+@@ -163,6 +167,10 @@ TsbAgentRc TsbAgentImpl::CreateVRoot(const std::string &uuid, const std::string
+     }
+ 
+     VRootData desc;
++    if (uuid.size() >= desc.uuid.size() || name.size() >= desc.name.size()) {
++        SPDLOG_ERROR("[MOCK-TSB-AGENT] uuid or name is too long.");
++        return TsbAgentRc::ERROR;
++    }
+     if (memcpy_s(desc.uuid.data(), desc.uuid.size(), uuid.data(), uuid.size()) != EOK) {
+         SPDLOG_ERROR("[MOCK-TSB-AGENT] copy uuid failed");
+ 
+diff --git a/virtrust/src/tsb_agent/tsb_agent.h b/virtrust/src/tsb_agent/tsb_agent.h
+index f04da40..f7d24af 100644
+--- a/virtrust/src/tsb_agent/tsb_agent.h
++++ b/virtrust/src/tsb_agent/tsb_agent.h
+@@ -61,14 +61,14 @@ enum EnDirection {
+ };
+ 
+ enum EN_STATE {
+-    VM_SHUTUP = 0,      // 虚机停止状态，Description.state状态码
+-    VM_RUNNING,         // 虚机运行状态
+-    VM_MIGRATION,       // 虚机迁移状态
++    VM_SHUTUP = 0, // 虚机停止状态，Description.state状态码
++    VM_RUNNING,    // 虚机运行状态
++    VM_MIGRATION,  // 虚机迁移状态
+ 
+-    IMPORT_BM_SUCCESS,  // 基线值设置成功，CheckMeasure返回值
+-    CHECK_BM_SUCCESS,   // 基线值校验成功，CheckMeasure返回值
+-    IMPORT_BM_FAILURE,  // 基线值设置失败，CheckMeasure返回值
+-    CHECK_BM_FAILURE,   // 基线值校验失败，CheckMeasure返回值
++    IMPORT_BM_SUCCESS, // 基线值设置成功，CheckMeasure返回值
++    CHECK_BM_SUCCESS,  // 基线值校验成功，CheckMeasure返回值
++    IMPORT_BM_FAILURE, // 基线值设置失败，CheckMeasure返回值
++    CHECK_BM_FAILURE,  // 基线值校验失败，CheckMeasure返回值
+ 
+     ERR_VM_NOT_STARTED, // 虚机未启动错误，MigrationGetVrootCipher 返回值
+ };
+@@ -208,7 +208,7 @@ int MigrationGetVrootCipher(char *pUuid,
+ );
+ 
+ int MigrationImportVrootCipher(char *pUuid,
+-                               char *vUuid, // 虚拟机的uuid
++                               char *vUuid,  // 虚拟机的uuid
+                                char *cipher, // 加密后的密码资源
+                                int cipherLen // 密文长度
+ );
+diff --git a/virtrust/src/tsb_agent/tsb_agent_adaptor.cpp b/virtrust/src/tsb_agent/tsb_agent_adaptor.cpp
+index c702837..5fbb9c2 100644
+--- a/virtrust/src/tsb_agent/tsb_agent_adaptor.cpp
++++ b/virtrust/src/tsb_agent/tsb_agent_adaptor.cpp
+@@ -5,6 +5,7 @@
+ // 适配器：对外保持 C 接口不变，内部通过 TsbAgent 封装进行 dlopen 调用
+ 
+ #include "tsb_agent/tsb_agent.h"
++
+ #include "virtrust/dllib/tsb_agent.h"
+ 
+ namespace {
+@@ -13,7 +14,7 @@ bool CheckTsbAgentDlopen()
+     auto &ta = virtrust::TsbAgent::GetInstance();
+     return ta.CheckOk() == virtrust::DllibRc::OK;
+ }
+-}
++} // namespace
+ 
+ // NOTE ALL memories are allocated inside APIs by using "malloc", remember to free after use.
+ 
+@@ -140,7 +141,7 @@ int MigrationGetVrootCipher(char *pUuid,
+ }
+ 
+ int MigrationImportVrootCipher(char *pUuid,
+-                               char *vUuid, // 虚拟机的uuid
++                               char *vUuid,  // 虚拟机的uuid
+                                char *cipher, // 加密后的密码资源
+                                int cipherLen // 密文长度
+ )
+diff --git a/virtrust/src/virtrust-sh/operator/op_create.cpp b/virtrust/src/virtrust-sh/operator/op_create.cpp
+index 6c1e687..6ffba44 100644
+--- a/virtrust/src/virtrust-sh/operator/op_create.cpp
++++ b/virtrust/src/virtrust-sh/operator/op_create.cpp
+@@ -40,7 +40,6 @@ OpRc OpCreate::ParseArgv(int argc, char **argv)
+ 
+     std::vector<option> opt = {{"help", no_argument, nullptr, 'h'},
+                                {"name", required_argument, nullptr, 'n'},
+-                               {"allow-store-measurements", no_argument, nullptr, 1},
+                                {nullptr, 0, nullptr, 0}};
+ 
+     opterr = 0;
+@@ -84,13 +83,10 @@ void OpCreate::PrintUsage()
+                "    create - create a new virtual machine\n"
+                "\n"
+                "  SYNOPSIS:\n"
+-               "    create [options] <args>\n"
++               "    create <args>\n"
+                "\n"
+                "  OPTIONS:\n"
+                "    -h | --help                    this help\n"
+-               "    --allow-store-measurements     allow store measurements\n"
+-               "                                   (NOTE when using this option, "
+-               "--name must be provided)\n"
+                "\n"
+                "  ARGS:\n"
+                "    virt-install args, see all supported args with `virt-install "
+diff --git a/virtrust/src/virtrust-sh/operator/op_migrate.cpp b/virtrust/src/virtrust-sh/operator/op_migrate.cpp
+index fdd38b3..c7d0b51 100644
+--- a/virtrust/src/virtrust-sh/operator/op_migrate.cpp
++++ b/virtrust/src/virtrust-sh/operator/op_migrate.cpp
+@@ -40,8 +40,7 @@ OpRc OpMigrate::ParseArgv(int argc, char **argv)
+     int longindex = -1;
+     optind = 1; // reset
+ 
+-    std::vector<option> opt = {
+-        {"help", no_argument, nullptr, 'h'}, {"undefinesource", no_argument, nullptr, 0}, {nullptr, 0, nullptr, 0}};
++    std::vector<option> opt = {{"help", no_argument, nullptr, 'h'}, {nullptr, 0, nullptr, 0}};
+ 
+     // The leading + means no re-ordering, see man page of getopt_long
+     while ((arg = getopt_long(argc, argv, "+h", opt.data(), &longindex)) != -1) {
+@@ -51,13 +50,6 @@ OpRc OpMigrate::ParseArgv(int argc, char **argv)
+                 PrintUsage();
+                 optind = argc; // stop parsing
+                 return OpRc::OK;
+-            case 0:
+-                if (flags_ & MIGRATE_UNDEFINE_SOURCE) {
+-                    fmt::print("\nOption --undefinesource is already set.\n");
+-                    return OpRc::ERROR;
+-                }
+-                flags_ |= MIGRATE_UNDEFINE_SOURCE;
+-                break;
+             default:
+                 config_.enableExec = false;
+                 PrintUsage();
+@@ -66,6 +58,9 @@ OpRc OpMigrate::ParseArgv(int argc, char **argv)
+         }
+     }
+ 
++    // 迁移成功后删除源端虚机
++    flags_ |= MIGRATE_UNDEFINE_SOURCE;
++
+     if (argc - optind != OP_MIGRATE_EXTRA_CMD_NUM) {
+         fmt::print("\nInvalid number of arguments, expect: {}, got: {}\n", OP_MIGRATE_EXTRA_CMD_NUM, argc - optind);
+         PrintUsage();
+@@ -96,11 +91,10 @@ void OpMigrate::PrintUsage()
+                "    migrate - migrate domain to another host\n"
+                "\n"
+                "  SYNOPSIS:\n"
+-               "    migrate [options] <domain> <desturi>\n"
++               "    migrate <domain> <desturi>\n"
+                "\n"
+                "  OPTIONS:\n"
+                "    -h | --help                    this help\n"
+-               "    --undefinesource               undefine VM on source\n"
+                "\n");
+ }
+ 
+diff --git a/virtrust/src/virtrust/api/define_private.h b/virtrust/src/virtrust/api/define_private.h
+index 809fb6a..ac73699 100644
+--- a/virtrust/src/virtrust/api/define_private.h
++++ b/virtrust/src/virtrust/api/define_private.h
+@@ -35,7 +35,7 @@ public:
+         : bios("bios", uuid),
+           shim("shim", uuid),
+           grub("grub", uuid),
+-          grubCfg("grub_cfg", uuid),
++          grubCfg("grub.cfg", uuid),
+           kernel("kernel", uuid),
+           initrd("initrd", uuid)
+     {}
+diff --git a/virtrust/src/virtrust/api/domain.cpp b/virtrust/src/virtrust/api/domain.cpp
+index 7600325..b6c0574 100644
+--- a/virtrust/src/virtrust/api/domain.cpp
++++ b/virtrust/src/virtrust/api/domain.cpp
+@@ -31,12 +31,14 @@ constexpr const char *LOCK_FILE = "/tmp/virtrust-start.lock";
+ constexpr uint32_t MAX_DOMAIN_COUNT = 32;
+ constexpr uint32_t MAX_NAME_LENGTH = 200;
+ constexpr uint32_t VIR_UUID_STRING_BUFLEN = 200;
++constexpr uint32_t CREATE_ARGS_MAX_STRING_LENGTH = 1024;
++constexpr uint32_t CREATE_ARGS_MAX_SIZE = 150;
+ constexpr int LIST_DOMAINS_MASK = DomainListFlags::LIST_DOMAINS_ACTIVE | DomainListFlags::LIST_DOMAINS_INACTIVE;
+ namespace {
+ 
+ constexpr std::string_view VIRT_INSTALL_ARG_NO_AUTO_CONSOLE = "--noautoconsole";
+-constexpr std::string_view VIRT_INSTALL_ARG_NO_REBOOT       = "--noreboot";
+-constexpr std::string_view VIRT_INSTALL_ARG_CONNECT         = "--connect";
++constexpr std::string_view VIRT_INSTALL_ARG_NO_REBOOT = "--noreboot";
++constexpr std::string_view VIRT_INSTALL_ARG_CONNECT = "--connect";
+ 
+ inline std::string GetNameStr(const virDomainPtr domian)
+ {
+@@ -117,7 +119,12 @@ bool CalcVirshMeasure(std::string_view guestName, VirshMeasureSummary &measureSu
+ {
+     const std::string guestXmlPah = fmt::format(VIRTRUST_XML_REGEX_PATH, guestName);
+     virtrust::VirtXmlParser xmlParser;
+-    virtrust::VerifyConfig verifyConfig = xmlParser.Parse(guestXmlPah);
++    virtrust::VerifyConfig verifyConfig;
++    if (!xmlParser.Parse(verifyConfig, guestXmlPah)) {
++        VIRTRUST_LOG_ERROR("|main|END|returnF|file: {}|parse xml file failed.", guestXmlPah);
++        return false;
++    }
++
+     if (verifyConfig.GetGuestName() != guestName) {
+         VIRTRUST_LOG_ERROR("|main|END|returnF||guest name mismatch: the designated "
+                            "name is:{}, while the one in the xml is: {}",
+@@ -410,8 +417,7 @@ VirtrustRc CreateDomainAndVRoot(const std::unique_ptr<ConnCtx> &conn, const std:
+     }
+     Description description{};
+     description.state = 0;
+-    if (strncpy_s(description.name, sizeof(description.name), domainName.data(), sizeof(description.name) - 1) !=
+-        EOK) {
++    if (strncpy_s(description.name, sizeof(description.name), domainName.data(), sizeof(description.name) - 1) != EOK) {
+         VIRTRUST_LOG_ERROR("|DomainCreate|END|returnF||strncpy_s domainName failed.");
+ 
+         return VirtrustRc::ERROR;
+@@ -449,6 +455,18 @@ void FreeDescription(Description **description)
+     }
+ }
+ 
++VirtrustRc SafeGetVRoots(int *tsbVmNum, Description **vtpcmInfos)
++{
++    int ret = GetVRoots(tsbVmNum, vtpcmInfos);
++    if (ret != 0 || *tsbVmNum < 0) {
++        return VirtrustRc::ERROR;
++    }
++    if (*tsbVmNum != 0 && *vtpcmInfos == nullptr) {
++        return VirtrustRc::ERROR;
++    }
++    return VirtrustRc::OK;
++}
++
+ VirtrustRc UndefineTsbResource(const std::string &domainName)
+ {
+     if (domainName.size() != 36) { // UUID长度为36
+@@ -461,12 +479,9 @@ VirtrustRc UndefineTsbResource(const std::string &domainName)
+     int tsbVmNum = 0;
+     Description *tsbVmInfo = nullptr;
+ 
+-    std::unordered_set<std::string> tsbVmNames; // 存放tsb查询到的虚机名称
+-    int result = GetVRoots(&tsbVmNum, &tsbVmInfo);
+-    if (result != 0) {
+-
+-        VIRTRUST_LOG_ERROR("|DomainUndefine UndefineTsbResource|END|returnF||failed to get tsb "
+-                           "domains");
++    auto rc = SafeGetVRoots(&tsbVmNum, &tsbVmInfo);
++    if (rc != VirtrustRc::OK) {
++        VIRTRUST_LOG_ERROR("|DomainUndefine UndefineTsbResource|END|returnF||failed to get tsb domains");
+         return VirtrustRc::ERROR;
+     }
+     bool isMatch = false;
+@@ -498,7 +513,7 @@ bool CompareTsbVirtState(int tsb, int virt)
+ {
+     switch (virt) {
+         case VIR_DOMAIN_RUNNING:
+-            return tsb == 1;
++            return tsb == VM_RUNNING;
+         case VIR_DOMAIN_NOSTATE:
+         case VIR_DOMAIN_BLOCKED:
+         case VIR_DOMAIN_PAUSED:
+@@ -506,7 +521,7 @@ bool CompareTsbVirtState(int tsb, int virt)
+         case VIR_DOMAIN_SHUTOFF:
+         case VIR_DOMAIN_CRASHED:
+         case VIR_DOMAIN_PMSUSPENDED:
+-            return tsb == 0;
++            return tsb == VM_SHUTUP;
+         default:
+             return false;
+     }
+@@ -536,7 +551,7 @@ bool ConsistencyCheck(const std::unordered_map<std::string, Description> &tsbVmM
+             continue;
+         }
+ 
+-        if (!(CompareTsbVirtState(tsb.second.state, virtIter->second.state))) {
++        if (!CompareTsbVirtState(tsb.second.state, virtIter->second.state)) {
+             errMap.emplace(
+                 tsb.first,
+                 std::make_pair(LogLevel::ERROR,
+@@ -572,7 +587,7 @@ auto ToMaps(int tsbVmNum, Description *tsbVmInfo, int virtVmNum, virDomainPtr *v
+             !CompareTsbVirtState((tsbVmInfo + i)->state, VIR_DOMAIN_RUNNING)) {
+             continue;
+         }
+-         // 如果查INACTIVE 过滤running态的
++        // 如果查INACTIVE 过滤running态的
+         if (flags == DomainListFlags::LIST_DOMAINS_INACTIVE &&
+             CompareTsbVirtState((tsbVmInfo + i)->state, VIR_DOMAIN_RUNNING)) {
+             continue;
+@@ -605,18 +620,43 @@ auto ToMaps(int tsbVmNum, Description *tsbVmInfo, int virtVmNum, virDomainPtr *v
+     }
+     return std::make_pair(tsbVmMap, virtVmMap);
+ }
++
++// Check whether the number and length of parameters exceed the threshold
++VirtrustRc CheckCreateArgs(const std::vector<std::string> &args)
++{
++    if (args.empty()) {
++        VIRTRUST_LOG_ERROR("|CheckCreateArgs|END|returnF||Args is empty.");
++        return VirtrustRc::ERROR;
++    }
++
++    if (args.size() > CREATE_ARGS_MAX_SIZE) {
++        VIRTRUST_LOG_ERROR("|CheckCreateArgs|END|returnF||Args size exceed {}.", CREATE_ARGS_MAX_SIZE);
++        return VirtrustRc::ERROR;
++    }
++
++    for (size_t pos = 0; pos < args.size(); pos++) {
++        auto &arg = args[pos];
++        if (arg.empty() || arg.size() > CREATE_ARGS_MAX_STRING_LENGTH) {
++            VIRTRUST_LOG_ERROR("|CheckCreateArgs|END|returnF||Arg with index {} not valid, "
++                               "length needs to be between {} and {}.", pos, 1, CREATE_ARGS_MAX_STRING_LENGTH);
++            return VirtrustRc::ERROR;
++        }
++    }
++    return VirtrustRc::OK;
++}
++
+ } // namespace
+ 
+ VirtrustRc CheckMaxDomainCount()
+ {
+     int tsbVmNum = 0;
+     Description *tsbVmInfo = nullptr;
+-    int result = GetVRoots(&tsbVmNum, &tsbVmInfo);
+-    if (result != 0) {
++    auto rc = SafeGetVRoots(&tsbVmNum, &tsbVmInfo);
++    if (rc != VirtrustRc::OK) {
+         VIRTRUST_LOG_ERROR("|CheckMaxDomainCount|END|returnF||Failed to get tsb domains");
+         return VirtrustRc::ERROR;
+     }
+-    if (tsbVmNum == MAX_DOMAIN_COUNT) {
++    if (static_cast<uint32_t>(tsbVmNum) >= MAX_DOMAIN_COUNT) {
+         FreeDescription(&tsbVmInfo);
+         VIRTRUST_LOG_ERROR("|CheckMaxDomainCount|END|returnF||support max domain count is: {}", MAX_DOMAIN_COUNT);
+         return VirtrustRc::ERROR;
+@@ -632,12 +672,14 @@ VirtrustRc DomainCreate(const std::unique_ptr<ConnCtx> &conn, const std::vector<
+         VIRTRUST_LOG_ERROR("|DomainCreate|END|returnF|| ConnCtx is nullptr.");
+         return VirtrustRc::ERROR;
+     }
+-    FileLock fileLock(LOCK_FILE);
+-    if (!fileLock.IsLocked()) {
++
++    // Check whether the number and length of parameters exceed the threshold
++    if (CheckCreateArgs(args) != VirtrustRc::OK) {
+         return VirtrustRc::ERROR;
+     }
+-    if (conn == nullptr) {
+-        VIRTRUST_LOG_ERROR("|DomainCreate|END|returnF||conn is nullptr");
++
++    FileLock fileLock(LOCK_FILE);
++    if (!fileLock.IsLocked()) {
+         return VirtrustRc::ERROR;
+     }
+     if (CheckMaxDomainCount() != VirtrustRc::OK) {
+@@ -651,14 +693,16 @@ VirtrustRc DomainCreate(const std::unique_ptr<ConnCtx> &conn, const std::vector<
+     if (ValidateAndPrepareArgs(args, execArgsStr, domainName, allowStoreMeasurements, conn) != VirtrustRc::OK) {
+         return VirtrustRc::ERROR;
+     }
++    // 为了可拓展性，保留allowStoreMeasurements选项; 当前固定为false，创建虚机时不采集基线值
++    allowStoreMeasurements = false;
+ 
+     // string to char* for execv
+-    std::vector<char*> execArgs;
++    std::vector<char *> execArgs;
+     execArgs.reserve(execArgsStr.size() + 1); // +1 for nullptr
+     for (auto &s : execArgsStr) {
+         execArgs.push_back(s.data());
+     }
+-    execArgs.push_back(nullptr);  // end with nullptr
++    execArgs.push_back(nullptr); // end with nullptr
+ 
+     std::string argStr = MakeString(execArgs);
+     // run virt-install in a child progress
+@@ -709,10 +753,6 @@ VirtrustRc DomainDestroy(const std::unique_ptr<ConnCtx> &conn, const std::string
+     if (!fileLock.IsLocked()) {
+         return VirtrustRc::ERROR;
+     }
+-    if (conn == nullptr) {
+-        VIRTRUST_LOG_ERROR("|DomainDestroy|END|returnF||conn is nullptr");
+-        return VirtrustRc::ERROR;
+-    }
+ 
+     if (isOnlyTsb) {
+         if (domainName.size() != 36) { // UUID长度为36
+@@ -766,23 +806,19 @@ VirtrustRc DomainList(const std::unique_ptr<ConnCtx> &conn, unsigned int flags,
+                            "see DomainListFlags.");
+         return VirtrustRc::ERROR;
+     }
+-    if (conn == nullptr) {
+-        VIRTRUST_LOG_ERROR("|DomainList|END|returnF||conn is nullptr");
+-        return VirtrustRc::ERROR;
+-    }
+     domainInfos.clear();
+ 
+     int tsbVmNum = 0;
+     Description *tsbVmInfo = nullptr;
+-    if (GetVRoots(&tsbVmNum, &tsbVmInfo) != 0) {
+-
++    auto ret = SafeGetVRoots(&tsbVmNum, &tsbVmInfo);
++    if (ret != VirtrustRc::OK) {
+         VIRTRUST_LOG_ERROR("|DomainList|END|returnF||failed to get tsb domains");
+         return VirtrustRc::ERROR;
+     }
+ 
+-    virDomainPtr *virtVmInfo;
++    virDomainPtr *virtVmInfo = nullptr;
+     int virtVmNum = Libvirt::GetInstance().virConnectListAllDomains(conn->Get(), &virtVmInfo, flags);
+-    if (virtVmNum < 0) {
++    if (virtVmNum < 0 || (virtVmNum > 0 && virtVmInfo == nullptr)) {
+         VIRTRUST_LOG_ERROR("|DomainList|END|returnF||failed to get virsh domains");
+         FreeDescription(&tsbVmInfo);
+         return VirtrustRc::ERROR;
+@@ -813,6 +849,12 @@ VirtrustRc DomainList(const std::unique_ptr<ConnCtx> &conn, unsigned int flags,
+     }
+     FreeDescription(&tsbVmInfo);
+     if (virtVmInfo != nullptr) {
++        for (int i = 0; i < virtVmNum; i++) {
++            if (virtVmInfo[i] != nullptr) {
++                Libvirt::GetInstance().virDomainFree(virtVmInfo[i]);
++                virtVmInfo[i] = nullptr;
++            }
++        }
+         free(virtVmInfo);
+     }
+     VIRTRUST_LOG_DEBUG("|DomainList|END|returnS||list domain success");
+@@ -832,9 +874,8 @@ VirtrustRc DomainMigrate(const std::unique_ptr<ConnCtx> &conn, const std::string
+         return VirtrustRc::ERROR;
+     }
+     flags |= VIR_MIGRATE_OFFLINE | VIR_MIGRATE_PERSIST_DEST; // 默认离线迁移 离线迁移必须指定VIR_MIGRATE_PERSIST_DEST
+-    if (flags != (VIR_MIGRATE_OFFLINE | VIR_MIGRATE_PERSIST_DEST) &&
+-        flags != (VIR_MIGRATE_OFFLINE | VIR_MIGRATE_PERSIST_DEST | MIGRATE_UNDEFINE_SOURCE)) {
+-        VIRTRUST_LOG_ERROR("|DomainMigrate|END|returnF|invalid flags, only support 0 and {}",
++    if (flags != (VIR_MIGRATE_OFFLINE | VIR_MIGRATE_PERSIST_DEST | MIGRATE_UNDEFINE_SOURCE)) {
++        VIRTRUST_LOG_ERROR("|DomainMigrate|END|returnF|invalid flags, only support {}",
+                            static_cast<unsigned int>(MIGRATE_UNDEFINE_SOURCE));
+         return VirtrustRc::ERROR;
+     }
+@@ -920,7 +961,7 @@ VirtrustRc DomainStart(const std::unique_ptr<ConnCtx> &conn, const std::string &
+         return VirtrustRc::OK;
+     }
+     if (flags != DOMAIN_START_NONE) {
+-        VIRTRUST_LOG_ERROR("flags only support: {}", static_cast<unsigned int>(flags));
++        VIRTRUST_LOG_ERROR("flags only support: {}", static_cast<unsigned int>(DOMAIN_START_NONE));
+         return VirtrustRc::ERROR;
+     }
+     auto domain = std::make_unique<DomainCtx>(conn, domainName);
+@@ -968,10 +1009,6 @@ VirtrustRc DomainUndefine(const std::unique_ptr<ConnCtx> &conn, const std::strin
+     if (!fileLock.IsLocked()) {
+         return VirtrustRc::ERROR;
+     }
+-    if (conn == nullptr) {
+-        VIRTRUST_LOG_ERROR("|DomainUndefine|END|returnF||conn is nullptr");
+-        return VirtrustRc::ERROR;
+-    }
+     if (isOnlyTsb) {
+         return UndefineTsbResource(domainName);
+     }
+diff --git a/virtrust/src/virtrust/api/domain.h b/virtrust/src/virtrust/api/domain.h
+index 93c740c..2a4e867 100644
+--- a/virtrust/src/virtrust/api/domain.h
++++ b/virtrust/src/virtrust/api/domain.h
+@@ -15,7 +15,6 @@ namespace virtrust {
+  * @param conn 连接参数
+  * @param args 参数 参考virt-install --help
+  * 名称字段必须指定。arg[0]为virt-install的路径 如：、usr/bin/virt-install
+- * --allow-store-measurements可选 是否鞥新tsb的度量值
+  * @return VirtrustRc
+  */
+ VirtrustRc DomainCreate(const std::unique_ptr<ConnCtx> &conn, const std::vector<std::string> &args);
+@@ -35,13 +34,13 @@ VirtrustRc DomainDestroy(const std::unique_ptr<ConnCtx> &conn, const std::string
+ /**
+  * 迁移虚拟机
+  * @param conn 连接参数
+- * @param flags 默认0，不删除源端虚拟机，要删除源端虚拟机见DomainMigrateFlags中的选项
++ * @param flags 目前仅支持MIGRATE_UNDEFINE_SOURCE，删除源端虚拟机
+  * @param domainName 虚拟机名称
+  * @param destUri 目的端地址 格式为<protocol>://<hostip>:<port>/<path> 如qemu+tls://7.7.7.7:8080/system
+  * @return VirtrustRc
+  */
+ VirtrustRc DomainMigrate(const std::unique_ptr<ConnCtx> &conn, const std::string &domainName,
+-                         const std::string &destUri, unsigned int flags = 0);
++                         const std::string &destUri, unsigned int flags = MIGRATE_UNDEFINE_SOURCE);
+ 
+ /**
+  * 启动虚拟机
+diff --git a/virtrust/src/virtrust/api/file_lock.h b/virtrust/src/virtrust/api/file_lock.h
+index e79fb7e..d92304a 100644
+--- a/virtrust/src/virtrust/api/file_lock.h
++++ b/virtrust/src/virtrust/api/file_lock.h
+@@ -22,8 +22,8 @@ public:
+             VIRTRUST_LOG_ERROR("Failed to open file {}, msg {}", fileName, strerror(errno));
+         } else {
+ 
+-            // Force permissions to 666 regardless of umask
+-            if (fchmod(fd_, 0666) == -1) {
++            // Force permissions to 600 regardless of umask
++            if (fchmod(fd_, 0600) == -1) {
+                 VIRTRUST_LOG_ERROR("Failed to set permissions for file {}, msg {}", fileName, strerror(errno));
+             }
+ 
+@@ -41,6 +41,7 @@ public:
+         if (fd_ != -1) {
+             flock(fd_, LOCK_UN);
+             close(fd_);
++            fd_ = -1;
+         }
+     }
+ 
+diff --git a/virtrust/src/virtrust/base/exception.h b/virtrust/src/virtrust/base/exception.h
+index b04d753..7cd4b8b 100644
+--- a/virtrust/src/virtrust/base/exception.h
++++ b/virtrust/src/virtrust/base/exception.h
+@@ -76,7 +76,9 @@ public:
+         } else {
+             r = ::virtrust::MakeString(*msg_, ". ", extra);
+         }
+-        delete msg_;
++        if (msg_ != nullptr) {
++            delete msg_;
++        }
+         return r;
+     }
+ 
+diff --git a/virtrust/src/virtrust/base/str_utils.h b/virtrust/src/virtrust/base/str_utils.h
+index 0d87dbe..39cea02 100644
+--- a/virtrust/src/virtrust/base/str_utils.h
++++ b/virtrust/src/virtrust/base/str_utils.h
+@@ -4,6 +4,12 @@
+ 
+ #pragma once
+ 
++#include <limits.h>
++#include <sys/stat.h>
++#include <unistd.h>
++
++#include <cctype>
++#include <cstring>
+ #include <fstream>
+ #include <memory>
+ #include <sstream>
+@@ -11,7 +17,7 @@
+ #include <vector>
+ 
+ namespace virtrust {
+-
++constexpr uint32_t MAX_FILE_SIZE = 5 * 1024 * 1024;
+ inline void MakeStringInternal(std::stringstream &)
+ {}
+ 
+@@ -59,6 +65,9 @@ template <> inline std::string MakeString(const std::string &args)
+ 
+ inline std::string MakeString(const char *cstr)
+ {
++    if (cstr == nullptr) {
++        return "";
++    }
+     return {cstr};
+ }
+ 
+@@ -113,7 +122,7 @@ inline std::string StrTrimWhitespace(const std::string &str)
+ 
+ inline size_t StrCountChar(const std::string &str, char target)
+ {
+-    int cnt = 0;
++    size_t cnt = 0;
+     for (const char ch : str) {
+         if (ch == target) {
+             cnt++;
+@@ -136,9 +145,77 @@ inline bool StartsWithIgnoreSpaces(const std::string &str, std::string_view pref
+     return str.substr(start).find(prefix) == 0;
+ }
+ 
++inline bool Exist(std::string &filePath, const int &mode)
++{
++    return access(filePath.c_str(), mode) != -1;
++}
++
++inline bool IsAbsolutePath(std::string &filePath)
++{
++    if (filePath.length() == 0) {
++        return false;
++    }
++
++    if (filePath[0] == '/') {
++        return false;
++    }
++
++    if (strstr(filePath.c_str(), "/../") != nullptr || strstr(filePath.c_str(), "/./") != nullptr) {
++        return false;
++    }
++    return true;
++}
++
++inline bool CanonicalPath(std::string filePath)
++{
++    if (filePath.empty() || filePath.size() > PATH_MAX) {
++        return false;
++    }
++    char pathBuf[PATH_MAX + 1] = {0};
++    if (realpath(filePath.c_str(), pathBuf) == nullptr) {
++        return false;
++    }
++    filePath = pathBuf;
++    return true;
++}
++
++inline bool CheckFileStat(std::string filePath)
++{
++    struct stat st;
++    if (stat(filePath.c_str(), &st) != 0) {
++        return false;
++    }
++
++    if ((st.st_mode & S_IFMT) != S_IFREG || st.st_size > MAX_FILE_SIZE) {
++        return false;
++    }
++    return true;
++}
++
++inline bool CheckFilePathValid(std::string &filePath)
++{
++    if (!IsAbsolutePath(filePath)) {
++        return false;
++    }
++    if (!CanonicalPath(filePath)) {
++        return false;
++    }
++    if (!CheckFileStat(filePath)) {
++        return false;
++    }
++    if (!Exist(filePath, F_OK | R_OK)) {
++        return false;
++    }
++    return true;
++}
++
+ inline std::string ReadFile(const std::string &filename)
+ {
+-    std::ifstream file(filename);
++    std::string filePath = filename;
++    std::ifstream file(filePath);
++    if (!CheckFilePathValid(filePath)) {
++        return "";
++    }
+     return {(std::istreambuf_iterator<char>(file)), std::istreambuf_iterator<char>()};
+ }
+ 
+@@ -147,7 +224,7 @@ inline std::vector<std::string> ExtractStringsFromBinary(std::string_view conten
+     std::vector<std::string> out;
+     std::string cur;
+ 
+-    for (const char c: content) {
++    for (const char c : content) {
+         const unsigned char uc = static_cast<unsigned char>(c);
+         // the blank space is in isprint()
+         if (isprint(uc) || c == '\t') {
+diff --git a/virtrust/src/virtrust/crypto/sm3.cpp b/virtrust/src/virtrust/crypto/sm3.cpp
+index 9c8eba9..9d90cb5 100644
+--- a/virtrust/src/virtrust/crypto/sm3.cpp
++++ b/virtrust/src/virtrust/crypto/sm3.cpp
+@@ -112,7 +112,7 @@ std::array<uint8_t, Sm3::DigestSize()> DoSm3(std::string_view data)
+     }
+ 
+     auto buf = sm3.CumulativeHash();
+-    if (buf.size() < Sm3::DigestSize()) {
++    if (buf.size() != Sm3::DigestSize()) {
+         VIRTRUST_LOG_ERROR("DoSm3() Failed, CumulativeHash output len incorrent:{}", buf.size());
+         return {};
+     }
+diff --git a/virtrust/src/virtrust/dllib/common.h b/virtrust/src/virtrust/dllib/common.h
+index 5cd4aba..fb88b83 100644
+--- a/virtrust/src/virtrust/dllib/common.h
++++ b/virtrust/src/virtrust/dllib/common.h
+@@ -96,20 +96,21 @@ protected:
+     {
+         libptr_ = dlopen(libName_.data(), RTLD_NOW | RTLD_GLOBAL);
+         if (libptr_ == nullptr) {
+-            throw std::runtime_error(std::string(dlerror()));
++            return DllibRc::ERROR;
+         }
+         return DllibRc::OK;
+     }
+ 
+-    template <class R, class... Args> void SelfDlSym(std::string_view funName, DlFun<R, Args...> &outFun)
++    template <class R, class... Args> DllibRc SelfDlSym(std::string_view funName, DlFun<R, Args...> &outFun)
+     {
+         if (libptr_ == nullptr || funName.empty()) {
+-            return;
++            return DllibRc::ERROR;
+         }
+ 
+         void *funPtr = dlsym(libptr_, funName.data());
+         size_++; // always add up internal size counter
+         outFun = DlFun<R, Args...>(funName, reinterpret_cast<R (*)(Args...)>(funPtr));
++        return DllibRc::OK;
+     }
+ 
+ private:
+diff --git a/virtrust/src/virtrust/dllib/libguestfs.h b/virtrust/src/virtrust/dllib/libguestfs.h
+index 7b7f474..fcb2ec1 100644
+--- a/virtrust/src/virtrust/dllib/libguestfs.h
++++ b/virtrust/src/virtrust/dllib/libguestfs.h
+@@ -70,26 +70,53 @@ public:
+     DlFun<char *, guestfs_h *, const char *, size_t *> guestfs_read_file;
+ 
+ private:
+-    void LoadAll()
++    DllibRc LoadAll()
+     {
+         // NOTE explicitly dlopen shared library
+         auto ret = SelfDlOpen();
+         if (ret != DllibRc::OK) {
+-            return;
++            return ret;
+         }
+-        DLLIB_SELF_DLSYM(guestfs_create);
+-        DLLIB_SELF_DLSYM(guestfs_set_backend);
+-        DLLIB_SELF_DLSYM(guestfs_add_drive_opts_argv);
+-        DLLIB_SELF_DLSYM(guestfs_launch);
+-        DLLIB_SELF_DLSYM(guestfs_inspect_os);
+-        DLLIB_SELF_DLSYM(guestfs_inspect_get_mountpoints);
+-        DLLIB_SELF_DLSYM(guestfs_mount_ro);
+-        DLLIB_SELF_DLSYM(guestfs_umount_all);
+-        DLLIB_SELF_DLSYM(guestfs_close);
+-        DLLIB_SELF_DLSYM(guestfs_set_trace);
+-        DLLIB_SELF_DLSYM(guestfs_exists);
+-        DLLIB_SELF_DLSYM(guestfs_is_file);
+-        DLLIB_SELF_DLSYM(guestfs_read_file);
++        if (DLLIB_SELF_DLSYM(guestfs_create) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_set_backend) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_add_drive_opts_argv) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_launch) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_inspect_os) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_inspect_get_mountpoints) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_mount_ro) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_umount_all) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_close) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_set_trace) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_exists) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_is_file) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(guestfs_read_file) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        return DllibRc::OK;
+     }
+ 
+     Libguestfs() : DlLibBase(LIB_NAME)
+diff --git a/virtrust/src/virtrust/dllib/libvirt.h b/virtrust/src/virtrust/dllib/libvirt.h
+index a88a87f..95ef646 100644
+--- a/virtrust/src/virtrust/dllib/libvirt.h
++++ b/virtrust/src/virtrust/dllib/libvirt.h
+@@ -68,29 +68,62 @@ public:
+         virDomainMigrate3;
+ 
+ private:
+-    void LoadAll()
++    DllibRc LoadAll()
+     {
+         // NOTE explicitly dlopen shared library
+         auto ret = SelfDlOpen();
+         if (ret != DllibRc::OK) {
+-            return;
+-        }
+-        DLLIB_SELF_DLSYM(virConnectOpen);
+-        DLLIB_SELF_DLSYM(virDomainLookupByName);
+-        DLLIB_SELF_DLSYM(virDomainCreateWithFlags);
+-        DLLIB_SELF_DLSYM(virConnectClose);
+-        DLLIB_SELF_DLSYM(virDomainFree);
+-        DLLIB_SELF_DLSYM(virDomainShutdownFlags);
+-        DLLIB_SELF_DLSYM(virConnectNumOfDomains);
+-        DLLIB_SELF_DLSYM(virConnectListAllDomains);
+-        DLLIB_SELF_DLSYM(virDomainGetID);
+-        DLLIB_SELF_DLSYM(virDomainGetName);
+-        DLLIB_SELF_DLSYM(virDomainGetInfo);
+-        DLLIB_SELF_DLSYM(virDomainDestroyFlags);
+-        DLLIB_SELF_DLSYM(virDomainUndefineFlags);
+-        DLLIB_SELF_DLSYM(virSetErrorFunc);
+-        DLLIB_SELF_DLSYM(virDomainGetUUIDString);
+-        DLLIB_SELF_DLSYM(virDomainMigrate3);
++            return ret;
++        }
++        if (DLLIB_SELF_DLSYM(virConnectOpen) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainLookupByName) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainCreateWithFlags) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virConnectClose) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainFree) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainShutdownFlags) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virConnectNumOfDomains) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virConnectListAllDomains) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainGetID) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainGetName) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainGetInfo) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainDestroyFlags) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainUndefineFlags) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virSetErrorFunc) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainGetUUIDString) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(virDomainMigrate3) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        return DllibRc::OK;
+     }
+ 
+     Libvirt() : DlLibBase(LIB_NAME)
+diff --git a/virtrust/src/virtrust/dllib/libxml2.h b/virtrust/src/virtrust/dllib/libxml2.h
+index fd7f5a8..f721b04 100644
+--- a/virtrust/src/virtrust/dllib/libxml2.h
++++ b/virtrust/src/virtrust/dllib/libxml2.h
+@@ -45,18 +45,29 @@ public:
+     DlFun<void, void *> xmlFree;
+ 
+ private:
+-    void LoadAll()
++    DllibRc LoadAll()
+     {
+         // NOTE explicitly dlopen shared library
+         auto ret = SelfDlOpen();
+         if (ret != DllibRc::OK) {
+-            return;
++            return ret;
+         }
+-        DLLIB_SELF_DLSYM(xmlParseFile);
+-        DLLIB_SELF_DLSYM(xmlFreeDoc);
+-        DLLIB_SELF_DLSYM(xmlDocGetRootElement);
+-        DLLIB_SELF_DLSYM(xmlGetProp);
+-        DLLIB_SELF_DLSYM(xmlFree);
++        if (DLLIB_SELF_DLSYM(xmlParseFile) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(xmlFreeDoc) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(xmlDocGetRootElement) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(xmlGetProp) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(xmlFree) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        return DllibRc::OK;
+     }
+ 
+     Libxml2() : DlLibBase(LIB_NAME)
+diff --git a/virtrust/src/virtrust/dllib/openssl.h b/virtrust/src/virtrust/dllib/openssl.h
+index 0b07fa1..90e056c 100644
+--- a/virtrust/src/virtrust/dllib/openssl.h
++++ b/virtrust/src/virtrust/dllib/openssl.h
+@@ -71,23 +71,44 @@ public:
+     DlFun<void, EVP_MD_CTX *> EVP_MD_CTX_free;
+ 
+ private:
+-    void LoadAll()
++    DllibRc LoadAll()
+     {
+         // NOTE explicitly dlopen shared library
+         auto ret = SelfDlOpen();
+         if (ret != DllibRc::OK) {
+-            return;
++            return ret;
+         }
+-        DLLIB_SELF_DLSYM(EVP_MD_fetch);
+-        DLLIB_SELF_DLSYM(EVP_MD_get_size);
+-        DLLIB_SELF_DLSYM(EVP_MD_CTX_new);
+-        DLLIB_SELF_DLSYM(EVP_MD_CTX_reset);
+-        DLLIB_SELF_DLSYM(EVP_MD_CTX_copy_ex);
+-        DLLIB_SELF_DLSYM(EVP_DigestInit);
+-        DLLIB_SELF_DLSYM(EVP_DigestUpdate);
+-        DLLIB_SELF_DLSYM(EVP_DigestFinal_ex);
+-        DLLIB_SELF_DLSYM(EVP_MD_free);
+-        DLLIB_SELF_DLSYM(EVP_MD_CTX_free);
++        if (DLLIB_SELF_DLSYM(EVP_MD_fetch) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(EVP_MD_get_size) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(EVP_MD_CTX_new) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(EVP_MD_CTX_reset) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(EVP_MD_CTX_copy_ex) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(EVP_DigestInit) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(EVP_DigestUpdate) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(EVP_DigestFinal_ex) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(EVP_MD_free) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(EVP_MD_CTX_free) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        return DllibRc::OK;
+     }
+ 
+     Openssl() : DlLibBase(LIB_NAME)
+diff --git a/virtrust/src/virtrust/dllib/tsb_agent.h b/virtrust/src/virtrust/dllib/tsb_agent.h
+index 1c9425a..5ad0ce8 100644
+--- a/virtrust/src/virtrust/dllib/tsb_agent.h
++++ b/virtrust/src/virtrust/dllib/tsb_agent.h
+@@ -9,9 +9,10 @@
+ #include <cstdint>
+ #include <string_view>
+ 
+-#include "virtrust/dllib/common.h"
+ #include "tsb_agent/tsb_agent.h" // for structs and function prototypes
+ 
++#include "virtrust/dllib/common.h"
++
+ namespace virtrust {
+ 
+ // TSB Agent 接口的 dlopen 封装
+@@ -43,23 +44,13 @@ public:
+     DlFun<int, char *> StopVRoot;
+     DlFun<int, char *> RemoveVRoot;
+ 
+-    DlFun<int,
+-          char *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *> UpdateMeasure;
+-
+-    DlFun<int,
+-          char *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *,
+-          struct MeasureInfo *> CheckMeasure;
++    DlFun<int, char *, struct MeasureInfo *, struct MeasureInfo *, struct MeasureInfo *, struct MeasureInfo *,
++          struct MeasureInfo *, struct MeasureInfo *>
++        UpdateMeasure;
++
++    DlFun<int, char *, struct MeasureInfo *, struct MeasureInfo *, struct MeasureInfo *, struct MeasureInfo *,
++          struct MeasureInfo *, struct MeasureInfo *>
++        CheckMeasure;
+ 
+     DlFun<int, char *, char *, struct trust_report_new *, struct trust_report_new *> GetReport;
+     DlFun<int, char *, char *, struct trust_report_new *, struct trust_report_new *> VerifyTrustReport;
+@@ -72,33 +63,70 @@ public:
+     DlFun<int, int, char *, char **, int *, char *, int> TransDupPub;
+ 
+ private:
+-    void LoadAll()
++    DllibRc LoadAll()
+     {
+         // 显式 dlopen 共享库
+         auto ret = SelfDlOpen();
+         if (ret != DllibRc::OK) {
+-            return;
++            return ret;
+         }
+ 
+         // dlsym 全部函数
+-        DLLIB_SELF_DLSYM(GetVRoots);
+-        DLLIB_SELF_DLSYM(CreateVRoot);
+-        DLLIB_SELF_DLSYM(StartVRoot);
+-        DLLIB_SELF_DLSYM(StopVRoot);
+-        DLLIB_SELF_DLSYM(RemoveVRoot);
+-
+-        DLLIB_SELF_DLSYM(UpdateMeasure);
+-        DLLIB_SELF_DLSYM(CheckMeasure);
+-
+-        DLLIB_SELF_DLSYM(GetReport);
+-        DLLIB_SELF_DLSYM(VerifyTrustReport);
+-
+-        DLLIB_SELF_DLSYM(MigrationGetCert);
+-        DLLIB_SELF_DLSYM(MigrationCheckPeerPk);
+-        DLLIB_SELF_DLSYM(MigrationGetVrootCipher);
+-        DLLIB_SELF_DLSYM(MigrationImportVrootCipher);
+-        DLLIB_SELF_DLSYM(MigrationNotify);
+-        DLLIB_SELF_DLSYM(TransDupPub);
++        if (DLLIB_SELF_DLSYM(GetVRoots) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(CreateVRoot) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(StartVRoot) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(StopVRoot) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(RemoveVRoot) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++
++        if (DLLIB_SELF_DLSYM(UpdateMeasure) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(CheckMeasure) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++
++        if (DLLIB_SELF_DLSYM(GetReport) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(VerifyTrustReport) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++
++        if (DLLIB_SELF_DLSYM(MigrationGetCert) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(MigrationCheckPeerPk) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(MigrationGetVrootCipher) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(MigrationGetVrootCipher) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(MigrationGetVrootCipher) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(MigrationImportVrootCipher) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(MigrationNotify) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        if (DLLIB_SELF_DLSYM(TransDupPub) != DllibRc::OK) {
++            return DllibRc::ERROR;
++        }
++        return DllibRc::OK;
+     }
+ 
+     TsbAgent() : DlLibBase(LIB_NAME)
+@@ -110,4 +138,3 @@ private:
+ };
+ 
+ } // namespace virtrust
+-
+diff --git a/virtrust/src/virtrust/link/CMakeLists.txt b/virtrust/src/virtrust/link/CMakeLists.txt
+index bd154d8..54ea86f 100644
+--- a/virtrust/src/virtrust/link/CMakeLists.txt
++++ b/virtrust/src/virtrust/link/CMakeLists.txt
+@@ -14,11 +14,11 @@ set(VIRTRUST_PROTO_SOURCE_FILES ${VIRTRUST_PROTO_SOURCE_FILES}
+ # Add tests for link directory
+ add_virtrust_test_if(proto_tools_test ${BUILD_TEST})
+ if(BUILD_TEST)
+-  target_link_libraries(proto_tools_test PRIVATE virtrust_proto)
++  target_link_libraries(proto_tools_test PRIVATE virtrust_proto Deps::secure_c)
+ endif()
+ add_virtrust_test_if(grpc_client_test ${BUILD_TEST})
+ if(BUILD_TEST)
+-  target_link_libraries(grpc_client_test PRIVATE virtrust_proto)
++  target_link_libraries(grpc_client_test PRIVATE virtrust_proto Deps::secure_c)
+ endif()
+ # add_virtrust_test_if(grpc_server_test ${BUILD_TEST})
+ # add_virtrust_test_if(migration_session_test ${BUILD_TEST}) if(BUILD_TEST)
+diff --git a/virtrust/src/virtrust/link/grpc_client.cpp b/virtrust/src/virtrust/link/grpc_client.cpp
+index 9b546a7..8ea6e4a 100644
+--- a/virtrust/src/virtrust/link/grpc_client.cpp
++++ b/virtrust/src/virtrust/link/grpc_client.cpp
+@@ -35,6 +35,10 @@ int32_t UdsClient::DomainMigrate(const MigrationConfig &config)
+         grpc::CreateChannel("unix:" + config_.udsPath, grpc::InsecureChannelCredentials());
+ 
+     std::unique_ptr<protos::MigrationService::Stub> stub = protos::MigrationService::NewStub(channel);
++    if (stub == nullptr) {
++        VIRTRUST_LOG_ERROR("|DomainMigrate|END|returnF|new stub failed");
++        return -1;
++    }
+     grpc::Status status = stub->DomainMigrate(&context, request, &reply);
+ 
+     if (!status.ok()) {
+diff --git a/virtrust/src/virtrust/link/grpc_server.cpp b/virtrust/src/virtrust/link/grpc_server.cpp
+index 54a2c13..60126bd 100644
+--- a/virtrust/src/virtrust/link/grpc_server.cpp
++++ b/virtrust/src/virtrust/link/grpc_server.cpp
+@@ -29,7 +29,11 @@ LinkRc GrpcServer::Start()
+     if (running_) {
+         return LinkRc::ERROR;
+     }
+-    std::filesystem::remove(config_.udsPath.c_str());
++    if (std::filesystem::exists(config_.udsPath.c_str())) {
++        if (!std::filesystem::remove(config_.udsPath.c_str())) {
++            return LinkRc::ERROR;
++        }
++    }
+     server_thread_ = std::make_unique<std::thread>([this]() { RunServer(); });
+ 
+     // 等待服务器启动
+diff --git a/virtrust/src/virtrust/link/migration_session.cpp b/virtrust/src/virtrust/link/migration_session.cpp
+index 1003bae..6fb29cd 100644
+--- a/virtrust/src/virtrust/link/migration_session.cpp
++++ b/virtrust/src/virtrust/link/migration_session.cpp
+@@ -19,7 +19,7 @@ namespace virtrust {
+ 
+ namespace {
+ // RPC timeout unit: seconds
+-constexpr uint32_t RPC_SIGNAL_TIMEOUT   = 5;
++constexpr uint32_t RPC_SIGNAL_TIMEOUT = 5;
+ constexpr uint32_t RPC_TRANSFER_TIMEOUT = 20;
+ 
+ unsigned int GetFlagCleard(const unsigned int &flags, const unsigned int &clear)
+@@ -208,6 +208,9 @@ MigrateSessionRc MigrationSession::OnStartMigrationResponseReceived()
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: MigrationGetVrootCipher start.", domainName_);
+     auto ret = MigrationGetVrootCipher(sessionId_.data(), sessionId_.data(), &cipher, &cipherLen);
+     if (ret != 0 || cipher == nullptr) {
++        if (cipher != nullptr) {
++            free(cipher);
++        }
+         VIRTRUST_LOG_ERROR(
+             "|OnStartMigrationResponseReceived|END|returnF|domain name: {}|TSB: MigrationGetVRootCipher failed.",
+             domainName_);
+@@ -281,7 +284,7 @@ MigrateSessionRc MigrationSession::OnTransferResponseReceived(bool transferRet)
+         return MigrateSessionRc::ERROR;
+     }
+ 
+-    // 通知TSB迁移成功
++    // 通知TSB迁移成功，如果调用失败，TSB虚机状态会保持 VM_MIGRATION
+     auto rc = NotifyVRMigration(true);
+     if (rc != MigrateSessionRc::OK) {
+         VIRTRUST_LOG_WARN("|OnTransferResponseReceived|END|returnF|domain name: {}|Migrate libvirt and tsb resource "
+@@ -342,8 +345,14 @@ MigrateSessionRc MigrationSession::GetExchangePkAndReport(protos::EXchangePkAndR
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: MigrationGetCert start.", domainName_);
+     int ret = MigrationGetCert(uuid.data(), &cert, &certLen, &pubKey, &pubKeyLen);
+     if (ret != 0 || cert == nullptr || pubKey == nullptr) {
+-        VIRTRUST_LOG_ERROR(
+-            "|GetExchangePkAndReport|END|returnF|domain name: {}|TSB: MigrationGetCert failed.", domainName_);
++        if (cert != nullptr) {
++            free(cert);
++        }
++        if (pubKey != nullptr) {
++            free(pubKey);
++        }
++        VIRTRUST_LOG_ERROR("|GetExchangePkAndReport|END|returnF|domain name: {}|TSB: MigrationGetCert failed.",
++                           domainName_);
+         return MigrateSessionRc::ERROR;
+     }
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: MigrationGetCert success.", domainName_);
+@@ -364,6 +373,10 @@ MigrateSessionRc MigrationSession::GetExchangePkAndReport(protos::EXchangePkAndR
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: GetReport success.", domainName_);
+ 
+     if (role_ == Role::Initiator) {
++        if (req == nullptr) {
++            VIRTRUST_LOG_ERROR("|GetExchangePkAndReport|END|returnF|domain name: {}|req is null.", domainName_);
++            return MigrateSessionRc::ERROR;
++        }
+         req->set_domainname(domainName_);
+         req->set_uuid(uuid);
+         req->set_cert(certStr);
+@@ -373,6 +386,10 @@ MigrateSessionRc MigrationSession::GetExchangePkAndReport(protos::EXchangePkAndR
+         auto vmReportProto = req->mutable_vmreport();
+         ReportToProto(vmReport, vmReportProto);
+     } else {
++        if (res == nullptr) {
++            VIRTRUST_LOG_ERROR("|GetExchangePkAndReport|END|returnF|domain name: {}|res is null.", domainName_);
++            return MigrateSessionRc::ERROR;
++        }
+         res->set_domainname(domainName_);
+         res->set_uuid(uuid);
+         res->set_cert(certStr);
+@@ -390,8 +407,8 @@ MigrateSessionRc MigrationSession::VerifyCertificate(std::string uuid, std::stri
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: MigrationCheckPeerPk start.", domainName_);
+     int ret = MigrationCheckPeerPk(uuid.data(), cert.data(), pubkey.data());
+     if (ret != 0) {
+-        VIRTRUST_LOG_DEBUG(
+-            "|VerifyCertificate|END|returnF|domain name: {}|TSB: MigrationCheckPeerPk failed.", domainName_);
++        VIRTRUST_LOG_DEBUG("|VerifyCertificate|END|returnF|domain name: {}|TSB: MigrationCheckPeerPk failed.",
++                           domainName_);
+         return MigrateSessionRc::ERROR;
+     }
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: MigrationCheckPeerPk success.", domainName_);
+@@ -402,13 +419,25 @@ MigrateSessionRc MigrationSession::VerifyHostAndVmReport(const protos::TrustRepo
+                                                          const protos::TrustReportNew &vmProtoReport)
+ {
+     VIRTRUST_LOG_DEBUG("|VerifyHostAndVmReport|START|");
+-    trust_report_new hostReport = ReportFromProto(hostProtoReport);
+-    trust_report_new vmReport = ReportFromProto(vmProtoReport);
++    trust_report_new hostReport;
++    bool success = ReportFromProto(hostProtoReport, hostReport);
++    if (!success) {
++        VIRTRUST_LOG_DEBUG("|VerifyHostAndVmReport|END|returnF|domain name: {}|TSB: report from proto failed.",
++                           domainName_);
++        return MigrateSessionRc::ERROR;
++    }
++    trust_report_new vmReport;
++    success = ReportFromProto(vmProtoReport, vmReport);
++    if (!success) {
++        VIRTRUST_LOG_DEBUG("|VerifyHostAndVmReport|END|returnF|domain name: {}|TSB: report from proto failed.",
++                           domainName_);
++        return MigrateSessionRc::ERROR;
++    }
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: VerifyTrustReport start.", domainName_);
+     auto ret = VerifyTrustReport(sessionId_.data(), sessionId_.data(), &hostReport, &vmReport);
+     if (ret != 0) {
+-        VIRTRUST_LOG_DEBUG(
+-            "|VerifyHostAndVmReport|END|returnF|domain name: {}|TSB: VerifyTrustReport failed.", domainName_);
++        VIRTRUST_LOG_DEBUG("|VerifyHostAndVmReport|END|returnF|domain name: {}|TSB: VerifyTrustReport failed.",
++                           domainName_);
+         return MigrateSessionRc::ERROR;
+     }
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: VerifyTrustReport success.", domainName_);
+@@ -440,6 +469,10 @@ MigrateSessionRc MigrationSession::MigrateByLibvirt()
+         VIRTRUST_LOG_ERROR("|MigrateByLibvirt|END|returnF||failed to find domain: {}", domainName_);
+         return MigrateSessionRc::ERROR;
+     }
++    if (destConn->Get() == nullptr) {
++        VIRTRUST_LOG_ERROR("|MigrateByLibvirt|END|returnF||failed to find desturl: {}", destUri_);
++        return MigrateSessionRc::ERROR;
++    }
+     auto *domainPtr = libvirt.virDomainMigrate3(domain->Get(), destConn->Get(), nullptr, 0,
+                                                 GetFlagCleard(flags_, MIGRATE_UNDEFINE_SOURCE));
+     if (domainPtr == nullptr) {
+@@ -570,8 +603,10 @@ MigrateSessionRc MigrationSession::ExportTcm2Key(std::string &tcm2Key)
+     VIRTRUST_LOG_DEBUG("|domain name: {} |TSB: TransDupPub export start.", domainName_);
+     auto ret = TransDupPub(EN_EXPORT, nullptr, &key, &keyLen, nullptr, 0);
+     if (ret != 0 || key == nullptr || keyLen <= 0) {
+-        VIRTRUST_LOG_ERROR(
+-            "|ExportTcm2Key|END|returnF|domain name: {} |TSB: TransDupPub export failed.", domainName_);
++        if (key != nullptr) {
++            free(key);
++        }
++        VIRTRUST_LOG_ERROR("|ExportTcm2Key|END|returnF|domain name: {} |TSB: TransDupPub export failed.", domainName_);
+         return MigrateSessionRc::ERROR;
+     }
+     VIRTRUST_LOG_DEBUG("|domain name: {} |TSB: TransDupPub export success.", domainName_);
+@@ -584,8 +619,7 @@ MigrateSessionRc MigrationSession::ExportTcm2Key(std::string &tcm2Key)
+ MigrateSessionRc MigrationSession::ImportTcm2Key(std::string_view tcm2Key)
+ {
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: TransDupPub import start.", domainName_);
+-    auto ret = TransDupPub(EN_IMPORT, sessionId_.data(), nullptr, nullptr,
+-                        std::string(tcm2Key).data(), tcm2Key.size());
++    auto ret = TransDupPub(EN_IMPORT, sessionId_.data(), nullptr, nullptr, std::string(tcm2Key).data(), tcm2Key.size());
+     if (ret != 0) {
+         VIRTRUST_LOG_ERROR("|ImportTcm2Key|END|returnF|domain name: {}|TSB: TransDupPub import failed.", domainName_);
+         return MigrateSessionRc::ERROR;
+@@ -757,10 +791,7 @@ MigrateSessionRc MigrationSession::OnTransferDataRequestReceived(const protos::V
+     auto cipherData = request->cipherdata();
+ 
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: MigrationImportVrootCipher start", domainName_);
+-    auto ret = MigrationImportVrootCipher(uuid.data(),
+-                                          uuid.data(),
+-                                          cipherData.data(),
+-                                          cipherData.size());
++    auto ret = MigrationImportVrootCipher(uuid.data(), uuid.data(), cipherData.data(), cipherData.size());
+     if (ret != 0) {
+         EnterState(State::Failed);
+         VIRTRUST_LOG_ERROR(
+@@ -772,8 +803,16 @@ MigrateSessionRc MigrationSession::OnTransferDataRequestReceived(const protos::V
+ 
+     // 导入服务端发来的虚拟机描述信息
+     auto protosDesc = request->vtpcminfo();
+-    auto vmInfo = DescriptionFromProto(protosDesc);
+-    vmInfo.state = VIR_DOMAIN_SHUTOFF;
++    Description vmInfo;
++    bool success = DescriptionFromProto(protosDesc, vmInfo);
++    if (!success) {
++        EnterState(State::Failed);
++        VIRTRUST_LOG_ERROR(
++            "|OnTransferDataRequestReceived|END|returnF|domain name: {}|TSB: description from proto failed.",
++            domainName_);
++        return MigrateSessionRc::ERROR;
++    }
++    vmInfo.state = VM_SHUTUP;
+     VIRTRUST_LOG_DEBUG("|domain name: {}|TSB: CreateVRoot start", domainName_);
+     ret = CreateVRoot(&vmInfo);
+     if (ret != 0) {
+@@ -797,11 +836,21 @@ MigrateSessionRc MigrationSession::OnFinishedRequestReceived(bool finished)
+         return MigrateSessionRc::ERROR;
+     }
+     if (!finished) {
+-        VIRTRUST_LOG_DEBUG("|OnFinishedRequestReceived|END|returnS|domain name: {}|Migrate failed.", domainName_);
++        VIRTRUST_LOG_ERROR("|OnFinishedRequestReceived|END|returnF|domain name: {}|Migrate failed.", domainName_);
+         Cleanup();
+         return MigrateSessionRc::OK;
+     }
+     VIRTRUST_LOG_DEBUG("|OnFinishedRequestReceived|END|returnS|domain name: {}|Migrate success.", domainName_);
++
++    // 通知TSB迁移成功，如果调用失败，TSB虚机状态会保持 VM_MIGRATION
++    auto rc = NotifyVRMigration(true);
++    if (rc != MigrateSessionRc::OK) {
++        VIRTRUST_LOG_WARN("|OnFinishedRequestReceived|END|returnF|domain name: {}|Migrate libvirt and tsb resource "
++                          "success but MigrationNotify(success) failed, please resolve tsb status.",
++                          domainName_);
++        return MigrateSessionRc::OK;
++    }
++
+     EnterState(State::Finished);
+     Cleanup();
+     return MigrateSessionRc::OK;
+diff --git a/virtrust/src/virtrust/link/proto/proto_tools.h b/virtrust/src/virtrust/link/proto/proto_tools.h
+index 0cf29a7..5e5964d 100644
+--- a/virtrust/src/virtrust/link/proto/proto_tools.h
++++ b/virtrust/src/virtrust/link/proto/proto_tools.h
+@@ -1,13 +1,20 @@
+ #pragma once
+ 
++#include <securec.h>
++
+ #include <algorithm>
+ #include <cstring>
++#include <iostream>
++#include <ostream>
+ 
+ #include "virtrust/link/proto/migrate.pb.h"
+ 
+ namespace virtrust {
+ static void ReportToProto(const trust_report_new &report, protos::TrustReportNew *protoReport)
+ {
++    if (protoReport == nullptr) {
++        return;
++    }
+     // 转换 content
+     auto *content = protoReport->mutable_content();
+     content->set_be_host_report_time(report.content.be_host_report_time);
+@@ -92,11 +99,9 @@ static void ReportToProto(const trust_report_new &report, protos::TrustReportNew
+     protoReport->set_append_data(reinterpret_cast<const char *>(report.append_data), append_data_len);
+ }
+ 
+-static trust_report_new ReportFromProto(const protos::TrustReportNew &protoReport)
++static bool ReportFromProto(const protos::TrustReportNew &protoReport, trust_report_new &report)
+ {
+-    trust_report_new report;
+-    memset(&report, 0, sizeof(report));
+-
++    (void)memset_s(&report, sizeof(report), 0, sizeof(report));
+     const auto &content = protoReport.content();
+ 
+     // 转换基本字段
+@@ -106,11 +111,15 @@ static trust_report_new ReportFromProto(const protos::TrustReportNew &protoRepor
+     // 转换字节数组
+     const std::string &host_id = content.host_id();
+     size_t host_id_len = std::min(host_id.size(), static_cast<size_t>(MAX_HOST_ID_SIZE));
+-    memcpy(report.content.host_id, host_id.data(), host_id_len);
++    if (memcpy_s(report.content.host_id, MAX_HOST_ID_SIZE, host_id.data(), host_id_len) != EOK) {
++        return false;
++    }
+ 
+     const std::string &tpcm_id = content.tpcm_id();
+     size_t tpcm_id_len = std::min(tpcm_id.size(), static_cast<size_t>(MAX_TPCM_ID_SIZE));
+-    memcpy(report.content.tpcm_id, tpcm_id.data(), tpcm_id_len);
++    if (memcpy_s(report.content.tpcm_id, MAX_TPCM_ID_SIZE, tpcm_id.data(), tpcm_id_len) != EOK) {
++        return false;
++    }
+ 
+     // 转换 global_control_policy
+     const auto &policy = content.global_control_policy();
+@@ -159,40 +168,58 @@ static trust_report_new ReportFromProto(const protos::TrustReportNew &protoRepor
+ 
+     const std::string &log_hash = content.log_hash();
+     size_t log_hash_len = std::min(log_hash.size(), static_cast<size_t>(DEFAULT_HASH_SIZE));
+-    memcpy(report.content.log_hash, log_hash.data(), log_hash_len);
++    if (memcpy_s(report.content.log_hash, DEFAULT_HASH_SIZE, log_hash.data(), log_hash_len) != EOK) {
++        return false;
++    }
+ 
+     const std::string &bios_pcr = content.bios_pcr();
+     size_t bios_pcr_len = std::min(bios_pcr.size(), static_cast<size_t>(DEFAULT_PCR_SIZE));
+-    memcpy(report.content.bios_pcr, bios_pcr.data(), bios_pcr_len);
++    if (memcpy_s(report.content.bios_pcr, DEFAULT_PCR_SIZE, bios_pcr.data(), bios_pcr_len) != EOK) {
++        return false;
++    }
+ 
+     const std::string &boot_loader_pcr = content.boot_loader_pcr();
+     size_t boot_loader_pcr_len = std::min(boot_loader_pcr.size(), static_cast<size_t>(DEFAULT_PCR_SIZE));
+-    memcpy(report.content.boot_loader_pcr, boot_loader_pcr.data(), boot_loader_pcr_len);
++    if (memcpy_s(report.content.boot_loader_pcr, DEFAULT_PCR_SIZE, boot_loader_pcr.data(), boot_loader_pcr_len) !=
++        EOK) {
++        return false;
++    }
+ 
+     const std::string &kernel_pcr = content.kernel_pcr();
+     size_t kernel_pcr_len = std::min(kernel_pcr.size(), static_cast<size_t>(DEFAULT_PCR_SIZE));
+-    memcpy(report.content.kernel_pcr, kernel_pcr.data(), kernel_pcr_len);
++    if (memcpy_s(report.content.kernel_pcr, DEFAULT_PCR_SIZE, kernel_pcr.data(), kernel_pcr_len) != EOK) {
++        return false;
++    }
+ 
+     const std::string &tsb_pcr = content.tsb_pcr();
+     size_t tsb_pcr_len = std::min(tsb_pcr.size(), static_cast<size_t>(DEFAULT_PCR_SIZE));
+-    memcpy(report.content.tsb_pcr, tsb_pcr.data(), tsb_pcr_len);
++    if (memcpy_s(report.content.tsb_pcr, DEFAULT_PCR_SIZE, tsb_pcr.data(), tsb_pcr_len) != EOK) {
++        return false;
++    }
+ 
+     const std::string &boot_pcr = content.boot_pcr();
+     size_t boot_pcr_len = std::min(boot_pcr.size(), static_cast<size_t>(DEFAULT_PCR_SIZE));
+-    memcpy(report.content.boot_pcr, boot_pcr.data(), boot_pcr_len);
++    if (memcpy_s(report.content.boot_pcr, DEFAULT_PCR_SIZE, boot_pcr.data(), boot_pcr_len) != EOK) {
++        return false;
++    }
+ 
+     report.content.be_nonce = content.be_nonce();
+ 
+     // 转换 append_data
+     const std::string &append_data = protoReport.append_data();
+     size_t append_data_len = std::min(append_data.size(), static_cast<size_t>(MAX_TRUST_REPORT_APPENDDATA));
+-    memcpy(report.append_data, append_data.data(), append_data_len);
++    if (memcpy_s(report.append_data, MAX_TRUST_REPORT_APPENDDATA, append_data.data(), append_data_len) != EOK) {
++        return false;
++    }
+ 
+-    return report;
++    return true;
+ }
+ 
+ static void DescriptionToProto(const Description &desc, protos::Description *protoDesc)
+ {
++    if (protoDesc == nullptr) {
++        return;
++    }
+     protoDesc->set_state(desc.state);
+ 
+     // Convert name to string, only copying actual data length (ignoring null padding)
+@@ -203,23 +230,26 @@ static void DescriptionToProto(const Description &desc, protos::Description *pro
+     protoDesc->set_uuid(desc.uuid, 37);
+ }
+ 
+-static Description DescriptionFromProto(const protos::Description &protoDesc)
++static bool DescriptionFromProto(const protos::Description &protoDesc, Description &desc)
+ {
+-    Description desc;
+-    memset(&desc, 0, sizeof(desc));
++    (void)memset_s(&desc, sizeof(desc), 0, sizeof(desc));
+ 
+     desc.state = protoDesc.state();
+ 
+     // Convert name from string
+     const std::string &name = protoDesc.name();
+     size_t name_len = std::min(name.size(), static_cast<size_t>(MAX_NAME_SIZE));
+-    memcpy(desc.name, name.data(), name_len);
++    if (memcpy_s(desc.name, 255, name.data(), name_len) != EOK) {
++        return false;
++    }
+ 
+     // Convert uuid from string (no length truncation for UUID)
+     const std::string &uuid = protoDesc.uuid();
+-    memcpy(desc.uuid, uuid.data(), std::min(uuid.size(), static_cast<size_t>(37)));
++    if (memcpy_s(desc.uuid, 37, uuid.data(), uuid.size()) != EOK) {
++        return false;
++    }
+ 
+-    return desc;
++    return true;
+ }
+ 
+ } // namespace virtrust
+diff --git a/virtrust/src/virtrust/link/proto_tools_test.cpp b/virtrust/src/virtrust/link/proto_tools_test.cpp
+index 5d05464..cffd056 100644
+--- a/virtrust/src/virtrust/link/proto_tools_test.cpp
++++ b/virtrust/src/virtrust/link/proto_tools_test.cpp
+@@ -2,7 +2,11 @@
+  * Copyright (C) Huawei Technologies Co., Ltd. 2025-2025. All rights reserved.
+  */
+ 
++#include <securec.h>
++
+ #include <cstring>
++#include <iostream>
++#include <ostream>
+ #include <string>
+ 
+ #include "gtest/gtest.h"
+@@ -200,7 +204,8 @@ TEST_F(ProtoToolsTest, ReportFromProtoBasicFields)
+     protos::TrustReportNew protoReport;
+     ReportToProto(testReport_, &protoReport);
+ 
+-    trust_report_new convertedReport = ReportFromProto(protoReport);
++    trust_report_new convertedReport;
++    ReportFromProto(protoReport, convertedReport);
+ 
+     // Verify basic fields
+     EXPECT_EQ(convertedReport.content.be_host_report_time, testReport_.content.be_host_report_time);
+@@ -222,7 +227,8 @@ TEST_F(ProtoToolsTest, ReportFromProtoGlobalControlPolicy)
+     protos::TrustReportNew protoReport;
+     ReportToProto(testReport_, &protoReport);
+ 
+-    trust_report_new convertedReport = ReportFromProto(protoReport);
++    trust_report_new convertedReport;
++    ReportFromProto(protoReport, convertedReport);
+ 
+     const auto &policy = protoReport.content().global_control_policy();
+     EXPECT_EQ(convertedReport.content.global_control_policy.be_size, policy.be_size());
+@@ -262,7 +268,8 @@ TEST_F(ProtoToolsTest, ReportFromProtoByteArrays)
+     protos::TrustReportNew protoReport;
+     ReportToProto(testReport_, &protoReport);
+ 
+-    trust_report_new convertedReport = ReportFromProto(protoReport);
++    trust_report_new convertedReport;
++    ReportFromProto(protoReport, convertedReport);
+ 
+     // Verify byte arrays
+     EXPECT_EQ(memcmp(convertedReport.content.host_id, testReport_.content.host_id, MAX_HOST_ID_SIZE), 0);
+@@ -283,7 +290,8 @@ TEST_F(ProtoToolsTest, RoundTripConversion)
+     protos::TrustReportNew protoReport;
+     ReportToProto(testReport_, &protoReport);
+ 
+-    trust_report_new convertedReport = ReportFromProto(protoReport);
++    trust_report_new convertedReport;
++    ReportFromProto(protoReport, convertedReport);
+ 
+     // Verify all basic fields match
+     EXPECT_EQ(convertedReport.content.be_host_report_time, testReport_.content.be_host_report_time);
+@@ -312,7 +320,8 @@ TEST_F(ProtoToolsTest, EmptyReportConversion)
+     protos::TrustReportNew protoReport;
+     ReportToProto(emptyReport, &protoReport);
+ 
+-    trust_report_new convertedReport = ReportFromProto(protoReport);
++    trust_report_new convertedReport;
++    ReportFromProto(protoReport, convertedReport);
+ 
+     // Verify all fields are zero
+     EXPECT_EQ(convertedReport.content.be_host_report_time, 0u);
+@@ -369,8 +378,7 @@ TEST_F(ProtoToolsTest, DescriptionToProtoNameField)
+ 
+     // Verify name field - should match the actual string length (ignoring null padding)
+     size_t expectedNameLen = strnlen(testDesc.name, MAX_NAME_SIZE);
+-    EXPECT_EQ(protoDesc.name(),
+-              std::string(testDesc.name, expectedNameLen));
++    EXPECT_EQ(protoDesc.name(), std::string(testDesc.name, expectedNameLen));
+ }
+ 
+ TEST_F(ProtoToolsTest, DescriptionToProtoUuidField)
+@@ -388,8 +396,7 @@ TEST_F(ProtoToolsTest, DescriptionToProtoUuidField)
+     DescriptionToProto(testDesc, &protoDesc);
+ 
+     // Verify uuid field - should be full 37 bytes (including null terminator)
+-    EXPECT_EQ(protoDesc.uuid(),
+-              std::string(testDesc.uuid, 37));
++    EXPECT_EQ(protoDesc.uuid(), std::string(testDesc.uuid, 37));
+ }
+ 
+ TEST_F(ProtoToolsTest, DescriptionFromProtoBasicFields)
+@@ -402,7 +409,8 @@ TEST_F(ProtoToolsTest, DescriptionFromProtoBasicFields)
+     protos::Description protoDesc;
+     DescriptionToProto(testDesc, &protoDesc);
+ 
+-    Description convertedDesc = DescriptionFromProto(protoDesc);
++    Description convertedDesc;
++    DescriptionFromProto(protoDesc, convertedDesc);
+ 
+     // Verify basic fields
+     EXPECT_EQ(convertedDesc.state, testDesc.state);
+@@ -423,7 +431,8 @@ TEST_F(ProtoToolsTest, DescriptionFromProtoNameField)
+     protos::Description protoDesc;
+     DescriptionToProto(testDesc, &protoDesc);
+ 
+-    Description convertedDesc = DescriptionFromProto(protoDesc);
++    Description convertedDesc;
++    DescriptionFromProto(protoDesc, convertedDesc);
+ 
+     // Verify name field
+     EXPECT_EQ(memcmp(convertedDesc.name, testDesc.name, MAX_NAME_SIZE), 0);
+@@ -442,9 +451,13 @@ TEST_F(ProtoToolsTest, DescriptionFromProtoUuidField)
+ 
+     protos::Description protoDesc;
+     DescriptionToProto(testDesc, &protoDesc);
++    std::cout << protoDesc.uuid() << std::endl;
+ 
+-    Description convertedDesc = DescriptionFromProto(protoDesc);
+-
++    Description convertedDesc;
++    bool res = DescriptionFromProto(protoDesc, convertedDesc);
++    EXPECT_EQ(res, true);
++    std::cout << testDesc.uuid << std::endl;
++    std::cout << convertedDesc.uuid << std::endl;
+     // Verify uuid field
+     EXPECT_EQ(memcmp(convertedDesc.uuid, testDesc.uuid, 37), 0);
+ }
+@@ -469,7 +482,8 @@ TEST_F(ProtoToolsTest, DescriptionRoundTripConversion)
+     protos::Description protoDesc;
+     DescriptionToProto(testDesc, &protoDesc);
+ 
+-    Description convertedDesc = DescriptionFromProto(protoDesc);
++    Description convertedDesc;
++    DescriptionFromProto(protoDesc, convertedDesc);
+ 
+     // Verify all fields match
+     EXPECT_EQ(convertedDesc.state, testDesc.state);
+@@ -485,7 +499,8 @@ TEST_F(ProtoToolsTest, EmptyDescriptionConversion)
+     protos::Description protoDesc;
+     DescriptionToProto(emptyDesc, &protoDesc);
+ 
+-    Description convertedDesc = DescriptionFromProto(protoDesc);
++    Description convertedDesc;
++    DescriptionFromProto(protoDesc, convertedDesc);
+ 
+     // Verify all fields are zero
+     EXPECT_EQ(convertedDesc.state, 0);
+@@ -514,7 +529,8 @@ TEST_F(ProtoToolsTest, DescriptionWithPartialName)
+     protos::Description protoDesc;
+     DescriptionToProto(partialDesc, &protoDesc);
+ 
+-    Description convertedDesc = DescriptionFromProto(protoDesc);
++    Description convertedDesc;
++    DescriptionFromProto(protoDesc, convertedDesc);
+ 
+     // Verify state field
+     EXPECT_EQ(convertedDesc.state, 2);
+diff --git a/virtrust/src/virtrust/utils/file_io.cpp b/virtrust/src/virtrust/utils/file_io.cpp
+index f107cee..b4cb4be 100644
+--- a/virtrust/src/virtrust/utils/file_io.cpp
++++ b/virtrust/src/virtrust/utils/file_io.cpp
+@@ -52,10 +52,10 @@ bool FileInputStream::Eof() const
+     return in_.eof();
+ }
+ 
+-FileInputStream &FileInputStream::GetLine(std::string *ret, char delim)
++FileInputStream &FileInputStream::GetLine(std::string &ret, char delim)
+ {
+     try {
+-        std::getline(in_, *ret, delim);
++        std::getline(in_, ret, delim);
+     } catch (const std::ifstream::failure &e) {
+         if (!in_.eof() || in_.bad()) {
+             FILE_IO_THROW("GetLine");
+diff --git a/virtrust/src/virtrust/utils/file_io.h b/virtrust/src/virtrust/utils/file_io.h
+index 6a83f1e..3f20236 100644
+--- a/virtrust/src/virtrust/utils/file_io.h
++++ b/virtrust/src/virtrust/utils/file_io.h
+@@ -21,7 +21,7 @@ public:
+ 
+     bool Eof() const;
+ 
+-    FileInputStream &GetLine(std::string *ret, char delim);
++    FileInputStream &GetLine(std::string &ret, char delim);
+ 
+     FileInputStream &Read(void *buf, size_t length);
+ 
+diff --git a/virtrust/src/virtrust/utils/file_io_test.cpp b/virtrust/src/virtrust/utils/file_io_test.cpp
+index 8238bb8..a6ade16 100644
+--- a/virtrust/src/virtrust/utils/file_io_test.cpp
++++ b/virtrust/src/virtrust/utils/file_io_test.cpp
+@@ -93,7 +93,7 @@ TEST(FileIO, SeekgAndTellg)
+ 
+     // Read part of the file
+     std::string content;
+-    fis.GetLine(&content, '\n');
++    fis.GetLine(content, '\n');
+ 
+     // Get current position
+     size_t currentPos = fis.Tellg();
+@@ -122,7 +122,7 @@ TEST(FileIO, GetLine)
+     FileInputStream fis = FileInputStream(path);
+ 
+     std::string line;
+-    fis.GetLine(&line, '\n');
++    fis.GetLine(line, '\n');
+ 
+     ASSERT_EQ(line, "this is a test file.");
+ }
+@@ -143,7 +143,7 @@ TEST(FileIO, Spawn)
+ 
+     // Original stream should still work
+     std::string line;
+-    fis.GetLine(&line, '\n');
++    fis.GetLine(line, '\n');
+     EXPECT_EQ(line, "this is a test file.");
+ }
+ 
+diff --git a/virtrust/src/virtrust/utils/foreign_mounter.cpp b/virtrust/src/virtrust/utils/foreign_mounter.cpp
+index 7f3a4a1..0b2bd93 100644
+--- a/virtrust/src/virtrust/utils/foreign_mounter.cpp
++++ b/virtrust/src/virtrust/utils/foreign_mounter.cpp
+@@ -5,10 +5,10 @@
+ #include "virtrust/utils/foreign_mounter.h"
+ 
+ #include <cstring>
+-#include <string>
+-#include <string_view>
+ #include <filesystem>
+ #include <regex>
++#include <string>
++#include <string_view>
+ 
+ #include "spdlog/fmt/fmt.h"
+ 
+@@ -224,7 +224,8 @@ std::string VerifyConfig::GetBiosVersion()
+ }
+ 
+ // 从grubaa64.efi文件中获取 GRUB 版本号
+-std::string VerifyConfig::GetGrubVersion(ForeignMounter &mounter) {
++std::string VerifyConfig::GetGrubVersion(ForeignMounter &mounter)
++{
+     if (!mounter.CheckMount()) {
+         VIRTRUST_LOG_ERROR("|GetGrubVersion|END|||Mounter should be mounted firstly.");
+         return "";
+@@ -242,7 +243,7 @@ std::string VerifyConfig::GetGrubVersion(ForeignMounter &mounter) {
+     for (size_t i = 0; i < lines.size(); ++i) {
+         if (std::regex_search(lines[i], GRUB_VERSION_REGEX)) {
+             if (i + 1 < lines.size()) {
+-                grubVersion = lines[i + 1];  // 下一行即版本号
++                grubVersion = lines[i + 1]; // 下一行即版本号
+                 break;
+             }
+         }
+@@ -250,7 +251,7 @@ std::string VerifyConfig::GetGrubVersion(ForeignMounter &mounter) {
+ 
+     // 未找到
+     if (grubVersion.empty()) {
+-        VIRTRUST_LOG_ERROR(
++        VIRTRUST_LOG_WARN(
+             "|GetGrubVersion|END|||Failed to extract grub version, not found or has no following line in {}.",
+             GetGrubPath());
+         return "";
+@@ -272,7 +273,6 @@ std::string VerifyConfig::GetInitrdVersion()
+     return p.stem().string();
+ }
+ 
+-
+ std::string VerifyConfig::GetLinuzVersion()
+ {
+     auto linuzPath = GetLinuzPath();
+@@ -344,6 +344,7 @@ ForeignMounterRc ForeignMounter::Mount(std::string_view imgPath, size_t osIndex)
+     size_t osCnt = CountStrings(roots);
+     if (osIndex >= osCnt) {
+         VIRTRUST_LOG_ERROR("|Mount|END|returnF||There are {} os in image, index out of range: {}.", osCnt, osIndex);
++        GuestfsFreeStringList(roots);
+         return ForeignMounterRc::ERROR;
+     }
+ 
+@@ -384,6 +385,7 @@ ForeignMounterRc ForeignMounter::MountFilesystems(const std::string &root)
+         int ret = libguestfs_.guestfs_mount_ro(handle_, device.c_str(), mountpoint.c_str());
+         if (ret == -1) {
+             VIRTRUST_LOG_ERROR("|MountFilesystems|END|returnF||Mount {} to {} failed.", device, mountpoint);
++            GuestfsFreeStringList(mountpoints);
+             return ForeignMounterRc::ERROR;
+         }
+     }
+diff --git a/virtrust/src/virtrust/utils/migrate_helper_test.cpp b/virtrust/src/virtrust/utils/migrate_helper_test.cpp
+index 0a0e8c3..ad43432 100644
+--- a/virtrust/src/virtrust/utils/migrate_helper_test.cpp
++++ b/virtrust/src/virtrust/utils/migrate_helper_test.cpp
+@@ -91,7 +91,7 @@ TEST(UtilsTest, FileIoSeekgAndTellg)
+ 
+     // Read part of the file
+     std::string content;
+-    fis.GetLine(&content, '\n');
++    fis.GetLine(content, '\n');
+ 
+     // Get current position
+     size_t currentPos = fis.Tellg();
+@@ -120,7 +120,7 @@ TEST(UtilsTest, FileIoGetLine)
+     FileInputStream fis = FileInputStream(path);
+ 
+     std::string line;
+-    fis.GetLine(&line, '\n');
++    fis.GetLine(line, '\n');
+ 
+     EXPECT_FALSE(line.empty());
+ }
+@@ -141,7 +141,7 @@ TEST(UtilsTest, FileIoGetSpawn)
+ 
+     // Original stream should still work
+     std::string line;
+-    fis.GetLine(&line, '\n');
++    fis.GetLine(line, '\n');
+     EXPECT_FALSE(line.empty());
+ }
+ 
+diff --git a/virtrust/src/virtrust/utils/virt_xml_parser.cpp b/virtrust/src/virtrust/utils/virt_xml_parser.cpp
+index 2f39e44..ddb367b 100644
+--- a/virtrust/src/virtrust/utils/virt_xml_parser.cpp
++++ b/virtrust/src/virtrust/utils/virt_xml_parser.cpp
+@@ -163,11 +163,25 @@ std::string VirtXmlParser::GetVmName()
+     return MakeString(node->children->content);
+ }
+ 
+-VerifyConfig VirtXmlParser::Parse(const std::string &filePath)
++bool VirtXmlParser::Parse(VerifyConfig &config, const std::string &filePath)
+ {
+-    LoadFile(filePath);
+-    VerifyConfig config(GetVmName(), GetDiskPath(), GetLoaderPath());
+-    return config;
++    if (!LoadFile(filePath)) {
++        return false;
++    }
++    std::string vmName = GetVmName();
++    if (vmName.empty()) {
++        return false;
++    }
++    std::string diskPath = GetDiskPath();
++    if (diskPath.empty()) {
++        return false;
++    }
++    std::string loaderPath = GetLoaderPath();
++    if (loaderPath.empty()) {
++        return false;
++    }
++    config = VerifyConfig(vmName, diskPath, loaderPath);
++    return true;
+ }
+ 
+ } // namespace virtrust
+diff --git a/virtrust/src/virtrust/utils/virt_xml_parser.h b/virtrust/src/virtrust/utils/virt_xml_parser.h
+index ccdc6b8..ee5da45 100644
+--- a/virtrust/src/virtrust/utils/virt_xml_parser.h
++++ b/virtrust/src/virtrust/utils/virt_xml_parser.h
+@@ -36,7 +36,7 @@ public:
+ 
+     std::string GetLoaderPath();
+ 
+-    VerifyConfig Parse(const std::string &filePath);
++    bool Parse(VerifyConfig &config, const std::string &filePath);
+ 
+ private:
+     Libxml2 &libxml2_ = Libxml2::GetInstance();
+diff --git a/virtrust/src/virtrust/utils/virt_xml_parser_test.cpp b/virtrust/src/virtrust/utils/virt_xml_parser_test.cpp
+index fb2ac9d..efa6f29 100644
+--- a/virtrust/src/virtrust/utils/virt_xml_parser_test.cpp
++++ b/virtrust/src/virtrust/utils/virt_xml_parser_test.cpp
+@@ -20,7 +20,7 @@ std::string GetTestXml()
+ 
+ constexpr std::string_view TEST_GUEST_NAME = "open-euler-vm";
+ constexpr std::string_view TEST_DISK_PATH = "/data/images/openEuler-24.03-LTS-SP1-x86_64.qcow2";
+-constexpr std::string_view TEST_LOADER_PATH = "";
++constexpr std::string_view TEST_LOADER_PATH = "/usr/share/edk2/x86_64/QEMU_EFI-pflash.raw";
+ constexpr std::string_view TEST_SHIM_PATH = "/boot/efi/EFI/openEuler/shimaa64.efi";
+ constexpr std::string_view TEST_GRUB_PATH = "/boot/efi/EFI/openEuler/grubaa64.efi";
+ constexpr std::string_view TEST_GRUB_CFG_PATH = "/boot/efi/EFI/openEuler/grub.cfg";
+@@ -29,8 +29,9 @@ constexpr std::string_view TEST_GRUB_CFG_PATH = "/boot/efi/EFI/openEuler/grub.cf
+ TEST(VirtXmlParserTest, ParseTest)
+ {
+     auto parse = VirtXmlParser();
+-    auto config = parse.Parse(GetTestXml());
+-
++    VerifyConfig config;
++    auto ok = parse.Parse(config, GetTestXml());
++    EXPECT_TRUE(ok);
+     EXPECT_EQ(config.GetGuestName(), TEST_GUEST_NAME);
+     EXPECT_EQ(config.GetDiskPath(), TEST_DISK_PATH);
+     EXPECT_EQ(config.GetLoaderPath(), TEST_LOADER_PATH);
+diff --git a/virtrust/test/data/test.xml b/virtrust/test/data/test.xml
+index e902066..1472c0c 100644
+--- a/virtrust/test/data/test.xml
++++ b/virtrust/test/data/test.xml
+@@ -13,6 +13,7 @@ or other application using the libvirt API.
+   <os>
+     <type arch='x86_64' machine='pc-i440fx-8.2'>hvm</type>
+     <boot dev='hd'/>
++    <loader readonly='yes' type="'pflash">/usr/share/edk2/x86_64/QEMU_EFI-pflash.raw</loader>
+   </os>
+   <features>
+     <acpi/>
diff --git a/TSB-agent.spec b/TSB-agent.spec
index d749516..223f82c 100644
--- a/TSB-agent.spec
+++ b/TSB-agent.spec
@@ -1,6 +1,6 @@
 Name:           TSB-agent
 Version:        0.0.1
-Release:        2
+Release:        3
 Summary:        Trusted Software Base Agent for openEuler
 Summary(zh_CN): 可信基础软件代理（TSB-agent）
 License:        MulanPSL-2.0
@@ -13,6 +13,7 @@ Source4:        spdlog-v1.14.1.tar.gz
 Source5:        libboundscheck.tar.gz
 
 Patch0:         0001-modify-install-permission-for-library-and-config-file.patch
+Patch1:         0002-modify-log-error.patch
 
 BuildRequires:  gcc, make, libboundscheck
 BuildRequires:  gcc-c++ >= 7, cmake >= 3.14, grpc, grpc-devel, grpc-plugins, protobuf-devel, protobuf-compiler
@@ -75,6 +76,7 @@ export CFLAGS="%{optflags}"
 export CXXFLAGS="%{optflags}"
 
 cmake -S . -B build \
+    -DBUILD_TEST=Off \
     -DCMAKE_BUILD_TYPE=RelWithDebInfo  \
     -DCMAKE_CXX_STANDARD=17 \
     -DCMAKE_CXX_STANDARD_REQUIRED=ON \
@@ -122,6 +124,27 @@ install -pm 640 %{root_dir}/test/data/config.json               %{buildroot}%{_s
 /sbin/ldconfig
 
 %changelog
+* Fri Dec 12 2025 cx <cx22757@163.com> - 0.0.1-3
+- 修改日志问题
+- fix: log ERROR when peer received a failure notification.
+- fix: remove unsupported flag in DomainMigrate log.
+- fix: remove redundant nullptr check.
+- fix: change measure item name from grub_cfg to grub.cfg.
+- 修改安全问题
+- fix: safety inspection.
+- 修改检视意见
+- 格式化代码
+- 修改安全排查
+- fix: remove option --undefinesource.
+- fix: add return value check for GetVRoots.
+- fix: remove `--allow-store-measurements` option in VM create.
+- fix: remove RPATH compile option.
+- fix: call MigrationNotify after migration success in source end.
+- 修改安全排查问题
+- fix: update doc.
+- fix: modify VM state to shutoff after migration.
+- fix: add memory free for error branch in foreign_mounter.cpp
+
 * Fri Dec 05 2025 cx <cx22757@163.com> - 0.0.1-2
 - fix: modify install permission for library and config file.
 - fix: update nullptr check.
-- 
Gitee