diff mbox series

[v5,06/16] sev: Update launch_update_data functions to use Error handling

Message ID afc57824b0ea3b8f83e1c850ba976e37989ae9d0.1723560001.git.roy.hopkins@suse.com (mailing list archive)
State New, archived
Headers show
Series Introduce support for IGVM files | expand

Commit Message

Roy Hopkins Aug. 13, 2024, 3:01 p.m. UTC
The class function and implementations for updating launch data return
a code in case of error. In some cases an error message is generated and
in other cases, just the error return value is used.

This small refactor adds an 'Error **errp' parameter to all functions
which consistently set an error condition if a non-zero value is
returned.

Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
---
 target/i386/sev.c | 68 +++++++++++++++++++++++------------------------
 1 file changed, 33 insertions(+), 35 deletions(-)

Comments

Gupta, Pankaj Aug. 14, 2024, 10:22 a.m. UTC | #1
> The class function and implementations for updating launch data return
> a code in case of error. In some cases an error message is generated and
> in other cases, just the error return value is used.
> 
> This small refactor adds an 'Error **errp' parameter to all functions
> which consistently set an error condition if a non-zero value is
> returned.
> 
> Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
> Acked-by: Michael S. Tsirkin <mst@redhat.com>

Reviewed-by: Pankaj Gupta <pankaj.gupta@amd.com>

> ---
>   target/i386/sev.c | 68 +++++++++++++++++++++++------------------------
>   1 file changed, 33 insertions(+), 35 deletions(-)
> 
> diff --git a/target/i386/sev.c b/target/i386/sev.c
> index a0d271f898..fab6d1bfb4 100644
> --- a/target/i386/sev.c
> +++ b/target/i386/sev.c
> @@ -121,7 +121,8 @@ struct SevCommonStateClass {
>                                          Error **errp);
>       int (*launch_start)(SevCommonState *sev_common);
>       void (*launch_finish)(SevCommonState *sev_common);
> -    int (*launch_update_data)(SevCommonState *sev_common, hwaddr gpa, uint8_t *ptr, size_t len);
> +    int (*launch_update_data)(SevCommonState *sev_common, hwaddr gpa,
> +                              uint8_t *ptr, size_t len, Error **errp);
>       int (*kvm_init)(ConfidentialGuestSupport *cgs, Error **errp);
>   };
>   
> @@ -977,9 +978,8 @@ sev_snp_mask_cpuid_features(X86ConfidentialGuest *cg, uint32_t feature, uint32_t
>       return value;
>   }
>   
> -static int
> -sev_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
> -                       uint8_t *addr, size_t len)
> +static int sev_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
> +                                  uint8_t *addr, size_t len, Error **errp)
>   {
>       int ret, fw_error;
>       struct kvm_sev_launch_update_data update;
> @@ -994,8 +994,8 @@ sev_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
>       ret = sev_ioctl(sev_common->sev_fd, KVM_SEV_LAUNCH_UPDATE_DATA,
>                       &update, &fw_error);
>       if (ret) {
> -        error_report("%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'",
> -                __func__, ret, fw_error, fw_error_to_str(fw_error));
> +        error_setg(errp, "%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'", __func__,
> +                   ret, fw_error, fw_error_to_str(fw_error));
>       }
>   
>       return ret;
> @@ -1123,8 +1123,8 @@ sev_launch_finish(SevCommonState *sev_common)
>       migrate_add_blocker(&sev_mig_blocker, &error_fatal);
>   }
>   
> -static int
> -snp_launch_update_data(uint64_t gpa, void *hva, size_t len, int type)
> +static int snp_launch_update_data(uint64_t gpa, void *hva, size_t len,
> +                                  int type, Error **errp)
>   {
>       SevLaunchUpdateData *data;
>   
> @@ -1139,23 +1139,21 @@ snp_launch_update_data(uint64_t gpa, void *hva, size_t len, int type)
>       return 0;
>   }
>   
> -static int
> -sev_snp_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
> -                           uint8_t *ptr, size_t len)
> +static int sev_snp_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
> +                                      uint8_t *ptr, size_t len, Error **errp)
>   {
> -       int ret = snp_launch_update_data(gpa, ptr, len,
> -                                         KVM_SEV_SNP_PAGE_TYPE_NORMAL);
> -       return ret;
> +    return snp_launch_update_data(gpa, ptr, len,
> +                                     KVM_SEV_SNP_PAGE_TYPE_NORMAL, errp);
>   }
>   
>   static int
>   sev_snp_cpuid_info_fill(SnpCpuidInfo *snp_cpuid_info,
> -                        const KvmCpuidInfo *kvm_cpuid_info)
> +                        const KvmCpuidInfo *kvm_cpuid_info, Error **errp)
>   {
>       size_t i;
>   
>       if (kvm_cpuid_info->cpuid.nent > SNP_CPUID_FUNCTION_MAXCOUNT) {
> -        error_report("SEV-SNP: CPUID entry count (%d) exceeds max (%d)",
> +        error_setg(errp, "SEV-SNP: CPUID entry count (%d) exceeds max (%d)",
>                        kvm_cpuid_info->cpuid.nent, SNP_CPUID_FUNCTION_MAXCOUNT);
>           return -1;
>       }
> @@ -1197,8 +1195,8 @@ sev_snp_cpuid_info_fill(SnpCpuidInfo *snp_cpuid_info,
>       return 0;
>   }
>   
> -static int
> -snp_launch_update_cpuid(uint32_t cpuid_addr, void *hva, size_t cpuid_len)
> +static int snp_launch_update_cpuid(uint32_t cpuid_addr, void *hva,
> +                                   size_t cpuid_len, Error **errp)
>   {
>       KvmCpuidInfo kvm_cpuid_info = {0};
>       SnpCpuidInfo snp_cpuid_info;
> @@ -1215,26 +1213,25 @@ snp_launch_update_cpuid(uint32_t cpuid_addr, void *hva, size_t cpuid_len)
>       } while (ret == -E2BIG);
>   
>       if (ret) {
> -        error_report("SEV-SNP: unable to query CPUID values for CPU: '%s'",
> -                     strerror(-ret));
> -        return 1;
> +        error_setg(errp, "SEV-SNP: unable to query CPUID values for CPU: '%s'",
> +                   strerror(-ret));
> +        return -1;
>       }
>   
> -    ret = sev_snp_cpuid_info_fill(&snp_cpuid_info, &kvm_cpuid_info);
> -    if (ret) {
> -        error_report("SEV-SNP: failed to generate CPUID table information");
> -        return 1;
> +    ret = sev_snp_cpuid_info_fill(&snp_cpuid_info, &kvm_cpuid_info, errp);
> +    if (ret < 0) {
> +        return -1;
>       }
>   
>       memcpy(hva, &snp_cpuid_info, sizeof(snp_cpuid_info));
>   
>       return snp_launch_update_data(cpuid_addr, hva, cpuid_len,
> -                                  KVM_SEV_SNP_PAGE_TYPE_CPUID);
> +                                  KVM_SEV_SNP_PAGE_TYPE_CPUID, errp);
>   }
>   
> -static int
> -snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp, uint32_t addr,
> -                                void *hva, uint32_t len)
> +static int snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp,
> +                                           uint32_t addr, void *hva,
> +                                           uint32_t len, Error **errp)
>   {
>       int type = KVM_SEV_SNP_PAGE_TYPE_ZERO;
>       if (sev_snp->parent_obj.kernel_hashes) {
> @@ -1246,7 +1243,7 @@ snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp, uint32_t addr,
>                  sizeof(*sev_snp->kernel_hashes_data));
>           type = KVM_SEV_SNP_PAGE_TYPE_NORMAL;
>       }
> -    return snp_launch_update_data(addr, hva, len, type);
> +    return snp_launch_update_data(addr, hva, len, type, errp);
>   }
>   
>   static int
> @@ -1284,12 +1281,14 @@ snp_populate_metadata_pages(SevSnpGuestState *sev_snp,
>           }
>   
>           if (type == KVM_SEV_SNP_PAGE_TYPE_CPUID) {
> -            ret = snp_launch_update_cpuid(desc->base, hva, desc->len);
> +            ret = snp_launch_update_cpuid(desc->base, hva, desc->len,
> +                                          &error_fatal);
>           } else if (desc->type == SEV_DESC_TYPE_SNP_KERNEL_HASHES) {
>               ret = snp_launch_update_kernel_hashes(sev_snp, desc->base, hva,
> -                                                  desc->len);
> +                                                  desc->len, &error_fatal);
>           } else {
> -            ret = snp_launch_update_data(desc->base, hva, desc->len, type);
> +            ret = snp_launch_update_data(desc->base, hva, desc->len, type,
> +                                         &error_fatal);
>           }
>   
>           if (ret) {
> @@ -1622,9 +1621,8 @@ sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp)
>       if (sev_check_state(sev_common, SEV_STATE_LAUNCH_UPDATE)) {
>           int ret;
>   
> -        ret = klass->launch_update_data(sev_common, gpa, ptr, len);
> +        ret = klass->launch_update_data(sev_common, gpa, ptr, len, errp);
>           if (ret < 0) {
> -            error_setg(errp, "SEV: Failed to encrypt pflash rom");
>               return ret;
>           }
>       }
Stefano Garzarella Sept. 2, 2024, 2:16 p.m. UTC | #2
On Tue, Aug 13, 2024 at 04:01:08PM GMT, Roy Hopkins wrote:
>The class function and implementations for updating launch data return
>a code in case of error. In some cases an error message is generated and
>in other cases, just the error return value is used.
>
>This small refactor adds an 'Error **errp' parameter to all functions
>which consistently set an error condition if a non-zero value is
>returned.
>
>Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
>Acked-by: Michael S. Tsirkin <mst@redhat.com>
>---
> target/i386/sev.c | 68 +++++++++++++++++++++++------------------------
> 1 file changed, 33 insertions(+), 35 deletions(-)

Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>

>
>diff --git a/target/i386/sev.c b/target/i386/sev.c
>index a0d271f898..fab6d1bfb4 100644
>--- a/target/i386/sev.c
>+++ b/target/i386/sev.c
>@@ -121,7 +121,8 @@ struct SevCommonStateClass {
>                                        Error **errp);
>     int (*launch_start)(SevCommonState *sev_common);
>     void (*launch_finish)(SevCommonState *sev_common);
>-    int (*launch_update_data)(SevCommonState *sev_common, hwaddr gpa, uint8_t *ptr, size_t len);
>+    int (*launch_update_data)(SevCommonState *sev_common, hwaddr gpa,
>+                              uint8_t *ptr, size_t len, Error **errp);
>     int (*kvm_init)(ConfidentialGuestSupport *cgs, Error **errp);
> };
>
>@@ -977,9 +978,8 @@ sev_snp_mask_cpuid_features(X86ConfidentialGuest *cg, uint32_t feature, uint32_t
>     return value;
> }
>
>-static int
>-sev_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
>-                       uint8_t *addr, size_t len)
>+static int sev_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
>+                                  uint8_t *addr, size_t len, Error **errp)
> {
>     int ret, fw_error;
>     struct kvm_sev_launch_update_data update;
>@@ -994,8 +994,8 @@ sev_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
>     ret = sev_ioctl(sev_common->sev_fd, KVM_SEV_LAUNCH_UPDATE_DATA,
>                     &update, &fw_error);
>     if (ret) {
>-        error_report("%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'",
>-                __func__, ret, fw_error, fw_error_to_str(fw_error));
>+        error_setg(errp, "%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'", __func__,
>+                   ret, fw_error, fw_error_to_str(fw_error));
>     }
>
>     return ret;
>@@ -1123,8 +1123,8 @@ sev_launch_finish(SevCommonState *sev_common)
>     migrate_add_blocker(&sev_mig_blocker, &error_fatal);
> }
>
>-static int
>-snp_launch_update_data(uint64_t gpa, void *hva, size_t len, int type)
>+static int snp_launch_update_data(uint64_t gpa, void *hva, size_t len,
>+                                  int type, Error **errp)
> {
>     SevLaunchUpdateData *data;
>
>@@ -1139,23 +1139,21 @@ snp_launch_update_data(uint64_t gpa, void *hva, size_t len, int type)
>     return 0;
> }
>
>-static int
>-sev_snp_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
>-                           uint8_t *ptr, size_t len)
>+static int sev_snp_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
>+                                      uint8_t *ptr, size_t len, Error **errp)
> {
>-       int ret = snp_launch_update_data(gpa, ptr, len,
>-                                         KVM_SEV_SNP_PAGE_TYPE_NORMAL);
>-       return ret;
>+    return snp_launch_update_data(gpa, ptr, len,
>+                                     KVM_SEV_SNP_PAGE_TYPE_NORMAL, errp);
> }
>
> static int
> sev_snp_cpuid_info_fill(SnpCpuidInfo *snp_cpuid_info,
>-                        const KvmCpuidInfo *kvm_cpuid_info)
>+                        const KvmCpuidInfo *kvm_cpuid_info, Error **errp)
> {
>     size_t i;
>
>     if (kvm_cpuid_info->cpuid.nent > SNP_CPUID_FUNCTION_MAXCOUNT) {
>-        error_report("SEV-SNP: CPUID entry count (%d) exceeds max (%d)",
>+        error_setg(errp, "SEV-SNP: CPUID entry count (%d) exceeds max (%d)",
>                      kvm_cpuid_info->cpuid.nent, SNP_CPUID_FUNCTION_MAXCOUNT);
>         return -1;
>     }
>@@ -1197,8 +1195,8 @@ sev_snp_cpuid_info_fill(SnpCpuidInfo *snp_cpuid_info,
>     return 0;
> }
>
>-static int
>-snp_launch_update_cpuid(uint32_t cpuid_addr, void *hva, size_t cpuid_len)
>+static int snp_launch_update_cpuid(uint32_t cpuid_addr, void *hva,
>+                                   size_t cpuid_len, Error **errp)
> {
>     KvmCpuidInfo kvm_cpuid_info = {0};
>     SnpCpuidInfo snp_cpuid_info;
>@@ -1215,26 +1213,25 @@ snp_launch_update_cpuid(uint32_t cpuid_addr, void *hva, size_t cpuid_len)
>     } while (ret == -E2BIG);
>
>     if (ret) {
>-        error_report("SEV-SNP: unable to query CPUID values for CPU: '%s'",
>-                     strerror(-ret));
>-        return 1;
>+        error_setg(errp, "SEV-SNP: unable to query CPUID values for CPU: '%s'",
>+                   strerror(-ret));
>+        return -1;
>     }
>
>-    ret = sev_snp_cpuid_info_fill(&snp_cpuid_info, &kvm_cpuid_info);
>-    if (ret) {
>-        error_report("SEV-SNP: failed to generate CPUID table information");
>-        return 1;
>+    ret = sev_snp_cpuid_info_fill(&snp_cpuid_info, &kvm_cpuid_info, errp);
>+    if (ret < 0) {
>+        return -1;
>     }
>
>     memcpy(hva, &snp_cpuid_info, sizeof(snp_cpuid_info));
>
>     return snp_launch_update_data(cpuid_addr, hva, cpuid_len,
>-                                  KVM_SEV_SNP_PAGE_TYPE_CPUID);
>+                                  KVM_SEV_SNP_PAGE_TYPE_CPUID, errp);
> }
>
>-static int
>-snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp, uint32_t addr,
>-                                void *hva, uint32_t len)
>+static int snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp,
>+                                           uint32_t addr, void *hva,
>+                                           uint32_t len, Error **errp)
> {
>     int type = KVM_SEV_SNP_PAGE_TYPE_ZERO;
>     if (sev_snp->parent_obj.kernel_hashes) {
>@@ -1246,7 +1243,7 @@ snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp, uint32_t addr,
>                sizeof(*sev_snp->kernel_hashes_data));
>         type = KVM_SEV_SNP_PAGE_TYPE_NORMAL;
>     }
>-    return snp_launch_update_data(addr, hva, len, type);
>+    return snp_launch_update_data(addr, hva, len, type, errp);
> }
>
> static int
>@@ -1284,12 +1281,14 @@ snp_populate_metadata_pages(SevSnpGuestState *sev_snp,
>         }
>
>         if (type == KVM_SEV_SNP_PAGE_TYPE_CPUID) {
>-            ret = snp_launch_update_cpuid(desc->base, hva, desc->len);
>+            ret = snp_launch_update_cpuid(desc->base, hva, desc->len,
>+                                          &error_fatal);
>         } else if (desc->type == SEV_DESC_TYPE_SNP_KERNEL_HASHES) {
>             ret = snp_launch_update_kernel_hashes(sev_snp, desc->base, hva,
>-                                                  desc->len);
>+                                                  desc->len, &error_fatal);
>         } else {
>-            ret = snp_launch_update_data(desc->base, hva, desc->len, type);
>+            ret = snp_launch_update_data(desc->base, hva, desc->len, type,
>+                                         &error_fatal);
>         }
>
>         if (ret) {
>@@ -1622,9 +1621,8 @@ sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp)
>     if (sev_check_state(sev_common, SEV_STATE_LAUNCH_UPDATE)) {
>         int ret;
>
>-        ret = klass->launch_update_data(sev_common, gpa, ptr, len);
>+        ret = klass->launch_update_data(sev_common, gpa, ptr, len, errp);
>         if (ret < 0) {
>-            error_setg(errp, "SEV: Failed to encrypt pflash rom");
>             return ret;
>         }
>     }
>-- 
>2.43.0
>
diff mbox series

Patch

diff --git a/target/i386/sev.c b/target/i386/sev.c
index a0d271f898..fab6d1bfb4 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -121,7 +121,8 @@  struct SevCommonStateClass {
                                        Error **errp);
     int (*launch_start)(SevCommonState *sev_common);
     void (*launch_finish)(SevCommonState *sev_common);
-    int (*launch_update_data)(SevCommonState *sev_common, hwaddr gpa, uint8_t *ptr, size_t len);
+    int (*launch_update_data)(SevCommonState *sev_common, hwaddr gpa,
+                              uint8_t *ptr, size_t len, Error **errp);
     int (*kvm_init)(ConfidentialGuestSupport *cgs, Error **errp);
 };
 
@@ -977,9 +978,8 @@  sev_snp_mask_cpuid_features(X86ConfidentialGuest *cg, uint32_t feature, uint32_t
     return value;
 }
 
-static int
-sev_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
-                       uint8_t *addr, size_t len)
+static int sev_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
+                                  uint8_t *addr, size_t len, Error **errp)
 {
     int ret, fw_error;
     struct kvm_sev_launch_update_data update;
@@ -994,8 +994,8 @@  sev_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
     ret = sev_ioctl(sev_common->sev_fd, KVM_SEV_LAUNCH_UPDATE_DATA,
                     &update, &fw_error);
     if (ret) {
-        error_report("%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'",
-                __func__, ret, fw_error, fw_error_to_str(fw_error));
+        error_setg(errp, "%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'", __func__,
+                   ret, fw_error, fw_error_to_str(fw_error));
     }
 
     return ret;
@@ -1123,8 +1123,8 @@  sev_launch_finish(SevCommonState *sev_common)
     migrate_add_blocker(&sev_mig_blocker, &error_fatal);
 }
 
-static int
-snp_launch_update_data(uint64_t gpa, void *hva, size_t len, int type)
+static int snp_launch_update_data(uint64_t gpa, void *hva, size_t len,
+                                  int type, Error **errp)
 {
     SevLaunchUpdateData *data;
 
@@ -1139,23 +1139,21 @@  snp_launch_update_data(uint64_t gpa, void *hva, size_t len, int type)
     return 0;
 }
 
-static int
-sev_snp_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
-                           uint8_t *ptr, size_t len)
+static int sev_snp_launch_update_data(SevCommonState *sev_common, hwaddr gpa,
+                                      uint8_t *ptr, size_t len, Error **errp)
 {
-       int ret = snp_launch_update_data(gpa, ptr, len,
-                                         KVM_SEV_SNP_PAGE_TYPE_NORMAL);
-       return ret;
+    return snp_launch_update_data(gpa, ptr, len,
+                                     KVM_SEV_SNP_PAGE_TYPE_NORMAL, errp);
 }
 
 static int
 sev_snp_cpuid_info_fill(SnpCpuidInfo *snp_cpuid_info,
-                        const KvmCpuidInfo *kvm_cpuid_info)
+                        const KvmCpuidInfo *kvm_cpuid_info, Error **errp)
 {
     size_t i;
 
     if (kvm_cpuid_info->cpuid.nent > SNP_CPUID_FUNCTION_MAXCOUNT) {
-        error_report("SEV-SNP: CPUID entry count (%d) exceeds max (%d)",
+        error_setg(errp, "SEV-SNP: CPUID entry count (%d) exceeds max (%d)",
                      kvm_cpuid_info->cpuid.nent, SNP_CPUID_FUNCTION_MAXCOUNT);
         return -1;
     }
@@ -1197,8 +1195,8 @@  sev_snp_cpuid_info_fill(SnpCpuidInfo *snp_cpuid_info,
     return 0;
 }
 
-static int
-snp_launch_update_cpuid(uint32_t cpuid_addr, void *hva, size_t cpuid_len)
+static int snp_launch_update_cpuid(uint32_t cpuid_addr, void *hva,
+                                   size_t cpuid_len, Error **errp)
 {
     KvmCpuidInfo kvm_cpuid_info = {0};
     SnpCpuidInfo snp_cpuid_info;
@@ -1215,26 +1213,25 @@  snp_launch_update_cpuid(uint32_t cpuid_addr, void *hva, size_t cpuid_len)
     } while (ret == -E2BIG);
 
     if (ret) {
-        error_report("SEV-SNP: unable to query CPUID values for CPU: '%s'",
-                     strerror(-ret));
-        return 1;
+        error_setg(errp, "SEV-SNP: unable to query CPUID values for CPU: '%s'",
+                   strerror(-ret));
+        return -1;
     }
 
-    ret = sev_snp_cpuid_info_fill(&snp_cpuid_info, &kvm_cpuid_info);
-    if (ret) {
-        error_report("SEV-SNP: failed to generate CPUID table information");
-        return 1;
+    ret = sev_snp_cpuid_info_fill(&snp_cpuid_info, &kvm_cpuid_info, errp);
+    if (ret < 0) {
+        return -1;
     }
 
     memcpy(hva, &snp_cpuid_info, sizeof(snp_cpuid_info));
 
     return snp_launch_update_data(cpuid_addr, hva, cpuid_len,
-                                  KVM_SEV_SNP_PAGE_TYPE_CPUID);
+                                  KVM_SEV_SNP_PAGE_TYPE_CPUID, errp);
 }
 
-static int
-snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp, uint32_t addr,
-                                void *hva, uint32_t len)
+static int snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp,
+                                           uint32_t addr, void *hva,
+                                           uint32_t len, Error **errp)
 {
     int type = KVM_SEV_SNP_PAGE_TYPE_ZERO;
     if (sev_snp->parent_obj.kernel_hashes) {
@@ -1246,7 +1243,7 @@  snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp, uint32_t addr,
                sizeof(*sev_snp->kernel_hashes_data));
         type = KVM_SEV_SNP_PAGE_TYPE_NORMAL;
     }
-    return snp_launch_update_data(addr, hva, len, type);
+    return snp_launch_update_data(addr, hva, len, type, errp);
 }
 
 static int
@@ -1284,12 +1281,14 @@  snp_populate_metadata_pages(SevSnpGuestState *sev_snp,
         }
 
         if (type == KVM_SEV_SNP_PAGE_TYPE_CPUID) {
-            ret = snp_launch_update_cpuid(desc->base, hva, desc->len);
+            ret = snp_launch_update_cpuid(desc->base, hva, desc->len,
+                                          &error_fatal);
         } else if (desc->type == SEV_DESC_TYPE_SNP_KERNEL_HASHES) {
             ret = snp_launch_update_kernel_hashes(sev_snp, desc->base, hva,
-                                                  desc->len);
+                                                  desc->len, &error_fatal);
         } else {
-            ret = snp_launch_update_data(desc->base, hva, desc->len, type);
+            ret = snp_launch_update_data(desc->base, hva, desc->len, type,
+                                         &error_fatal);
         }
 
         if (ret) {
@@ -1622,9 +1621,8 @@  sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp)
     if (sev_check_state(sev_common, SEV_STATE_LAUNCH_UPDATE)) {
         int ret;
 
-        ret = klass->launch_update_data(sev_common, gpa, ptr, len);
+        ret = klass->launch_update_data(sev_common, gpa, ptr, len, errp);
         if (ret < 0) {
-            error_setg(errp, "SEV: Failed to encrypt pflash rom");
             return ret;
         }
     }