[PATCH v2 11/27] qemu: domain: Use virSecureErase for clearing secrets instead of VIR_DISPOSE_N
Peter Krempa
pkrempa at redhat.com
Tue Feb 2 16:55:48 UTC 2021
Phase out use of VIR_DISPOSE_N from the qemu driver. Use memset in the
appropriate cases.
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
src/qemu/qemu_domain.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 2c34307c82..e60f814e36 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -67,6 +67,7 @@
#include "backup_conf.h"
#include "virutil.h"
#include "virqemu.h"
+#include "virsecureerase.h"
#include <sys/time.h>
#include <fcntl.h>
@@ -443,7 +444,8 @@ qemuDomainMasterKeyFree(qemuDomainObjPrivatePtr priv)
if (!priv->masterKey)
return;
- VIR_DISPOSE_N(priv->masterKey, priv->masterKeyLen);
+ virSecureErase(priv->masterKey, priv->masterKeyLen);
+ g_clear_pointer(&priv->masterKey, g_free);
}
/* qemuDomainMasterKeyReadFile:
@@ -584,7 +586,8 @@ static void
qemuDomainSecretPlainClear(qemuDomainSecretPlainPtr secret)
{
VIR_FREE(secret->username);
- VIR_DISPOSE_N(secret->secret, secret->secretlen);
+ virSecureErase(secret->secret, secret->secretlen);
+ g_clear_pointer(&secret->secret, g_free);
}
@@ -1131,7 +1134,7 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivatePtr priv,
g_autoptr(virConnect) conn = virGetConnectSecret();
qemuDomainSecretInfoPtr secinfo;
g_autofree char *alias = qemuAliasForSecret(srcalias, secretuse);
- uint8_t *secret = NULL;
+ g_autofree uint8_t *secret = NULL;
size_t secretlen = 0;
if (!conn)
@@ -1143,7 +1146,7 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivatePtr priv,
secinfo = qemuDomainSecretAESSetup(priv, alias, username, secret, secretlen);
- VIR_DISPOSE_N(secret, secretlen);
+ virSecureErase(secret, secretlen);
return secinfo;
}
--
2.29.2
More information about the libvir-list
mailing list