[PATCH v2 00/27] util: Remove VIR_DISPOSE(_N) and VIR_DISPOSE_STRING

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Patches 1-6 are pure refactors, other patches then convert handling to
the newly introduced functions.

Unfortunately quite a lot of the supposedly "secure" handling of secrets
isn't really secure as we e.g. copy the secret into another buffer which
isn't cleared properly or format it directly onto the commadline ...

I've kept them so that they are still marked as secure despite the
handling being pointless.

v2:
 - use a new wrapper virSecureErase to mark places really needing secure
   handling instead of just plain memset (but the wrapper still uses
                                          memset)
 - converted other memset calls to virSecureErase in
   virCryptoEncryptDataAESgnutls, probably the only function worthy
   of this change
 - added patches removing the string disposal code too


Peter Krempa (27):
  hypervFreeInvokeParams: Don't use VIR_DISPOSE_N for freeing 'params'
  libxlMakeDomBuildInfo: Don't use VIR_DISPOSE_N for USB device list
  qemuDomainMasterKeyCreate: Don't use VIR_DISPOSE_N on failure
  cmdSecretSetValue: Make it obvious that --file, --base64 and
    --interactive are exlcusive
  virNetLibsshSessionAuthAddPrivKeyAuth: Don't unlock unlocked 'sess' on
    error
  virNetLibsshSessionAuthAddPrivKeyAuth: Refactor cleanup
  util: Introduce virsecureerase module
  virsh: cmdSecretSetValue: Rework handling of the secret value
  storage_backend_iscsi(_direct): Properly clear secrets
  libxlMakeNetworkDiskSrc: Avoid use of VIR_DISPOSE_N
  qemu: domain: Use virSecureErase for clearing secrets instead of
    VIR_DISPOSE_N
  virsh: cmdSecretGetValue: Use virSecureErase instead of VIR_DISPOSE_N
  virStorageBackendRBDOpenRADOSConn: Use virSecureErase instead of
    VIR_DISPOSE_N
  virCryptoEncryptDataAESgnutls: Use virSecureErase instead of
    VIR_DISPOSE_N
  virCryptoEncryptDataAESgnutls: Use virSecureErase instead of memset
  storageBackendCreateQemuImgSecretPath: Use virSecureErase instead of
    VIR_DISPOSE_N
  tests: viralloc: Remove testDispose case
  util: viralloc: Remove VIR_DISPOSE(_N)
  util: virsecureerase: Introduce virSecureEraseString
  libxlMakeNetworkDiskSrc: Use virSecureEraseString instead of
    VIR_AUTODISPOSE_STR
  qemuBuildRBDSecinfoURI: Use virSecureEraseString instead of
    VIR_AUTODISPOSE_STR
  virStorageBackendRBDOpenRADOSConn: Use virSecureEraseString instead of
    VIR_AUTODISPOSE_STR
  cmdSecretGetValue: Use virSecureEraseString instead of
    VIR_AUTODISPOSE_STR
  virNetLibsshAuthenticatePassword: Use virSecureEraseString instead of
    VIR_AUTODISPOSE_STR
  util: alloc: Remove VIR_AUTODISPOSE_STR
  virnetlibsshsession: Replace VIR_DISPOSE_STRING with
    virSecureEraseString
  util: alloc: Remove VIR_DISPOSE_STRING

 src/hyperv/hyperv_wmi.c                    |  4 +-
 src/libvirt_private.syms                   |  7 ++-
 src/libxl/libxl_conf.c                     | 16 ++++--
 src/qemu/qemu_command.c                    |  4 +-
 src/qemu/qemu_domain.c                     | 22 +++++---
 src/rpc/virnetlibsshsession.c              | 50 +++++++----------
 src/storage/storage_backend_iscsi.c        | 16 +++---
 src/storage/storage_backend_iscsi_direct.c | 17 +++---
 src/storage/storage_backend_rbd.c          | 16 ++++--
 src/storage/storage_util.c                 |  4 +-
 src/util/meson.build                       |  1 +
 src/util/viralloc.c                        | 52 ------------------
 src/util/viralloc.h                        | 51 -----------------
 src/util/vircrypto.c                       | 12 ++--
 src/util/virsecureerase.c                  | 57 +++++++++++++++++++
 src/util/virsecureerase.h                  | 28 ++++++++++
 tests/viralloctest.c                       | 34 ------------
 tools/virsh-secret.c                       | 64 ++++++++++------------
 18 files changed, 206 insertions(+), 249 deletions(-)
 create mode 100644 src/util/virsecureerase.c
 create mode 100644 src/util/virsecureerase.h

-- 
2.29.2




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux