[PATCH v2 00/27] util: Remove VIR_DISPOSE(_N) and VIR_DISPOSE_STRING

Patches 1-6 are pure refactors, other patches then convert handling to the newly introduced functions. Unfortunately quite a lot of the supposedly "secure" handling of secrets isn't really secure as we e.g. copy the secret into another buffer which isn't cleared properly or format it directly onto the commadline ... I've kept them so that they are still marked as secure despite the handling being pointless. v2: - use a new wrapper virSecureErase to mark places really needing secure handling instead of just plain memset (but the wrapper still uses memset) - converted other memset calls to virSecureErase in virCryptoEncryptDataAESgnutls, probably the only function worthy of this change - added patches removing the string disposal code too Peter Krempa (27): hypervFreeInvokeParams: Don't use VIR_DISPOSE_N for freeing 'params' libxlMakeDomBuildInfo: Don't use VIR_DISPOSE_N for USB device list qemuDomainMasterKeyCreate: Don't use VIR_DISPOSE_N on failure cmdSecretSetValue: Make it obvious that --file, --base64 and --interactive are exlcusive virNetLibsshSessionAuthAddPrivKeyAuth: Don't unlock unlocked 'sess' on error virNetLibsshSessionAuthAddPrivKeyAuth: Refactor cleanup util: Introduce virsecureerase module virsh: cmdSecretSetValue: Rework handling of the secret value storage_backend_iscsi(_direct): Properly clear secrets libxlMakeNetworkDiskSrc: Avoid use of VIR_DISPOSE_N qemu: domain: Use virSecureErase for clearing secrets instead of VIR_DISPOSE_N virsh: cmdSecretGetValue: Use virSecureErase instead of VIR_DISPOSE_N virStorageBackendRBDOpenRADOSConn: Use virSecureErase instead of VIR_DISPOSE_N virCryptoEncryptDataAESgnutls: Use virSecureErase instead of VIR_DISPOSE_N virCryptoEncryptDataAESgnutls: Use virSecureErase instead of memset storageBackendCreateQemuImgSecretPath: Use virSecureErase instead of VIR_DISPOSE_N tests: viralloc: Remove testDispose case util: viralloc: Remove VIR_DISPOSE(_N) util: virsecureerase: Introduce virSecureEraseString libxlMakeNetworkDiskSrc: Use virSecureEraseString instead of VIR_AUTODISPOSE_STR qemuBuildRBDSecinfoURI: Use virSecureEraseString instead of VIR_AUTODISPOSE_STR virStorageBackendRBDOpenRADOSConn: Use virSecureEraseString instead of VIR_AUTODISPOSE_STR cmdSecretGetValue: Use virSecureEraseString instead of VIR_AUTODISPOSE_STR virNetLibsshAuthenticatePassword: Use virSecureEraseString instead of VIR_AUTODISPOSE_STR util: alloc: Remove VIR_AUTODISPOSE_STR virnetlibsshsession: Replace VIR_DISPOSE_STRING with virSecureEraseString util: alloc: Remove VIR_DISPOSE_STRING src/hyperv/hyperv_wmi.c | 4 +- src/libvirt_private.syms | 7 ++- src/libxl/libxl_conf.c | 16 ++++-- src/qemu/qemu_command.c | 4 +- src/qemu/qemu_domain.c | 22 +++++--- src/rpc/virnetlibsshsession.c | 50 +++++++---------- src/storage/storage_backend_iscsi.c | 16 +++--- src/storage/storage_backend_iscsi_direct.c | 17 +++--- src/storage/storage_backend_rbd.c | 16 ++++-- src/storage/storage_util.c | 4 +- src/util/meson.build | 1 + src/util/viralloc.c | 52 ------------------ src/util/viralloc.h | 51 ----------------- src/util/vircrypto.c | 12 ++-- src/util/virsecureerase.c | 57 +++++++++++++++++++ src/util/virsecureerase.h | 28 ++++++++++ tests/viralloctest.c | 34 ------------ tools/virsh-secret.c | 64 ++++++++++------------ 18 files changed, 206 insertions(+), 249 deletions(-) create mode 100644 src/util/virsecureerase.c create mode 100644 src/util/virsecureerase.h -- 2.29.2