qemu: domain: Use virSecureErase for clearing secrets instead of VIR_DISPOSE_N

Phase out use of VIR_DISPOSE_N from the qemu driver. Use memset in the
appropriate cases.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 2c34307c823c956f5e52bc362124ae20b84fe164..e60f814e363141188c3204f510c08a169da41785 100644 (file)
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -67,6 +67,7 @@
 #include "backup_conf.h"
 #include "virutil.h"
 #include "virqemu.h"
+#include "virsecureerase.h"
 
 #include <sys/time.h>
 #include <fcntl.h>
@@ -443,7 +444,8 @@ qemuDomainMasterKeyFree(qemuDomainObjPrivatePtr priv)
     if (!priv->masterKey)
         return;
 
-    VIR_DISPOSE_N(priv->masterKey, priv->masterKeyLen);
+    virSecureErase(priv->masterKey, priv->masterKeyLen);
+    g_clear_pointer(&priv->masterKey, g_free);
 }
 
 /* qemuDomainMasterKeyReadFile:
@@ -584,7 +586,8 @@ static void
 qemuDomainSecretPlainClear(qemuDomainSecretPlainPtr secret)
 {
     VIR_FREE(secret->username);
-    VIR_DISPOSE_N(secret->secret, secret->secretlen);
+    virSecureErase(secret->secret, secret->secretlen);
+    g_clear_pointer(&secret->secret, g_free);
 }
 
 
@@ -1131,7 +1134,7 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivatePtr priv,
     g_autoptr(virConnect) conn = virGetConnectSecret();
     qemuDomainSecretInfoPtr secinfo;
     g_autofree char *alias = qemuAliasForSecret(srcalias, secretuse);
-    uint8_t *secret = NULL;
+    g_autofree uint8_t *secret = NULL;
     size_t secretlen = 0;
 
     if (!conn)
@@ -1143,7 +1146,7 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivatePtr priv,
 
     secinfo = qemuDomainSecretAESSetup(priv, alias, username, secret, secretlen);
 
-    VIR_DISPOSE_N(secret, secretlen);
+    virSecureErase(secret, secretlen);
 
     return secinfo;
 }