From nobody Thu May 15 10:20:11 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527582333869220.7294406579199; Tue, 29 May 2018 01:25:33 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C39F8C0CDE10; Tue, 29 May 2018 08:25:31 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8AE492010CA4; Tue, 29 May 2018 08:25:31 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 31CA04BB78; Tue, 29 May 2018 08:25:31 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4T8PFL8005778 for ; Tue, 29 May 2018 04:25:15 -0400 Received: by smtp.corp.redhat.com (Postfix) id 9710863F5C; Tue, 29 May 2018 08:25:14 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.2.192]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1D0EE422BA; Tue, 29 May 2018 08:25:13 +0000 (UTC) From: Michal Privoznik To: libvir-list@redhat.com Date: Tue, 29 May 2018 10:24:40 +0200 Message-Id: <999e700c112c9009379fc3aab7cb01ba379d4332.1527581861.git.mprivozn@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 04/10] virCryptoGenerateRandom: Don't allocate return buffer X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.25 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Tue, 29 May 2018 08:25:32 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" To unify our vir*Random() functions we need to make virCryptoGenerateRandom NOT allocate return buffer. It should just fill given buffer with random data. Signed-off-by: Michal Privoznik --- src/qemu/qemu_domain.c | 12 ++++++++---- src/util/vircrypto.c | 29 ++++++++++++----------------- src/util/vircrypto.h | 3 ++- tests/qemuxml2argvmock.c | 14 ++++---------- 4 files changed, 26 insertions(+), 32 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 47910acb83..2d13a03344 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -930,12 +930,13 @@ qemuDomainMasterKeyCreate(virDomainObjPtr vm) if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET)) return 0; =20 - if (!(priv->masterKey =3D - virCryptoGenerateRandom(QEMU_DOMAIN_MASTER_KEY_LEN))) + if (VIR_ALLOC_N(priv->masterKey, QEMU_DOMAIN_MASTER_KEY_LEN) < 0) return -1; - priv->masterKeyLen =3D QEMU_DOMAIN_MASTER_KEY_LEN; =20 + if (virCryptoGenerateRandom(priv->masterKey, QEMU_DOMAIN_MASTER_KEY_LE= N) < 0) + return -1; + return 0; } =20 @@ -1214,8 +1215,11 @@ qemuDomainSecretAESSetup(qemuDomainObjPrivatePtr pri= v, if (!(secinfo->s.aes.alias =3D qemuDomainGetSecretAESAlias(srcalias, i= sLuks))) goto cleanup; =20 + if (VIR_ALLOC_N(raw_iv, ivlen) < 0) + goto cleanup; + /* Create a random initialization vector */ - if (!(raw_iv =3D virCryptoGenerateRandom(ivlen))) + if (virCryptoGenerateRandom(raw_iv, ivlen) < 0) goto cleanup; =20 /* Encode the IV and save that since qemu will need it */ diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c index 9879c31555..673e1648e8 100644 --- a/src/util/vircrypto.c +++ b/src/util/vircrypto.c @@ -316,44 +316,39 @@ virCryptoEncryptData(virCryptoCipher algorithm, #endif =20 /* virCryptoGenerateRandom: - * @nbytes: Size in bytes of random byte stream to generate + * @buf: Pointer to location to store bytes + * @buflen: Number of bytes to store * - * Generate a random stream of nbytes length and return it. + * Generate a random stream of @buflen length and store it into @buf. * * Since the gnutls_rnd could be missing, provide an alternate less * secure mechanism to at least have something. * - * Returns pointer memory containing byte stream on success, - * NULL on failure (with error reported) + * Returns 0 on success or -1 on failure (with error reported) */ -uint8_t * -virCryptoGenerateRandom(size_t nbytes) +int +virCryptoGenerateRandom(unsigned char *buf, + size_t buflen) { - uint8_t *buf; int rv; =20 - if (VIR_ALLOC_N(buf, nbytes) < 0) - return NULL; - #if WITH_GNUTLS /* Generate the byte stream using gnutls_rnd() if possible */ - if ((rv =3D gnutls_rnd(GNUTLS_RND_RANDOM, buf, nbytes)) < 0) { + if ((rv =3D gnutls_rnd(GNUTLS_RND_RANDOM, buf, buflen)) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("failed to generate byte stream: %s"), gnutls_strerror(rv)); - VIR_FREE(buf); - return NULL; + return -1; } #else /* If we don't have gnutls_rnd(), we will generate a less cryptographi= cally * strong master buf from /dev/urandom. */ - if ((rv =3D virRandomBytes(buf, nbytes)) < 0) { + if ((rv =3D virRandomBytes(buf, buflen)) < 0) { virReportSystemError(-rv, "%s", _("failed to generate byte stream"= )); - VIR_FREE(buf); - return NULL; + return -1; } #endif =20 - return buf; + return 0; } diff --git a/src/util/vircrypto.h b/src/util/vircrypto.h index 9b5dada53d..649ceff1a1 100644 --- a/src/util/vircrypto.h +++ b/src/util/vircrypto.h @@ -65,6 +65,7 @@ int virCryptoEncryptData(virCryptoCipher algorithm, ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(6) ATTRIBUTE_NONNULL(8) ATTRIBUTE_NONNULL(9) ATTRIBUTE_RETURN_CHECK; =20 -uint8_t *virCryptoGenerateRandom(size_t nbytes) ATTRIBUTE_NOINLINE; +int virCryptoGenerateRandom(unsigned char *buf, + size_t buflen) ATTRIBUTE_NOINLINE; =20 #endif /* __VIR_CRYPTO_H__ */ diff --git a/tests/qemuxml2argvmock.c b/tests/qemuxml2argvmock.c index 6d78063f00..44b6504de9 100644 --- a/tests/qemuxml2argvmock.c +++ b/tests/qemuxml2argvmock.c @@ -190,17 +190,11 @@ virCommandPassFD(virCommandPtr cmd ATTRIBUTE_UNUSED, /* nada */ } =20 -uint8_t * -virCryptoGenerateRandom(size_t nbytes) +int +virCryptoGenerateRandom(unsigned char *buf, + size_t buflen) { - uint8_t *buf; - - if (VIR_ALLOC_N(buf, nbytes) < 0) - return NULL; - - ignore_value(virRandomBytes(buf, nbytes)); - - return buf; + return virRandomBytes(buf, buflen); } =20 int --=20 2.16.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list