It's desired to keep the alias around to allow referencing of the secret
object used with qemu. Add set of APIs which will destroy all data
except the alias.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 src/qemu/qemu_domain.c | 43 +++++++++++++++++++++++++++++++++++--------
 src/qemu/qemu_domain.h |  2 ++
 2 files changed, 37 insertions(+), 8 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index e4588f7428..4318818e85 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -949,38 +949,65 @@ qemuDomainSecretPlainClear(qemuDomainSecretPlain secret)


 static void
-qemuDomainSecretAESClear(qemuDomainSecretAES secret)
+qemuDomainSecretAESClear(qemuDomainSecretAES secret,
+                         bool keepAlias)
 {
+    if (!keepAlias)
+        VIR_FREE(secret.alias);
+
     VIR_FREE(secret.username);
-    VIR_FREE(secret.alias);
     VIR_FREE(secret.iv);
     VIR_FREE(secret.ciphertext);
 }


-void
-qemuDomainSecretInfoFree(qemuDomainSecretInfoPtr *secinfo)
+static void
+qemuDomainSecretInfoClear(qemuDomainSecretInfoPtr secinfo,
+                          bool keepAlias)
 {
-    if (!*secinfo)
+    if (!secinfo)
         return;

-    switch ((qemuDomainSecretInfoType) (*secinfo)->type) {
+    switch ((qemuDomainSecretInfoType) secinfo->type) {
     case VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN:
-        qemuDomainSecretPlainClear((*secinfo)->s.plain);
+        qemuDomainSecretPlainClear(secinfo->s.plain);
         break;

     case VIR_DOMAIN_SECRET_INFO_TYPE_AES:
-        qemuDomainSecretAESClear((*secinfo)->s.aes);
+        qemuDomainSecretAESClear(secinfo->s.aes, keepAlias);
         break;

     case VIR_DOMAIN_SECRET_INFO_TYPE_LAST:
         break;
     }
+}
+
+
+void
+qemuDomainSecretInfoFree(qemuDomainSecretInfoPtr *secinfo)
+{
+    if (!*secinfo)
+        return;
+
+    qemuDomainSecretInfoClear(*secinfo, false);

     VIR_FREE(*secinfo);
 }


+/**
+ * qemuDomainSecretInfoDestroy:
+ * @secinfo: object to destroy
+ *
+ * Removes any data unnecessary for further use, but keeps alias allocated.
+ */
+void
+qemuDomainSecretInfoDestroy(qemuDomainSecretInfoPtr secinfo)
+{
+    qemuDomainSecretInfoClear(secinfo, true);
+}
+
+
 static virClassPtr qemuDomainDiskPrivateClass;
 static void qemuDomainDiskPrivateDispose(void *obj);

diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index f76404e1ac..3e139e0c57 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -836,6 +836,8 @@ bool qemuDomainSupportsEncryptedSecret(qemuDomainObjPrivatePtr priv);
 void qemuDomainSecretInfoFree(qemuDomainSecretInfoPtr *secinfo)
     ATTRIBUTE_NONNULL(1);

+void qemuDomainSecretInfoDestroy(qemuDomainSecretInfoPtr secinfo);
+
 void qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk)
     ATTRIBUTE_NONNULL(1);

-- 
2.16.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

On Wed, May 30, 2018 at 02:41:04PM +0200, Peter Krempa wrote:
>It's desired to keep the alias around to allow referencing of the secret
>object used with qemu. Add set of APIs which will destroy all data
>except the alias.
>
>Signed-off-by: Peter Krempa <pkrempa@redhat.com>
>---
> src/qemu/qemu_domain.c | 43 +++++++++++++++++++++++++++++++++++--------
> src/qemu/qemu_domain.h |  2 ++
> 2 files changed, 37 insertions(+), 8 deletions(-)
>

Reviewed-by: Ján Tomko <jtomko@redhat.com>

Jano
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list