mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-24 14:45:24 +00:00
security driver: eliminate memory leaks in failure paths
If virPCIDeviceGetVFIOGroupDev() failed,
virSecurity*(Set|Restore)HostdevLabel() would fail to free a
virPCIDevice that had been allocated.
These leaks were all introduced (by me) very recently, in commit
f0bd70a
.
This commit is contained in:
parent
80f01915b5
commit
ed12bbee81
@ -835,8 +835,10 @@ AppArmorSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
|
|||||||
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
||||||
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
||||||
|
|
||||||
if (!vfioGroupDev)
|
if (!vfioGroupDev) {
|
||||||
|
virPCIDeviceFree(pci);
|
||||||
goto done;
|
goto done;
|
||||||
|
}
|
||||||
ret = AppArmorSetSecurityPCILabel(pci, vfioGroupDev, ptr);
|
ret = AppArmorSetSecurityPCILabel(pci, vfioGroupDev, ptr);
|
||||||
VIR_FREE(vfioGroupDev);
|
VIR_FREE(vfioGroupDev);
|
||||||
} else {
|
} else {
|
||||||
|
@ -520,8 +520,10 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
|
|||||||
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
||||||
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
||||||
|
|
||||||
if (!vfioGroupDev)
|
if (!vfioGroupDev) {
|
||||||
|
virPCIDeviceFree(pci);
|
||||||
goto done;
|
goto done;
|
||||||
|
}
|
||||||
ret = virSecurityDACSetSecurityPCILabel(pci, vfioGroupDev, params);
|
ret = virSecurityDACSetSecurityPCILabel(pci, vfioGroupDev, params);
|
||||||
VIR_FREE(vfioGroupDev);
|
VIR_FREE(vfioGroupDev);
|
||||||
} else {
|
} else {
|
||||||
@ -530,7 +532,6 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
virPCIDeviceFree(pci);
|
virPCIDeviceFree(pci);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -611,15 +612,16 @@ virSecurityDACRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr,
|
|||||||
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
||||||
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
||||||
|
|
||||||
if (!vfioGroupDev)
|
if (!vfioGroupDev) {
|
||||||
|
virPCIDeviceFree(pci);
|
||||||
goto done;
|
goto done;
|
||||||
|
}
|
||||||
ret = virSecurityDACRestoreSecurityPCILabel(pci, vfioGroupDev, mgr);
|
ret = virSecurityDACRestoreSecurityPCILabel(pci, vfioGroupDev, mgr);
|
||||||
VIR_FREE(vfioGroupDev);
|
VIR_FREE(vfioGroupDev);
|
||||||
} else {
|
} else {
|
||||||
ret = virPCIDeviceFileIterate(pci, virSecurityDACRestoreSecurityPCILabel, mgr);
|
ret = virPCIDeviceFileIterate(pci, virSecurityDACRestoreSecurityPCILabel, mgr);
|
||||||
}
|
}
|
||||||
virPCIDeviceFree(pci);
|
virPCIDeviceFree(pci);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1346,15 +1346,16 @@ virSecuritySELinuxSetSecurityHostdevSubsysLabel(virDomainDefPtr def,
|
|||||||
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
||||||
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
||||||
|
|
||||||
if (!vfioGroupDev)
|
if (!vfioGroupDev) {
|
||||||
|
virPCIDeviceFree(pci);
|
||||||
goto done;
|
goto done;
|
||||||
|
}
|
||||||
ret = virSecuritySELinuxSetSecurityPCILabel(pci, vfioGroupDev, def);
|
ret = virSecuritySELinuxSetSecurityPCILabel(pci, vfioGroupDev, def);
|
||||||
VIR_FREE(vfioGroupDev);
|
VIR_FREE(vfioGroupDev);
|
||||||
} else {
|
} else {
|
||||||
ret = virPCIDeviceFileIterate(pci, virSecuritySELinuxSetSecurityPCILabel, def);
|
ret = virPCIDeviceFileIterate(pci, virSecuritySELinuxSetSecurityPCILabel, def);
|
||||||
}
|
}
|
||||||
virPCIDeviceFree(pci);
|
virPCIDeviceFree(pci);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1518,15 +1519,16 @@ virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
|
|||||||
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
== VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
|
||||||
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
char *vfioGroupDev = virPCIDeviceGetVFIOGroupDev(pci);
|
||||||
|
|
||||||
if (!vfioGroupDev)
|
if (!vfioGroupDev) {
|
||||||
|
virPCIDeviceFree(pci);
|
||||||
goto done;
|
goto done;
|
||||||
|
}
|
||||||
ret = virSecuritySELinuxRestoreSecurityPCILabel(pci, vfioGroupDev, mgr);
|
ret = virSecuritySELinuxRestoreSecurityPCILabel(pci, vfioGroupDev, mgr);
|
||||||
VIR_FREE(vfioGroupDev);
|
VIR_FREE(vfioGroupDev);
|
||||||
} else {
|
} else {
|
||||||
ret = virPCIDeviceFileIterate(pci, virSecuritySELinuxRestoreSecurityPCILabel, mgr);
|
ret = virPCIDeviceFileIterate(pci, virSecuritySELinuxRestoreSecurityPCILabel, mgr);
|
||||||
}
|
}
|
||||||
virPCIDeviceFree(pci);
|
virPCIDeviceFree(pci);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user