From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 16/30] target/i386: sev: fix memory leaks
Date: Wed, 9 May 2018 00:14:33 +0200 [thread overview]
Message-ID: <1525817687-34620-17-git-send-email-pbonzini@redhat.com> (raw)
In-Reply-To: <1525817687-34620-1-git-send-email-pbonzini@redhat.com>
Reported by Coverity.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/sev.c | 32 +++++++++++++++++---------------
1 file changed, 17 insertions(+), 15 deletions(-)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index c011671..2395171 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -430,7 +430,8 @@ static int
sev_get_pdh_info(int fd, guchar **pdh, size_t *pdh_len, guchar **cert_chain,
size_t *cert_chain_len)
{
- guchar *pdh_data, *cert_chain_data;
+ guchar *pdh_data = NULL;
+ guchar *cert_chain_data = NULL;
struct sev_user_data_pdh_cert_export export = {};
int err, r;
@@ -471,8 +472,9 @@ e_free:
SevCapability *
sev_get_capabilities(void)
{
- SevCapability *cap;
- guchar *pdh_data, *cert_chain_data;
+ SevCapability *cap = NULL;
+ guchar *pdh_data = NULL;
+ guchar *cert_chain_data = NULL;
size_t pdh_len = 0, cert_chain_len = 0;
uint32_t ebx;
int fd;
@@ -486,7 +488,7 @@ sev_get_capabilities(void)
if (sev_get_pdh_info(fd, &pdh_data, &pdh_len,
&cert_chain_data, &cert_chain_len)) {
- return NULL;
+ goto out;
}
cap = g_new0(SevCapability, 1);
@@ -502,9 +504,9 @@ sev_get_capabilities(void)
*/
cap->reduced_phys_bits = 1;
+out:
g_free(pdh_data);
g_free(cert_chain_data);
-
close(fd);
return cap;
}
@@ -530,7 +532,7 @@ sev_launch_start(SEVState *s)
{
gsize sz;
int ret = 1;
- int fw_error;
+ int fw_error, rc;
QSevGuestInfo *sev = s->sev_info;
struct kvm_sev_launch_start *start;
guchar *session = NULL, *dh_cert = NULL;
@@ -543,7 +545,7 @@ sev_launch_start(SEVState *s)
&error_abort);
if (sev->session_file) {
if (sev_read_file_base64(sev->session_file, &session, &sz) < 0) {
- return 1;
+ goto out;
}
start->session_uaddr = (unsigned long)session;
start->session_len = sz;
@@ -551,18 +553,18 @@ sev_launch_start(SEVState *s)
if (sev->dh_cert_file) {
if (sev_read_file_base64(sev->dh_cert_file, &dh_cert, &sz) < 0) {
- return 1;
+ goto out;
}
start->dh_uaddr = (unsigned long)dh_cert;
start->dh_len = sz;
}
trace_kvm_sev_launch_start(start->policy, session, dh_cert);
- ret = sev_ioctl(s->sev_fd, KVM_SEV_LAUNCH_START, start, &fw_error);
- if (ret < 0) {
+ rc = sev_ioctl(s->sev_fd, KVM_SEV_LAUNCH_START, start, &fw_error);
+ if (rc < 0) {
error_report("%s: LAUNCH_START ret=%d fw_error=%d '%s'",
__func__, ret, fw_error, fw_error_to_str(fw_error));
- return 1;
+ goto out;
}
object_property_set_int(OBJECT(sev), start->handle, "handle",
@@ -570,12 +572,13 @@ sev_launch_start(SEVState *s)
sev_set_guest_state(SEV_STATE_LAUNCH_UPDATE);
s->handle = start->handle;
s->policy = start->policy;
+ ret = 0;
+out:
g_free(start);
g_free(session);
g_free(dh_cert);
-
- return 0;
+ return ret;
}
static int
@@ -712,7 +715,7 @@ sev_guest_init(const char *id)
uint32_t host_cbitpos;
struct sev_user_data_status status = {};
- s = g_new0(SEVState, 1);
+ sev_state = s = g_new0(SEVState, 1);
s->sev_info = lookup_sev_guest_info(id);
if (!s->sev_info) {
error_report("%s: '%s' is not a valid '%s' object",
@@ -720,7 +723,6 @@ sev_guest_init(const char *id)
goto err;
}
- sev_state = s;
s->state = SEV_STATE_UNINIT;
host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL);
--
1.8.3.1
next prev parent reply other threads:[~2018-05-08 22:15 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-08 22:14 [Qemu-devel] [PULL 00/30] Misc patches for 2018-05-09 Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 01/30] configure: recognize more rpmbuild macros Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 02/30] cpus: Fix event order on resume of stopped guest Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 03/30] cpus: tcg: fix never exiting loop on unplug Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 04/30] checkpatch.pl: add common glib defines to typelist Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 05/30] qom: allow object_get_canonical_path_component without parent Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 06/30] memdev: remove "id" property Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 07/30] exec: move memory access declarations to a common header, inline *_phys functions Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 08/30] exec: small changes to flatview_do_translate Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 09/30] exec: extract address_space_translate_iommu, fix page_mask corner case Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 10/30] exec: reintroduce MemoryRegion caching Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 11/30] qemu-thread: always keep the posix wrapper layer Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 12/30] update-linux-headers: drop hyperv.h Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 13/30] accel: use g_strsplit for parsing accelerator names Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 14/30] opts: don't silently truncate long parameter keys Paolo Bonzini
2018-05-09 5:46 ` Thomas Huth
2018-05-08 22:14 ` [Qemu-devel] [PULL 15/30] opts: don't silently truncate long option values Paolo Bonzini
2018-05-14 16:19 ` Peter Maydell
2018-05-14 16:23 ` Daniel P. Berrangé
2018-05-08 22:14 ` Paolo Bonzini [this message]
2018-05-08 22:14 ` [Qemu-devel] [PULL 17/30] qemu-options: Mark -virtioconsole as deprecated Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 18/30] qemu-options: Remove remainders of the -tdf option Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 19/30] qemu-options: Bail out on unsupported options instead of silently ignoring them Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 20/30] qemu-options: Remove deprecated -no-kvm-pit-reinjection Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 21/30] qemu-options: Remove deprecated -no-kvm-irqchip Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 22/30] qemu-doc: provide details of supported build platforms Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 23/30] glib: bump min required glib library version to 2.42 Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 24/30] i386/kvm: add support for Hyper-V reenlightenment MSRs Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 25/30] configure: Really use local libfdt if the system one is too old Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 26/30] configure: Display if libfdt is from system or git Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 27/30] shippable: Remove Debian 8 libfdt kludge Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 28/30] build: Silence dtc directory creation Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 29/30] pc-dimm: fix error messages if no slots were defined Paolo Bonzini
2018-05-08 22:14 ` [Qemu-devel] [PULL 30/30] rename included C files to foo.inc.c, remove osdep.h Paolo Bonzini
2018-05-11 12:19 ` [Qemu-devel] [PULL 00/30] Misc patches for 2018-05-09 Peter Maydell
2018-05-11 12:33 ` Paolo Bonzini
2018-05-11 12:39 ` Peter Maydell
2018-05-11 12:42 ` Daniel P. Berrangé
2018-05-11 12:50 ` Peter Maydell
2018-05-11 12:54 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1525817687-34620-17-git-send-email-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).