From 430e72c63b835038a7471e9d909f5b68faad173d Mon Sep 17 00:00:00 2001
From: Mark Ryan <mark.d.ryan@intel.com>
Date: Thu, 28 Jun 2018 15:56:27 +0100
Subject: [PATCH] qemu,qmp: Enable gas security checker

This commit enables the gas security checker on govmm builds.  The
security checker has signalled 4 issues all of which I've checked
and have determined to be non issues.  These issues are disabled
by this commit.

Signed-off-by: Mark Ryan <mark.d.ryan@intel.com>
---
 .travis.yml   | 2 +-
 qemu/image.go | 2 ++
 qemu/qemu.go  | 1 +
 qemu/qmp.go   | 1 +
 4 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index fb5bc44199..f23679412b 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -19,4 +19,4 @@ before_install:
 script:
    - go env
    - $GOPATH/bin/goveralls -v -service=travis-ci
-   - gometalinter --tests --vendor --disable-all --enable=misspell --enable=vet --enable=ineffassign --enable=gofmt --enable=gocyclo --cyclo-over=15 --enable=golint --enable=errcheck --enable=deadcode --enable=staticcheck ./...
+   - gometalinter --tests --vendor --disable-all --enable=misspell --enable=vet --enable=ineffassign --enable=gofmt --enable=gocyclo --cyclo-over=15 --enable=golint --enable=errcheck --enable=deadcode --enable=staticcheck -enable=gas ./...
diff --git a/qemu/image.go b/qemu/image.go
index 4f064c681b..352659adbb 100644
--- a/qemu/image.go
+++ b/qemu/image.go
@@ -45,9 +45,11 @@ func CreateCloudInitISO(ctx context.Context, scratchDir, isoPath string,
 	userDataPath := path.Join(dataDirPath, "user_data")
 
 	defer func() {
+		/* #nosec */
 		_ = os.RemoveAll(configDrivePath)
 	}()
 
+	/* #nosec */
 	err := os.MkdirAll(dataDirPath, 0755)
 	if err != nil {
 		return fmt.Errorf("Unable to create config drive directory %s : %v",
diff --git a/qemu/qemu.go b/qemu/qemu.go
index 831608af33..d146610949 100644
--- a/qemu/qemu.go
+++ b/qemu/qemu.go
@@ -1652,6 +1652,7 @@ func LaunchCustomQemu(ctx context.Context, path string, params []string, fds []*
 		path = "qemu-system-x86_64"
 	}
 
+	/* #nosec */
 	cmd := exec.Command(path, params...)
 	if len(fds) > 0 {
 		logger.Infof("Adding extra file %v", fds)
diff --git a/qemu/qmp.go b/qemu/qmp.go
index 814a7dd50b..a66ef29303 100644
--- a/qemu/qmp.go
+++ b/qemu/qmp.go
@@ -409,6 +409,7 @@ func (q *QMP) mainLoop() {
 		if q.cfg.EventCh != nil {
 			close(q.cfg.EventCh)
 		}
+		/* #nosec */
 		_ = q.conn.Close()
 		_ = <-fromVMCh
 		failOutstandingCommands(cmdQueue)