NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

audit: Share virtType fallback logic

Browse Source 
Signed-off-by: Cole Robinson <crobinso@redhat.com>
This commit is contained in:
Cole Robinson 2018-07-26 13:57:31 -04:00
parent c50f89db71
commit 11a4d59345
1 changed files with 28 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
src/conf/domain_audit.c
View File

@ -68,6 +68,21 @@ virDomainAuditGetRdev(const char *path ATTRIBUTE_UNUSED)
#endif #endif
static const char *
virDomainAuditGetVirtType(virDomainDefPtr def)
{
const char *virt;
if (!(virt = virDomainVirtTypeToString(def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message",
def->virtType);
virt = "?";
}
return virt;
}
static void static void
virDomainAuditGenericDev(virDomainObjPtr vm, virDomainAuditGenericDev(virDomainObjPtr vm,
const char *type, const char *type,
@ -82,7 +97,7 @@ virDomainAuditGenericDev(virDomainObjPtr vm,
char *vmname = NULL; char *vmname = NULL;
char *oldsrc = NULL; char *oldsrc = NULL;
char *newsrc = NULL; char *newsrc = NULL;
const char *virt; const char *virt = virDomainAuditGetVirtType(vm->def);
/* if both new and old source aren't provided don't log anything */ /* if both new and old source aren't provided don't log anything */
if (!newsrcpath && !oldsrcpath) if (!newsrcpath && !oldsrcpath)
@ -99,12 +114,6 @@ virDomainAuditGenericDev(virDomainObjPtr vm,
if (!(vmname = virAuditEncode("vm", vm->def->name))) if (!(vmname = virAuditEncode("vm", vm->def->name)))
goto no_memory; goto no_memory;
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message",
vm->def->virtType);
virt = "?";
}
if (!(newsrc = virAuditEncode(newdev, VIR_AUDIT_STR(newsrcpath)))) if (!(newsrc = virAuditEncode(newdev, VIR_AUDIT_STR(newsrcpath))))
goto no_memory; goto no_memory;
@ -312,7 +321,7 @@ virDomainAuditNetDevice(virDomainDefPtr vmDef, virDomainNetDefPtr netDef,
char *vmname; char *vmname;
char *dev_name = NULL; char *dev_name = NULL;
char *rdev; char *rdev;
const char *virt; const char *virt = virDomainAuditGetVirtType(vmDef);
virUUIDFormat(vmDef->uuid, uuidstr); virUUIDFormat(vmDef->uuid, uuidstr);
virMacAddrFormat(&netDef->mac, macstr); virMacAddrFormat(&netDef->mac, macstr);
@ -324,11 +333,6 @@ virDomainAuditNetDevice(virDomainDefPtr vmDef, virDomainNetDefPtr netDef,
goto cleanup; goto cleanup;
} }
if (!(virt = virDomainVirtTypeToString(vmDef->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vmDef->virtType);
virt = "?";
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"virt=%s resrc=net reason=open %s uuid=%s net=%s %s rdev=%s", "virt=%s resrc=net reason=open %s uuid=%s net=%s %s rdev=%s",
virt, vmname, uuidstr, macstr, dev_name, VIR_AUDIT_STR(rdev)); virt, vmname, uuidstr, macstr, dev_name, VIR_AUDIT_STR(rdev));
@ -356,7 +360,8 @@ virDomainAuditHostdev(virDomainObjPtr vm, virDomainHostdevDefPtr hostdev,
char *vmname; char *vmname;
char *address = NULL; char *address = NULL;
char *device = NULL; char *device = NULL;
const char *virt; const char *virt = virDomainAuditGetVirtType(vm->def);
virDomainHostdevSubsysUSBPtr usbsrc = &hostdev->source.subsys.u.usb; virDomainHostdevSubsysUSBPtr usbsrc = &hostdev->source.subsys.u.usb;
virDomainHostdevSubsysPCIPtr pcisrc = &hostdev->source.subsys.u.pci; virDomainHostdevSubsysPCIPtr pcisrc = &hostdev->source.subsys.u.pci;
virDomainHostdevSubsysSCSIPtr scsisrc = &hostdev->source.subsys.u.scsi; virDomainHostdevSubsysSCSIPtr scsisrc = &hostdev->source.subsys.u.scsi;
@ -369,11 +374,6 @@ virDomainAuditHostdev(virDomainObjPtr vm, virDomainHostdevDefPtr hostdev,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
switch ((virDomainHostdevMode) hostdev->mode) { switch ((virDomainHostdevMode) hostdev->mode) {
case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS: case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS:
switch ((virDomainHostdevSubsysType) hostdev->source.subsys.type) { switch ((virDomainHostdevSubsysType) hostdev->source.subsys.type) {
@ -509,7 +509,7 @@ virDomainAuditRedirdev(virDomainObjPtr vm, virDomainRedirdevDefPtr redirdev,
char *vmname; char *vmname;
char *address = NULL; char *address = NULL;
char *device = NULL; char *device = NULL;
const char *virt; const char *virt = virDomainAuditGetVirtType(vm->def);
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -517,11 +517,6 @@ virDomainAuditRedirdev(virDomainObjPtr vm, virDomainRedirdevDefPtr redirdev,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
switch (redirdev->bus) { switch (redirdev->bus) {
case VIR_DOMAIN_REDIRDEV_BUS_USB: case VIR_DOMAIN_REDIRDEV_BUS_USB:
if (VIR_STRDUP_QUIET(address, "USB redirdev") < 0) { if (VIR_STRDUP_QUIET(address, "USB redirdev") < 0) {
@ -571,7 +566,7 @@ virDomainAuditTPM(virDomainObjPtr vm, virDomainTPMDefPtr tpm,
char *vmname; char *vmname;
char *path = NULL; char *path = NULL;
char *device = NULL; char *device = NULL;
const char *virt; const char *virt = virDomainAuditGetVirtType(vm->def);
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -579,11 +574,6 @@ virDomainAuditTPM(virDomainObjPtr vm, virDomainTPMDefPtr tpm,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
switch (tpm->type) { switch (tpm->type) {
case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH: case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
path = tpm->data.passthrough.source.data.file.path; path = tpm->data.passthrough.source.data.file.path;
@ -639,7 +629,7 @@ virDomainAuditCgroup(virDomainObjPtr vm, virCgroupPtr cgroup,
char *vmname; char *vmname;
char *controller = NULL; char *controller = NULL;
char *detail; char *detail;
const char *virt; const char *virt = virDomainAuditGetVirtType(vm->def);
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -647,11 +637,6 @@ virDomainAuditCgroup(virDomainObjPtr vm, virCgroupPtr cgroup,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
ignore_value(virCgroupPathOfController(cgroup, ignore_value(virCgroupPathOfController(cgroup,
VIR_CGROUP_CONTROLLER_DEVICES, VIR_CGROUP_CONTROLLER_DEVICES,
NULL, &controller)); NULL, &controller));
@ -757,7 +742,7 @@ virDomainAuditResource(virDomainObjPtr vm, const char *resource,
{ {
char uuidstr[VIR_UUID_STRING_BUFLEN]; char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname; char *vmname;
const char *virt; const char *virt = virDomainAuditGetVirtType(vm->def);
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -765,11 +750,6 @@ virDomainAuditResource(virDomainObjPtr vm, const char *resource,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"virt=%s resrc=%s reason=%s %s uuid=%s old-%s=%lld new-%s=%lld", "virt=%s resrc=%s reason=%s %s uuid=%s old-%s=%lld new-%s=%lld",
virt, resource, reason, vmname, uuidstr, virt, resource, reason, vmname, uuidstr,
@ -809,7 +789,7 @@ virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
{ {
char uuidstr[VIR_UUID_STRING_BUFLEN]; char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname; char *vmname;
const char *virt; const char *virt = virDomainAuditGetVirtType(vm->def);
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
@ -818,11 +798,6 @@ virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success, VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
"virt=%s op=%s reason=%s %s uuid=%s vm-pid=%lld", "virt=%s op=%s reason=%s %s uuid=%s vm-pid=%lld",
virt, op, reason, vmname, uuidstr, (long long)vm->pid); virt, op, reason, vmname, uuidstr, (long long)vm->pid);
@ -909,7 +884,7 @@ virDomainAuditInit(virDomainObjPtr vm,
{ {
char uuidstr[VIR_UUID_STRING_BUFLEN]; char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname; char *vmname;
const char *virt; const char *virt = virDomainAuditGetVirtType(vm->def);
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
@ -918,11 +893,6 @@ virDomainAuditInit(virDomainObjPtr vm,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, true, VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, true,
"virt=%s op=init %s uuid=%s vm-pid=%lld init-pid=%lld pid-ns=%lld", "virt=%s op=init %s uuid=%s vm-pid=%lld init-pid=%lld pid-ns=%lld",
virt, vmname, uuidstr, (long long)vm->pid, (long long)initpid, virt, vmname, uuidstr, (long long)vm->pid, (long long)initpid,
@ -942,8 +912,8 @@ virDomainAuditSecurityLabel(virDomainObjPtr vm, bool success)
{ {
char uuidstr[VIR_UUID_STRING_BUFLEN]; char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname; char *vmname;
const char *virt;
size_t i; size_t i;
const char *virt = virDomainAuditGetVirtType(vm->def);
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -951,11 +921,6 @@ virDomainAuditSecurityLabel(virDomainObjPtr vm, bool success)
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
for (i = 0; i < vm->def->nseclabels; i++) { for (i = 0; i < vm->def->nseclabels; i++) {
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success, VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success,
"virt=%s %s uuid=%s vm-ctx=%s img-ctx=%s model=%s", "virt=%s %s uuid=%s vm-ctx=%s img-ctx=%s model=%s",
@ -976,7 +941,7 @@ virDomainAuditShmem(virDomainObjPtr vm,
char uuidstr[VIR_UUID_STRING_BUFLEN]; char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname = virAuditEncode("vm", vm->def->name); char *vmname = virAuditEncode("vm", vm->def->name);
const char *srcpath = virDomainChrSourceDefGetPath(&def->server.chr); const char *srcpath = virDomainChrSourceDefGetPath(&def->server.chr);
const char *virt = virDomainVirtTypeToString(vm->def->virtType); const char *virt = virDomainAuditGetVirtType(vm->def);
char *shmpath = NULL; char *shmpath = NULL;
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
@ -1018,7 +983,7 @@ virDomainAuditInput(virDomainObjPtr vm,
{ {
char uuidstr[VIR_UUID_STRING_BUFLEN]; char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname; char *vmname;
const char *virt = virDomainVirtTypeToString(vm->def->virtType); const char *virt = virDomainAuditGetVirtType(vm->def);
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);