openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add virtualization type in audit messages 

Since a host can run several different virtualization types at
the same time, audit messages should allow domains to be identified.
Add a 'virt={qemu,kvm,uml,lxc,...}' key to domain audit messages

* src/conf/domain_audit.c: Identify virt type of guest
This commit is contained in:
Daniel P. Berrange 2011-07-04 12:21:21 +01:00
parent e6e90c8d70
commit 839f47b57f
1 changed files with 72 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
src/conf/domain_audit.c
View File

@ -67,6 +67,7 @@ virDomainAuditDisk(virDomainObjPtr vm,
char *vmname; char *vmname;
char *oldsrc = NULL; char *oldsrc = NULL;
char *newsrc = NULL; char *newsrc = NULL;
const char *virt;
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -74,6 +75,11 @@ virDomainAuditDisk(virDomainObjPtr vm,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
if (!(oldsrc = virAuditEncode("old-disk", if (!(oldsrc = virAuditEncode("old-disk",
oldDef && oldDef->src ? oldDef && oldDef->src ?
oldDef->src : "?"))) { oldDef->src : "?"))) {
@ -88,8 +94,8 @@ virDomainAuditDisk(virDomainObjPtr vm,
} }
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=disk reason=%s %s uuid=%s %s %s", "virt=%s resrc=disk reason=%s %s uuid=%s %s %s",
reason, vmname, uuidstr, virt, reason, vmname, uuidstr,
oldsrc, newsrc); oldsrc, newsrc);
cleanup: cleanup:
@ -108,6 +114,7 @@ virDomainAuditFS(virDomainObjPtr vm,
char *vmname; char *vmname;
char *oldsrc = NULL; char *oldsrc = NULL;
char *newsrc = NULL; char *newsrc = NULL;
const char *virt;
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -115,6 +122,11 @@ virDomainAuditFS(virDomainObjPtr vm,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
if (!(oldsrc = virAuditEncode("old-fs", if (!(oldsrc = virAuditEncode("old-fs",
oldDef && oldDef->src ? oldDef && oldDef->src ?
oldDef->src : "?"))) { oldDef->src : "?"))) {
@ -129,8 +141,8 @@ virDomainAuditFS(virDomainObjPtr vm,
} }
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=fs reason=%s %s uuid=%s %s %s", "virt=%s resrc=fs reason=%s %s uuid=%s %s %s",
reason, vmname, uuidstr, virt, reason, vmname, uuidstr,
oldsrc, newsrc); oldsrc, newsrc);
cleanup: cleanup:
@ -149,6 +161,7 @@ virDomainAuditNet(virDomainObjPtr vm,
char newMacstr[VIR_MAC_STRING_BUFLEN]; char newMacstr[VIR_MAC_STRING_BUFLEN];
char oldMacstr[VIR_MAC_STRING_BUFLEN]; char oldMacstr[VIR_MAC_STRING_BUFLEN];
char *vmname; char *vmname;
const char *virt;
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (oldDef) if (oldDef)
@ -160,9 +173,14 @@ virDomainAuditNet(virDomainObjPtr vm,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=net reason=%s %s uuid=%s old-net='%s' new-net='%s'", "virt=%s resrc=net reason=%s %s uuid=%s old-net='%s' new-net='%s'",
reason, vmname, uuidstr, virt, reason, vmname, uuidstr,
oldDef ? oldMacstr : "?", oldDef ? oldMacstr : "?",
newDef ? newMacstr : "?"); newDef ? newMacstr : "?");
@ -190,6 +208,7 @@ virDomainAuditNetDevice(virDomainDefPtr vmDef, virDomainNetDefPtr netDef,
char *vmname; char *vmname;
char *devname; char *devname;
char *rdev; char *rdev;
const char *virt;
virUUIDFormat(vmDef->uuid, uuidstr); virUUIDFormat(vmDef->uuid, uuidstr);
virFormatMacAddr(netDef->mac, macstr); virFormatMacAddr(netDef->mac, macstr);
@ -201,9 +220,14 @@ virDomainAuditNetDevice(virDomainDefPtr vmDef, virDomainNetDefPtr netDef,
goto cleanup; goto cleanup;
} }
if (!(virt = virDomainVirtTypeToString(vmDef->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vmDef->virtType);
virt = "?";
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=net reason=open %s uuid=%s net='%s' %s rdev=%s", "virt=%s resrc=net reason=open %s uuid=%s net='%s' %s rdev=%s",
vmname, uuidstr, macstr, devname, VIR_AUDIT_STR(rdev)); virt, vmname, uuidstr, macstr, devname, VIR_AUDIT_STR(rdev));
cleanup: cleanup:
VIR_FREE(vmname); VIR_FREE(vmname);
@ -228,6 +252,7 @@ virDomainAuditHostdev(virDomainObjPtr vm, virDomainHostdevDefPtr hostdev,
char *vmname; char *vmname;
char *address; char *address;
char *device; char *device;
const char *virt;
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -235,6 +260,11 @@ virDomainAuditHostdev(virDomainObjPtr vm, virDomainHostdevDefPtr hostdev,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
switch (hostdev->source.subsys.type) { switch (hostdev->source.subsys.type) {
case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI: case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI:
if (virAsprintf(&address, "%.4x:%.2x:%.2x.%.1x", if (virAsprintf(&address, "%.4x:%.2x:%.2x.%.1x",
@ -266,8 +296,8 @@ virDomainAuditHostdev(virDomainObjPtr vm, virDomainHostdevDefPtr hostdev,
} }
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=dev reason=%s %s uuid=%s bus=%s %s", "virt=%s resrc=dev reason=%s %s uuid=%s bus=%s %s",
reason, vmname, uuidstr, virt, reason, vmname, uuidstr,
virDomainHostdevSubsysTypeToString(hostdev->source.subsys.type), virDomainHostdevSubsysTypeToString(hostdev->source.subsys.type),
device); device);
@ -299,6 +329,7 @@ virDomainAuditCgroup(virDomainObjPtr vm, virCgroupPtr cgroup,
char *vmname; char *vmname;
char *controller = NULL; char *controller = NULL;
char *detail; char *detail;
const char *virt;
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -306,14 +337,19 @@ virDomainAuditCgroup(virDomainObjPtr vm, virCgroupPtr cgroup,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
ignore_value(virCgroupPathOfController(cgroup, ignore_value(virCgroupPathOfController(cgroup,
VIR_CGROUP_CONTROLLER_DEVICES, VIR_CGROUP_CONTROLLER_DEVICES,
NULL, &controller)); NULL, &controller));
detail = virAuditEncode("cgroup", VIR_AUDIT_STR(controller)); detail = virAuditEncode("cgroup", VIR_AUDIT_STR(controller));
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=cgroup reason=%s %s uuid=%s %s class=%s", "virt=%s resrc=cgroup reason=%s %s uuid=%s %s class=%s",
reason, vmname, uuidstr, virt, reason, vmname, uuidstr,
detail ? detail : "cgroup=?", extra); detail ? detail : "cgroup=?", extra);
VIR_FREE(vmname); VIR_FREE(vmname);
@ -411,6 +447,7 @@ virDomainAuditResource(virDomainObjPtr vm, const char *resource,
{ {
char uuidstr[VIR_UUID_STRING_BUFLEN]; char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname; char *vmname;
const char *virt;
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -418,9 +455,14 @@ virDomainAuditResource(virDomainObjPtr vm, const char *resource,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=%s reason=%s %s uuid=%s old-%s=%lld new-%s=%lld", "virt=%s resrc=%s reason=%s %s uuid=%s old-%s=%lld new-%s=%lld",
resource, reason, vmname, uuidstr, virt, resource, reason, vmname, uuidstr,
resource, oldval, resource, newval); resource, oldval, resource, newval);
VIR_FREE(vmname); VIR_FREE(vmname);
@ -448,6 +490,7 @@ virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
{ {
char uuidstr[VIR_UUID_STRING_BUFLEN]; char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname; char *vmname;
const char *virt;
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
@ -456,8 +499,14 @@ virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success, VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
"op=%s reason=%s %s uuid=%s", op, reason, vmname, uuidstr); "virt=%s op=%s reason=%s %s uuid=%s",
virt, op, reason, vmname, uuidstr);
VIR_FREE(vmname); VIR_FREE(vmname);
} }
@ -507,6 +556,7 @@ virDomainAuditSecurityLabel(virDomainObjPtr vm, bool success)
{ {
char uuidstr[VIR_UUID_STRING_BUFLEN]; char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname; char *vmname;
const char *virt;
virUUIDFormat(vm->def->uuid, uuidstr); virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) { if (!(vmname = virAuditEncode("vm", vm->def->name))) {
@ -514,9 +564,14 @@ virDomainAuditSecurityLabel(virDomainObjPtr vm, bool success)
return; return;
} }
if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
virt = "?";
}
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success, VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success,
"%s uuid=%s vm-ctx=%s img-ctx=%s", "virt=%s %s uuid=%s vm-ctx=%s img-ctx=%s",
vmname, uuidstr, virt, vmname, uuidstr,
VIR_AUDIT_STR(vm->def->seclabel.label), VIR_AUDIT_STR(vm->def->seclabel.label),
VIR_AUDIT_STR(vm->def->seclabel.imagelabel)); VIR_AUDIT_STR(vm->def->seclabel.imagelabel));