shaba/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-27 18:03:50 +03:00
Code Releases Activity

Move QEMU audit helper code out of the QEMU driver

Browse Source 
The QEMU driver file is far too large. Move all the audit
helper code out into a separate file. No functional change.

* src/qemu/qemu_audit.c, src/qemu/qemu_audit.h,
  src/Makefile.am: Add audit helper file
* src/qemu/qemu_driver.c: Delete audit code
This commit is contained in:
Daniel P. Berrange 2010-12-16 16:10:54 +00:00
parent df4aabafbe
commit 1aecb6348c
4 changed files with 214 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Makefile.am
View File

@ -270,6 +270,7 @@ QEMU_DRIVER_SOURCES = \
qemu/qemu_capabilities.c qemu/qemu_capabilities.h\
qemu/qemu_command.c qemu/qemu_command.h \
qemu/qemu_domain.c qemu/qemu_domain.h \
qemu/qemu_audit.c qemu/qemu_audit.h \
qemu/qemu_conf.c qemu/qemu_conf.h \
qemu/qemu_monitor.c qemu/qemu_monitor.h \
qemu/qemu_monitor_text.c \

169
src/qemu/qemu_audit.c Normal file
View File

@ -0,0 +1,169 @@
/*
* qemu_audit.c: QEMU audit management
*
* Copyright (C) 2006-2007, 2009-2010 Red Hat, Inc.
* Copyright (C) 2006 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* Author: Daniel P. Berrange <berrange@redhat.com>
*/
#include <config.h>
#include "qemu_audit.h"
#include "virtaudit.h"
#include "uuid.h"
#include "logging.h"
#include "memory.h"
void qemuDomainDiskAudit(virDomainObjPtr vm,
virDomainDiskDefPtr oldDef,
virDomainDiskDefPtr newDef,
const char *reason,
bool success)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname;
char *oldsrc = NULL;
char *newsrc = NULL;
virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) {
VIR_WARN0("OOM while encoding audit message");
return;
}
if (!(oldsrc = virAuditEncode("old-disk",
oldDef && oldDef->src ?
oldDef->src : "?"))) {
VIR_WARN0("OOM while encoding audit message");
goto cleanup;
}
if (!(newsrc = virAuditEncode("new-disk",
newDef && newDef->src ?
newDef->src : "?"))) {
VIR_WARN0("OOM while encoding audit message");
goto cleanup;
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=disk reason=%s %s uuid=%s %s %s",
reason, vmname, uuidstr,
oldsrc, newsrc);
cleanup:
VIR_FREE(vmname);
VIR_FREE(oldsrc);
VIR_FREE(newsrc);
}
void qemuDomainNetAudit(virDomainObjPtr vm,
virDomainNetDefPtr oldDef,
virDomainNetDefPtr newDef,
const char *reason,
bool success)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
char newMacstr[VIR_MAC_STRING_BUFLEN];
char oldMacstr[VIR_MAC_STRING_BUFLEN];
char *vmname;
virUUIDFormat(vm->def->uuid, uuidstr);
if (oldDef)
virFormatMacAddr(oldDef->mac, oldMacstr);
if (newDef)
virFormatMacAddr(newDef->mac, newMacstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) {
VIR_WARN0("OOM while encoding audit message");
return;
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=net reason=%s %s uuid=%s old-net='%s' new-net='%s'",
reason, vmname, uuidstr,
oldDef ? oldMacstr : "?",
newDef ? newMacstr : "?");
VIR_FREE(vmname);
}
static void qemuDomainLifecycleAudit(virDomainObjPtr vm,
const char *op,
const char *reason,
bool success)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname;
virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) {
VIR_WARN0("OOM while encoding audit message");
return;
}
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
"op=%s reason=%s %s uuid=%s", op, reason, vmname, uuidstr);
VIR_FREE(vmname);
}
void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success)
{
int i;
for (i = 0 ; i < vm->def->ndisks ; i++) {
virDomainDiskDefPtr disk = vm->def->disks[i];
if (disk->src) /* Skips CDROM without media initially inserted */
qemuDomainDiskAudit(vm, NULL, disk, "start", true);
}
for (i = 0 ; i < vm->def->nnets ; i++) {
virDomainNetDefPtr net = vm->def->nets[i];
qemuDomainNetAudit(vm, NULL, net, "start", true);
}
qemuDomainLifecycleAudit(vm, "start", reason, success);
}
void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason)
{
qemuDomainLifecycleAudit(vm, "stop", reason, true);
}
void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname;
virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) {
VIR_WARN0("OOM while encoding audit message");
return;
}
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success,
"%s uuid=%s vm-ctx=%s img-ctx=%s",
vmname, uuidstr,
VIR_AUDIT_STR(vm->def->seclabel.label),
VIR_AUDIT_STR(vm->def->seclabel.imagelabel));
VIR_FREE(vmname);
}

43
src/qemu/qemu_audit.h Normal file
View File

@ -0,0 +1,43 @@
/*
* qemu_audit.h: QEMU audit management
*
* Copyright (C) 2006-2007, 2009-2010 Red Hat, Inc.
* Copyright (C) 2006 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* Author: Daniel P. Berrange <berrange@redhat.com>
*/
#ifndef __QEMU_AUDIT_H__
# define __QEMU_AUDIT_H__
# include "domain_conf.h"
void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success);
void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason);
void qemuDomainDiskAudit(virDomainObjPtr vm,
virDomainDiskDefPtr oldDef,
virDomainDiskDefPtr newDef,
const char *reason,
bool success);
void qemuDomainNetAudit(virDomainObjPtr vm,
virDomainNetDefPtr oldDef,
virDomainNetDefPtr newDef,
const char *reason,
bool success);
void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success);
#endif /* __QEMU_AUDIT_H__ */

141
src/qemu/qemu_driver.c
View File

@ -57,6 +57,7 @@
#include "qemu_command.h"
#include "qemu_monitor.h"
#include "qemu_bridge_filter.h"
#include "qemu_audit.h"
#include "c-ctype.h"
#include "event.h"
#include "buf.h"
@ -82,7 +83,6 @@
#include "domain_nwfilter.h"
#include "hooks.h"
#include "storage_file.h"
#include "virtaudit.h"
#include "files.h"
#include "fdstream.h"
#include "configmake.h"
@ -139,9 +139,6 @@ static void qemudShutdownVMDaemon(struct qemud_driver *driver,
virDomainObjPtr vm,
int migrated);
static void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success);
static void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason);
static int qemudDomainGetMaxVcpus(virDomainPtr dom);
static int qemuDetectVcpuPIDs(struct qemud_driver *driver,
@ -3441,142 +3438,6 @@ static int qemuDomainSnapshotSetActive(virDomainObjPtr vm,
static int qemuDomainSnapshotSetInactive(virDomainObjPtr vm,
char *snapshotDir);
static void qemuDomainDiskAudit(virDomainObjPtr vm,
virDomainDiskDefPtr oldDef,
virDomainDiskDefPtr newDef,
const char *reason,
bool success)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname;
char *oldsrc = NULL;
char *newsrc = NULL;
virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) {
VIR_WARN0("OOM while encoding audit message");
return;
}
if (!(oldsrc = virAuditEncode("old-disk",
oldDef && oldDef->src ?
oldDef->src : "?"))) {
VIR_WARN0("OOM while encoding audit message");
goto cleanup;
}
if (!(newsrc = virAuditEncode("new-disk",
newDef && newDef->src ?
newDef->src : "?"))) {
VIR_WARN0("OOM while encoding audit message");
goto cleanup;
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=disk reason=%s %s uuid=%s %s %s",
reason, vmname, uuidstr,
oldsrc, newsrc);
cleanup:
VIR_FREE(vmname);
VIR_FREE(oldsrc);
VIR_FREE(newsrc);
}
static void qemuDomainNetAudit(virDomainObjPtr vm,
virDomainNetDefPtr oldDef,
virDomainNetDefPtr newDef,
const char *reason,
bool success)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
char newMacstr[VIR_MAC_STRING_BUFLEN];
char oldMacstr[VIR_MAC_STRING_BUFLEN];
char *vmname;
virUUIDFormat(vm->def->uuid, uuidstr);
if (oldDef)
virFormatMacAddr(oldDef->mac, oldMacstr);
if (newDef)
virFormatMacAddr(newDef->mac, newMacstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) {
VIR_WARN0("OOM while encoding audit message");
return;
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=net reason=%s %s uuid=%s old-net='%s' new-net='%s'",
reason, vmname, uuidstr,
oldDef ? oldMacstr : "?",
newDef ? newMacstr : "?");
VIR_FREE(vmname);
}
static void qemuDomainLifecycleAudit(virDomainObjPtr vm,
const char *op,
const char *reason,
bool success)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname;
virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) {
VIR_WARN0("OOM while encoding audit message");
return;
}
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
"op=%s reason=%s %s uuid=%s", op, reason, vmname, uuidstr);
VIR_FREE(vmname);
}
static void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success)
{
int i;
for (i = 0 ; i < vm->def->ndisks ; i++) {
virDomainDiskDefPtr disk = vm->def->disks[i];
if (disk->src) /* Skips CDROM without media initially inserted */
qemuDomainDiskAudit(vm, NULL, disk, "start", true);
}
for (i = 0 ; i < vm->def->nnets ; i++) {
virDomainNetDefPtr net = vm->def->nets[i];
qemuDomainNetAudit(vm, NULL, net, "start", true);
}
qemuDomainLifecycleAudit(vm, "start", reason, success);
}
static void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason)
{
qemuDomainLifecycleAudit(vm, "stop", reason, true);
}
static void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname;
virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) {
VIR_WARN0("OOM while encoding audit message");
return;
}
VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success,
"%s uuid=%s vm-ctx=%s img-ctx=%s",
vmname, uuidstr,
VIR_AUDIT_STR(vm->def->seclabel.label),
VIR_AUDIT_STR(vm->def->seclabel.imagelabel));
VIR_FREE(vmname);
}
#define START_POSTFIX ": starting up\n"
#define SHUTDOWN_POSTFIX ": shutting down\n"