[libvirt] [PATCHv2 4/8] audit: audit use of /dev/vhost-net

Daniel P. Berrange berrange at redhat.com
Wed Mar 9 15:19:08 UTC 2011 

On Tue, Mar 08, 2011 at 10:13:46PM -0700, Eric Blake wrote:
> Passing the vhost net device fd to qemu is worth an audit point,
> since it is a kernel-managed device.
> 
> This patch points out that qemu still can't hot-plug and hot-unplug
> vhost-net interfaces.
> 
> * src/qemu/qemu_audit.h (qemuAuditNetVhost): New prototype.
> * src/qemu/qemu_audit.c (qemuAuditNetVhost): New function.
> * src/qemu/qemu_command.c (qemuOpenVhostNet): Add audit point and
> new parameter.
> (qemuBuildCommandLine): Adjust caller.
> ---
> 
> v2: new patch; still missing an audit point for where /dev/net/tun
> is opened, and the name should probably be qemuAuditNetDevice
> (since it is feasible to open just /dev/net/tun and not /dev/vhost-net
> when the xml asks for that). Perhaps should be shuffled to live
> after patch 8/8.

There are several devices for networking

 - With type=bridge or type=network, /dev/net/tun is opened to
   get a FD for a tap device instance

 - With type=direct, /dev/tap%d  is opened to get an FD for
   a macvtap device instance

In both cases, /dev/vhost-net can *also* be opened. The tun/macvtap
device provides the connectivity to the host NIC. The vhost-net
device provides kernel acceleration for the QEMU NIC backend

So I think we need to be auditing all of these devices, if we're
going todo any of them

> +void
> +qemuAuditNetVhost(virDomainDefPtr vmDef,
> +                  virDomainNetDefPtr netDef, const char *device,
> +                  const char *reason, bool success)
> +{
> +    char uuidstr[VIR_UUID_STRING_BUFLEN];
> +    char macstr[VIR_MAC_STRING_BUFLEN];
> +    char *vmname;
> +    char *devname;
> +    char *rdev;
> +
> +    virUUIDFormat(vmDef->uuid, uuidstr);
> +    virFormatMacAddr(netDef->mac, macstr);
> +    if (!(vmname = virAuditEncode("vm", vmDef->name)) ||
> +        !(devname = virAuditEncode("path", device)) ||
> +        !(rdev = qemuAuditGetRdev(device))) {
> +        VIR_WARN0("OOM while encoding audit message");
> +        goto cleanup;
> +    }
> +
> +    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
> +              "resrc=net reason=%s %s uuid=%s net='%s' %s %s",
> +              reason, vmname, uuidstr,
> +              macstr, devname, rdev);

A similar thought here about rdev as per the earlier patch
in the series


-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvir-list mailing list