[libvirt] [PATCHv2 4/8] audit: audit use of /dev/vhost-net
Daniel P. Berrange
berrange at redhat.com
Wed Mar 9 15:19:08 UTC 2011
On Tue, Mar 08, 2011 at 10:13:46PM -0700, Eric Blake wrote:
> Passing the vhost net device fd to qemu is worth an audit point,
> since it is a kernel-managed device.
>
> This patch points out that qemu still can't hot-plug and hot-unplug
> vhost-net interfaces.
>
> * src/qemu/qemu_audit.h (qemuAuditNetVhost): New prototype.
> * src/qemu/qemu_audit.c (qemuAuditNetVhost): New function.
> * src/qemu/qemu_command.c (qemuOpenVhostNet): Add audit point and
> new parameter.
> (qemuBuildCommandLine): Adjust caller.
> ---
>
> v2: new patch; still missing an audit point for where /dev/net/tun
> is opened, and the name should probably be qemuAuditNetDevice
> (since it is feasible to open just /dev/net/tun and not /dev/vhost-net
> when the xml asks for that). Perhaps should be shuffled to live
> after patch 8/8.
There are several devices for networking
- With type=bridge or type=network, /dev/net/tun is opened to
get a FD for a tap device instance
- With type=direct, /dev/tap%d is opened to get an FD for
a macvtap device instance
In both cases, /dev/vhost-net can *also* be opened. The tun/macvtap
device provides the connectivity to the host NIC. The vhost-net
device provides kernel acceleration for the QEMU NIC backend
So I think we need to be auditing all of these devices, if we're
going todo any of them
> +void
> +qemuAuditNetVhost(virDomainDefPtr vmDef,
> + virDomainNetDefPtr netDef, const char *device,
> + const char *reason, bool success)
> +{
> + char uuidstr[VIR_UUID_STRING_BUFLEN];
> + char macstr[VIR_MAC_STRING_BUFLEN];
> + char *vmname;
> + char *devname;
> + char *rdev;
> +
> + virUUIDFormat(vmDef->uuid, uuidstr);
> + virFormatMacAddr(netDef->mac, macstr);
> + if (!(vmname = virAuditEncode("vm", vmDef->name)) ||
> + !(devname = virAuditEncode("path", device)) ||
> + !(rdev = qemuAuditGetRdev(device))) {
> + VIR_WARN0("OOM while encoding audit message");
> + goto cleanup;
> + }
> +
> + VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
> + "resrc=net reason=%s %s uuid=%s net='%s' %s %s",
> + reason, vmname, uuidstr,
> + macstr, devname, rdev);
A similar thought here about rdev as per the earlier patch
in the series
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list