[libvirt] [PATCH] audit: Audit operations done by using VirtIO RNG
Daniel P. Berrange
berrange at redhat.com
Tue Mar 12 11:19:20 UTC 2013
On Mon, Mar 11, 2013 at 05:19:36PM +0100, Peter Krempa wrote:
> This patch adds auditing of resources used by the 'random' backend of
> virtio RNG.
> ---
> If there's desire to audit also use of the "egd" backend that uses a
> generic character device, a way how to audit this device will need to be
> introduced. We don't audit useage of chardevs right now.
>
> src/conf/domain_audit.c | 76 +++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 76 insertions(+)
Can you update the commit message to give an example of the exact
audit message that is generated from this. Also please Cc Steve
Grubb when you re-post this, for sign-off from his position as
audit tools maintainer.
> +static void
> +virDomainAuditRNG(virDomainObjPtr vm,
> + virDomainRNGDefPtr newDef, virDomainRNGDefPtr oldDef,
> + const char *reason, bool success)
> +{
> + char uuidstr[VIR_UUID_STRING_BUFLEN];
> + char *vmname;
> + char *oldsrc = NULL;
> + char *newsrc = NULL;
> + const char *virt;
> +
> + virUUIDFormat(vm->def->uuid, uuidstr);
> + if (!(vmname = virAuditEncode("vm", vm->def->name)))
> + goto no_memory;
> +
> + if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
> + VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
> + virt = "?";
> + }
> +
> + if (newDef) {
> + switch (newDef->backend) {
> + case VIR_DOMAIN_RNG_BACKEND_RANDOM:
> + if (!(newsrc = virAuditEncode("new-rng", VIR_AUDIT_STR(newDef->source.file))))
Can't newDef->source.file be NULL ? In such a case we need to explicitly
fill in the file that QEMU will default to in the audit record. We can't
leave the filename blank
> + goto no_memory;
> + break;
> +
> + case VIR_DOMAIN_RNG_BACKEND_EGD:
> + case VIR_DOMAIN_RNG_BACKEND_LAST:
> + if (!(newsrc = virAuditEncode("new-rng", "?")))
We need to specify the EGD unix socket path we use too, not merely '?'.
> + goto no_memory;
> + break;
> + }
> + } else {
> + if (!(newsrc = virAuditEncode("new-rng", "?")))
> + goto no_memory;
> + }
> +
> + if (oldDef) {
> + switch (oldDef->backend) {
> + case VIR_DOMAIN_RNG_BACKEND_RANDOM:
> + if (!(oldsrc = virAuditEncode("old-rng", VIR_AUDIT_STR(oldDef->source.file))))
Same point here
> + goto no_memory;
> + break;
> +
> + case VIR_DOMAIN_RNG_BACKEND_EGD:
> + case VIR_DOMAIN_RNG_BACKEND_LAST:
> + if (!(oldsrc = virAuditEncode("old-rng", "?")))
> + goto no_memory;
> + break;
> + }
> + } else {
> + if (!(oldsrc = virAuditEncode("old-rng", "?")))
> + goto no_memory;
> + }
> +
> + VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
> + "virt=%s resrc=rng reason=%s %s uuid=%s %s %s",
> + virt, reason, vmname, uuidstr,
> + oldsrc, newsrc);
> +
> +cleanup:
> + VIR_FREE(vmname);
> + VIR_FREE(oldsrc);
> + VIR_FREE(newsrc);
> + return;
> +
> +no_memory:
> + VIR_WARN("OOM while encoding audit message");
> + goto cleanup;
> +}
> +
> +
> void
> virDomainAuditFS(virDomainObjPtr vm,
> virDomainFSDefPtr oldDef, virDomainFSDefPtr newDef,
> @@ -641,6 +714,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason, bool success)
> virDomainAuditRedirdev(vm, redirdev, "start", true);
> }
>
> + if (vm->def->rng)
> + virDomainAuditRNG(vm, vm->def->rng, NULL, "start", true);
> +
> virDomainAuditMemory(vm, 0, vm->def->mem.cur_balloon, "start", true);
> virDomainAuditVcpu(vm, 0, vm->def->vcpus, "start", true);
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list