11:13 p.m.
Passing the vhost net device fd to qemu is worth an audit point,
since it is a kernel-managed device.
This patch points out that qemu still can't hot-plug and hot-unplug
vhost-net interfaces.
* src/qemu/qemu_audit.h (qemuAuditNetVhost): New prototype.
* src/qemu/qemu_audit.c (qemuAuditNetVhost): New function.
* src/qemu/qemu_command.c (qemuOpenVhostNet): Add audit point and
new parameter.
(qemuBuildCommandLine): Adjust caller.
---
v2: new patch; still missing an audit point for where /dev/net/tun
is opened, and the name should probably be qemuAuditNetDevice
(since it is feasible to open just /dev/net/tun and not /dev/vhost-net
when the xml asks for that). Perhaps should be shuffled to live
after patch 8/8.
src/qemu/qemu_audit.c | 40 ++++++++++++++++++++++++++++++++++++++++
src/qemu/qemu_audit.h | 5 +++++
src/qemu/qemu_command.c | 8 +++++---
3 files changed, 50 insertions(+), 3 deletions(-)
diff --git a/src/qemu/qemu_audit.c b/src/qemu/qemu_audit.c
index 08eb431..1965a20 100644
--- a/src/qemu/qemu_audit.c
+++ b/src/qemu/qemu_audit.c
@@ -132,6 +132,46 @@ void qemuDomainNetAudit(virDomainObjPtr vm,
VIR_FREE(vmname);
}
+/**
+ * qemuAuditNetVhost:
+ * @vm: domain receiving a vhost-net device
+ * @def: details of network device being attached or removed
+ * @device: device being attached
+ * @reason: one of "start", "attach", or "detach"
+ * @success: true if the device passthrough operation succeeded
+ *
+ * Log an audit message about an attempted device passthrough change.
+ */
+void
+qemuAuditNetVhost(virDomainDefPtr vmDef,
+ virDomainNetDefPtr netDef, const char *device,
+ const char *reason, bool success)
+{
+ char uuidstr[VIR_UUID_STRING_BUFLEN];
+ char macstr[VIR_MAC_STRING_BUFLEN];
+ char *vmname;
+ char *devname;
+ char *rdev;
+
+ virUUIDFormat(vmDef->uuid, uuidstr);
+ virFormatMacAddr(netDef->mac, macstr);
+ if (!(vmname = virAuditEncode("vm", vmDef->name)) ||
+ !(devname = virAuditEncode("path", device)) ||
+ !(rdev = qemuAuditGetRdev(device))) {
+ VIR_WARN0("OOM while encoding audit message");
+ goto cleanup;
+ }
+
+ VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+ "resrc=net reason=%s %s uuid=%s net='%s' %s %s",
+ reason, vmname, uuidstr,
+ macstr, devname, rdev);
+
+cleanup:
+ VIR_FREE(vmname);
+ VIR_FREE(devname);
+ VIR_FREE(rdev);
+}
/**
* qemuDomainHostdevAudit:
diff --git a/src/qemu/qemu_audit.h b/src/qemu/qemu_audit.h
index 53855e2..9f08362 100644
--- a/src/qemu/qemu_audit.h
+++ b/src/qemu/qemu_audit.h
@@ -39,6 +39,11 @@ void qemuDomainNetAudit(virDomainObjPtr vm,
virDomainNetDefPtr newDef,
const char *reason,
bool success);
+void qemuAuditNetVhost(virDomainDefPtr vmDef,
+ virDomainNetDefPtr netDef,
+ const char *device,
+ const char *reason,
+ bool success);
void qemuDomainHostdevAudit(virDomainObjPtr vm,
virDomainHostdevDefPtr def,
const char *reason,
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 198a4e2..d5f5a70 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -35,6 +35,7 @@
#include "uuid.h"
#include "c-ctype.h"
#include "domain_nwfilter.h"
+#include "qemu_audit.h"
#include <sys/utsname.h>
#include <sys/stat.h>
@@ -304,11 +305,11 @@ cleanup:
static int
-qemuOpenVhostNet(virDomainNetDefPtr net,
+qemuOpenVhostNet(virDomainDefPtr def,
+ virDomainNetDefPtr net,
virBitmapPtr qemuCaps,
int *vhostfd)
{
-
*vhostfd = -1; /* assume we won't use vhost */
/* If the config says explicitly to not use vhost, return now */
@@ -343,6 +344,7 @@ qemuOpenVhostNet(virDomainNetDefPtr net,
}
*vhostfd = open("/dev/vhost-net", O_RDWR);
+ qemuAuditNetVhost(def, net, "/dev/vhost-net", "start", *vhostfd
>= 0);
/* If the config says explicitly to use vhost and we couldn't open it,
* report an error.
@@ -3495,7 +3497,7 @@ qemuBuildCommandLine(virConnectPtr conn,
network device */
int vhostfd;
- if (qemuOpenVhostNet(net, qemuCaps, &vhostfd) < 0)
+ if (qemuOpenVhostNet(def, net, qemuCaps, &vhostfd) < 0)
goto error;
if (vhostfd >= 0) {
virCommandTransferFD(cmd, vhostfd);
--
1.7.4