10:50 a.m.
The QEMU driver file is far too large. Move all the audit
helper code out into a separate file. No functional change.
* src/qemu/qemu_audit.c, src/qemu/qemu_audit.h,
src/Makefile.am: Add audit helper file
* src/qemu/qemu_driver.c: Delete audit code
---
src/Makefile.am | 1 +
src/qemu/qemu_audit.c | 170 ++++++++++++++++++++++++++++++++++++++++++++++++
src/qemu/qemu_audit.h | 43 ++++++++++++
src/qemu/qemu_driver.c | 141 +---------------------------------------
4 files changed, 215 insertions(+), 140 deletions(-)
create mode 100644 src/qemu/qemu_audit.c
create mode 100644 src/qemu/qemu_audit.h
diff --git a/src/Makefile.am b/src/Makefile.am
index d2fcd5f..381ca3d 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -270,6 +270,7 @@ QEMU_DRIVER_SOURCES = \
qemu/qemu_capabilities.c qemu/qemu_capabilities.h\
qemu/qemu_command.c qemu/qemu_command.h \
qemu/qemu_domain.c qemu/qemu_domain.h \
+ qemu/qemu_audit.c qemu/qemu_audit.h \
qemu/qemu_conf.c qemu/qemu_conf.h \
qemu/qemu_monitor.c qemu/qemu_monitor.h \
qemu/qemu_monitor_text.c \
diff --git a/src/qemu/qemu_audit.c b/src/qemu/qemu_audit.c
new file mode 100644
index 0000000..e8320d0
--- /dev/null
+++ b/src/qemu/qemu_audit.c
@@ -0,0 +1,170 @@
+/*
+ * qemu_audit.c: QEMU audit management
+ *
+ * Copyright (C) 2006-2007, 2009-2010 Red Hat, Inc.
+ * Copyright (C) 2006 Daniel P. Berrange
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * Author: Daniel P. Berrange <berrange(a)redhat.com>
+ */
+
+#include <config.h>
+
+#include "qemu_audit.h"
+#include "virtaudit.h"
+#include "uuid.h"
+#include "logging.h"
+#include "memory.h"
+
+void qemuDomainDiskAudit(virDomainObjPtr vm,
+ virDomainDiskDefPtr oldDef,
+ virDomainDiskDefPtr newDef,
+ const char *reason,
+ bool success)
+{
+ char uuidstr[VIR_UUID_STRING_BUFLEN];
+ char *vmname;
+ char *oldsrc = NULL;
+ char *newsrc = NULL;
+
+ virUUIDFormat(vm->def->uuid, uuidstr);
+ if (!(vmname = virAuditEncode("vm", vm->def->name))) {
+ VIR_WARN0("OOM while encoding audit message");
+ return;
+ }
+
+ if (!(oldsrc = virAuditEncode("old-disk",
+ oldDef && oldDef->src ?
+ oldDef->src : "?"))) {
+ VIR_WARN0("OOM while encoding audit message");
+ goto cleanup;
+ }
+ if (!(newsrc = virAuditEncode("new-disk",
+ newDef && newDef->src ?
+ newDef->src : "?"))) {
+ VIR_WARN0("OOM while encoding audit message");
+ goto cleanup;
+ }
+
+ VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+ "resrc=disk reason=%s %s uuid=%s %s %s",
+ reason, vmname, uuidstr,
+ oldsrc, newsrc);
+
+cleanup:
+ VIR_FREE(vmname);
+ VIR_FREE(oldsrc);
+ VIR_FREE(newsrc);
+}
+
+
+void qemuDomainNetAudit(virDomainObjPtr vm,
+ virDomainNetDefPtr oldDef,
+ virDomainNetDefPtr newDef,
+ const char *reason,
+ bool success)
+{
+ char uuidstr[VIR_UUID_STRING_BUFLEN];
+ char newMacstr[VIR_MAC_STRING_BUFLEN];
+ char oldMacstr[VIR_MAC_STRING_BUFLEN];
+ char *vmname;
+
+ virUUIDFormat(vm->def->uuid, uuidstr);
+ if (oldDef)
+ virFormatMacAddr(oldDef->mac, oldMacstr);
+ if (newDef)
+ virFormatMacAddr(newDef->mac, newMacstr);
+ if (!(vmname = virAuditEncode("vm", vm->def->name))) {
+ VIR_WARN0("OOM while encoding audit message");
+ return;
+ }
+
+ VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+ "resrc=net reason=%s %s uuid=%s old-net='%s'
new-net='%s'",
+ reason, vmname, uuidstr,
+ oldDef ? oldMacstr : "?",
+ newDef ? newMacstr : "?");
+
+ VIR_FREE(vmname);
+}
+
+
+static void qemuDomainLifecycleAudit(virDomainObjPtr vm,
+ const char *op,
+ const char *reason,
+ bool success)
+{
+ char uuidstr[VIR_UUID_STRING_BUFLEN];
+ char *vmname;
+
+ virUUIDFormat(vm->def->uuid, uuidstr);
+
+ if (!(vmname = virAuditEncode("vm", vm->def->name))) {
+ VIR_WARN0("OOM while encoding audit message");
+ return;
+ }
+
+ VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
+ "op=%s reason=%s %s uuid=%s", op, reason, vmname, uuidstr);
+
+ VIR_FREE(vmname);
+}
+
+
+void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success)
+{
+ int i;
+
+ for (i = 0 ; i < vm->def->ndisks ; i++) {
+ virDomainDiskDefPtr disk = vm->def->disks[i];
+ if (disk->src) /* Skips CDROM without media initially inserted */
+ qemuDomainDiskAudit(vm, NULL, disk, "start", true);
+ }
+
+ for (i = 0 ; i < vm->def->nnets ; i++) {
+ virDomainNetDefPtr net = vm->def->nets[i];
+ qemuDomainNetAudit(vm, NULL, net, "start", true);
+ }
+
+ qemuDomainLifecycleAudit(vm, "start", reason, success);
+}
+
+
+void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason)
+{
+ qemuDomainLifecycleAudit(vm, "stop", reason, true);
+}
+
+void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success)
+{
+ char uuidstr[VIR_UUID_STRING_BUFLEN];
+ char *vmname;
+
+ virUUIDFormat(vm->def->uuid, uuidstr);
+ if (!(vmname = virAuditEncode("vm", vm->def->name))) {
+ VIR_WARN0("OOM while encoding audit message");
+ return;
+ }
+
+ VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success,
+ "%s uuid=%s vm-ctx=%s img-ctx=%s",
+ vmname, uuidstr,
+ VIR_AUDIT_STR(vm->def->seclabel.label),
+ VIR_AUDIT_STR(vm->def->seclabel.imagelabel));
+
+ VIR_FREE(vmname);
+}
+
diff --git a/src/qemu/qemu_audit.h b/src/qemu/qemu_audit.h
new file mode 100644
index 0000000..a4064ba
--- /dev/null
+++ b/src/qemu/qemu_audit.h
@@ -0,0 +1,43 @@
+/*
+ * qemu_audit.h: QEMU audit management
+ *
+ * Copyright (C) 2006-2007, 2009-2010 Red Hat, Inc.
+ * Copyright (C) 2006 Daniel P. Berrange
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ * Author: Daniel P. Berrange <berrange(a)redhat.com>
+ */
+
+#ifndef __QEMU_AUDIT_H__
+# define __QEMU_AUDIT_H__
+
+#include "domain_conf.h"
+
+void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success);
+void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason);
+void qemuDomainDiskAudit(virDomainObjPtr vm,
+ virDomainDiskDefPtr oldDef,
+ virDomainDiskDefPtr newDef,
+ const char *reason,
+ bool success);
+void qemuDomainNetAudit(virDomainObjPtr vm,
+ virDomainNetDefPtr oldDef,
+ virDomainNetDefPtr newDef,
+ const char *reason,
+ bool success);
+void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success);
+
+#endif /* __QEMU_AUDIT_H__ */
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 9ce8fbe..c4afe20 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -57,6 +57,7 @@
#include "qemu_command.h"
#include "qemu_monitor.h"
#include "qemu_bridge_filter.h"
+#include "qemu_audit.h"
#include "c-ctype.h"
#include "event.h"
#include "buf.h"
@@ -82,7 +83,6 @@
#include "domain_nwfilter.h"
#include "hooks.h"
#include "storage_file.h"
-#include "virtaudit.h"
#include "files.h"
#include "fdstream.h"
#include "configmake.h"
@@ -139,9 +139,6 @@ static void qemudShutdownVMDaemon(struct qemud_driver *driver,
virDomainObjPtr vm,
int migrated);
-static void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success);
-static void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason);
-
static int qemudDomainGetMaxVcpus(virDomainPtr dom);
static int qemuDetectVcpuPIDs(struct qemud_driver *driver,
@@ -3441,142 +3438,6 @@ static int qemuDomainSnapshotSetActive(virDomainObjPtr vm,
static int qemuDomainSnapshotSetInactive(virDomainObjPtr vm,
char *snapshotDir);
-static void qemuDomainDiskAudit(virDomainObjPtr vm,
- virDomainDiskDefPtr oldDef,
- virDomainDiskDefPtr newDef,
- const char *reason,
- bool success)
-{
- char uuidstr[VIR_UUID_STRING_BUFLEN];
- char *vmname;
- char *oldsrc = NULL;
- char *newsrc = NULL;
-
- virUUIDFormat(vm->def->uuid, uuidstr);
- if (!(vmname = virAuditEncode("vm", vm->def->name))) {
- VIR_WARN0("OOM while encoding audit message");
- return;
- }
-
- if (!(oldsrc = virAuditEncode("old-disk",
- oldDef && oldDef->src ?
- oldDef->src : "?"))) {
- VIR_WARN0("OOM while encoding audit message");
- goto cleanup;
- }
- if (!(newsrc = virAuditEncode("new-disk",
- newDef && newDef->src ?
- newDef->src : "?"))) {
- VIR_WARN0("OOM while encoding audit message");
- goto cleanup;
- }
-
- VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
- "resrc=disk reason=%s %s uuid=%s %s %s",
- reason, vmname, uuidstr,
- oldsrc, newsrc);
-
-cleanup:
- VIR_FREE(vmname);
- VIR_FREE(oldsrc);
- VIR_FREE(newsrc);
-}
-
-
-static void qemuDomainNetAudit(virDomainObjPtr vm,
- virDomainNetDefPtr oldDef,
- virDomainNetDefPtr newDef,
- const char *reason,
- bool success)
-{
- char uuidstr[VIR_UUID_STRING_BUFLEN];
- char newMacstr[VIR_MAC_STRING_BUFLEN];
- char oldMacstr[VIR_MAC_STRING_BUFLEN];
- char *vmname;
-
- virUUIDFormat(vm->def->uuid, uuidstr);
- if (oldDef)
- virFormatMacAddr(oldDef->mac, oldMacstr);
- if (newDef)
- virFormatMacAddr(newDef->mac, newMacstr);
- if (!(vmname = virAuditEncode("vm", vm->def->name))) {
- VIR_WARN0("OOM while encoding audit message");
- return;
- }
-
- VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
- "resrc=net reason=%s %s uuid=%s old-net='%s'
new-net='%s'",
- reason, vmname, uuidstr,
- oldDef ? oldMacstr : "?",
- newDef ? newMacstr : "?");
-
- VIR_FREE(vmname);
-}
-
-
-static void qemuDomainLifecycleAudit(virDomainObjPtr vm,
- const char *op,
- const char *reason,
- bool success)
-{
- char uuidstr[VIR_UUID_STRING_BUFLEN];
- char *vmname;
-
- virUUIDFormat(vm->def->uuid, uuidstr);
-
- if (!(vmname = virAuditEncode("vm", vm->def->name))) {
- VIR_WARN0("OOM while encoding audit message");
- return;
- }
-
- VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
- "op=%s reason=%s %s uuid=%s", op, reason, vmname, uuidstr);
-
- VIR_FREE(vmname);
-}
-
-static void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success)
-{
- int i;
-
- for (i = 0 ; i < vm->def->ndisks ; i++) {
- virDomainDiskDefPtr disk = vm->def->disks[i];
- if (disk->src) /* Skips CDROM without media initially inserted */
- qemuDomainDiskAudit(vm, NULL, disk, "start", true);
- }
-
- for (i = 0 ; i < vm->def->nnets ; i++) {
- virDomainNetDefPtr net = vm->def->nets[i];
- qemuDomainNetAudit(vm, NULL, net, "start", true);
- }
-
- qemuDomainLifecycleAudit(vm, "start", reason, success);
-}
-
-static void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason)
-{
- qemuDomainLifecycleAudit(vm, "stop", reason, true);
-}
-
-static void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success)
-{
- char uuidstr[VIR_UUID_STRING_BUFLEN];
- char *vmname;
-
- virUUIDFormat(vm->def->uuid, uuidstr);
- if (!(vmname = virAuditEncode("vm", vm->def->name))) {
- VIR_WARN0("OOM while encoding audit message");
- return;
- }
-
- VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success,
- "%s uuid=%s vm-ctx=%s img-ctx=%s",
- vmname, uuidstr,
- VIR_AUDIT_STR(vm->def->seclabel.label),
- VIR_AUDIT_STR(vm->def->seclabel.imagelabel));
-
- VIR_FREE(vmname);
-}
#define START_POSTFIX ": starting up\n"
#define SHUTDOWN_POSTFIX ": shutting down\n"
--
1.7.2.3