[libvirt] [PATCH 3/6] conf: audit: Split out common steps to audit domain devices

Extract common operations done when creating an audit message to a separate generic function that can be reused and convert RNG, disk, FS and net audit to use it. --- src/conf/domain_audit.c | 175 ++++++++++++++++-------------------------------- 1 file changed, 57 insertions(+), 118 deletions(-) diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c index 91095b1..4c4290c 100644 --- a/src/conf/domain_audit.c +++ b/src/conf/domain_audit.c @@ -93,46 +93,73 @@ virDomainAuditChardevPath(virDomainChrSourceDefPtr chr) } -void -virDomainAuditDisk(virDomainObjPtr vm, - const char *oldDef, const char *newDef, - const char *reason, bool success) +static void +virDomainAuditGenericDev(virDomainObjPtr vm, + const char *type, + const char *oldsrcpath, + const char *newsrcpath, + const char *reason, + bool success) { + char *newdev = NULL; + char *olddev = NULL; char uuidstr[VIR_UUID_STRING_BUFLEN]; char *vmname; char *oldsrc = NULL; char *newsrc = NULL; const char *virt; - virUUIDFormat(vm->def->uuid, uuidstr); - if (!(vmname = virAuditEncode("vm", vm->def->name))) { - VIR_WARN("OOM while encoding audit message"); + /* if both new and old source aren't provided don't log anything */ + if (!newsrcpath && !oldsrcpath) return; - } + + if (virAsprintfQuiet(&newdev, "new-%s", type) < 0) + goto no_memory; + + if (virAsprintfQuiet(&olddev, "old-%s", type) < 0) + goto no_memory; + + virUUIDFormat(vm->def->uuid, uuidstr); + + if (!(vmname = virAuditEncode("vm", vm->def->name))) + goto no_memory; if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) { - VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType); + VIR_WARN("Unexpected virt type %d while encoding audit message", + vm->def->virtType); virt = "?"; } - if (!(oldsrc = virAuditEncode("old-disk", VIR_AUDIT_STR(oldDef)))) { - VIR_WARN("OOM while encoding audit message"); - goto cleanup; - } - if (!(newsrc = virAuditEncode("new-disk", VIR_AUDIT_STR(newDef)))) { - VIR_WARN("OOM while encoding audit message"); - goto cleanup; - } + if (!(newsrc = virAuditEncode(newdev, VIR_AUDIT_STR(newsrcpath)))) + goto no_memory; + + if (!(oldsrc = virAuditEncode(olddev, VIR_AUDIT_STR(oldsrcpath)))) + goto no_memory; VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, - "virt=%s resrc=disk reason=%s %s uuid=%s %s %s", - virt, reason, vmname, uuidstr, - oldsrc, newsrc); + "virt=%s resrc=%s reason=%s %s uuid=%s %s %s", + virt, type, reason, vmname, uuidstr, oldsrc, newsrc); cleanup: + VIR_FREE(newdev); + VIR_FREE(olddev); VIR_FREE(vmname); VIR_FREE(oldsrc); VIR_FREE(newsrc); + return; + + no_memory: + VIR_WARN("OOM while encoding audit message"); + goto cleanup; +} + + +void +virDomainAuditDisk(virDomainObjPtr vm, + const char *oldDef, const char *newDef, + const char *reason, bool success) +{ + virDomainAuditGenericDev(vm, "disk", oldDef, newDef, reason, success); } @@ -141,13 +168,8 @@ virDomainAuditRNG(virDomainObjPtr vm, virDomainRNGDefPtr oldDef, virDomainRNGDefPtr newDef, const char *reason, bool success) { - char uuidstr[VIR_UUID_STRING_BUFLEN]; - char *vmname; const char *newsrcpath = NULL; const char *oldsrcpath = NULL; - char *oldsrc = NULL; - char *newsrc = NULL; - const char *virt; if (newDef) { switch ((virDomainRNGBackend) newDef->backend) { @@ -185,40 +207,7 @@ virDomainAuditRNG(virDomainObjPtr vm, } } - /* don't audit the RNG device if it doesn't use local resources */ - if (!oldsrcpath && !newsrcpath) - return; - - virUUIDFormat(vm->def->uuid, uuidstr); - if (!(vmname = virAuditEncode("vm", vm->def->name))) - goto no_memory; - - if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) { - VIR_WARN("Unexpected virt type %d while encoding audit message", - vm->def->virtType); - virt = "?"; - } - - if (!(newsrc = virAuditEncode("new-rng", VIR_AUDIT_STR(newsrcpath)))) - goto no_memory; - - if (!(oldsrc = virAuditEncode("old-rng", VIR_AUDIT_STR(oldsrcpath)))) - goto no_memory; - - VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, - "virt=%s resrc=rng reason=%s %s uuid=%s %s %s", - virt, reason, vmname, uuidstr, - oldsrc, newsrc); - - cleanup: - VIR_FREE(vmname); - VIR_FREE(oldsrc); - VIR_FREE(newsrc); - return; - - no_memory: - VIR_WARN("OOM while encoding audit message"); - goto cleanup; + virDomainAuditGenericDev(vm, "rng", oldsrcpath, newsrcpath, reason, success); } @@ -227,45 +216,10 @@ virDomainAuditFS(virDomainObjPtr vm, virDomainFSDefPtr oldDef, virDomainFSDefPtr newDef, const char *reason, bool success) { - char uuidstr[VIR_UUID_STRING_BUFLEN]; - char *vmname; - char *oldsrc = NULL; - char *newsrc = NULL; - const char *virt; - - virUUIDFormat(vm->def->uuid, uuidstr); - if (!(vmname = virAuditEncode("vm", vm->def->name))) { - VIR_WARN("OOM while encoding audit message"); - return; - } - - if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) { - VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType); - virt = "?"; - } - - if (!(oldsrc = virAuditEncode("old-fs", - oldDef && oldDef->src ? - oldDef->src : "?"))) { - VIR_WARN("OOM while encoding audit message"); - goto cleanup; - } - if (!(newsrc = virAuditEncode("new-fs", - newDef && newDef->src ? - newDef->src : "?"))) { - VIR_WARN("OOM while encoding audit message"); - goto cleanup; - } - - VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, - "virt=%s resrc=fs reason=%s %s uuid=%s %s %s", - virt, reason, vmname, uuidstr, - oldsrc, newsrc); - - cleanup: - VIR_FREE(vmname); - VIR_FREE(oldsrc); - VIR_FREE(newsrc); + virDomainAuditGenericDev(vm, "fs", + oldDef ? oldDef->src : NULL, + newDef ? newDef->src : NULL, + reason, success); } @@ -274,34 +228,19 @@ virDomainAuditNet(virDomainObjPtr vm, virDomainNetDefPtr oldDef, virDomainNetDefPtr newDef, const char *reason, bool success) { - char uuidstr[VIR_UUID_STRING_BUFLEN]; char newMacstr[VIR_MAC_STRING_BUFLEN]; char oldMacstr[VIR_MAC_STRING_BUFLEN]; - char *vmname; - const char *virt; - virUUIDFormat(vm->def->uuid, uuidstr); if (oldDef) virMacAddrFormat(&oldDef->mac, oldMacstr); + if (newDef) virMacAddrFormat(&newDef->mac, newMacstr); - if (!(vmname = virAuditEncode("vm", vm->def->name))) { - VIR_WARN("OOM while encoding audit message"); - return; - } - if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) { - VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType); - virt = "?"; - } - - VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, - "virt=%s resrc=net reason=%s %s uuid=%s old-net=%s new-net=%s", - virt, reason, vmname, uuidstr, - oldDef ? oldMacstr : "?", - newDef ? newMacstr : "?"); - - VIR_FREE(vmname); + virDomainAuditGenericDev(vm, "fs", + oldDef ? oldMacstr : NULL, + newDef ? newMacstr : NULL, + reason, success); } /** -- 1.9.3