[PATCHv2 4/8] audit: audit use of /dev/vhost-net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Passing the vhost net device fd to qemu is worth an audit point,
since it is a kernel-managed device.

This patch points out that qemu still can't hot-plug and hot-unplug
vhost-net interfaces.

* src/qemu/qemu_audit.h (qemuAuditNetVhost): New prototype.
* src/qemu/qemu_audit.c (qemuAuditNetVhost): New function.
* src/qemu/qemu_command.c (qemuOpenVhostNet): Add audit point and
new parameter.
(qemuBuildCommandLine): Adjust caller.
---

v2: new patch; still missing an audit point for where /dev/net/tun
is opened, and the name should probably be qemuAuditNetDevice
(since it is feasible to open just /dev/net/tun and not /dev/vhost-net
when the xml asks for that). Perhaps should be shuffled to live
after patch 8/8.

 src/qemu/qemu_audit.c   |   40 ++++++++++++++++++++++++++++++++++++++++
 src/qemu/qemu_audit.h   |    5 +++++
 src/qemu/qemu_command.c |    8 +++++---
 3 files changed, 50 insertions(+), 3 deletions(-)

diff --git a/src/qemu/qemu_audit.c b/src/qemu/qemu_audit.c
index 08eb431..1965a20 100644
--- a/src/qemu/qemu_audit.c
+++ b/src/qemu/qemu_audit.c
@@ -132,6 +132,46 @@ void qemuDomainNetAudit(virDomainObjPtr vm,
     VIR_FREE(vmname);
 }

+/**
+ * qemuAuditNetVhost:
+ * @vm: domain receiving a vhost-net device
+ * @def: details of network device being attached or removed
+ * @device: device being attached
+ * @reason: one of "start", "attach", or "detach"
+ * @success: true if the device passthrough operation succeeded
+ *
+ * Log an audit message about an attempted device passthrough change.
+ */
+void
+qemuAuditNetVhost(virDomainDefPtr vmDef,
+                  virDomainNetDefPtr netDef, const char *device,
+                  const char *reason, bool success)
+{
+    char uuidstr[VIR_UUID_STRING_BUFLEN];
+    char macstr[VIR_MAC_STRING_BUFLEN];
+    char *vmname;
+    char *devname;
+    char *rdev;
+
+    virUUIDFormat(vmDef->uuid, uuidstr);
+    virFormatMacAddr(netDef->mac, macstr);
+    if (!(vmname = virAuditEncode("vm", vmDef->name)) ||
+        !(devname = virAuditEncode("path", device)) ||
+        !(rdev = qemuAuditGetRdev(device))) {
+        VIR_WARN0("OOM while encoding audit message");
+        goto cleanup;
+    }
+
+    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+              "resrc=net reason=%s %s uuid=%s net='%s' %s %s",
+              reason, vmname, uuidstr,
+              macstr, devname, rdev);
+
+cleanup:
+    VIR_FREE(vmname);
+    VIR_FREE(devname);
+    VIR_FREE(rdev);
+}

 /**
  * qemuDomainHostdevAudit:
diff --git a/src/qemu/qemu_audit.h b/src/qemu/qemu_audit.h
index 53855e2..9f08362 100644
--- a/src/qemu/qemu_audit.h
+++ b/src/qemu/qemu_audit.h
@@ -39,6 +39,11 @@ void qemuDomainNetAudit(virDomainObjPtr vm,
                         virDomainNetDefPtr newDef,
                         const char *reason,
                         bool success);
+void qemuAuditNetVhost(virDomainDefPtr vmDef,
+                       virDomainNetDefPtr netDef,
+                       const char *device,
+                       const char *reason,
+                       bool success);
 void qemuDomainHostdevAudit(virDomainObjPtr vm,
                             virDomainHostdevDefPtr def,
                             const char *reason,
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 198a4e2..d5f5a70 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -35,6 +35,7 @@
 #include "uuid.h"
 #include "c-ctype.h"
 #include "domain_nwfilter.h"
+#include "qemu_audit.h"

 #include <sys/utsname.h>
 #include <sys/stat.h>
@@ -304,11 +305,11 @@ cleanup:


 static int
-qemuOpenVhostNet(virDomainNetDefPtr net,
+qemuOpenVhostNet(virDomainDefPtr def,
+                 virDomainNetDefPtr net,
                  virBitmapPtr qemuCaps,
                  int *vhostfd)
 {
-
     *vhostfd = -1;   /* assume we won't use vhost */

     /* If the config says explicitly to not use vhost, return now */
@@ -343,6 +344,7 @@ qemuOpenVhostNet(virDomainNetDefPtr net,
     }

     *vhostfd = open("/dev/vhost-net", O_RDWR);
+    qemuAuditNetVhost(def, net, "/dev/vhost-net", "start", *vhostfd >= 0);

     /* If the config says explicitly to use vhost and we couldn't open it,
      * report an error.
@@ -3495,7 +3497,7 @@ qemuBuildCommandLine(virConnectPtr conn,
                    network device */
                 int vhostfd;

-                if (qemuOpenVhostNet(net, qemuCaps, &vhostfd) < 0)
+                if (qemuOpenVhostNet(def, net, qemuCaps, &vhostfd) < 0)
                     goto error;
                 if (vhostfd >= 0) {
                     virCommandTransferFD(cmd, vhostfd);
-- 
1.7.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]