[PATCH 3/6] conf: audit: Split out common steps to audit domain devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Extract common operations done when creating an audit message to a
separate generic function that can be reused and convert RNG, disk, FS
and net audit to use it.
---
 src/conf/domain_audit.c | 175 ++++++++++++++++--------------------------------
 1 file changed, 57 insertions(+), 118 deletions(-)

diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 91095b1..4c4290c 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -93,46 +93,73 @@ virDomainAuditChardevPath(virDomainChrSourceDefPtr chr)
 }


-void
-virDomainAuditDisk(virDomainObjPtr vm,
-                   const char *oldDef, const char *newDef,
-                   const char *reason, bool success)
+static void
+virDomainAuditGenericDev(virDomainObjPtr vm,
+                         const char *type,
+                         const char *oldsrcpath,
+                         const char *newsrcpath,
+                         const char *reason,
+                         bool success)
 {
+    char *newdev = NULL;
+    char *olddev = NULL;
     char uuidstr[VIR_UUID_STRING_BUFLEN];
     char *vmname;
     char *oldsrc = NULL;
     char *newsrc = NULL;
     const char *virt;

-    virUUIDFormat(vm->def->uuid, uuidstr);
-    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
-        VIR_WARN("OOM while encoding audit message");
+    /* if both new and old source aren't provided don't log anything */
+    if (!newsrcpath && !oldsrcpath)
         return;
-    }
+
+    if (virAsprintfQuiet(&newdev, "new-%s", type) < 0)
+        goto no_memory;
+
+    if (virAsprintfQuiet(&olddev, "old-%s", type) < 0)
+        goto no_memory;
+
+    virUUIDFormat(vm->def->uuid, uuidstr);
+
+    if (!(vmname = virAuditEncode("vm", vm->def->name)))
+        goto no_memory;

     if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
-        VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
+        VIR_WARN("Unexpected virt type %d while encoding audit message",
+                 vm->def->virtType);
         virt = "?";
     }

-    if (!(oldsrc = virAuditEncode("old-disk", VIR_AUDIT_STR(oldDef)))) {
-        VIR_WARN("OOM while encoding audit message");
-        goto cleanup;
-    }
-    if (!(newsrc = virAuditEncode("new-disk", VIR_AUDIT_STR(newDef)))) {
-        VIR_WARN("OOM while encoding audit message");
-        goto cleanup;
-    }
+    if (!(newsrc = virAuditEncode(newdev, VIR_AUDIT_STR(newsrcpath))))
+        goto no_memory;
+
+    if (!(oldsrc = virAuditEncode(olddev, VIR_AUDIT_STR(oldsrcpath))))
+        goto no_memory;

     VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
-              "virt=%s resrc=disk reason=%s %s uuid=%s %s %s",
-              virt, reason, vmname, uuidstr,
-              oldsrc, newsrc);
+              "virt=%s resrc=%s reason=%s %s uuid=%s %s %s",
+              virt, type, reason, vmname, uuidstr, oldsrc, newsrc);

  cleanup:
+    VIR_FREE(newdev);
+    VIR_FREE(olddev);
     VIR_FREE(vmname);
     VIR_FREE(oldsrc);
     VIR_FREE(newsrc);
+    return;
+
+ no_memory:
+    VIR_WARN("OOM while encoding audit message");
+    goto cleanup;
+}
+
+
+void
+virDomainAuditDisk(virDomainObjPtr vm,
+                   const char *oldDef, const char *newDef,
+                   const char *reason, bool success)
+{
+    virDomainAuditGenericDev(vm, "disk", oldDef, newDef, reason, success);
 }


@@ -141,13 +168,8 @@ virDomainAuditRNG(virDomainObjPtr vm,
                   virDomainRNGDefPtr oldDef, virDomainRNGDefPtr newDef,
                   const char *reason, bool success)
 {
-    char uuidstr[VIR_UUID_STRING_BUFLEN];
-    char *vmname;
     const char *newsrcpath = NULL;
     const char *oldsrcpath = NULL;
-    char *oldsrc = NULL;
-    char *newsrc = NULL;
-    const char *virt;

     if (newDef) {
         switch ((virDomainRNGBackend) newDef->backend) {
@@ -185,40 +207,7 @@ virDomainAuditRNG(virDomainObjPtr vm,
         }
     }

-    /* don't audit the RNG device if it doesn't use local resources */
-    if (!oldsrcpath && !newsrcpath)
-        return;
-
-    virUUIDFormat(vm->def->uuid, uuidstr);
-    if (!(vmname = virAuditEncode("vm", vm->def->name)))
-        goto no_memory;
-
-    if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
-        VIR_WARN("Unexpected virt type %d while encoding audit message",
-                 vm->def->virtType);
-        virt = "?";
-    }
-
-    if (!(newsrc = virAuditEncode("new-rng", VIR_AUDIT_STR(newsrcpath))))
-        goto no_memory;
-
-    if (!(oldsrc = virAuditEncode("old-rng", VIR_AUDIT_STR(oldsrcpath))))
-        goto no_memory;
-
-    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
-              "virt=%s resrc=rng reason=%s %s uuid=%s %s %s",
-              virt, reason, vmname, uuidstr,
-              oldsrc, newsrc);
-
- cleanup:
-    VIR_FREE(vmname);
-    VIR_FREE(oldsrc);
-    VIR_FREE(newsrc);
-    return;
-
- no_memory:
-    VIR_WARN("OOM while encoding audit message");
-    goto cleanup;
+    virDomainAuditGenericDev(vm, "rng", oldsrcpath, newsrcpath, reason, success);
 }


@@ -227,45 +216,10 @@ virDomainAuditFS(virDomainObjPtr vm,
                  virDomainFSDefPtr oldDef, virDomainFSDefPtr newDef,
                  const char *reason, bool success)
 {
-    char uuidstr[VIR_UUID_STRING_BUFLEN];
-    char *vmname;
-    char *oldsrc = NULL;
-    char *newsrc = NULL;
-    const char *virt;
-
-    virUUIDFormat(vm->def->uuid, uuidstr);
-    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
-        VIR_WARN("OOM while encoding audit message");
-        return;
-    }
-
-    if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
-        VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
-        virt = "?";
-    }
-
-    if (!(oldsrc = virAuditEncode("old-fs",
-                                  oldDef && oldDef->src ?
-                                  oldDef->src : "?"))) {
-        VIR_WARN("OOM while encoding audit message");
-        goto cleanup;
-    }
-    if (!(newsrc = virAuditEncode("new-fs",
-                                  newDef && newDef->src ?
-                                  newDef->src : "?"))) {
-        VIR_WARN("OOM while encoding audit message");
-        goto cleanup;
-    }
-
-    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
-              "virt=%s resrc=fs reason=%s %s uuid=%s %s %s",
-              virt, reason, vmname, uuidstr,
-              oldsrc, newsrc);
-
- cleanup:
-    VIR_FREE(vmname);
-    VIR_FREE(oldsrc);
-    VIR_FREE(newsrc);
+    virDomainAuditGenericDev(vm, "fs",
+                             oldDef ? oldDef->src : NULL,
+                             newDef ? newDef->src : NULL,
+                             reason, success);
 }


@@ -274,34 +228,19 @@ virDomainAuditNet(virDomainObjPtr vm,
                   virDomainNetDefPtr oldDef, virDomainNetDefPtr newDef,
                   const char *reason, bool success)
 {
-    char uuidstr[VIR_UUID_STRING_BUFLEN];
     char newMacstr[VIR_MAC_STRING_BUFLEN];
     char oldMacstr[VIR_MAC_STRING_BUFLEN];
-    char *vmname;
-    const char *virt;

-    virUUIDFormat(vm->def->uuid, uuidstr);
     if (oldDef)
         virMacAddrFormat(&oldDef->mac, oldMacstr);
+
     if (newDef)
         virMacAddrFormat(&newDef->mac, newMacstr);
-    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
-        VIR_WARN("OOM while encoding audit message");
-        return;
-    }

-    if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
-        VIR_WARN("Unexpected virt type %d while encoding audit message", vm->def->virtType);
-        virt = "?";
-    }
-
-    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
-              "virt=%s resrc=net reason=%s %s uuid=%s old-net=%s new-net=%s",
-              virt, reason, vmname, uuidstr,
-              oldDef ? oldMacstr : "?",
-              newDef ? newMacstr : "?");
-
-    VIR_FREE(vmname);
+    virDomainAuditGenericDev(vm, "fs",
+                             oldDef ? oldMacstr : NULL,
+                             newDef ? newMacstr : NULL,
+                             reason, success);
 }

 /**
-- 
1.9.3

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]