domain_audit.c 30.2 KB
Newer Older
1
/*
2
 * domain_audit.c: Domain audit management
3
 *
4
 * Copyright (C) 2006-2014 Red Hat, Inc.
5 6 7 8 9 10 11 12 13 14 15 16 17
 * Copyright (C) 2006 Daniel P. Berrange
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
18
 * License along with this library.  If not, see
O
Osier Yang 已提交
19
 * <http://www.gnu.org/licenses/>.
20 21 22 23
 */

#include <config.h>

24 25
#include <sys/stat.h>

26 27 28 29 30 31
#ifdef MAJOR_IN_MKDEV
# include <sys/mkdev.h>
#elif MAJOR_IN_SYSMACROS
# include <sys/sysmacros.h>
#endif

32 33
#include <sys/types.h>

34
#include "domain_audit.h"
35
#include "viraudit.h"
36
#include "viruuid.h"
37
#include "virlog.h"
38
#include "viralloc.h"
39
#include "virstring.h"
40

41 42
VIR_LOG_INIT("conf.domain_audit");

43 44 45 46
/* Return nn:mm in hex for block and character devices, and NULL
 * for other file types, stat failure, or allocation failure.  */
#if defined major && defined minor
static char *
47
virDomainAuditGetRdev(const char *path)
48 49 50 51 52 53 54 55
{
    char *ret = NULL;
    struct stat sb;

    if (stat(path, &sb) == 0 &&
        (S_ISCHR(sb.st_mode) || S_ISBLK(sb.st_mode))) {
        int maj = major(sb.st_rdev);
        int min = minor(sb.st_rdev);
56
        ret = g_strdup_printf("%02X:%02X", maj, min);
57 58 59 60 61
    }
    return ret;
}
#else
static char *
J
Ján Tomko 已提交
62
virDomainAuditGetRdev(const char *path G_GNUC_UNUSED)
63 64 65 66 67
{
    return NULL;
}
#endif

68

69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
static const char *
virDomainAuditGetVirtType(virDomainDefPtr def)
{
    const char *virt;

    if (!(virt = virDomainVirtTypeToString(def->virtType))) {
        VIR_WARN("Unexpected virt type %d while encoding audit message",
                 def->virtType);
        virt = "?";
    }

    return virt;
}


84 85 86 87 88 89 90
static void
virDomainAuditGenericDev(virDomainObjPtr vm,
                         const char *type,
                         const char *oldsrcpath,
                         const char *newsrcpath,
                         const char *reason,
                         bool success)
91
{
92 93 94 95 96
    g_autofree char *newdev = NULL;
    g_autofree char *olddev = NULL;
    g_autofree char *vmname = NULL;
    g_autofree char *oldsrc = NULL;
    g_autofree char *newsrc = NULL;
97
    char uuidstr[VIR_UUID_STRING_BUFLEN];
98
    const char *virt = virDomainAuditGetVirtType(vm->def);
99

100 101
    /* if both new and old source aren't provided don't log anything */
    if (!newsrcpath && !oldsrcpath)
102
        return;
103

104 105
    newdev = g_strdup_printf("new-%s", type);
    olddev = g_strdup_printf("old-%s", type);
106 107 108 109

    virUUIDFormat(vm->def->uuid, uuidstr);

    if (!(vmname = virAuditEncode("vm", vm->def->name)))
110
        return;
111

112
    if (!(newsrc = virAuditEncode(newdev, VIR_AUDIT_STR(newsrcpath))))
113
        return;
114 115

    if (!(oldsrc = virAuditEncode(olddev, VIR_AUDIT_STR(oldsrcpath))))
116
        return;
117 118

    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
119 120 121 122 123
              "virt=%s resrc=%s reason=%s %s uuid=%s %s %s",
              virt, type, reason, vmname, uuidstr, oldsrc, newsrc);
}


124 125 126 127 128 129 130 131 132 133 134
void
virDomainAuditChardev(virDomainObjPtr vm,
                      virDomainChrDefPtr oldDef,
                      virDomainChrDefPtr newDef,
                      const char *reason,
                      bool success)
{
    virDomainChrSourceDefPtr oldsrc = NULL;
    virDomainChrSourceDefPtr newsrc = NULL;

    if (oldDef)
135
        oldsrc = oldDef->source;
136 137

    if (newDef)
138
        newsrc = newDef->source;
139 140

    virDomainAuditGenericDev(vm, "chardev",
141 142
                             virDomainChrSourceDefGetPath(oldsrc),
                             virDomainChrSourceDefGetPath(newsrc),
143 144 145 146
                             reason, success);
}


P
Peter Krempa 已提交
147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180
static void
virDomainAuditSmartcard(virDomainObjPtr vm,
                        virDomainSmartcardDefPtr def,
                        const char *reason,
                        bool success)
{
    const char *database = VIR_DOMAIN_SMARTCARD_DEFAULT_DATABASE;
    size_t i;

    if (def) {
        switch ((virDomainSmartcardType) def->type) {
        case VIR_DOMAIN_SMARTCARD_TYPE_HOST:
            virDomainAuditGenericDev(vm, "smartcard",
                                     NULL, "nss-smartcard-device",
                                     reason, success);
            break;

        case VIR_DOMAIN_SMARTCARD_TYPE_HOST_CERTIFICATES:
            for (i = 0; i < VIR_DOMAIN_SMARTCARD_NUM_CERTIFICATES; i++) {
                virDomainAuditGenericDev(vm, "smartcard", NULL,
                                         def->data.cert.file[i],
                                         reason, success);
            }

            if (def->data.cert.database)
                database = def->data.cert.database;

            virDomainAuditGenericDev(vm, "smartcard",
                                     NULL, database,
                                     reason, success);
            break;

        case VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH:
            virDomainAuditGenericDev(vm, "smartcard", NULL,
181
                                     virDomainChrSourceDefGetPath(def->data.passthru),
P
Peter Krempa 已提交
182 183 184 185 186 187 188 189 190 191
                                     reason, success);
            break;

        case VIR_DOMAIN_SMARTCARD_TYPE_LAST:
            break;
        }
    }
}


192 193
void
virDomainAuditDisk(virDomainObjPtr vm,
194 195 196 197
                   virStorageSourcePtr oldDef,
                   virStorageSourcePtr newDef,
                   const char *reason,
                   bool success)
198
{
199 200 201 202 203 204 205 206 207 208
    const char *oldsrc = NULL;
    const char *newsrc = NULL;

    if (oldDef && virStorageSourceIsLocalStorage(oldDef))
        oldsrc = oldDef->path;

    if (newDef && virStorageSourceIsLocalStorage(newDef))
        newsrc = newDef->path;

    virDomainAuditGenericDev(vm, "disk", oldsrc, newsrc, reason, success);
209 210 211
}


L
Luyao Huang 已提交
212
void
213
virDomainAuditRNG(virDomainObjPtr vm,
214
                  virDomainRNGDefPtr oldDef, virDomainRNGDefPtr newDef,
215 216 217 218 219 220
                  const char *reason, bool success)
{
    const char *newsrcpath = NULL;
    const char *oldsrcpath = NULL;

    if (newDef) {
221
        switch ((virDomainRNGBackend) newDef->backend) {
222
        case VIR_DOMAIN_RNG_BACKEND_RANDOM:
223
            newsrcpath = newDef->source.file;
224 225 226
            break;

        case VIR_DOMAIN_RNG_BACKEND_EGD:
227
            newsrcpath = virDomainChrSourceDefGetPath(newDef->source.chardev);
228 229 230 231 232 233 234 235
            break;

        case VIR_DOMAIN_RNG_BACKEND_LAST:
            break;
        }
    }

    if (oldDef) {
236
        switch ((virDomainRNGBackend) oldDef->backend) {
237
        case VIR_DOMAIN_RNG_BACKEND_RANDOM:
238
            oldsrcpath = oldDef->source.file;
239 240 241
            break;

        case VIR_DOMAIN_RNG_BACKEND_EGD:
242
            oldsrcpath = virDomainChrSourceDefGetPath(oldDef->source.chardev);
243 244 245 246 247 248 249
            break;

        case VIR_DOMAIN_RNG_BACKEND_LAST:
            break;
        }
    }

250
    virDomainAuditGenericDev(vm, "rng", oldsrcpath, newsrcpath, reason, success);
251 252 253
}


D
Daniel P. Berrange 已提交
254 255 256 257 258
void
virDomainAuditFS(virDomainObjPtr vm,
                 virDomainFSDefPtr oldDef, virDomainFSDefPtr newDef,
                 const char *reason, bool success)
{
259
    virDomainAuditGenericDev(vm, "fs",
260 261
                             oldDef ? oldDef->src->path : NULL,
                             newDef ? newDef->src->path : NULL,
262
                             reason, success);
D
Daniel P. Berrange 已提交
263 264 265
}


266
void
267 268 269
virDomainAuditNet(virDomainObjPtr vm,
                  virDomainNetDefPtr oldDef, virDomainNetDefPtr newDef,
                  const char *reason, bool success)
270 271 272 273 274
{
    char newMacstr[VIR_MAC_STRING_BUFLEN];
    char oldMacstr[VIR_MAC_STRING_BUFLEN];

    if (oldDef)
275
        virMacAddrFormat(&oldDef->mac, oldMacstr);
276

277
    if (newDef)
278
        virMacAddrFormat(&newDef->mac, newMacstr);
279

280 281 282 283
    virDomainAuditGenericDev(vm, "net",
                             oldDef ? oldMacstr : NULL,
                             newDef ? newMacstr : NULL,
                             reason, success);
284 285
}

286
/**
287
 * virDomainAuditNetDevice:
W
Wang Rui 已提交
288 289
 * @vmDef: the definition of the VM
 * @netDef: details of network device that fd will be tied to
290 291
 * @device: device being opened (such as /dev/vhost-net,
 * /dev/net/tun, /dev/tanN). Note that merely opening a device
292
 * does not mean that virDomain owns it; a followup virDomainAuditNet
293 294 295 296 297 298
 * shows whether the fd was passed on.
 * @success: true if the device was opened
 *
 * Log an audit message about an attempted network device open.
 */
void
299 300
virDomainAuditNetDevice(virDomainDefPtr vmDef, virDomainNetDefPtr netDef,
                        const char *device, bool success)
301 302 303 304
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char macstr[VIR_MAC_STRING_BUFLEN];
    char *vmname;
305
    char *dev_name = NULL;
306
    char *rdev;
307
    const char *virt = virDomainAuditGetVirtType(vmDef);
308 309

    virUUIDFormat(vmDef->uuid, uuidstr);
310
    virMacAddrFormat(&netDef->mac, macstr);
311
    rdev = virDomainAuditGetRdev(device);
312 313

    if (!(vmname = virAuditEncode("vm", vmDef->name)) ||
314
        !(dev_name = virAuditEncode("path", device))) {
315
        VIR_WARN("OOM while encoding audit message");
316 317 318 319
        goto cleanup;
    }

    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
320
              "virt=%s resrc=net reason=open %s uuid=%s net=%s %s rdev=%s",
321
              virt, vmname, uuidstr, macstr, dev_name, VIR_AUDIT_STR(rdev));
322

323
 cleanup:
324
    VIR_FREE(vmname);
325
    VIR_FREE(dev_name);
326 327
    VIR_FREE(rdev);
}
328

329
/**
330
 * virDomainAuditHostdev:
331 332
 * @vm: domain making a change in pass-through host device
 * @hostdev: device being attached or removed
333
 * @reason: one of "start", "attach", or "detach"
334 335 336 337 338
 * @success: true if the device passthrough operation succeeded
 *
 * Log an audit message about an attempted device passthrough change.
 */
void
339 340
virDomainAuditHostdev(virDomainObjPtr vm, virDomainHostdevDefPtr hostdev,
                      const char *reason, bool success)
341 342 343
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char *vmname;
344 345
    char *address = NULL;
    char *device = NULL;
346 347
    const char *virt = virDomainAuditGetVirtType(vm->def);

348
    virDomainHostdevSubsysUSBPtr usbsrc = &hostdev->source.subsys.u.usb;
349
    virDomainHostdevSubsysPCIPtr pcisrc = &hostdev->source.subsys.u.pci;
350
    virDomainHostdevSubsysSCSIPtr scsisrc = &hostdev->source.subsys.u.scsi;
351
    virDomainHostdevSubsysSCSIVHostPtr hostsrc = &hostdev->source.subsys.u.scsi_host;
352
    virDomainHostdevSubsysMediatedDevPtr mdevsrc = &hostdev->source.subsys.u.mdev;
353 354 355

    virUUIDFormat(vm->def->uuid, uuidstr);
    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
356
        VIR_WARN("OOM while encoding audit message");
357 358 359
        return;
    }

360
    switch ((virDomainHostdevMode) hostdev->mode) {
361
    case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS:
362
        switch ((virDomainHostdevSubsysType) hostdev->source.subsys.type) {
363
        case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI:
364 365 366 367 368
            address = g_strdup_printf(VIR_PCI_DEVICE_ADDRESS_FMT,
                                      pcisrc->addr.domain,
                                      pcisrc->addr.bus,
                                      pcisrc->addr.slot,
                                      pcisrc->addr.function);
369 370
            break;
        case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB:
371
            address = g_strdup_printf("%.3d.%.3d", usbsrc->bus, usbsrc->device);
H
Han Cheng 已提交
372
            break;
373
        case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI: {
374 375 376 377 378
            if (scsisrc->protocol ==
                VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI) {
                /* Follow virDomainAuditDisk && virDomainAuditGenericDev
                 * and don't audit the networked device.
                 */
H
Han Cheng 已提交
379
                goto cleanup;
380 381 382
            } else {
                virDomainHostdevSubsysSCSIHostPtr scsihostsrc =
                    &scsisrc->u.host;
383 384 385 386
                address = g_strdup_printf("%s:%u:%u:%llu",
                                          scsihostsrc->adapter, scsihostsrc->bus,
                                          scsihostsrc->target,
                                          scsihostsrc->unit);
387 388
            }
            break;
389
        }
390
        case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI_HOST:
391
            address = g_strdup(hostsrc->wwpn);
392
            break;
393
        case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV:
394
            address = g_strdup(mdevsrc->uuidstr);
395 396
            break;
        case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST:
397 398 399 400 401 402 403
        default:
            VIR_WARN("Unexpected hostdev type while encoding audit message: %d",
                     hostdev->source.subsys.type);
            goto cleanup;
        }

        if (!(device = virAuditEncode("device", VIR_AUDIT_STR(address)))) {
404
            VIR_WARN("OOM while encoding audit message");
405 406
            goto cleanup;
        }
407 408 409 410 411 412

        VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
                  "virt=%s resrc=dev reason=%s %s uuid=%s bus=%s %s",
                  virt, reason, vmname, uuidstr,
                  virDomainHostdevSubsysTypeToString(hostdev->source.subsys.type),
                  device);
413
        break;
414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443

    case VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES:
        switch (hostdev->source.caps.type) {
        case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE:
            if (!(device = virAuditEncode("disk",
                                          VIR_AUDIT_STR(hostdev->source.caps.u.storage.block)))) {
                VIR_WARN("OOM while encoding audit message");
                goto cleanup;
            }

            VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
                      "virt=%s resrc=hostdev reason=%s %s uuid=%s %s",
                      virt, reason, vmname, uuidstr, device);
            break;

        case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC:
            if (!(device = virAuditEncode("chardev",
                                          VIR_AUDIT_STR(hostdev->source.caps.u.misc.chardev)))) {
                VIR_WARN("OOM while encoding audit message");
                goto cleanup;
            }

            VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
                      "virt=%s resrc=hostdev reason=%s %s uuid=%s %s",
                      virt, reason, vmname, uuidstr, device);
            break;

        default:
            VIR_WARN("Unexpected hostdev type while encoding audit message: %d",
                     hostdev->source.caps.type);
444 445 446 447
            goto cleanup;
        }
        break;

448
    case VIR_DOMAIN_HOSTDEV_MODE_LAST:
449 450 451
    default:
        VIR_WARN("Unexpected hostdev mode while encoding audit message: %d",
                 hostdev->mode);
452 453 454
        goto cleanup;
    }

455
 cleanup:
456 457 458 459 460 461
    VIR_FREE(vmname);
    VIR_FREE(device);
    VIR_FREE(address);
}


462 463 464 465 466 467 468 469 470 471 472 473 474 475 476
/**
 * virDomainAuditRedirdev:
 * @vm: domain making a change in pass-through host device
 * @redirdev: device being attached or removed
 * @reason: one of "start", "attach", or "detach"
 * @success: true if the device passthrough operation succeeded
 *
 * Log an audit message about an attempted device passthrough change.
 */
void
virDomainAuditRedirdev(virDomainObjPtr vm, virDomainRedirdevDefPtr redirdev,
                      const char *reason, bool success)
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char *vmname;
477 478
    char *address = NULL;
    char *device = NULL;
479
    const char *virt = virDomainAuditGetVirtType(vm->def);
480 481 482 483 484 485 486 487 488

    virUUIDFormat(vm->def->uuid, uuidstr);
    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
        VIR_WARN("OOM while encoding audit message");
        return;
    }

    switch (redirdev->bus) {
    case VIR_DOMAIN_REDIRDEV_BUS_USB:
489
        address = g_strdup("USB redirdev");
490
        break;
491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507
    default:
        VIR_WARN("Unexpected redirdev bus while encoding audit message: %d",
                 redirdev->bus);
        goto cleanup;
    }

    if (!(device = virAuditEncode("device", VIR_AUDIT_STR(address)))) {
        VIR_WARN("OOM while encoding audit message");
        goto cleanup;
    }

    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
              "virt=%s resrc=dev reason=%s %s uuid=%s bus=%s %s",
              virt, reason, vmname, uuidstr,
              virDomainRedirdevBusTypeToString(redirdev->bus),
              device);

508
 cleanup:
509 510 511 512 513 514
    VIR_FREE(vmname);
    VIR_FREE(device);
    VIR_FREE(address);
}


515 516
/**
 * virDomainAuditTPM:
517
 * @vm: domain making a change in pass-through host device or emulator
518 519
 * @tpm: TPM device being attached or removed
 * @reason: one of "start", "attach", or "detach"
520
 * @success: true if the device operation succeeded
521
 *
522 523
 * Log an audit message about an attempted device passthrough or emulator
 * change.
524 525 526 527 528 529 530 531 532
 */
static void
virDomainAuditTPM(virDomainObjPtr vm, virDomainTPMDefPtr tpm,
                  const char *reason, bool success)
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char *vmname;
    char *path = NULL;
    char *device = NULL;
533
    const char *virt = virDomainAuditGetVirtType(vm->def);
534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549

    virUUIDFormat(vm->def->uuid, uuidstr);
    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
        VIR_WARN("OOM while encoding audit message");
        return;
    }

    switch (tpm->type) {
    case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
        path = tpm->data.passthrough.source.data.file.path;
        if (!(device = virAuditEncode("device", VIR_AUDIT_STR(path)))) {
            VIR_WARN("OOM while encoding audit message");
            goto cleanup;
        }

        VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
550
                  "virt=%s resrc=tpm reason=%s %s uuid=%s %s",
551 552
                  virt, reason, vmname, uuidstr, device);
        break;
553
    case VIR_DOMAIN_TPM_TYPE_EMULATOR:
554 555 556 557 558 559 560 561 562
        path = tpm->data.emulator.source.data.nix.path;
        if (!(device = virAuditEncode("device", VIR_AUDIT_STR(path)))) {
            VIR_WARN("OOM while encoding audit message");
            goto cleanup;
        }

        VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
                  "virt=%s resrc=tpm-emulator reason=%s %s uuid=%s %s",
                  virt, reason, vmname, uuidstr, device);
563
        break;
564
    case VIR_DOMAIN_TPM_TYPE_LAST:
565 566 567 568
    default:
        break;
    }

569
 cleanup:
570 571 572 573 574
    VIR_FREE(vmname);
    VIR_FREE(device);
}


575
/**
576
 * virDomainAuditCgroup:
577 578 579
 * @vm: domain making the cgroups ACL change
 * @cgroup: cgroup that manages the devices
 * @reason: either "allow" or "deny"
580 581
 * @extra: additional details, in the form "all",
 * "major category=xyz maj=nn", or "path path=xyz dev=nn:mm" (the
582 583
 * latter two are generated by virDomainAuditCgroupMajor and
 * virDomainAuditCgroupPath).
584 585 586 587
 * @success: true if the cgroup operation succeeded
 *
 * Log an audit message about an attempted cgroup device ACL change.
 */
588
void
589 590
virDomainAuditCgroup(virDomainObjPtr vm, virCgroupPtr cgroup,
                     const char *reason, const char *extra, bool success)
591 592 593
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char *vmname;
594 595
    char *controller = NULL;
    char *detail;
596
    const char *virt = virDomainAuditGetVirtType(vm->def);
597 598 599

    virUUIDFormat(vm->def->uuid, uuidstr);
    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
600
        VIR_WARN("OOM while encoding audit message");
601 602
        return;
    }
603

E
Eric Blake 已提交
604 605 606
    ignore_value(virCgroupPathOfController(cgroup,
                                           VIR_CGROUP_CONTROLLER_DEVICES,
                                           NULL, &controller));
607 608
    detail = virAuditEncode("cgroup", VIR_AUDIT_STR(controller));

609
    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
610 611
              "virt=%s resrc=cgroup reason=%s %s uuid=%s %s class=%s",
              virt, reason, vmname, uuidstr,
612
              detail ? detail : "cgroup=?", extra);
613 614

    VIR_FREE(vmname);
615 616
    VIR_FREE(controller);
    VIR_FREE(detail);
617 618 619
}

/**
620
 * virDomainAuditCgroupMajor:
621 622 623 624 625
 * @vm: domain making the cgroups ACL change
 * @cgroup: cgroup that manages the devices
 * @reason: either "allow" or "deny"
 * @maj: the major number of the device category
 * @name: a textual name for that device category, alphabetic only
626
 * @perms: string containing "r", "w", and/or "m" as appropriate
627 628 629 630 631
 * @success: true if the cgroup operation succeeded
 *
 * Log an audit message about an attempted cgroup device ACL change.
 */
void
632 633 634
virDomainAuditCgroupMajor(virDomainObjPtr vm, virCgroupPtr cgroup,
                          const char *reason, int maj, const char *name,
                          const char *perms, bool success)
635 636 637
{
    char *extra;

638 639
    extra = g_strdup_printf("major category=%s maj=%02X acl=%s",
                            name, maj, perms);
640

641
    virDomainAuditCgroup(vm, cgroup, reason, extra, success);
642 643 644 645 646

    VIR_FREE(extra);
}

/**
647
 * virDomainAuditCgroupPath:
648 649 650 651
 * @vm: domain making the cgroups ACL change
 * @cgroup: cgroup that manages the devices
 * @reason: either "allow" or "deny"
 * @path: the device being adjusted
652
 * @perms: string containing "r", "w", and/or "m" as appropriate
653 654 655 656 657 658
 * @rc: > 0 if not a device, 0 if success, < 0 if failure
 *
 * Log an audit message about an attempted cgroup device ACL change to
 * a specific device.
 */
void
659 660 661
virDomainAuditCgroupPath(virDomainObjPtr vm, virCgroupPtr cgroup,
                         const char *reason, const char *path, const char *perms,
                         int rc)
662 663 664
{
    char *detail;
    char *rdev;
665
    char *extra = NULL;
666 667 668 669 670

    /* Nothing to audit for regular files.  */
    if (rc > 0)
        return;

671
    rdev = virDomainAuditGetRdev(path);
672

673
    if (!(detail = virAuditEncode("path", path))) {
674
        VIR_WARN("OOM while encoding audit message");
675 676 677
        goto cleanup;
    }

678 679 680
    extra = g_strdup_printf("path %s rdev=%s acl=%s",
                            detail, VIR_AUDIT_STR(rdev), perms);

681
    virDomainAuditCgroup(vm, cgroup, reason, extra, rc == 0);
682

683
 cleanup:
684
    VIR_FREE(extra);
685
    VIR_FREE(detail);
686
    VIR_FREE(rdev);
687 688
}

689
/**
690
 * virDomainAuditResource:
691 692 693 694 695 696 697 698 699 700
 * @vm: domain making an integer resource change
 * @resource: name of the resource: "mem" or "vcpu"
 * @oldval: the old value of the resource
 * @newval: the new value of the resource
 * @reason: either "start" or "update"
 * @success: true if the resource change succeeded
 *
 * Log an audit message about an attempted resource change.
 */
static void
701 702 703
virDomainAuditResource(virDomainObjPtr vm, const char *resource,
                       unsigned long long oldval, unsigned long long newval,
                       const char *reason, bool success)
704 705 706
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char *vmname;
707
    const char *virt = virDomainAuditGetVirtType(vm->def);
708 709 710

    virUUIDFormat(vm->def->uuid, uuidstr);
    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
711
        VIR_WARN("OOM while encoding audit message");
712 713 714 715
        return;
    }

    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
716 717
              "virt=%s resrc=%s reason=%s %s uuid=%s old-%s=%lld new-%s=%lld",
              virt, resource, reason, vmname, uuidstr,
718 719 720 721 722 723
              resource, oldval, resource, newval);

    VIR_FREE(vmname);
}

void
724 725 726
virDomainAuditMemory(virDomainObjPtr vm,
                     unsigned long long oldmem, unsigned long long newmem,
                     const char *reason, bool success)
727
{
728
    return virDomainAuditResource(vm, "mem", oldmem, newmem, reason, success);
729 730 731
}

void
732 733 734
virDomainAuditVcpu(virDomainObjPtr vm,
                   unsigned int oldvcpu, unsigned int newvcpu,
                   const char *reason, bool success)
735
{
736
    return virDomainAuditResource(vm, "vcpu", oldvcpu, newvcpu, reason, success);
737 738
}

739 740 741 742 743 744 745 746 747
void
virDomainAuditIOThread(virDomainObjPtr vm,
                       unsigned int oldiothread, unsigned int newiothread,
                       const char *reason, bool success)
{
    return virDomainAuditResource(vm, "iothread", oldiothread, newiothread,
                                  reason, success);
}

748
static void
749 750
virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
                        const char *reason, bool success)
751 752 753
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char *vmname;
754
    const char *virt = virDomainAuditGetVirtType(vm->def);
755 756 757 758

    virUUIDFormat(vm->def->uuid, uuidstr);

    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
759
        VIR_WARN("OOM while encoding audit message");
760 761 762 763
        return;
    }

    VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
764 765
              "virt=%s op=%s reason=%s %s uuid=%s vm-pid=%lld",
              virt, op, reason, vmname, uuidstr, (long long)vm->pid);
766 767 768 769 770

    VIR_FREE(vmname);
}


771
void
772
virDomainAuditStart(virDomainObjPtr vm, const char *reason, bool success)
773
{
774
    size_t i;
775

776 777
    for (i = 0; i < vm->def->ndisks; i++)
        virDomainAuditDisk(vm, NULL, vm->def->disks[i]->src, "start", true);
778

779
    for (i = 0; i < vm->def->nfss; i++) {
D
Daniel P. Berrange 已提交
780 781 782 783
        virDomainFSDefPtr fs = vm->def->fss[i];
        virDomainAuditFS(vm, NULL, fs, "start", true);
    }

784
    for (i = 0; i < vm->def->nnets; i++) {
785
        virDomainNetDefPtr net = vm->def->nets[i];
786
        virDomainAuditNet(vm, NULL, net, "start", true);
787 788
    }

789
    for (i = 0; i < vm->def->nhostdevs; i++) {
790
        virDomainHostdevDefPtr hostdev = vm->def->hostdevs[i];
791
        virDomainAuditHostdev(vm, hostdev, "start", true);
792 793
    }

794
    for (i = 0; i < vm->def->nredirdevs; i++) {
795 796 797 798
        virDomainRedirdevDefPtr redirdev = vm->def->redirdevs[i];
        virDomainAuditRedirdev(vm, redirdev, "start", true);
    }

799 800 801 802 803 804 805 806 807 808 809 810 811
    for (i = 0; i < vm->def->nserials; i++)
        virDomainAuditChardev(vm, NULL, vm->def->serials[i], "start", true);

    for (i = 0; i < vm->def->nparallels; i++)
        virDomainAuditChardev(vm, NULL, vm->def->parallels[i], "start", true);

    for (i = 0; i < vm->def->nchannels; i++)
        virDomainAuditChardev(vm, NULL, vm->def->channels[i], "start", true);

    for (i = 0; i < vm->def->nconsoles; i++) {
        if (i == 0 &&
            (vm->def->consoles[i]->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL ||
             vm->def->consoles[i]->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE) &&
812
             vm->def->os.type == VIR_DOMAIN_OSTYPE_HVM)
813 814 815 816 817
            continue;

        virDomainAuditChardev(vm, NULL, vm->def->consoles[i], "start", true);
    }

P
Peter Krempa 已提交
818 819 820
    for (i = 0; i < vm->def->nsmartcards; i++)
        virDomainAuditSmartcard(vm, vm->def->smartcards[i], "start", true);

821 822
    for (i = 0; i < vm->def->nrngs; i++)
        virDomainAuditRNG(vm, NULL, vm->def->rngs[i], "start", true);
823

824 825 826
    if (vm->def->tpm)
        virDomainAuditTPM(vm, vm->def->tpm, "start", true);

827 828 829
    for (i = 0; i < vm->def->nshmems; i++)
        virDomainAuditShmem(vm, vm->def->shmems[i], "start", true);

830 831 832
    for (i = 0; i < vm->def->ninputs; i++)
        virDomainAuditInput(vm, vm->def->inputs[i], "start", true);

833
    virDomainAuditMemory(vm, 0, virDomainDefGetMemoryTotal(vm->def),
834
                         "start", true);
835
    virDomainAuditVcpu(vm, 0, virDomainDefGetVcpus(vm->def), "start", true);
836 837
    if (vm->def->niothreadids)
        virDomainAuditIOThread(vm, 0, vm->def->niothreadids, "start", true);
838

839
    virDomainAuditLifecycle(vm, "start", reason, success);
840 841
}

842 843
void
virDomainAuditInit(virDomainObjPtr vm,
844 845
                   pid_t initpid,
                   ino_t pidns)
846 847 848
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char *vmname;
849
    const char *virt = virDomainAuditGetVirtType(vm->def);
850 851 852 853 854 855 856 857 858

    virUUIDFormat(vm->def->uuid, uuidstr);

    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
        VIR_WARN("OOM while encoding audit message");
        return;
    }

    VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, true,
859 860 861
              "virt=%s op=init %s uuid=%s vm-pid=%lld init-pid=%lld pid-ns=%lld",
              virt, vmname, uuidstr, (long long)vm->pid, (long long)initpid,
              (long long)pidns);
862 863 864

    VIR_FREE(vmname);
}
865

866
void
867
virDomainAuditStop(virDomainObjPtr vm, const char *reason)
868
{
869
    virDomainAuditLifecycle(vm, "stop", reason, true);
870 871
}

872
void
873
virDomainAuditSecurityLabel(virDomainObjPtr vm, bool success)
874 875 876
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char *vmname;
877
    size_t i;
878
    const char *virt = virDomainAuditGetVirtType(vm->def);
879 880 881

    virUUIDFormat(vm->def->uuid, uuidstr);
    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
882
        VIR_WARN("OOM while encoding audit message");
883 884 885
        return;
    }

886 887 888 889 890 891 892 893
    for (i = 0; i < vm->def->nseclabels; i++) {
        VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success,
                  "virt=%s %s uuid=%s vm-ctx=%s img-ctx=%s model=%s",
                  virt, vmname, uuidstr,
                  VIR_AUDIT_STR(vm->def->seclabels[i]->label),
                  VIR_AUDIT_STR(vm->def->seclabels[i]->imagelabel),
                  VIR_AUDIT_STR(vm->def->seclabels[i]->model));
    }
894 895 896

    VIR_FREE(vmname);
}
897 898 899 900 901 902 903 904

void
virDomainAuditShmem(virDomainObjPtr vm,
                    virDomainShmemDefPtr def,
                    const char *reason, bool success)
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
    char *vmname = virAuditEncode("vm", vm->def->name);
905
    const char *srcpath = virDomainChrSourceDefGetPath(&def->server.chr);
906
    const char *virt = virDomainAuditGetVirtType(vm->def);
907
    char *shmpath = NULL;
908 909 910

    virUUIDFormat(vm->def->uuid, uuidstr);

911
    if (!vmname) {
912 913 914 915
        VIR_WARN("OOM while encoding audit message");
        goto cleanup;
    }

916 917
    shmpath = g_strdup_printf("/dev/shm/%s", def->name);

918 919 920 921 922 923
    if (!virt) {
        VIR_WARN("Unexpected virt type %d while encoding audit message",
                 vm->def->virtType);
        virt = "?";
    }

924 925 926 927 928 929 930 931 932
    if (def->server.enabled) {
        VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
                  "virt=%s resrc=ivshmem-socket reason=%s %s uuid=%s path=%s",
                  virt, reason, vmname, uuidstr, VIR_AUDIT_STR(srcpath));
    } else {
        VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
                  "virt=%s resrc=shmem reason=%s %s uuid=%s size=%llu path=%s",
                  virt, reason, vmname, uuidstr, def->size, VIR_AUDIT_STR(shmpath));
   }
933 934 935

 cleanup:
    VIR_FREE(vmname);
936
    VIR_FREE(shmpath);
937 938
    return;
}
939 940 941 942 943 944 945 946 947


void
virDomainAuditInput(virDomainObjPtr vm,
                    virDomainInputDefPtr input,
                    const char *reason,
                    bool success)
{
    char uuidstr[VIR_UUID_STRING_BUFLEN];
948
    g_autofree char *vmname = NULL;
949
    const char *virt = virDomainAuditGetVirtType(vm->def);
950 951 952 953

    virUUIDFormat(vm->def->uuid, uuidstr);

    if (!(vmname = virAuditEncode("vm", vm->def->name)))
954
        return;
955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971

    switch ((virDomainInputType) input->type) {
    case VIR_DOMAIN_INPUT_TYPE_MOUSE:
    case VIR_DOMAIN_INPUT_TYPE_TABLET:
    case VIR_DOMAIN_INPUT_TYPE_KBD:
        break;

    case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
        VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
                  "virt=%s resrc=evdev reason=%s %s uuid=%s path=%s",
                  virt, reason, vmname, uuidstr, VIR_AUDIT_STR(input->source.evdev));
        break;

    case VIR_DOMAIN_INPUT_TYPE_LAST:
        break;
    }
}