- 27 1月, 2012 1 次提交
-
-
由 Marcelo Cerri 提交于
Added a new field "vm-pid" to the VIRT_CONTROL audit record. This information is useful to correlated another audit events to the events generated by libvirt.
-
- 16 9月, 2011 1 次提交
-
-
由 Peter Krempa 提交于
/usr/lib/stdlib.h in Mac OS X and probably also in BSD's exports this symbol :(
-
- 15 9月, 2011 1 次提交
-
-
由 Marc-André Lureau 提交于
Also initialize to NULL a few variables that might get free before being set.
-
- 05 9月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Snapshots alter the set of disk image files opened by qemu, so they must be audited. But they don't involve a full disk definition structure, just the new filename. Make the next patch easier by refactoring the audit routines to just operate on file name. * src/conf/domain_audit.h (virDomainAuditDisk): Update prototype. * src/conf/domain_audit.c (virDomainAuditDisk): Act on strings, not definition structures. (virDomainAuditStart): Update caller. * src/qemu/qemu_hotplug.c (qemuDomainChangeEjectableMedia) (qemuDomainAttachPciDiskDevice, qemuDomainAttachSCSIDisk) (qemuDomainAttachUsbMassstorageDevice) (qemuDomainDetachPciDiskDevice, qemuDomainDetachDiskDevice): Likewise.
-
- 02 9月, 2011 1 次提交
-
-
由 Marc-André Lureau 提交于
- create a new "redirdev" element for this purpose
-
- 03 8月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Coverity complained that 395 out of 409 virAsprintf calls are checked, and therefore assumed that the remaining cases are bugs waiting to happen. But in each of these cases, a failed virAsprintf will properly set the target string to NULL, and pass on that failure to the caller, without wasting efforts to check the call. Adding the ignore_value silences Coverity. * src/conf/domain_audit.c (virDomainAuditGetRdev): Ignore virAsprintf return value, when it behaves like we need. * src/network/bridge_driver.c (networkDnsmasqLeaseFileNameDefault) (networkRadvdConfigFileName, networkBridgeDummyNicName) (networkRadvdPidfileBasename): Likewise. * src/util/storage_file.c (absolutePathFromBaseFile): Likewise. * src/openvz/openvz_driver.c (openvzGenerateContainerVethName): Likewise. * src/util/command.c (virCommandTranslateStatus): Likewise.
-
- 13 7月, 2011 3 次提交
-
-
由 Daniel P. Berrange 提交于
Since a host can run several different virtualization types at the same time, audit messages should allow domains to be identified. Add a 'virt={qemu,kvm,uml,lxc,...}' key to domain audit messages * src/conf/domain_audit.c: Identify virt type of guest
-
由 Daniel P. Berrange 提交于
When passing through filesystems from the host to a guest, the host filesystem passed must be audited * src/conf/domain_audit.{c,h}: Add virDomainAuditFS
-
由 Daniel P. Berrange 提交于
The LXC and UML drivers can both make use of auditing. Move the qemu_audit.{c,h} files to src/conf/domain_audit.{c,h} * src/conf/domain_audit.c: Rename from src/qemu/qemu_audit.c * src/conf/domain_audit.h: Rename from src/qemu/qemu_audit.h * src/Makefile.am: Remove qemu_audit.{c,h}, add domain_audit.{c,h} * src/qemu/qemu_audit.h, src/qemu/qemu_cgroup.c, src/qemu/qemu_command.c, src/qemu/qemu_driver.c, src/qemu/qemu_hotplug.c, src/qemu/qemu_migration.c, src/qemu/qemu_process.c: Update for changed audit API names
-
- 12 7月, 2011 1 次提交
-
-
由 Eric Blake 提交于
* src/util/virtaudit.[ch]: Rename... * src/util/viraudit.[ch]: ...to match virAudit* API. * src/Makefile.am (UTIL_SOURCES): Reflect rename. * daemon/libvirtd.c: Likewise. * po/POTFILES.in: Likewise. * src/libvirt_private.syms: Likewise. * src/qemu/qemu_audit.c: Likewise.
-
- 04 7月, 2011 1 次提交
-
-
由 Eric Blake 提交于
Coverity warns if the majority of callers check a function for errors, but a few don't; but in qemu_audit and qemu_domain, the choice to not check for failures was safe. In qemu_command, the failure to generate a uuid can only occur on a bad pointer. * src/qemu/qemu_audit.c (qemuAuditCgroup): Ignore failure to get cgroup controller. * src/qemu/qemu_domain.c (qemuDomainObjEnterMonitor) (qemuDomainObjEnterMonitorWithDriver): Ignore failure to get timestamp. * src/qemu/qemu_command.c (qemuParseCommandLine): Check for error.
-
- 12 5月, 2011 1 次提交
-
-
由 Lai Jiangshan 提交于
These VIR_XXXX0 APIs make us confused, use the non-0-suffix APIs instead. How do these coversions works? The magic is using the gcc extension of ##. When __VA_ARGS__ is empty, "##" will swallow the "," in "fmt," to avoid compile error. example: origin after CPP high_level_api("%d", a_int) low_level_api("%d", a_int) high_level_api("a string") low_level_api("a string") About 400 conversions. 8 special conversions: VIR_XXXX0("") -> VIR_XXXX("msg") (avoid empty format) 2 conversions VIR_XXXX0(string_literal_with_%) -> VIR_XXXX(%->%%) 0 conversions VIR_XXXX0(non_string_literal) -> VIR_XXXX("%s", non_string_literal) (for security) 6 conversions Signed-off-by: NLai Jiangshan <laijs@cn.fujitsu.com>
-
- 10 3月, 2011 5 次提交
-
-
由 Eric Blake 提交于
Opening raw network devices with the intent of passing those fds to qemu is worth an audit point. This makes a multi-part audit: first, we audit the device(s) that libvirt opens on behalf of the MAC address of a to-be-created interface (which can independently succeed or fail), then we audit whether qemu actually started the network device with the same MAC (so searching backwards for successful audits with the same MAC will show which fd(s) qemu is actually using). Note that it is possible for the fd to be successfully opened but no attempt made to pass the fd to qemu (for example, because intermediate nwfilter operations failed) - no interface start audit will occur in that case; so the audit for a successful opened fd does not imply rights given to qemu unless there is a followup audit about the attempt to start a new interface. Likewise, when a network device is hot-unplugged, there is only one audit message about the MAC being discontinued; again, searching back to the earlier device open audits will show which fds that qemu quits using (and yes, I checked via /proc/<qemu-pid>/fd that qemu _does_ close out the fds associated with an interface on hot-unplug). The code would require much more refactoring to be able to definitively state which device(s) were discontinued at that point, since we currently don't record anywhere in the XML whether /dev/vhost-net was opened for a given interface. * src/qemu/qemu_audit.h (qemuAuditNetDevice): New prototype. * src/qemu/qemu_audit.c (qemuAuditNetDevice): New function. * src/qemu/qemu_command.h (qemuNetworkIfaceConnect) (qemuPhysIfaceConnect, qemuOpenVhostNet): Adjust prototype. * src/qemu/qemu_command.c (qemuNetworkIfaceConnect) (qemuPhysIfaceConnect, qemuOpenVhostNet): Add audit points and adjust parameters. (qemuBuildCommandLine): Adjust caller. * src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
-
由 Eric Blake 提交于
* src/qemu/qemu_audit.h (qemuAuditCgroupMajor) (qemuAuditCgroupPath): Add parameter. * src/qemu/qemu_audit.c (qemuAuditCgroupMajor) (qemuAuditCgroupPath): Add 'acl=rwm' to cgroup audit entries. * src/qemu/qemu_cgroup.c: Update clients. * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Likewise.
-
由 Eric Blake 提交于
Also add ATTRIBUTE_NONNULL markers. * src/qemu/qemu_audit.h: The pattern qemuDomainXXXAudit is inconsistent; prefer qemuAuditXXX instead. * src/qemu/qemu_audit.c: Reflect the renames. * src/qemu/qemu_driver.c: Likewise. * src/qemu/qemu_hotplug.c: Likewise. * src/qemu/qemu_migration.c: Likewise. * src/qemu/qemu_process.c: Likewise.
-
由 Eric Blake 提交于
Although the cgroup device ACL controller path can be worked out by researching the code, it is more efficient to include that information directly in the audit message. * src/util/cgroup.h (virCgroupPathOfController): New prototype. * src/util/cgroup.c (virCgroupPathOfController): Export. * src/libvirt_private.syms: Likewise. * src/qemu/qemu_audit.c (qemuAuditCgroup): Use it.
-
由 Eric Blake 提交于
Device names can be manipulated, so it is better to also log the major/minor device number corresponding to the cgroup ACL changes that libvirt made. This required some refactoring of the relatively new qemu cgroup audit code. Also, qemuSetupChardevCgroup was only auditing on failure, not success. * src/qemu/qemu_audit.h (qemuDomainCgroupAudit): Delete. (qemuAuditCgroup, qemuAuditCgroupMajor, qemuAuditCgroupPath): New prototypes. * src/qemu/qemu_audit.c (qemuDomainCgroupAudit): Rename... (qemuAuditCgroup): ...and drop a parameter. (qemuAuditCgroupMajor, qemuAuditCgroupPath): New functions, to allow listing device major/minor in audit. (qemuAuditGetRdev): New helper function. * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Adjust callers. * src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow) (qemuSetupHostUsbDeviceCgroup, qemuSetupCgroup) (qemuTeardownDiskPathDeny): Likewise. (qemuSetupChardevCgroup): Likewise, fixing missing audit.
-
- 09 3月, 2011 1 次提交
-
-
由 Eric Blake 提交于
* src/qemu/qemu_audit.c (qemuDomainHostdevAudit): Avoid use of "type", which has a pre-defined meaning. (qemuDomainCgroupAudit): Likewise, as well as "item".
-
- 25 2月, 2011 3 次提交
-
-
由 Eric Blake 提交于
* src/qemu/qemu_audit.h (qemuDomainHostdevAudit): New prototype. * src/qemu/qemu_audit.c (qemuDomainHostdevAudit): New function. (qemuDomainStartAudit): Call as appropriate. * src/qemu/qemu_hotplug.c (qemuDomainAttachHostPciDevice) (qemuDomainAttachHostUsbDevice, qemuDomainDetachHostPciDevice) (qemuDomainDetachHostUsbDevice): Likewise.
-
由 Eric Blake 提交于
* src/qemu/qemu_audit.h (qemuDomainMemoryAudit) (qemuDomainVcpuAudit): New prototypes. * src/qemu/qemu_audit.c (qemuDomainResourceAudit) (qemuDomainMemoryAudit, qemuDomainVcpuAudit): New functions. (qemuDomainStartAudit): Call as appropriate. * src/qemu/qemu_driver.c (qemudDomainSetMemory) (qemudDomainHotplugVcpus): Likewise.
-
由 Eric Blake 提交于
* src/qemu/qemu_audit.h (qemuDomainCgroupAudit): New prototype. * src/qemu/qemu_audit.c (qemuDomainCgroupAudit): Implement it. * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Add audit. * src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow) (qemuSetupChardevCgroup, qemuSetupHostUsbDeviceCgroup) (qemuSetupCgroup, qemuTeardownDiskPathDeny): Likewise.
-
- 17 12月, 2010 1 次提交
-
-
由 Daniel P. Berrange 提交于
The QEMU driver file is far too large. Move all the audit helper code out into a separate file. No functional change. * src/qemu/qemu_audit.c, src/qemu/qemu_audit.h, src/Makefile.am: Add audit helper file * src/qemu/qemu_driver.c: Delete audit code
-