From 2690b5b9309e4e5f255f35e133e4d15478ea933b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A1n=20Tomko?= Date: Mon, 16 Oct 2017 14:58:51 +0200 Subject: [PATCH] conf: audit passthrough input devices at domain startup Introduce virDomainAuditInput and use it to log the evdev passed to the guest. --- src/conf/domain_audit.c | 44 +++++++++++++++++++++++++++++++++++++++++ src/conf/domain_audit.h | 5 +++++ 2 files changed, 49 insertions(+) diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c index 4afc220199..723c737363 100644 --- a/src/conf/domain_audit.c +++ b/src/conf/domain_audit.c @@ -868,6 +868,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason, bool success) for (i = 0; i < vm->def->nshmems; i++) virDomainAuditShmem(vm, vm->def->shmems[i], "start", true); + for (i = 0; i < vm->def->ninputs; i++) + virDomainAuditInput(vm, vm->def->inputs[i], "start", true); + virDomainAuditMemory(vm, 0, virDomainDefGetMemoryTotal(vm->def), "start", true); virDomainAuditVcpu(vm, 0, virDomainDefGetVcpus(vm->def), "start", true); @@ -983,3 +986,44 @@ virDomainAuditShmem(virDomainObjPtr vm, VIR_FREE(shmpath); return; } + + +void +virDomainAuditInput(virDomainObjPtr vm, + virDomainInputDefPtr input, + const char *reason, + bool success) +{ + char uuidstr[VIR_UUID_STRING_BUFLEN]; + char *vmname; + const char *virt = virDomainVirtTypeToString(vm->def->virtType); + + virUUIDFormat(vm->def->uuid, uuidstr); + + if (!(vmname = virAuditEncode("vm", vm->def->name))) + goto no_memory; + + switch ((virDomainInputType) input->type) { + case VIR_DOMAIN_INPUT_TYPE_MOUSE: + case VIR_DOMAIN_INPUT_TYPE_TABLET: + case VIR_DOMAIN_INPUT_TYPE_KBD: + break; + + case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH: + VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, + "virt=%s resrc=evdev reason=%s %s uuid=%s path=%s", + virt, reason, vmname, uuidstr, VIR_AUDIT_STR(input->source.evdev)); + break; + + case VIR_DOMAIN_INPUT_TYPE_LAST: + break; + } + + cleanup: + VIR_FREE(vmname); + return; + + no_memory: + VIR_WARN("OOM while encoding audit message"); + goto cleanup; +} diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h index 8cb585dc7d..474ccb6b8a 100644 --- a/src/conf/domain_audit.h +++ b/src/conf/domain_audit.h @@ -133,6 +133,11 @@ void virDomainAuditShmem(virDomainObjPtr vm, virDomainShmemDefPtr def, const char *reason, bool success) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); +void virDomainAuditInput(virDomainObjPtr vm, + virDomainInputDefPtr input, + const char *reason, + bool success) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); #endif /* __VIR_DOMAIN_AUDIT_H__ */