From 6f06a6c1459cdec236ed86cefc1567423b7b95b6 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Thu, 24 May 2018 10:51:26 -0400
Subject: [PATCH] conf: Audit TPM emulator device at domain startup
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Extend the existing auditing with auditing for the TPM emulator.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---
 docs/auditlog.html.in   |  2 +-
 src/conf/domain_audit.c | 16 +++++++++++++---
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in
index 9b5ef548cd..f8f0c99b23 100644
--- a/docs/auditlog.html.in
+++ b/docs/auditlog.html.in
@@ -264,7 +264,7 @@
       <dt><code>reason</code></dt>
       <dd>The reason which caused the resource to be assigned to happen</dd>
       <dt><code>resrc</code></dt>
-      <dd>The type of resource assigned. Set to <code>tpm</code></dd>
+      <dd>The type of resource assigned. Set to <code>tpm</code> or <code>tpm-emulator</code></dd>
       <dt><code>device</code></dt>
       <dd>The path of the host TPM device assigned to the guest</dd>
     </dl>
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index b92779ce40..8335938c29 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -555,12 +555,13 @@ virDomainAuditRedirdev(virDomainObjPtr vm, virDomainRedirdevDefPtr redirdev,
 
 /**
  * virDomainAuditTPM:
- * @vm: domain making a change in pass-through host device
+ * @vm: domain making a change in pass-through host device or emulator
  * @tpm: TPM device being attached or removed
  * @reason: one of "start", "attach", or "detach"
- * @success: true if the device passthrough operation succeeded
+ * @success: true if the device operation succeeded
  *
- * Log an audit message about an attempted device passthrough change.
+ * Log an audit message about an attempted device passthrough or emulator
+ * change.
  */
 static void
 virDomainAuditTPM(virDomainObjPtr vm, virDomainTPMDefPtr tpm,
@@ -596,6 +597,15 @@ virDomainAuditTPM(virDomainObjPtr vm, virDomainTPMDefPtr tpm,
                   virt, reason, vmname, uuidstr, device);
         break;
     case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+        path = tpm->data.emulator.source.data.nix.path;
+        if (!(device = virAuditEncode("device", VIR_AUDIT_STR(path)))) {
+            VIR_WARN("OOM while encoding audit message");
+            goto cleanup;
+        }
+
+        VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+                  "virt=%s resrc=tpm-emulator reason=%s %s uuid=%s %s",
+                  virt, reason, vmname, uuidstr, device);
         break;
     case VIR_DOMAIN_TPM_TYPE_LAST:
     default: