From nobody Sun Feb 8 13:53:31 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1508252695269918.0692459791898; Tue, 17 Oct 2017 08:04:55 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D783A81DEF; Tue, 17 Oct 2017 15:04:53 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5C42064448; Tue, 17 Oct 2017 15:04:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 15479180596E; Tue, 17 Oct 2017 15:04:51 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v9HF4nYQ003052 for ; Tue, 17 Oct 2017 11:04:49 -0400 Received: by smtp.corp.redhat.com (Postfix) id 85C516062B; Tue, 17 Oct 2017 15:04:49 +0000 (UTC) Received: from icr.brq.redhat.com (unknown [10.43.2.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0DA9F60603 for ; Tue, 17 Oct 2017 15:04:48 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com D783A81DEF Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com From: =?UTF-8?q?J=C3=A1n=20Tomko?= To: libvir-list@redhat.com Date: Tue, 17 Oct 2017 17:04:33 +0200 Message-Id: <21f93979e7522b210a68583a4fca58ac62fb93d3.1508252637.git.jtomko@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 01/12] conf: audit passthrough input devices at domain startup X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 17 Oct 2017 15:04:54 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Introduce virDomainAuditInput and use it to log the evdev passed to the guest. --- src/conf/domain_audit.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ src/conf/domain_audit.h | 5 +++++ 2 files changed, 49 insertions(+) diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c index 4afc22019..723c73736 100644 --- a/src/conf/domain_audit.c +++ b/src/conf/domain_audit.c @@ -868,6 +868,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *rea= son, bool success) for (i =3D 0; i < vm->def->nshmems; i++) virDomainAuditShmem(vm, vm->def->shmems[i], "start", true); =20 + for (i =3D 0; i < vm->def->ninputs; i++) + virDomainAuditInput(vm, vm->def->inputs[i], "start", true); + virDomainAuditMemory(vm, 0, virDomainDefGetMemoryTotal(vm->def), "start", true); virDomainAuditVcpu(vm, 0, virDomainDefGetVcpus(vm->def), "start", true= ); @@ -983,3 +986,44 @@ virDomainAuditShmem(virDomainObjPtr vm, VIR_FREE(shmpath); return; } + + +void +virDomainAuditInput(virDomainObjPtr vm, + virDomainInputDefPtr input, + const char *reason, + bool success) +{ + char uuidstr[VIR_UUID_STRING_BUFLEN]; + char *vmname; + const char *virt =3D virDomainVirtTypeToString(vm->def->virtType); + + virUUIDFormat(vm->def->uuid, uuidstr); + + if (!(vmname =3D virAuditEncode("vm", vm->def->name))) + goto no_memory; + + switch ((virDomainInputType) input->type) { + case VIR_DOMAIN_INPUT_TYPE_MOUSE: + case VIR_DOMAIN_INPUT_TYPE_TABLET: + case VIR_DOMAIN_INPUT_TYPE_KBD: + break; + + case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH: + VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, + "virt=3D%s resrc=3Devdev reason=3D%s %s uuid=3D%s path= =3D%s", + virt, reason, vmname, uuidstr, VIR_AUDIT_STR(input->sour= ce.evdev)); + break; + + case VIR_DOMAIN_INPUT_TYPE_LAST: + break; + } + + cleanup: + VIR_FREE(vmname); + return; + + no_memory: + VIR_WARN("OOM while encoding audit message"); + goto cleanup; +} diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h index 8cb585dc7..474ccb6b8 100644 --- a/src/conf/domain_audit.h +++ b/src/conf/domain_audit.h @@ -133,6 +133,11 @@ void virDomainAuditShmem(virDomainObjPtr vm, virDomainShmemDefPtr def, const char *reason, bool success) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); +void virDomainAuditInput(virDomainObjPtr vm, + virDomainInputDefPtr input, + const char *reason, + bool success) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); =20 =20 #endif /* __VIR_DOMAIN_AUDIT_H__ */ --=20 2.13.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list