[libvirt] [PATCH] audit: Fix the output message for shmem

Martin Kletzander posted 1 patch 6 years, 10 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/3a29e6c85e2845e1a082a5e5949554c8295ed1cb.1495634965.git.mkletzan@redhat.com
src/conf/domain_audit.c | 24 +++++++++++++-----------
1 file changed, 13 insertions(+), 11 deletions(-)
[libvirt] [PATCH] audit: Fix the output message for shmem
Posted by Martin Kletzander 6 years, 10 months ago
After some discussion on and off the linux-audit mailing list, we
should use different fields for the audit messages.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1218603

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
---
 src/conf/domain_audit.c | 24 +++++++++++++-----------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 2d9ff5e3ffea..1e667af73c4f 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -983,15 +983,13 @@ virDomainAuditShmem(virDomainObjPtr vm,
     char uuidstr[VIR_UUID_STRING_BUFLEN];
     char *vmname = virAuditEncode("vm", vm->def->name);
     const char *srcpath = virDomainAuditChardevPath(&def->server.chr);
-    char *src = virAuditEncode("server", VIR_AUDIT_STR(srcpath));
-    char *shmem = virAuditEncode("shmem", VIR_AUDIT_STR(def->name));
     const char *virt = virDomainVirtTypeToString(vm->def->virtType);
-    char *size = NULL;
+    char *shmpath = NULL;

     virUUIDFormat(vm->def->uuid, uuidstr);

-    if (!vmname || !src || !shmem ||
-        virAsprintfQuiet(&size, "%llu", def->size) < 0) {
+    if (!vmname ||
+        virAsprintfQuiet(&shmpath, "/dev/shm/%s", def->name) < 0) {
         VIR_WARN("OOM while encoding audit message");
         goto cleanup;
     }
@@ -1002,14 +1000,18 @@ virDomainAuditShmem(virDomainObjPtr vm,
         virt = "?";
     }

-    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
-              "virt=%s resrc=shmem reason=%s %s uuid=%s size=%s %s %s",
-              virt, reason, vmname, uuidstr, size, shmem, src);
+    if (def->server.enabled) {
+        VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+                  "virt=%s resrc=ivshmem-socket reason=%s %s uuid=%s path=%s",
+                  virt, reason, vmname, uuidstr, VIR_AUDIT_STR(srcpath));
+    } else {
+        VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+                  "virt=%s resrc=shmem reason=%s %s uuid=%s size=%llu path=%s",
+                  virt, reason, vmname, uuidstr, def->size, VIR_AUDIT_STR(shmpath));
+   }

  cleanup:
     VIR_FREE(vmname);
-    VIR_FREE(src);
-    VIR_FREE(size);
-    VIR_FREE(shmem);
+    VIR_FREE(shmpath);
     return;
 }
-- 
2.13.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] audit: Fix the output message for shmem
Posted by Martin Kletzander 6 years, 10 months ago
ping
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] audit: Fix the output message for shmem
Posted by Michal Privoznik 6 years, 9 months ago
On 05/24/2017 04:09 PM, Martin Kletzander wrote:
> After some discussion on and off the linux-audit mailing list, we
> should use different fields for the audit messages.
> 
> Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1218603
> 
> Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
> ---
>  src/conf/domain_audit.c | 24 +++++++++++++-----------
>  1 file changed, 13 insertions(+), 11 deletions(-)

ACK

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list