[libvirt] [PATCH 05/10] Move QEMU audit helper code out of the QEMU driver

Daniel P. Berrange berrange at redhat.com
Thu Dec 16 16:50:05 UTC 2010


The QEMU driver file is far too large. Move all the audit
helper code out into a separate file. No functional change.

* src/qemu/qemu_audit.c, src/qemu/qemu_audit.h,
  src/Makefile.am: Add audit helper file
* src/qemu/qemu_driver.c: Delete audit code
---
 src/Makefile.am        |    1 +
 src/qemu/qemu_audit.c  |  170 ++++++++++++++++++++++++++++++++++++++++++++++++
 src/qemu/qemu_audit.h  |   43 ++++++++++++
 src/qemu/qemu_driver.c |  141 +---------------------------------------
 4 files changed, 215 insertions(+), 140 deletions(-)
 create mode 100644 src/qemu/qemu_audit.c
 create mode 100644 src/qemu/qemu_audit.h

diff --git a/src/Makefile.am b/src/Makefile.am
index d2fcd5f..381ca3d 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -270,6 +270,7 @@ QEMU_DRIVER_SOURCES =						\
 		qemu/qemu_capabilities.c qemu/qemu_capabilities.h\
 		qemu/qemu_command.c qemu/qemu_command.h		\
 		qemu/qemu_domain.c qemu/qemu_domain.h		\
+		qemu/qemu_audit.c qemu/qemu_audit.h		\
 		qemu/qemu_conf.c qemu/qemu_conf.h		\
 		qemu/qemu_monitor.c qemu/qemu_monitor.h		\
 		qemu/qemu_monitor_text.c			\
diff --git a/src/qemu/qemu_audit.c b/src/qemu/qemu_audit.c
new file mode 100644
index 0000000..e8320d0
--- /dev/null
+++ b/src/qemu/qemu_audit.c
@@ -0,0 +1,170 @@
+/*
+ * qemu_audit.c: QEMU audit management
+ *
+ * Copyright (C) 2006-2007, 2009-2010 Red Hat, Inc.
+ * Copyright (C) 2006 Daniel P. Berrange
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+ *
+ * Author: Daniel P. Berrange <berrange at redhat.com>
+ */
+
+#include <config.h>
+
+#include "qemu_audit.h"
+#include "virtaudit.h"
+#include "uuid.h"
+#include "logging.h"
+#include "memory.h"
+
+void qemuDomainDiskAudit(virDomainObjPtr vm,
+                         virDomainDiskDefPtr oldDef,
+                         virDomainDiskDefPtr newDef,
+                         const char *reason,
+                         bool success)
+{
+    char uuidstr[VIR_UUID_STRING_BUFLEN];
+    char *vmname;
+    char *oldsrc = NULL;
+    char *newsrc = NULL;
+
+    virUUIDFormat(vm->def->uuid, uuidstr);
+    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
+        VIR_WARN0("OOM while encoding audit message");
+        return;
+    }
+
+    if (!(oldsrc = virAuditEncode("old-disk",
+                                  oldDef && oldDef->src ?
+                                  oldDef->src : "?"))) {
+        VIR_WARN0("OOM while encoding audit message");
+        goto cleanup;
+    }
+    if (!(newsrc = virAuditEncode("new-disk",
+                                  newDef && newDef->src ?
+                                  newDef->src : "?"))) {
+        VIR_WARN0("OOM while encoding audit message");
+        goto cleanup;
+    }
+
+    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+              "resrc=disk reason=%s %s uuid=%s %s %s",
+              reason, vmname, uuidstr,
+              oldsrc, newsrc);
+
+cleanup:
+    VIR_FREE(vmname);
+    VIR_FREE(oldsrc);
+    VIR_FREE(newsrc);
+}
+
+
+void qemuDomainNetAudit(virDomainObjPtr vm,
+                        virDomainNetDefPtr oldDef,
+                        virDomainNetDefPtr newDef,
+                        const char *reason,
+                        bool success)
+{
+    char uuidstr[VIR_UUID_STRING_BUFLEN];
+    char newMacstr[VIR_MAC_STRING_BUFLEN];
+    char oldMacstr[VIR_MAC_STRING_BUFLEN];
+    char *vmname;
+
+    virUUIDFormat(vm->def->uuid, uuidstr);
+    if (oldDef)
+        virFormatMacAddr(oldDef->mac, oldMacstr);
+    if (newDef)
+        virFormatMacAddr(newDef->mac, newMacstr);
+    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
+        VIR_WARN0("OOM while encoding audit message");
+        return;
+    }
+
+    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+              "resrc=net reason=%s %s uuid=%s old-net='%s' new-net='%s'",
+              reason, vmname, uuidstr,
+              oldDef ? oldMacstr : "?",
+              newDef ? newMacstr : "?");
+
+    VIR_FREE(vmname);
+}
+
+
+static void qemuDomainLifecycleAudit(virDomainObjPtr vm,
+                                     const char *op,
+                                     const char *reason,
+                                     bool success)
+{
+    char uuidstr[VIR_UUID_STRING_BUFLEN];
+    char *vmname;
+
+    virUUIDFormat(vm->def->uuid, uuidstr);
+
+    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
+        VIR_WARN0("OOM while encoding audit message");
+        return;
+    }
+
+    VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
+              "op=%s reason=%s %s uuid=%s", op, reason, vmname, uuidstr);
+
+    VIR_FREE(vmname);
+}
+
+
+void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success)
+{
+    int i;
+
+    for (i = 0 ; i < vm->def->ndisks ; i++) {
+        virDomainDiskDefPtr disk = vm->def->disks[i];
+        if (disk->src) /* Skips CDROM without media initially inserted */
+            qemuDomainDiskAudit(vm, NULL, disk, "start", true);
+    }
+
+    for (i = 0 ; i < vm->def->nnets ; i++) {
+        virDomainNetDefPtr net = vm->def->nets[i];
+        qemuDomainNetAudit(vm, NULL, net, "start", true);
+    }
+
+    qemuDomainLifecycleAudit(vm, "start", reason, success);
+}
+
+
+void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason)
+{
+    qemuDomainLifecycleAudit(vm, "stop", reason, true);
+}
+
+void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success)
+{
+    char uuidstr[VIR_UUID_STRING_BUFLEN];
+    char *vmname;
+
+    virUUIDFormat(vm->def->uuid, uuidstr);
+    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
+        VIR_WARN0("OOM while encoding audit message");
+        return;
+    }
+
+    VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success,
+              "%s uuid=%s vm-ctx=%s img-ctx=%s",
+              vmname, uuidstr,
+              VIR_AUDIT_STR(vm->def->seclabel.label),
+              VIR_AUDIT_STR(vm->def->seclabel.imagelabel));
+
+    VIR_FREE(vmname);
+}
+
diff --git a/src/qemu/qemu_audit.h b/src/qemu/qemu_audit.h
new file mode 100644
index 0000000..a4064ba
--- /dev/null
+++ b/src/qemu/qemu_audit.h
@@ -0,0 +1,43 @@
+/*
+ * qemu_audit.h: QEMU audit management
+ *
+ * Copyright (C) 2006-2007, 2009-2010 Red Hat, Inc.
+ * Copyright (C) 2006 Daniel P. Berrange
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+ *
+ * Author: Daniel P. Berrange <berrange at redhat.com>
+ */
+
+#ifndef __QEMU_AUDIT_H__
+# define __QEMU_AUDIT_H__
+
+#include "domain_conf.h"
+
+void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success);
+void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason);
+void qemuDomainDiskAudit(virDomainObjPtr vm,
+                         virDomainDiskDefPtr oldDef,
+                         virDomainDiskDefPtr newDef,
+                         const char *reason,
+                         bool success);
+void qemuDomainNetAudit(virDomainObjPtr vm,
+                        virDomainNetDefPtr oldDef,
+                        virDomainNetDefPtr newDef,
+                        const char *reason,
+                        bool success);
+void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success);
+
+#endif /* __QEMU_AUDIT_H__ */
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 9ce8fbe..c4afe20 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -57,6 +57,7 @@
 #include "qemu_command.h"
 #include "qemu_monitor.h"
 #include "qemu_bridge_filter.h"
+#include "qemu_audit.h"
 #include "c-ctype.h"
 #include "event.h"
 #include "buf.h"
@@ -82,7 +83,6 @@
 #include "domain_nwfilter.h"
 #include "hooks.h"
 #include "storage_file.h"
-#include "virtaudit.h"
 #include "files.h"
 #include "fdstream.h"
 #include "configmake.h"
@@ -139,9 +139,6 @@ static void qemudShutdownVMDaemon(struct qemud_driver *driver,
                                   virDomainObjPtr vm,
                                   int migrated);
 
-static void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success);
-static void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason);
-
 static int qemudDomainGetMaxVcpus(virDomainPtr dom);
 
 static int qemuDetectVcpuPIDs(struct qemud_driver *driver,
@@ -3441,142 +3438,6 @@ static int qemuDomainSnapshotSetActive(virDomainObjPtr vm,
 static int qemuDomainSnapshotSetInactive(virDomainObjPtr vm,
                                          char *snapshotDir);
 
-static void qemuDomainDiskAudit(virDomainObjPtr vm,
-                                virDomainDiskDefPtr oldDef,
-                                virDomainDiskDefPtr newDef,
-                                const char *reason,
-                                bool success)
-{
-    char uuidstr[VIR_UUID_STRING_BUFLEN];
-    char *vmname;
-    char *oldsrc = NULL;
-    char *newsrc = NULL;
-
-    virUUIDFormat(vm->def->uuid, uuidstr);
-    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
-        VIR_WARN0("OOM while encoding audit message");
-        return;
-    }
-
-    if (!(oldsrc = virAuditEncode("old-disk",
-                                  oldDef && oldDef->src ?
-                                  oldDef->src : "?"))) {
-        VIR_WARN0("OOM while encoding audit message");
-        goto cleanup;
-    }
-    if (!(newsrc = virAuditEncode("new-disk",
-                                  newDef && newDef->src ?
-                                  newDef->src : "?"))) {
-        VIR_WARN0("OOM while encoding audit message");
-        goto cleanup;
-    }
-
-    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
-              "resrc=disk reason=%s %s uuid=%s %s %s",
-              reason, vmname, uuidstr,
-              oldsrc, newsrc);
-
-cleanup:
-    VIR_FREE(vmname);
-    VIR_FREE(oldsrc);
-    VIR_FREE(newsrc);
-}
-
-
-static void qemuDomainNetAudit(virDomainObjPtr vm,
-                               virDomainNetDefPtr oldDef,
-                               virDomainNetDefPtr newDef,
-                               const char *reason,
-                               bool success)
-{
-    char uuidstr[VIR_UUID_STRING_BUFLEN];
-    char newMacstr[VIR_MAC_STRING_BUFLEN];
-    char oldMacstr[VIR_MAC_STRING_BUFLEN];
-    char *vmname;
-
-    virUUIDFormat(vm->def->uuid, uuidstr);
-    if (oldDef)
-        virFormatMacAddr(oldDef->mac, oldMacstr);
-    if (newDef)
-        virFormatMacAddr(newDef->mac, newMacstr);
-    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
-        VIR_WARN0("OOM while encoding audit message");
-        return;
-    }
-
-    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
-              "resrc=net reason=%s %s uuid=%s old-net='%s' new-net='%s'",
-              reason, vmname, uuidstr,
-              oldDef ? oldMacstr : "?",
-              newDef ? newMacstr : "?");
-
-    VIR_FREE(vmname);
-}
-
-
-static void qemuDomainLifecycleAudit(virDomainObjPtr vm,
-                                     const char *op,
-                                     const char *reason,
-                                     bool success)
-{
-    char uuidstr[VIR_UUID_STRING_BUFLEN];
-    char *vmname;
-
-    virUUIDFormat(vm->def->uuid, uuidstr);
-
-    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
-        VIR_WARN0("OOM while encoding audit message");
-        return;
-    }
-
-    VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_CONTROL, success,
-              "op=%s reason=%s %s uuid=%s", op, reason, vmname, uuidstr);
-
-    VIR_FREE(vmname);
-}
-
-static void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success)
-{
-    int i;
-
-    for (i = 0 ; i < vm->def->ndisks ; i++) {
-        virDomainDiskDefPtr disk = vm->def->disks[i];
-        if (disk->src) /* Skips CDROM without media initially inserted */
-            qemuDomainDiskAudit(vm, NULL, disk, "start", true);
-    }
-
-    for (i = 0 ; i < vm->def->nnets ; i++) {
-        virDomainNetDefPtr net = vm->def->nets[i];
-        qemuDomainNetAudit(vm, NULL, net, "start", true);
-    }
-
-    qemuDomainLifecycleAudit(vm, "start", reason, success);
-}
-
-static void qemuDomainStopAudit(virDomainObjPtr vm, const char *reason)
-{
-    qemuDomainLifecycleAudit(vm, "stop", reason, true);
-}
-
-static void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success)
-{
-    char uuidstr[VIR_UUID_STRING_BUFLEN];
-    char *vmname;
-
-    virUUIDFormat(vm->def->uuid, uuidstr);
-    if (!(vmname = virAuditEncode("vm", vm->def->name))) {
-        VIR_WARN0("OOM while encoding audit message");
-        return;
-    }
-
-    VIR_AUDIT(VIR_AUDIT_RECORD_MACHINE_ID, success,
-              "%s uuid=%s vm-ctx=%s img-ctx=%s",
-              vmname, uuidstr,
-              VIR_AUDIT_STR(vm->def->seclabel.label),
-              VIR_AUDIT_STR(vm->def->seclabel.imagelabel));
-
-    VIR_FREE(vmname);
-}
 
 #define START_POSTFIX ": starting up\n"
 #define SHUTDOWN_POSTFIX ": shutting down\n"
-- 
1.7.2.3




More information about the libvir-list mailing list