Re: [libvirt] [PATCH 05/10] conf:audit: introduce audit function for shared memory device
On Wed, Jun 17, 2015 at 11:56:16AM +0800, Luyao Huang wrote:
Signed-off-by: Luyao Huang lhu...@redhat.com
---
docs/auditlog.html.in| 16
src/conf/domain_audit.c | 16
src/conf/domain_audit.h | 6 ++
src/libvirt_private.syms | 1 +
4 files changed, 39 insertions(+)
diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in
index 8a007ca..b168cbf 100644
--- a/docs/auditlog.html.in
+++ b/docs/auditlog.html.in
@@ -301,6 +301,22 @@
ddUpdated path of the backing character device for given emulated
device/dd
/dl
+h4a name=typeresourceivshmemShared memory device/a/h4
+p
+ The codemsg/code field will include the following sub-fields
+/p
+
+dl
+ dtreason/dt
+ ddThe reason which caused the resource to be assigned to happen/dd
+ dtresrc/dt
+ ddThe type of resource assigned. Set to codeshmem/code/dd
+ dtold-shmem/dt
+ ddOriginal memory size of share memory device in bytes, or 0/dd
+ dtnew-shmem/dt
+ ddUpdated memory size of share memory device in bytes/dd
I don't think memory size is the thing audit cares about, it should be
the name/path mostly. Even better if we could audit all of it (size,
name, path).
+/dl
+
h4a name=typeresourcesmartcardsmartcard/a/h4
p
The codemsg/code field will include the following sub-fields
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 1900039..aa2b4b5 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -799,6 +799,19 @@ virDomainAuditIOThread(virDomainObjPtr vm,
reason, success);
}
+
+void
+virDomainAuditShmem(virDomainObjPtr vm,
+virDomainShmemDefPtr oldDef, virDomainShmemDefPtr newDef,
+const char *reason, bool success)
+{
+return virDomainAuditResource(vm, shmem,
+ oldDef ? oldDef-size : 0,
+ newDef ? newDef-size : 0,
+ reason, success);
+}
+
+
static void
virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
const char *reason, bool success)
@@ -880,6 +893,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason,
bool success)
for (i = 0; i vm-def-nrngs; i++)
virDomainAuditRNG(vm, NULL, vm-def-rngs[i], start, true);
+for (i = 0; i vm-def-nshmems; i++)
+virDomainAuditShmem(vm, NULL, vm-def-shmems[i], start, true);
+
if (vm-def-tpm)
virDomainAuditTPM(vm, vm-def-tpm, start, true);
diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h
index 97dadca..081cbb1 100644
--- a/src/conf/domain_audit.h
+++ b/src/conf/domain_audit.h
@@ -129,6 +129,12 @@ void virDomainAuditRNG(virDomainObjPtr vm,
const char *reason,
bool success)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
+void virDomainAuditShmem(virDomainObjPtr vm,
+ virDomainShmemDefPtr oldDef,
+ virDomainShmemDefPtr newDef,
+ const char *reason,
+ bool success)
+ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
#endif /* __VIR_DOMAIN_AUDIT_H__ */
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index dc8a52d..3ceb4e3 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -134,6 +134,7 @@ virDomainAuditNetDevice;
virDomainAuditRedirdev;
virDomainAuditRNG;
virDomainAuditSecurityLabel;
+virDomainAuditShmem;
virDomainAuditStart;
virDomainAuditStop;
virDomainAuditVcpu;
--
1.8.3.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
signature.asc
Description: PGP signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 05/10] conf:audit: introduce audit function for shared memory device
On 07/08/2015 07:56 PM, Martin Kletzander wrote:
On Wed, Jun 17, 2015 at 11:56:16AM +0800, Luyao Huang wrote:
Signed-off-by: Luyao Huang lhu...@redhat.com
---
docs/auditlog.html.in| 16
src/conf/domain_audit.c | 16
src/conf/domain_audit.h | 6 ++
src/libvirt_private.syms | 1 +
4 files changed, 39 insertions(+)
diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in
index 8a007ca..b168cbf 100644
--- a/docs/auditlog.html.in
+++ b/docs/auditlog.html.in
@@ -301,6 +301,22 @@
ddUpdated path of the backing character device for given
emulated device/dd
/dl
+h4a name=typeresourceivshmemShared memory device/a/h4
+p
+ The codemsg/code field will include the following sub-fields
+/p
+
+dl
+ dtreason/dt
+ ddThe reason which caused the resource to be assigned to
happen/dd
+ dtresrc/dt
+ ddThe type of resource assigned. Set to codeshmem/code/dd
+ dtold-shmem/dt
+ ddOriginal memory size of share memory device in bytes, or
0/dd
+ dtnew-shmem/dt
+ ddUpdated memory size of share memory device in bytes/dd
I don't think memory size is the thing audit cares about, it should be
the name/path mostly. Even better if we could audit all of it (size,
name, path).
Okay, i agreed with you,
Thanks a lot for your review.
Luyao
+/dl
+
h4a name=typeresourcesmartcardsmartcard/a/h4
p
The codemsg/code field will include the following sub-fields
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 1900039..aa2b4b5 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -799,6 +799,19 @@ virDomainAuditIOThread(virDomainObjPtr vm,
reason, success);
}
+
+void
+virDomainAuditShmem(virDomainObjPtr vm,
+virDomainShmemDefPtr oldDef,
virDomainShmemDefPtr newDef,
+const char *reason, bool success)
+{
+return virDomainAuditResource(vm, shmem,
+ oldDef ? oldDef-size : 0,
+ newDef ? newDef-size : 0,
+ reason, success);
+}
+
+
static void
virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
const char *reason, bool success)
@@ -880,6 +893,9 @@ virDomainAuditStart(virDomainObjPtr vm, const
char *reason, bool success)
for (i = 0; i vm-def-nrngs; i++)
virDomainAuditRNG(vm, NULL, vm-def-rngs[i], start, true);
+for (i = 0; i vm-def-nshmems; i++)
+virDomainAuditShmem(vm, NULL, vm-def-shmems[i], start,
true);
+
if (vm-def-tpm)
virDomainAuditTPM(vm, vm-def-tpm, start, true);
diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h
index 97dadca..081cbb1 100644
--- a/src/conf/domain_audit.h
+++ b/src/conf/domain_audit.h
@@ -129,6 +129,12 @@ void virDomainAuditRNG(virDomainObjPtr vm,
const char *reason,
bool success)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
+void virDomainAuditShmem(virDomainObjPtr vm,
+ virDomainShmemDefPtr oldDef,
+ virDomainShmemDefPtr newDef,
+ const char *reason,
+ bool success)
+ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
#endif /* __VIR_DOMAIN_AUDIT_H__ */
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index dc8a52d..3ceb4e3 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -134,6 +134,7 @@ virDomainAuditNetDevice;
virDomainAuditRedirdev;
virDomainAuditRNG;
virDomainAuditSecurityLabel;
+virDomainAuditShmem;
virDomainAuditStart;
virDomainAuditStop;
virDomainAuditVcpu;
--
1.8.3.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 05/10] conf:audit: introduce audit function for shared memory device
Signed-off-by: Luyao Huang lhu...@redhat.com
---
docs/auditlog.html.in| 16
src/conf/domain_audit.c | 16
src/conf/domain_audit.h | 6 ++
src/libvirt_private.syms | 1 +
4 files changed, 39 insertions(+)
diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in
index 8a007ca..b168cbf 100644
--- a/docs/auditlog.html.in
+++ b/docs/auditlog.html.in
@@ -301,6 +301,22 @@
ddUpdated path of the backing character device for given emulated
device/dd
/dl
+h4a name=typeresourceivshmemShared memory device/a/h4
+p
+ The codemsg/code field will include the following sub-fields
+/p
+
+dl
+ dtreason/dt
+ ddThe reason which caused the resource to be assigned to happen/dd
+ dtresrc/dt
+ ddThe type of resource assigned. Set to codeshmem/code/dd
+ dtold-shmem/dt
+ ddOriginal memory size of share memory device in bytes, or 0/dd
+ dtnew-shmem/dt
+ ddUpdated memory size of share memory device in bytes/dd
+/dl
+
h4a name=typeresourcesmartcardsmartcard/a/h4
p
The codemsg/code field will include the following sub-fields
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 1900039..aa2b4b5 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -799,6 +799,19 @@ virDomainAuditIOThread(virDomainObjPtr vm,
reason, success);
}
+
+void
+virDomainAuditShmem(virDomainObjPtr vm,
+virDomainShmemDefPtr oldDef, virDomainShmemDefPtr newDef,
+const char *reason, bool success)
+{
+return virDomainAuditResource(vm, shmem,
+ oldDef ? oldDef-size : 0,
+ newDef ? newDef-size : 0,
+ reason, success);
+}
+
+
static void
virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
const char *reason, bool success)
@@ -880,6 +893,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason,
bool success)
for (i = 0; i vm-def-nrngs; i++)
virDomainAuditRNG(vm, NULL, vm-def-rngs[i], start, true);
+for (i = 0; i vm-def-nshmems; i++)
+virDomainAuditShmem(vm, NULL, vm-def-shmems[i], start, true);
+
if (vm-def-tpm)
virDomainAuditTPM(vm, vm-def-tpm, start, true);
diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h
index 97dadca..081cbb1 100644
--- a/src/conf/domain_audit.h
+++ b/src/conf/domain_audit.h
@@ -129,6 +129,12 @@ void virDomainAuditRNG(virDomainObjPtr vm,
const char *reason,
bool success)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
+void virDomainAuditShmem(virDomainObjPtr vm,
+ virDomainShmemDefPtr oldDef,
+ virDomainShmemDefPtr newDef,
+ const char *reason,
+ bool success)
+ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
#endif /* __VIR_DOMAIN_AUDIT_H__ */
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index dc8a52d..3ceb4e3 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -134,6 +134,7 @@ virDomainAuditNetDevice;
virDomainAuditRedirdev;
virDomainAuditRNG;
virDomainAuditSecurityLabel;
+virDomainAuditShmem;
virDomainAuditStart;
virDomainAuditStop;
virDomainAuditVcpu;
--
1.8.3.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
