Re: [PATCH 05/10] conf:audit: introduce audit function for shared memory device

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jun 17, 2015 at 11:56:16AM +0800, Luyao Huang wrote:
Signed-off-by: Luyao Huang <lhuang@xxxxxxxxxx>
---
docs/auditlog.html.in    | 16 ++++++++++++++++
src/conf/domain_audit.c  | 16 ++++++++++++++++
src/conf/domain_audit.h  |  6 ++++++
src/libvirt_private.syms |  1 +
4 files changed, 39 insertions(+)

diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in
index 8a007ca..b168cbf 100644
--- a/docs/auditlog.html.in
+++ b/docs/auditlog.html.in
@@ -301,6 +301,22 @@
      <dd>Updated path of the backing character device for given emulated device</dd>
    </dl>

+    <h4><a name="typeresourceivshmem">Shared memory device</a></h4>
+    <p>
+      The <code>msg</code> field will include the following sub-fields
+    </p>
+
+    <dl>
+      <dt>reason</dt>
+      <dd>The reason which caused the resource to be assigned to happen</dd>
+      <dt>resrc</dt>
+      <dd>The type of resource assigned. Set to <code>shmem</code></dd>
+      <dt>old-shmem</dt>
+      <dd>Original memory size of share memory device in bytes, or 0</dd>
+      <dt>new-shmem</dt>
+      <dd>Updated memory size of share memory device in bytes</dd>

I don't think memory size is the thing audit cares about, it should be
the name/path mostly.  Even better if we could audit all of it (size,
name, path).

+    </dl>
+
    <h4><a name="typeresourcesmartcard">smartcard</a></h4>
    <p>
      The <code>msg</code> field will include the following sub-fields
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index 1900039..aa2b4b5 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -799,6 +799,19 @@ virDomainAuditIOThread(virDomainObjPtr vm,
                                  reason, success);
}

+
+void
+virDomainAuditShmem(virDomainObjPtr vm,
+                    virDomainShmemDefPtr oldDef, virDomainShmemDefPtr newDef,
+                    const char *reason, bool success)
+{
+    return virDomainAuditResource(vm, "shmem",
+                                  oldDef ? oldDef->size : 0,
+                                  newDef ? newDef->size : 0,
+                                  reason, success);
+}
+
+
static void
virDomainAuditLifecycle(virDomainObjPtr vm, const char *op,
                        const char *reason, bool success)
@@ -880,6 +893,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason, bool success)
    for (i = 0; i < vm->def->nrngs; i++)
        virDomainAuditRNG(vm, NULL, vm->def->rngs[i], "start", true);

+    for (i = 0; i < vm->def->nshmems; i++)
+        virDomainAuditShmem(vm, NULL, vm->def->shmems[i], "start", true);
+
    if (vm->def->tpm)
        virDomainAuditTPM(vm, vm->def->tpm, "start", true);

diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h
index 97dadca..081cbb1 100644
--- a/src/conf/domain_audit.h
+++ b/src/conf/domain_audit.h
@@ -129,6 +129,12 @@ void virDomainAuditRNG(virDomainObjPtr vm,
                       const char *reason,
                       bool success)
    ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
+void virDomainAuditShmem(virDomainObjPtr vm,
+                         virDomainShmemDefPtr oldDef,
+                         virDomainShmemDefPtr newDef,
+                         const char *reason,
+                         bool success)
+    ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);


#endif /* __VIR_DOMAIN_AUDIT_H__ */
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index dc8a52d..3ceb4e3 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -134,6 +134,7 @@ virDomainAuditNetDevice;
virDomainAuditRedirdev;
virDomainAuditRNG;
virDomainAuditSecurityLabel;
+virDomainAuditShmem;
virDomainAuditStart;
virDomainAuditStop;
virDomainAuditVcpu;
--
1.8.3.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

Attachment: signature.asc
Description: PGP signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]