On Wed, Jun 17, 2015 at 11:56:16AM +0800, Luyao Huang wrote:
Signed-off-by: Luyao Huang <lhuang@xxxxxxxxxx> --- docs/auditlog.html.in | 16 ++++++++++++++++ src/conf/domain_audit.c | 16 ++++++++++++++++ src/conf/domain_audit.h | 6 ++++++ src/libvirt_private.syms | 1 + 4 files changed, 39 insertions(+) diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in index 8a007ca..b168cbf 100644 --- a/docs/auditlog.html.in +++ b/docs/auditlog.html.in @@ -301,6 +301,22 @@ <dd>Updated path of the backing character device for given emulated device</dd> </dl> + <h4><a name="typeresourceivshmem">Shared memory device</a></h4> + <p> + The <code>msg</code> field will include the following sub-fields + </p> + + <dl> + <dt>reason</dt> + <dd>The reason which caused the resource to be assigned to happen</dd> + <dt>resrc</dt> + <dd>The type of resource assigned. Set to <code>shmem</code></dd> + <dt>old-shmem</dt> + <dd>Original memory size of share memory device in bytes, or 0</dd> + <dt>new-shmem</dt> + <dd>Updated memory size of share memory device in bytes</dd>
I don't think memory size is the thing audit cares about, it should be the name/path mostly. Even better if we could audit all of it (size, name, path).
+ </dl> + <h4><a name="typeresourcesmartcard">smartcard</a></h4> <p> The <code>msg</code> field will include the following sub-fields diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c index 1900039..aa2b4b5 100644 --- a/src/conf/domain_audit.c +++ b/src/conf/domain_audit.c @@ -799,6 +799,19 @@ virDomainAuditIOThread(virDomainObjPtr vm, reason, success); } + +void +virDomainAuditShmem(virDomainObjPtr vm, + virDomainShmemDefPtr oldDef, virDomainShmemDefPtr newDef, + const char *reason, bool success) +{ + return virDomainAuditResource(vm, "shmem", + oldDef ? oldDef->size : 0, + newDef ? newDef->size : 0, + reason, success); +} + + static void virDomainAuditLifecycle(virDomainObjPtr vm, const char *op, const char *reason, bool success) @@ -880,6 +893,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason, bool success) for (i = 0; i < vm->def->nrngs; i++) virDomainAuditRNG(vm, NULL, vm->def->rngs[i], "start", true); + for (i = 0; i < vm->def->nshmems; i++) + virDomainAuditShmem(vm, NULL, vm->def->shmems[i], "start", true); + if (vm->def->tpm) virDomainAuditTPM(vm, vm->def->tpm, "start", true); diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h index 97dadca..081cbb1 100644 --- a/src/conf/domain_audit.h +++ b/src/conf/domain_audit.h @@ -129,6 +129,12 @@ void virDomainAuditRNG(virDomainObjPtr vm, const char *reason, bool success) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4); +void virDomainAuditShmem(virDomainObjPtr vm, + virDomainShmemDefPtr oldDef, + virDomainShmemDefPtr newDef, + const char *reason, + bool success) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4); #endif /* __VIR_DOMAIN_AUDIT_H__ */ diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index dc8a52d..3ceb4e3 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -134,6 +134,7 @@ virDomainAuditNetDevice; virDomainAuditRedirdev; virDomainAuditRNG; virDomainAuditSecurityLabel; +virDomainAuditShmem; virDomainAuditStart; virDomainAuditStop; virDomainAuditVcpu; -- 1.8.3.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list