On 07.09.2016 15:37, Martin Kletzander wrote: > Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1218603 > > Signed-off-by: Martin Kletzander <mkletzan@xxxxxxxxxx> > --- > docs/auditlog.html.in | 19 +++++++++++++++++++ > src/conf/domain_audit.c | 43 +++++++++++++++++++++++++++++++++++++++++++ > src/conf/domain_audit.h | 4 ++++ > src/libvirt_private.syms | 1 + > 4 files changed, 67 insertions(+) > > diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in > index 012d0680a87b..7348948feb7a 100644 > --- a/docs/auditlog.html.in > +++ b/docs/auditlog.html.in > @@ -352,5 +352,24 @@ > <dd>The name of the cgroup controller</dd> > </dl> > > + > + <h4><a name="typeresourceshmem">console/serial/parallel/channel</a></h4> Copy-paste error. I guess you want a different name here than "console/..." ;-) > + <p> > + The <code>msg</code> field will include the following sub-fields > + </p> > + > + <dl> > + <dt><code>resrc</code></dt> > + <dd>The type of resource assigned. Set to <code>shmem</code></dd> > + <dt><code>reason</code></dt> > + <dd>The reason which caused the resource to be assigned to happen</dd> > + <dt><code>size</code></dt> > + <dd>The size of the shared memory region</dd> > + <dt><code>shmem</code></dt> > + <dd>Name of the shared memory region</dd> > + <dt><code>source</code></dt> > + <dd>Path of the backing character device for given emulated device</dd> > + </dl> > + > </body> > </html> > diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c > index 53a58ac4c88c..cf9c03dee749 100644 > --- a/src/conf/domain_audit.c > +++ b/src/conf/domain_audit.c > @@ -889,6 +889,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason, bool success) > if (vm->def->tpm) > virDomainAuditTPM(vm, vm->def->tpm, "start", true); > > + for (i = 0; i < vm->def->nshmems; i++) > + virDomainAuditShmem(vm, vm->def->shmems[i], "start", true); > + > virDomainAuditMemory(vm, 0, virDomainDefGetMemoryTotal(vm->def), > "start", true); > virDomainAuditVcpu(vm, 0, virDomainDefGetVcpus(vm->def), "start", true); > @@ -963,3 +966,43 @@ virDomainAuditSecurityLabel(virDomainObjPtr vm, bool success) > > VIR_FREE(vmname); > } > + > +void > +virDomainAuditShmem(virDomainObjPtr vm, > + virDomainShmemDefPtr def, > + const char *reason, bool success) > +{ > + char uuidstr[VIR_UUID_STRING_BUFLEN]; > + char *vmname = virAuditEncode("vm", vm->def->name); > + const char *srcpath = virDomainAuditChardevPath(&def->server.chr); > + char *src = virAuditEncode("server", VIR_AUDIT_STR(srcpath)); > + char *shmem = virAuditEncode("shmem", VIR_AUDIT_STR(def->name)); > + const char *virt = virDomainVirtTypeToString(vm->def->virtType); > + char *size = NULL; > + > + ignore_value(virAsprintfQuiet(&size, "%llu", def->size)); > + virUUIDFormat(vm->def->uuid, uuidstr); > + if (!vmname || !src || !size || !shmem || !size) > + goto no_memory; I prefer to not have labels which are used from just one place. Therefore I'd move the VIR_WARN() here and jump right onto cleanup label. And if I wanted to be very picky, I'd say lose the ignore_value() and check for virAsprintfQuiet() retval here too, but I am not, therefore I won't mention it O:-) > + > + if (!virt) { > + VIR_WARN("Unexpected virt type %d while encoding audit message", > + vm->def->virtType); > + virt = "?"; > + } > + > + VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success, > + "virt=%s resrc=shmem reason=%s %s uuid=%s size=%s %s %s", > + virt, reason, vmname, uuidstr, size ?: "?", shmem, src); > + > + cleanup: > + VIR_FREE(vmname); > + VIR_FREE(src); > + VIR_FREE(size); > + VIR_FREE(shmem); > + return; > + > + no_memory: > + VIR_WARN("OOM while encoding audit message"); > + goto cleanup; > +} > diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h > index 97dadca5aae7..8cb585dc7d96 100644 > --- a/src/conf/domain_audit.h > +++ b/src/conf/domain_audit.h > @@ -129,6 +129,10 @@ void virDomainAuditRNG(virDomainObjPtr vm, > const char *reason, > bool success) > ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4); > +void virDomainAuditShmem(virDomainObjPtr vm, > + virDomainShmemDefPtr def, > + const char *reason, bool success) > + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); > > > #endif /* __VIR_DOMAIN_AUDIT_H__ */ > diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms > index a5fa30562f0c..1555f60ffda4 100644 > --- a/src/libvirt_private.syms > +++ b/src/libvirt_private.syms > @@ -146,6 +146,7 @@ virDomainAuditNetDevice; > virDomainAuditRedirdev; > virDomainAuditRNG; > virDomainAuditSecurityLabel; > +virDomainAuditShmem; > virDomainAuditStart; > virDomainAuditStop; > virDomainAuditVcpu; > ACK Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list