On 08/28/2010 03:03 PM, Xiao Guangrong wrote:
The audit is very high overhead, so we need lower the frequency to assure the guest running */ #include<linux/debugfs.h> +#include<linux/ratelimit.h> static struct dentry *debugfs_file; static bool mmu_debug; @@ -233,6 +234,11 @@ static void audit_vcpu_spte(struct kvm_vcpu *vcpu) static void kvm_mmu_audit(void *ignore, struct kvm_vcpu *vcpu, const char *msg) { + static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10); + + if (!__ratelimit(&ratelimit_state)) + return; + audit_msg = msg; audit_all_active_sps(vcpu->kvm); audit_vcpu_spte(vcpu);
This means we see a bug long after it happened, so we can't correlate it to the cause.
It's fine as an option (even the default) but I'd like to be able to audit after every operation. Perhaps a partial audit that only looks at the gfns and vaddrs that were affected in the last operation?
I have to admit, it's been a very long time since I last used audit. -- error compiling committee.c: too many arguments to function -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html