mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-25 10:03:49 +03:00
audit: Audit information about shmem devices
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1218603 Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
This commit is contained in:
parent
92513bc23a
commit
94e2be8424
@ -352,5 +352,24 @@
|
|||||||
<dd>The name of the cgroup controller</dd>
|
<dd>The name of the cgroup controller</dd>
|
||||||
</dl>
|
</dl>
|
||||||
|
|
||||||
|
|
||||||
|
<h4><a name="typeresourceshmem">Shared memory</a></h4>
|
||||||
|
<p>
|
||||||
|
The <code>msg</code> field will include the following sub-fields
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<dl>
|
||||||
|
<dt><code>resrc</code></dt>
|
||||||
|
<dd>The type of resource assigned. Set to <code>shmem</code></dd>
|
||||||
|
<dt><code>reason</code></dt>
|
||||||
|
<dd>The reason which caused the resource to be assigned to happen</dd>
|
||||||
|
<dt><code>size</code></dt>
|
||||||
|
<dd>The size of the shared memory region</dd>
|
||||||
|
<dt><code>shmem</code></dt>
|
||||||
|
<dd>Name of the shared memory region</dd>
|
||||||
|
<dt><code>source</code></dt>
|
||||||
|
<dd>Path of the backing character device for given emulated device</dd>
|
||||||
|
</dl>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
@ -890,6 +890,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason, bool success)
|
|||||||
if (vm->def->tpm)
|
if (vm->def->tpm)
|
||||||
virDomainAuditTPM(vm, vm->def->tpm, "start", true);
|
virDomainAuditTPM(vm, vm->def->tpm, "start", true);
|
||||||
|
|
||||||
|
for (i = 0; i < vm->def->nshmems; i++)
|
||||||
|
virDomainAuditShmem(vm, vm->def->shmems[i], "start", true);
|
||||||
|
|
||||||
virDomainAuditMemory(vm, 0, virDomainDefGetMemoryTotal(vm->def),
|
virDomainAuditMemory(vm, 0, virDomainDefGetMemoryTotal(vm->def),
|
||||||
"start", true);
|
"start", true);
|
||||||
virDomainAuditVcpu(vm, 0, virDomainDefGetVcpus(vm->def), "start", true);
|
virDomainAuditVcpu(vm, 0, virDomainDefGetVcpus(vm->def), "start", true);
|
||||||
@ -964,3 +967,42 @@ virDomainAuditSecurityLabel(virDomainObjPtr vm, bool success)
|
|||||||
|
|
||||||
VIR_FREE(vmname);
|
VIR_FREE(vmname);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
virDomainAuditShmem(virDomainObjPtr vm,
|
||||||
|
virDomainShmemDefPtr def,
|
||||||
|
const char *reason, bool success)
|
||||||
|
{
|
||||||
|
char uuidstr[VIR_UUID_STRING_BUFLEN];
|
||||||
|
char *vmname = virAuditEncode("vm", vm->def->name);
|
||||||
|
const char *srcpath = virDomainAuditChardevPath(&def->server.chr);
|
||||||
|
char *src = virAuditEncode("server", VIR_AUDIT_STR(srcpath));
|
||||||
|
char *shmem = virAuditEncode("shmem", VIR_AUDIT_STR(def->name));
|
||||||
|
const char *virt = virDomainVirtTypeToString(vm->def->virtType);
|
||||||
|
char *size = NULL;
|
||||||
|
|
||||||
|
virUUIDFormat(vm->def->uuid, uuidstr);
|
||||||
|
|
||||||
|
if (!vmname || !src || !size || !shmem ||
|
||||||
|
virAsprintfQuiet(&size, "%llu", def->size) < 0) {
|
||||||
|
VIR_WARN("OOM while encoding audit message");
|
||||||
|
goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!virt) {
|
||||||
|
VIR_WARN("Unexpected virt type %d while encoding audit message",
|
||||||
|
vm->def->virtType);
|
||||||
|
virt = "?";
|
||||||
|
}
|
||||||
|
|
||||||
|
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
|
||||||
|
"virt=%s resrc=shmem reason=%s %s uuid=%s size=%s %s %s",
|
||||||
|
virt, reason, vmname, uuidstr, size ?: "?", shmem, src);
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
VIR_FREE(vmname);
|
||||||
|
VIR_FREE(src);
|
||||||
|
VIR_FREE(size);
|
||||||
|
VIR_FREE(shmem);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
@ -129,6 +129,10 @@ void virDomainAuditRNG(virDomainObjPtr vm,
|
|||||||
const char *reason,
|
const char *reason,
|
||||||
bool success)
|
bool success)
|
||||||
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
|
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
|
||||||
|
void virDomainAuditShmem(virDomainObjPtr vm,
|
||||||
|
virDomainShmemDefPtr def,
|
||||||
|
const char *reason, bool success)
|
||||||
|
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
|
||||||
|
|
||||||
|
|
||||||
#endif /* __VIR_DOMAIN_AUDIT_H__ */
|
#endif /* __VIR_DOMAIN_AUDIT_H__ */
|
||||||
|
@ -146,6 +146,7 @@ virDomainAuditNetDevice;
|
|||||||
virDomainAuditRedirdev;
|
virDomainAuditRedirdev;
|
||||||
virDomainAuditRNG;
|
virDomainAuditRNG;
|
||||||
virDomainAuditSecurityLabel;
|
virDomainAuditSecurityLabel;
|
||||||
|
virDomainAuditShmem;
|
||||||
virDomainAuditStart;
|
virDomainAuditStart;
|
||||||
virDomainAuditStop;
|
virDomainAuditStop;
|
||||||
virDomainAuditVcpu;
|
virDomainAuditVcpu;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user