[libvirt] [PATCH] RFC: audit: add shmem resource type

Marc-André Lureau marcandre.lureau at redhat.com
Fri Jul 10 16:11:35 UTC 2015


Provide information about shared memory resources in audit log.

Notes:

- the same shm used several times will add up.  This is a very uncommon
case, but we may want to account only the different shm names instead.

- the shm may exist before the VMs was started, so the shm may not
actually be created by the VM (it can be there before, or created by
the server for instance).

https://bugzilla.redhat.com/show_bug.cgi?id=1218603

Signed-off-by: Marc-André Lureau <marcandre.lureau at redhat.com>
---
 docs/auditlog.html.in    | 17 +++++++++++++++++
 src/conf/domain_audit.c  | 10 ++++++++++
 src/conf/domain_audit.h  |  6 ++++++
 src/conf/domain_conf.c   | 21 +++++++++++++++++++++
 src/conf/domain_conf.h   |  1 +
 src/libvirt_private.syms |  2 ++
 6 files changed, 57 insertions(+)

diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in
index 8a007ca..a6e5f6d 100644
--- a/docs/auditlog.html.in
+++ b/docs/auditlog.html.in
@@ -172,6 +172,23 @@
       <dd>Updated memory size in bytes</dd>
     </dl>
 
+    <h4><a name="typeresourceshmem">Shared Memory</a></h4>
+
+    <p>
+      The <code>msg</code> field will include the following sub-fields
+    </p>
+
+    <dl>
+      <dt>reason</dt>
+      <dd>The reason which caused the resource to be assigned to happen</dd>
+      <dt>resrc</dt>
+      <dd>The type of resource assigned. Set to <code>shmem</code></dd>
+      <dt>old-shmem</dt>
+      <dd>Original memory size in bytes, or 0</dd>
+      <dt>new-shmem</dt>
+      <dd>Updated memory size in bytes</dd>
+    </dl>
+
     <h4><a name="typeresourcedisk">Disk</a></h4>
     <p>
       The <code>msg</code> field will include the following sub-fields
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index caebdba..bc81aec 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -783,6 +783,14 @@ virDomainAuditMemory(virDomainObjPtr vm,
 }
 
 void
+virDomainAuditShmem(virDomainObjPtr vm,
+                    unsigned long long oldmem, unsigned long long newmem,
+                    const char *reason, bool success)
+{
+    return virDomainAuditResource(vm, "shmem", oldmem, newmem, reason, success);
+}
+
+void
 virDomainAuditVcpu(virDomainObjPtr vm,
                    unsigned int oldvcpu, unsigned int newvcpu,
                    const char *reason, bool success)
@@ -885,6 +893,8 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason, bool success)
 
     virDomainAuditMemory(vm, 0, virDomainDefGetMemoryActual(vm->def),
                          "start", true);
+    virDomainAuditShmem(vm, 0, virDomainDefGetShmem(vm->def),
+                        "start", true);
     virDomainAuditVcpu(vm, 0, vm->def->vcpus, "start", true);
     if (vm->def->iothreads)
         virDomainAuditIOThread(vm, 0, vm->def->iothreads, "start", true);
diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h
index 97dadca..3db6ace 100644
--- a/src/conf/domain_audit.h
+++ b/src/conf/domain_audit.h
@@ -96,6 +96,12 @@ void virDomainAuditMemory(virDomainObjPtr vm,
                           const char *reason,
                           bool success)
     ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
+void virDomainAuditShmem(virDomainObjPtr vm,
+                         unsigned long long oldmem,
+                         unsigned long long newmem,
+                         const char *reason,
+                         bool success)
+    ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(4);
 void virDomainAuditVcpu(virDomainObjPtr vm,
                         unsigned int oldvcpu,
                         unsigned int newvcpu,
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 5a9a88d..378aa1a 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -7575,6 +7575,27 @@ virDomainDefGetMemoryActual(virDomainDefPtr def)
 }
 
 
+/**
+ * virDomainDefGetShmem:
+ * @def: domain definition
+ *
+ * Returns the current shared memory size usable by the domain described by
+ * @def.
+ */
+unsigned long long
+virDomainDefGetShmem(virDomainDefPtr def)
+{
+    unsigned long long ret = 0;
+    size_t i;
+
+    for (i = 0; i < def->nshmems; i++) {
+        ret += def->shmems[i]->size;
+    }
+
+    return ret;
+}
+
+
 static int
 virDomainControllerModelTypeFromString(const virDomainControllerDef *def,
                                        const char *model)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 50750c1..041d619 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2287,6 +2287,7 @@ struct _virDomainDef {
 unsigned long long virDomainDefGetMemoryInitial(virDomainDefPtr def);
 void virDomainDefSetMemoryInitial(virDomainDefPtr def, unsigned long long size);
 unsigned long long virDomainDefGetMemoryActual(virDomainDefPtr def);
+unsigned long long virDomainDefGetShmem(virDomainDefPtr def);
 
 typedef enum {
     VIR_DOMAIN_KEY_WRAP_CIPHER_NAME_AES,
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 720afdf..0bb4513 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -134,6 +134,7 @@ virDomainAuditNetDevice;
 virDomainAuditRedirdev;
 virDomainAuditRNG;
 virDomainAuditSecurityLabel;
+virDomainAuditShmem;
 virDomainAuditStart;
 virDomainAuditStop;
 virDomainAuditVcpu;
@@ -214,6 +215,7 @@ virDomainDefGetDefaultEmulator;
 virDomainDefGetMemoryActual;
 virDomainDefGetMemoryInitial;
 virDomainDefGetSecurityLabelDef;
+virDomainDefGetShmem;
 virDomainDefHasDeviceAddress;
 virDomainDefMaybeAddController;
 virDomainDefMaybeAddInput;
-- 
2.4.3




More information about the libvir-list mailing list