External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-03-07 17:28:15 +00:00
Code

audit: audit qemu memory and vcpu adjusments

Browse Source 
* src/qemu/qemu_audit.h (qemuDomainMemoryAudit)
(qemuDomainVcpuAudit): New prototypes.
* src/qemu/qemu_audit.c (qemuDomainResourceAudit)
(qemuDomainMemoryAudit, qemuDomainVcpuAudit): New functions.
(qemuDomainStartAudit): Call as appropriate.
* src/qemu/qemu_driver.c (qemudDomainSetMemory)
(qemudDomainHotplugVcpus): Likewise.
This commit is contained in:
Eric Blake 2011-02-21 17:02:17 -07:00
parent 6bb98d419f
commit e25f2c74df
3 changed files with 71 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
src/qemu/qemu_audit.c
View File

@ -148,6 +148,59 @@ cleanup:
} }
/**
* qemuDomainResourceAudit:
* @vm: domain making an integer resource change
* @resource: name of the resource: "mem" or "vcpu"
* @oldval: the old value of the resource
* @newval: the new value of the resource
* @reason: either "start" or "update"
* @success: true if the resource change succeeded
*
* Log an audit message about an attempted resource change.
*/
static void
qemuDomainResourceAudit(virDomainObjPtr vm,
const char *resource,
unsigned long long oldval,
unsigned long long newval,
const char *reason,
bool success)
{
char uuidstr[VIR_UUID_STRING_BUFLEN];
char *vmname;
virUUIDFormat(vm->def->uuid, uuidstr);
if (!(vmname = virAuditEncode("vm", vm->def->name))) {
VIR_WARN0("OOM while encoding audit message");
return;
}
VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
"resrc=%s reason=%s %s uuid=%s old-%s=%lld new-%s=%lld",
resource, reason, vmname, uuidstr,
resource, oldval, resource, newval);
VIR_FREE(vmname);
}
void
qemuDomainMemoryAudit(virDomainObjPtr vm,
unsigned long long oldmem, unsigned long long newmem,
const char *reason, bool success)
{
return qemuDomainResourceAudit(vm, "mem", oldmem, newmem, reason, success);
}
void
qemuDomainVcpuAudit(virDomainObjPtr vm,
unsigned int oldvcpu, unsigned int newvcpu,
const char *reason, bool success)
{
return qemuDomainResourceAudit(vm, "vcpu", oldvcpu, newvcpu, reason,
success);
}
static void qemuDomainLifecycleAudit(virDomainObjPtr vm, static void qemuDomainLifecycleAudit(virDomainObjPtr vm,
const char *op, const char *op,
const char *reason, const char *reason,
@ -185,6 +238,9 @@ void qemuDomainStartAudit(virDomainObjPtr vm, const char *reason, bool success)
qemuDomainNetAudit(vm, NULL, net, "start", true); qemuDomainNetAudit(vm, NULL, net, "start", true);
} }
qemuDomainMemoryAudit(vm, 0, vm->def->mem.cur_balloon, "start", true);
qemuDomainVcpuAudit(vm, 0, vm->def->vcpus, "start", true);
qemuDomainLifecycleAudit(vm, "start", reason, success); qemuDomainLifecycleAudit(vm, "start", reason, success);
} }

10
src/qemu/qemu_audit.h
View File

@ -45,6 +45,16 @@ void qemuDomainCgroupAudit(virDomainObjPtr vm,
const char *item, const char *item,
const char *name, const char *name,
bool success); bool success);
void qemuDomainMemoryAudit(virDomainObjPtr vm,
unsigned long long oldmem,
unsigned long long newmem,
const char *reason,
bool success);
void qemuDomainVcpuAudit(virDomainObjPtr vm,
unsigned int oldvcpu,
unsigned int newvcpu,
const char *reason,
bool success);
void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success); void qemuDomainSecurityLabelAudit(virDomainObjPtr vm, bool success);
#endif /* __QEMU_AUDIT_H__ */ #endif /* __QEMU_AUDIT_H__ */

6
src/qemu/qemu_driver.c
View File

@ -1604,6 +1604,8 @@ static int qemudDomainSetMemory(virDomainPtr dom, unsigned long newmem) {
qemuDomainObjEnterMonitor(vm); qemuDomainObjEnterMonitor(vm);
r = qemuMonitorSetBalloon(priv->mon, newmem); r = qemuMonitorSetBalloon(priv->mon, newmem);
qemuDomainObjExitMonitor(vm); qemuDomainObjExitMonitor(vm);
qemuDomainMemoryAudit(vm, vm->def->mem.cur_balloon, newmem, "update",
r == 1);
if (r < 0) if (r < 0)
goto endjob; goto endjob;
@ -2517,8 +2519,9 @@ static void processWatchdogEvent(void *data, void *opaque)
static int qemudDomainHotplugVcpus(virDomainObjPtr vm, unsigned int nvcpus) static int qemudDomainHotplugVcpus(virDomainObjPtr vm, unsigned int nvcpus)
{ {
qemuDomainObjPrivatePtr priv = vm->privateData; qemuDomainObjPrivatePtr priv = vm->privateData;
int i, rc; int i, rc = 1;
int ret = -1; int ret = -1;
int oldvcpus = vm->def->vcpus;
qemuDomainObjEnterMonitor(vm); qemuDomainObjEnterMonitor(vm);
@ -2553,6 +2556,7 @@ static int qemudDomainHotplugVcpus(virDomainObjPtr vm, unsigned int nvcpus)
cleanup: cleanup:
qemuDomainObjExitMonitor(vm); qemuDomainObjExitMonitor(vm);
qemuDomainVcpuAudit(vm, oldvcpus, nvcpus, "update", rc == 1);
return ret; return ret;
unsupported: unsupported: