From: Chen Hanxiao <chenhanx...@gmail.com>
This patch add audit info for panic notifier devices.
Signed-off-by: Chen Hanxiao <chenhanx...@gmail.com>
---
docs/auditlog.html.in | 15 +++++++++++++++
src/conf/domain_audit.c | 38 ++++++++++++++++++++++++++++++++++++++
src/conf/domain_audit.h | 4 ++++
src/libvirt_private.syms | 1 +
4 files changed, 58 insertions(+)
diff --git a/docs/auditlog.html.in b/docs/auditlog.html.in
index 0c778aa..45464af 100644
--- a/docs/auditlog.html.in
+++ b/docs/auditlog.html.in
@@ -371,5 +371,20 @@
<dd>Path of the backing character device for given emulated device</dd>
</dl>
+
+ <h4><a name="typeresourcepanic">Panic notifier</a></h4>
+ <p>
+ The <code>msg</code> field will include the following sub-fields
+ </p>
+
+ <dl>
+ <dt><code>resrc</code></dt>
+ <dd>The type of resource assigned. Set to <code>panic</code></dd>
+ <dt><code>reason</code></dt>
+ <dd>The reason which caused the resource to be assigned to happen</dd>
+ <dt><code>model</code></dt>
+ <dd>The model of the panic notifier device</dd>
+ </dl>
+
</body>
</html>
diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
index fd20ace..e48a63d 100644
--- a/src/conf/domain_audit.c
+++ b/src/conf/domain_audit.c
@@ -893,6 +893,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason,
bool success)
for (i = 0; i < vm->def->nshmems; i++)
virDomainAuditShmem(vm, vm->def->shmems[i], "start", true);
+ for (i = 0; i < vm->def->npanics; i++)
+ virDomainAuditPanic(vm, vm->def->panics[i], "start", true);
+
virDomainAuditMemory(vm, 0, virDomainDefGetMemoryTotal(vm->def),
"start", true);
virDomainAuditVcpu(vm, 0, virDomainDefGetVcpus(vm->def), "start", true);
@@ -1006,3 +1009,38 @@ virDomainAuditShmem(virDomainObjPtr vm,
VIR_FREE(shmem);
return;
}
+
+void
+virDomainAuditPanic(virDomainObjPtr vm,
+ virDomainPanicDefPtr def,
+ const char *reason,
+ bool success)
+{
+ char uuidstr[VIR_UUID_STRING_BUFLEN];
+ char *vmname = virAuditEncode("vm", vm->def->name);
+ const char *panic_model = virDomainPanicModelTypeToString(def->model);
+ char *model = virAuditEncode("model", VIR_AUDIT_STR(panic_model));
+ const char *virt = virDomainVirtTypeToString(vm->def->virtType);
+
+ virUUIDFormat(vm->def->uuid, uuidstr);
+
+ if (!vmname || !model) {
+ VIR_WARN("OOM while encoding audit message");
+ goto cleanup;
+ }
+
+ if (!virt) {
+ VIR_WARN("Unexpected virt type %d while encoding audit message",
+ vm->def->virtType);
+ virt = "?";
+ }
+
+ VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
+ "virt=%s resrc=PanicNotifier reason=%s %s uuid=%s %s",
+ virt, reason, vmname, uuidstr, model);
+
+ cleanup:
+ VIR_FREE(vmname);
+ VIR_FREE(model);
+ return;
+}
diff --git a/src/conf/domain_audit.h b/src/conf/domain_audit.h
index 8cb585d..10ecc2a 100644
--- a/src/conf/domain_audit.h
+++ b/src/conf/domain_audit.h
@@ -133,6 +133,10 @@ void virDomainAuditShmem(virDomainObjPtr vm,
virDomainShmemDefPtr def,
const char *reason, bool success)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
+void virDomainAuditPanic(virDomainObjPtr vm,
+ virDomainPanicDefPtr def,
+ const char *reason, bool success)
+ ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
#endif /* __VIR_DOMAIN_AUDIT_H__ */
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 923afd1..94ec7cb 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -146,6 +146,7 @@ virDomainAuditIOThread;
virDomainAuditMemory;
virDomainAuditNet;
virDomainAuditNetDevice;
+virDomainAuditPanic;
virDomainAuditRedirdev;
virDomainAuditRNG;
virDomainAuditSecurityLabel;
--
1.8.3.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
