Although all hotpluggable devices other than lease, controller,
watchdof, and vsock can be audited, and *are* audited when an unplug
is successful, only disk, net, and hostdev were actually being audited
on failure.
This patch corrects that omission.
Signed-off-by: Laine Stump <laine@laine.org>
---
NEW PATCH in V2 - previously a part of patch 10/14
src/qemu/qemu_hotplug.c | 25 +++++++++++++++++--------
1 file changed, 17 insertions(+), 8 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 92d4e7d0f9..e9d6c8622b 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -5223,19 +5223,28 @@ qemuDomainRemoveAuditDevice(virDomainObjPtr vm,
case VIR_DOMAIN_DEVICE_HOSTDEV:
virDomainAuditHostdev(vm, detach->data.hostdev, "detach", success);
break;
-
case VIR_DOMAIN_DEVICE_INPUT:
+ virDomainAuditInput(vm, detach->data.input, "detach", success);
+ break;
case VIR_DOMAIN_DEVICE_CHR:
+ virDomainAuditChardev(vm, detach->data.chr, NULL, "detach", success);
+ break;
case VIR_DOMAIN_DEVICE_RNG:
- case VIR_DOMAIN_DEVICE_MEMORY:
+ virDomainAuditRNG(vm, detach->data.rng, NULL, "detach", success);
+ break;
+ case VIR_DOMAIN_DEVICE_MEMORY: {
+ unsigned long long oldmem = virDomainDefGetMemoryTotal(vm->def);
+ unsigned long long newmem = oldmem - detach->data.memory->size;
+
+ virDomainAuditMemory(vm, oldmem, newmem, "update", success);
+ break;
+ }
case VIR_DOMAIN_DEVICE_SHMEM:
+ virDomainAuditShmem(vm, detach->data.shmem, "detach", success);
+ break;
case VIR_DOMAIN_DEVICE_REDIRDEV:
- /*
- * These devices are supposed to be audited, but current code
- * doesn't audit on failure to remove the device.
- */
- break;
-
+ virDomainAuditRedirdev(vm, detach->data.redirdev, "detach", success);
+ break;
case VIR_DOMAIN_DEVICE_LEASE:
case VIR_DOMAIN_DEVICE_CONTROLLER:
--
2.20.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list