[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCHv2 0/8] another round of audit improvements

This supercedes the unreviewed v1:

The more I kept working on this, the more things I found that needed
fixing.  As it is, it's too late for me tonight, so patch 8 is
currently untested, and patch 9/8 is needed to audit the hotplug
devices used in 'virsh attach-interface'.  But earlier patches are
in good shape, so I want to start the review.

Perhaps this series should be re-arranged a bit; let me know if you
want the final version to see patches in any different order (although
due to some of my renames, it will take me longer to do rebasing
that shuffles patch order).

Eric Blake (8):
  audit: tweak audit messages to match conventions
  audit: split cgroup audit types to allow more information
  audit: also audit cgroup controller path
  audit: audit use of /dev/vhost-net
  audit: rename remaining qemu audit functions
  cgroup: allow fine-tuning of device ACL permissions
  audit: also audit cgroup ACL permissions
  qemu: support vhost in attach-interface

 src/libvirt_private.syms  |    1 +
 src/lxc/lxc_controller.c  |    9 +-
 src/qemu/qemu_audit.c     |  263 ++++++++++++++++++++++++++++++++++-----------
 src/qemu/qemu_audit.h     |   83 +++++++++------
 src/qemu/qemu_cgroup.c    |   57 +++++-----
 src/qemu/qemu_command.c   |   10 +-
 src/qemu/qemu_command.h   |    5 +
 src/qemu/qemu_driver.c    |   44 ++++----
 src/qemu/qemu_hotplug.c   |   94 ++++++++++++-----
 src/qemu/qemu_migration.c |   14 ++--
 src/qemu/qemu_process.c   |    6 +-
 src/util/cgroup.c         |   63 ++++++++----
 src/util/cgroup.h         |   31 +++++-
 13 files changed, 466 insertions(+), 214 deletions(-)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]