On 02/24/2011 03:08 AM, Daniel P. Berrange wrote:
> +/**
> + * qemuDomainCgroupAudit:
> + * @vm: domain making the cgroups ACL change
> + * @cgroup: cgroup that manages the devices
> + * @reason: either "allow" or "deny"
> + * @item: one of "all", "file", or "major"
I'd be inclined to rename 'file' to 'path', because to me
'file'
implies a plain file, while we're actually dealing with block
devices.
Fair enough; I've made that change.
> > @@ -1615,6 +1617,7 @@ static int
qemudDomainSetMemory(virDomainPtr dom, unsigned long newmem) {
> > goto endjob;
> > }
> >
> > + /* XXX update vm->def->mem.cur_balloon? */
The reason we don't update cur_balloon, is that all we're
doing here is making a *request* to guest OS change its
balloon level. The guest is under no obligation to comply
and if it does comply it may not reach the requested level
immediately. Hence we always talk to the guest to get an
update at time of query instead.
Good point; I've removed this comment. However, does that mean that the
audit should be querying the guest for the current usage rather than
relying on a (possibly-stale) vm->def->mem.cur_balloon as the oldmem
parameter in the audit call? I can prepare a followup patch for that,
if you think it is worth it.
ACK
I've gone ahead and pushed the amended series. There may be some
followup patches next week based from reviews by people involved with
Common Criteria testing (basically, where the request for audit points
originated in the first place), but they can be independent patches
without holding up this part of the series.
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library
http://libvirt.org