| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Dec 2007 01:43:10 -0800 (PST) From: David Miller <davem@...emloft.net> To: paul.moore@...com Cc: netdev@...r.kernel.org, linux-audit@...hat.com, latten@...tin.ibm.com Subject: Re: [PATCH 2/3] XFRM: RFC4303 compliant auditing From: Paul Moore <paul.moore@...com> Date: Thu, 20 Dec 2007 16:42:25 -0500 > This patch adds a number of new IPsec audit events to meet the auditing > requirements of RFC4303. This includes audit hooks for the following events: > > * Could not find a valid SA [sections 2.1, 3.4.2] > . xfrm_audit_state_notfound() > . xfrm_audit_state_notfound_simple() > > * Sequence number overflow [section 3.3.3] > . xfrm_audit_state_replay_overflow() > > * Replayed packet [section 3.4.3] > . xfrm_audit_state_replay() > > * Integrity check failure [sections 3.4.4.1, 3.4.4.2] > . xfrm_audit_state_icvfail() > > While RFC4304 deals only with ESP most of the changes in this patch apply to > IPsec in general, i.e. both AH and ESP. The one case, integrity check > failure, where ESP specific code had to be modified the same was done to the > AH code for the sake of consistency. > > Signed-off-by: Paul Moore <paul.moore@...com> This doesn't apply at all to net-2.6.25, in particular xfrm6_input_addr() doesn't even have a local variable named "xfrm_vec_one" let alone the conditional where you're adding the state notfound audit hook. Please respin this and the third patch, thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists