lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1164930276.17737.530.camel@faith.austin.ibm.com>
Date:	Thu, 30 Nov 2006 17:44:36 -0600
From:	Joy Latten <latten@...tin.ibm.com>
To:	James Morris <jmorris@...ei.org>
Cc:	netdev@...r.kernel.org, davem@...emloft.net,
	herbert@...dor.apana.org.au, sgrubb@...hat.com
Subject: Re: [PATCH 1/1] additional ipsec audit patch

On Wed, 2006-11-29 at 19:32 -0500, James Morris wrote:
> On Wed, 29 Nov 2006, James Morris wrote:
> 
> > On Wed, 29 Nov 2006, Joy Latten wrote:
> > 
> > > This patch disables auditing in ipsec when CONFIG_AUDITSYSCALL is
> > > disabled in the kernel. 
> > > 
> > > This patch also includes a bug fix for xfrm_state.c as a result of
> > > original ipsec audit patch.
> > > 
> > > Let me know if it looks ok.
> > 
> > 
> > Also, the last patch contains no Signed-off-by: line, please resend.
> 
> And, what is the testing status of these patches?
> 
I ran a stress test overnight using labeled ipsec on a patched lspp55 kernel 
using racoon last week.

The additional patch to xfrm_state.c was my fault when rebasing to
2.6.19-rc6 to send upstream. I plan to run an ipv4 and ipv6 stress test
tonight and tomorrow using labeled ipsec with auditing enabled on the
lspp56 kernel, which contains ipsec audit patch, to ensure no regression
has occurred. I can also run an ipv4 and ipv6 stress tests
with regular ipsec over the weekend for further ensurance.   

I compiled and did unit test with SELINUX disabled, AUDITSYSCALL
disabled, and with both enabled. 

regards,
Joy
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ