lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Jul 2007 12:49:17 -0500 From: Joy Latten <latten@...tin.ibm.com> To: James Morris <jmorris@...ei.org> Cc: netdev@...r.kernel.org, davem@...emloft.net, linux-audit@...hat.com, sgrubb@...hat.com Subject: Re: [PATCH] make xfrm_audit_log more generic On Thu, 2007-07-19 at 21:45 -0400, James Morris wrote: > On Thu, 19 Jul 2007, Joy Latten wrote: > > > --- linux-2.6.22/include/linux/audit.h 2007-07-19 13:17:22.000000000 -0500 > > +++ linux-2.6.22.patch/include/linux/audit.h 2007-07-19 13:21:29.000000000 -0500 > > @@ -108,10 +108,7 @@ > > #define AUDIT_MAC_CIPSOV4_DEL 1408 /* NetLabel: del CIPSOv4 DOI entry */ > > #define AUDIT_MAC_MAP_ADD 1409 /* NetLabel: add LSM domain mapping */ > > #define AUDIT_MAC_MAP_DEL 1410 /* NetLabel: del LSM domain mapping */ > > -#define AUDIT_MAC_IPSEC_ADDSA 1411 /* Add a XFRM state */ > > -#define AUDIT_MAC_IPSEC_DELSA 1412 /* Delete a XFRM state */ > > -#define AUDIT_MAC_IPSEC_ADDSPD 1413 /* Add a XFRM policy */ > > -#define AUDIT_MAC_IPSEC_DELSPD 1414 /* Delete a XFRM policy */ > > +#define AUDIT_MAC_IPSEC_EVENT 1411 /* Audit IPSec events */ > > Will this cause existing applications to break? > Perhaps someone in audit list could help answer this. During testing, because I changed the above defines, all IPSec events are listed as "MAC_IPSEC_ADDSA" for now without userspace change. Is this ok? Or is there a better way to migrate this change in? Perhaps leave previous IPsec defines and just add in a new one and use it? If that is better approach, let me know and I will change code to accomodate. Regards, Joy - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists