On Saturday 26 April 2008 11:54:37 pm YOSHIFUJI Hideaki / 吉藤英明 wrote: > [XFRM] AUDIT: Fix flowlabel text format ambibuity. > > Flowlabel text format was not correct and thus ambiguous. > For example, 0x00123 or 0x01203 are formatted as 0x123. > This is not what audit tools want. > > Signed-off-by: YOSHIFUJI Hideaki <[EMAIL PROTECTED]>
Thanks for catching this. I'm CC'ing the audit list on this because they get nervous when people start changing the audit records. However, I'll ack this patch because I think the previous behavior was incorrect and this should be considered a bugfix. Acked-by: Paul Moore <[EMAIL PROTECTED]> > --- > diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c > index 5dcc10b..fac27ce 100644 > --- a/net/xfrm/xfrm_state.c > +++ b/net/xfrm/xfrm_state.c > @@ -2112,7 +2112,7 @@ static void xfrm_audit_helper_pktinfo(struct > sk_buff *skb, u16 family, iph6 = ipv6_hdr(skb); > audit_log_format(audit_buf, > " src=" NIP6_FMT " dst=" NIP6_FMT > - " flowlbl=0x%x%x%x", > + " flowlbl=0x%x%02x%02x", > NIP6(iph6->saddr), > NIP6(iph6->daddr), > iph6->flow_lbl[0] & 0x0f, -- paul moore linux @ hp -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit
