Re: [PATCH] xfrm audit hook misplaced in pfkey_delete and xfrm_del_sa
From: Eric Paris <[EMAIL PROTECTED]> Date: Fri, 02 Mar 2007 15:15:36 -0500 > Inside pfkey_delete and xfrm_del_sa the audit hooks were not called if > there was any permission/security failures in attempting to do the del > operation (such as permission denied from security_xfrm_state_delete). > This patch moves the audit hook to the exit path such that all failures > (and successes) will actually get audited. > > Signed-off-by: Eric Paris <[EMAIL PROTECTED]> Also applied, thanks a lot Eric. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] xfrm audit hook misplaced in pfkey_delete and xfrm_del_sa
From: Eric Paris [EMAIL PROTECTED] Date: Fri, 02 Mar 2007 15:15:36 -0500 Inside pfkey_delete and xfrm_del_sa the audit hooks were not called if there was any permission/security failures in attempting to do the del operation (such as permission denied from security_xfrm_state_delete). This patch moves the audit hook to the exit path such that all failures (and successes) will actually get audited. Signed-off-by: Eric Paris [EMAIL PROTECTED] Also applied, thanks a lot Eric. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] xfrm audit hook misplaced in pfkey_delete and xfrm_del_sa
On Fri, 2 Mar 2007, Eric Paris wrote: > Inside pfkey_delete and xfrm_del_sa the audit hooks were not called if > there was any permission/security failures in attempting to do the del > operation (such as permission denied from security_xfrm_state_delete). > This patch moves the audit hook to the exit path such that all failures > (and successes) will actually get audited. > > Signed-off-by: Eric Paris <[EMAIL PROTECTED]> Acked-by: James Morris <[EMAIL PROTECTED]> -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
RE: [PATCH] xfrm audit hook misplaced in pfkey_delete and xfrm_del_sa
> Inside pfkey_delete and xfrm_del_sa the audit hooks were not called if > there was any permission/security failures in attempting to do the del > operation (such as permission denied from security_xfrm_state_delete). > This patch moves the audit hook to the exit path such that > all failures > (and successes) will actually get audited. Not sure ALL failures are being audited this way elsewhere, but I guess they would catchup in course of time. > > Signed-off-by: Eric Paris <[EMAIL PROTECTED]> Acked-by: Venkat Yekkirala <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
RE: [PATCH] xfrm audit hook misplaced in pfkey_delete and xfrm_del_sa
Inside pfkey_delete and xfrm_del_sa the audit hooks were not called if there was any permission/security failures in attempting to do the del operation (such as permission denied from security_xfrm_state_delete). This patch moves the audit hook to the exit path such that all failures (and successes) will actually get audited. Not sure ALL failures are being audited this way elsewhere, but I guess they would catchup in course of time. Signed-off-by: Eric Paris [EMAIL PROTECTED] Acked-by: Venkat Yekkirala [EMAIL PROTECTED] - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] xfrm audit hook misplaced in pfkey_delete and xfrm_del_sa
On Fri, 2 Mar 2007, Eric Paris wrote: Inside pfkey_delete and xfrm_del_sa the audit hooks were not called if there was any permission/security failures in attempting to do the del operation (such as permission denied from security_xfrm_state_delete). This patch moves the audit hook to the exit path such that all failures (and successes) will actually get audited. Signed-off-by: Eric Paris [EMAIL PROTECTED] Acked-by: James Morris [EMAIL PROTECTED] -- James Morris [EMAIL PROTECTED] - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/