From: Eric Paris <eparis@redhat.com>
To: Joy Latten <latten@austin.ibm.com>
Cc: linux-audit@redhat.com
Subject: Re: [PATCH 1/1] disable ipsec auditing in lspp 56 kernel
Date: Fri, 01 Dec 2006 22:09:16 -0500 [thread overview]
Message-ID: <1165028956.2079.206.camel@localhost.localdomain> (raw)
In-Reply-To: <200612020053.kB20rE0F017272@faith.austin.ibm.com>
Great! The real problem I guess is that I missed it when it went by on
netdev.
Thanks!
-Eric
On Fri, 2006-12-01 at 18:53 -0600, Joy Latten wrote:
> Eric,
>
> Here is a patch built against the lspp56 kernel to include
> the ability to disable auditing in ipsec.
> It is equivalent to the one I sent out for 2.6.19-rc6 kernel.
> Sorry for the confusion. I hope this helps.
>
> Regards,
> Joy
>
>
> diff -urpN linux-2.6.18.ppc64.orig/include/net/xfrm.h linux-2.6.18.ppc64.est/include/net/xfrm.h
> --- linux-2.6.18.ppc64.orig/include/net/xfrm.h 2006-12-01 17:24:29.000000000 -0600
> +++ linux-2.6.18.ppc64.est/include/net/xfrm.h 2006-12-01 17:40:25.000000000 -0600
> @@ -379,8 +379,12 @@ struct xfrm_audit
> uid_t loginuid;
> u32 secid;
> };
> +#ifdef CONFIG_AUDITSYSCALL
> void xfrm_audit_log(uid_t auid, u32 secid, int type, int result,
> struct xfrm_policy *xp, struct xfrm_state *x);
> +#else
> +#define xfrm_audit_log(a,s,t,r,p,x) do { ; } while (0)
> +#endif /* CONFIG_AUDITSYSCALL */
>
> static inline void xfrm_pol_hold(struct xfrm_policy *policy)
> {
> diff -urpN linux-2.6.18.ppc64.orig/net/xfrm/xfrm_policy.c linux-2.6.18.ppc64.est/net/xfrm/xfrm_policy.c
> --- linux-2.6.18.ppc64.orig/net/xfrm/xfrm_policy.c 2006-12-01 17:25:22.000000000 -0600
> +++ linux-2.6.18.ppc64.est/net/xfrm/xfrm_policy.c 2006-12-01 17:40:03.000000000 -0600
> @@ -1370,6 +1370,7 @@ int xfrm_bundle_ok(struct xfrm_policy *p
>
> EXPORT_SYMBOL(xfrm_bundle_ok);
>
> +#ifdef CONFIG_AUDITSYSCALL
> /* Audit addition and deletion of SAs and ipsec policy */
>
> void xfrm_audit_log(uid_t auid, u32 sid, int type, int result,
> @@ -1479,6 +1480,7 @@ void xfrm_audit_log(uid_t auid, u32 sid,
> }
>
> EXPORT_SYMBOL(xfrm_audit_log);
> +#endif /* CONFIG_AUDITSYSCALL */
>
> int xfrm_policy_register_afinfo(struct xfrm_policy_afinfo *afinfo)
> {
>
prev parent reply other threads:[~2006-12-02 3:09 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-12-02 0:53 [PATCH 1/1] disable ipsec auditing in lspp 56 kernel Joy Latten
2006-12-02 3:09 ` Eric Paris [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1165028956.2079.206.camel@localhost.localdomain \
--to=eparis@redhat.com \
--cc=latten@austin.ibm.com \
--cc=linux-audit@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox