Re: [PATCH]: 2nd revision of make xfrm_audit_log more generic

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: David Miller <davem@davemloft.net>
To: latten@austin.ibm.com
Cc: netdev@vger.kernel.org, linux-audit@redhat.com, sgrubb@redhat.com
Subject: Re: [PATCH]: 2nd revision of make xfrm_audit_log more generic
Date: Wed, 25 Jul 2007 17:17:23 -0700 (PDT)	[thread overview]
Message-ID: <20070725.171723.45714101.davem@davemloft.net> (raw)
In-Reply-To: <200707251921.l6PJLhxV015256@faith.austin.ibm.com>

From: Joy Latten <latten@austin.ibm.com>
Date: Wed, 25 Jul 2007 14:21:43 -0500

> This is 2nd revision of patch to modify xfrm_audit_log() such
> that it can accomodate auditing other ipsec events
> besides add/delete of an SA or SPD entry.
> 
> 2nd revision includes new define for all IPsec
> events in audit.h and introduces "op=" entry
> in logfile as well as add a hyphen in description
> for report parsing. 
> 
> This is a small change to accomodate updating
> ipsec protocol to RFCs 4301, 4302 and 4303 which
> require auditing some ipsec events if auditing
> is available. Please let me know if ok.
> 
> Signed-off-by: Joy Latten <latten@austin.ibm.com>

I like very much how the implementation of xfrm_audit_log() got
simplified.

But _TEN_ function call arguments, good grief!

That's at least twice as many as most cpus can pass in registers.

Let's try an alternative where you have specialized
xfrm_audit_log_foo() routines that take a user policy pointer, or
whatever the main object is.

If internally this just unpacks the needed bits and calls some
do_xfrm_audit_log() thing inside of the auditing code that takes lots
of arguments, that's fine, but let's not expand all of that argument
setup code in the main IPSEC code paths.

next prev parent reply	other threads:[~2007-07-26  0:17 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-07-25 19:21 [PATCH]: 2nd revision of make xfrm_audit_log more generic Joy Latten
2007-07-26  0:17 ` David Miller [this message]
2007-07-26 21:12   ` Joy Latten

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070725.171723.45714101.davem@davemloft.net \
    --to=davem@davemloft.net \
    --cc=latten@austin.ibm.com \
    --cc=linux-audit@redhat.com \
    --cc=netdev@vger.kernel.org \
    --cc=sgrubb@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).