Missing audit information in xfrm_audit_common_policyinfo()?

Missing audit information in xfrm_audit_common_policyinfo()?

[Paul Moore]

I just noticed that the IPsec auditing code does not appear to audit the 
netmask for the selector source and destination addresses in 
xfrm_audit_common_policyinfo().  Before I threw a patch together I thought I 
would check to see if there was a reason for this that I am missing ...

-- 
paul moore
linux security @ hp

Re: Missing audit information in xfrm_audit_common_policyinfo()?

[Paul Moore]

On Monday 26 November 2007 11:47:09 am Joy Latten wrote:
> Paul Moore <paul.moore@hp.com> wrote on 11/21/2007 03:34:31 PM:
> > I just noticed that the IPsec auditing code does not appear to audit the
> >
> > netmask for the selector source and destination addresses in
> > xfrm_audit_common_policyinfo().  Before I threw a patch together I
>
> thought I
>
> > would check to see if there was a reason for this that I am missing ...
>
> I don't think we ever discussed including netmask when we added the
> ipsec audit info...

Hmmm ... okay.  I'm almost certain it should be included when auditing changes 
to the SPD as the netmask/prefixlen is very important when considering which 
traffic will be matched by a particular SPD entry.

I'm working on a patch now.

-- 
paul moore
linux security @ hp