mirror of
https://github.com/Fishwaldo/linux-bl808.git
synced 2025-06-17 20:25:19 +00:00
[XFRM]: xfrm audit calls
This patch modifies the current ipsec audit layer by breaking it up into purpose driven audit calls. So far, the only audit calls made are when add/delete an SA/policy. It had been discussed to give each key manager it's own calls to do this, but I found there to be much redundnacy since they did the exact same things, except for how they got auid and sid, so I combined them. The below audit calls can be made by any key manager. Hopefully, this is ok. Signed-off-by: Joy Latten <latten@austin.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Joy Latten
David S. Miller
parent
d2e9117c7a
commit
ab5f5e8b14
6 changed files with 218 additions and 177 deletions
|
|
@ -108,10 +108,11 @@
|
|||
#define AUDIT_MAC_CIPSOV4_DEL 1408 /* NetLabel: del CIPSOv4 DOI entry */
|
||||
#define AUDIT_MAC_MAP_ADD 1409 /* NetLabel: add LSM domain mapping */
|
||||
#define AUDIT_MAC_MAP_DEL 1410 /* NetLabel: del LSM domain mapping */
|
||||
#define AUDIT_MAC_IPSEC_ADDSA 1411 /* Add a XFRM state */
|
||||
#define AUDIT_MAC_IPSEC_DELSA 1412 /* Delete a XFRM state */
|
||||
#define AUDIT_MAC_IPSEC_ADDSPD 1413 /* Add a XFRM policy */
|
||||
#define AUDIT_MAC_IPSEC_DELSPD 1414 /* Delete a XFRM policy */
|
||||
#define AUDIT_MAC_IPSEC_ADDSA 1411 /* Not used */
|
||||
#define AUDIT_MAC_IPSEC_DELSA 1412 /* Not used */
|
||||
#define AUDIT_MAC_IPSEC_ADDSPD 1413 /* Not used */
|
||||
#define AUDIT_MAC_IPSEC_DELSPD 1414 /* Not used */
|
||||
#define AUDIT_MAC_IPSEC_EVENT 1415 /* Audit an IPSec event */
|
||||
|
||||
#define AUDIT_FIRST_KERN_ANOM_MSG 1700
|
||||
#define AUDIT_LAST_KERN_ANOM_MSG 1799
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue