[PATCH] XFRM: assorted IPsec fixups

Paul Moore paul.moore at hp.com
Fri Dec 7 20:45:41 UTC 2007


On Friday 07 December 2007 3:36:08 pm Eric Paris wrote:
> On Fri, 2007-12-07 at 12:11 -0500, Paul Moore wrote:
> > This patch fixes a number of small but potentially troublesome things in
> > the XFRM/IPsec code:
> >
> >  * Use the 'audit_enabled' variable already in include/linux/audit.h
> >    Removed the need for extern declarations local to each XFRM audit
> > fuction

{snip}

> although it does make me wonder why audit_log_start doesn't just check
> audit_enabled itself....

/me shrugs ... I have no idea, I've just always followed the lead of what was 
already written, but now that you mention it - it doesn't make much sense.  I 
suppose at some point we can go through and change all the 'audit_enabled' 
users, but I wonder if there is some point (?performance?) to having the 
callers check?

-- 
paul moore
linux security @ hp




More information about the Linux-audit mailing list