[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH 1/5] Add general crypto auditing infrastructure



----- "Eric Paris" <eparis redhat com> wrote:
> On Tue, 2010-11-23 at 13:50 +0100, Miloslav Trma─Ź wrote:
> > Collect audited crypto operations in a list, because a single _exit()
> > can cause several AF_ALG sockets to be closed, and each needs to be
> > audited.
> > 
> > Add the AUDIT_CRYPTO_OP field so that crypto operations are not
> audited
> > by default, but auditing can be enabled using a rule (probably
> > "-F crypto_op!=0").
> 
> Just an implementation question, why a new list instead of finding a way
> to reuse struct audit_aux_data?
This remained in the code from an earlier version where the relative order of crypto records was meaningful.  In the current version the only difference is that an AUDIT_CRYPTO_OP filter has to traverse fewer entries.

Thanks for pointing this out, I'll drop the list.
    Mirek


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]