]> err.no Git - linux-2.6/commit
[IPSEC]: xfrm audit hook misplaced in pfkey_delete and xfrm_del_sa
authorEric Paris <eparis@redhat.com>
Thu, 8 Mar 2007 00:02:16 +0000 (16:02 -0800)
committerDavid S. Miller <davem@sunset.davemloft.net>
Thu, 8 Mar 2007 00:08:11 +0000 (16:08 -0800)
commit16bec31db751030171b31d7767fa3a5bdbe980ea
tree60b69d571ba42ef0bf9f54833bd10228220c87bd
parent215a2dd3b43e0dc425e81d21de9d961416b1dad4
[IPSEC]: xfrm audit hook misplaced in pfkey_delete and xfrm_del_sa

Inside pfkey_delete and xfrm_del_sa the audit hooks were not called if
there was any permission/security failures in attempting to do the del
operation (such as permission denied from security_xfrm_state_delete).
This patch moves the audit hook to the exit path such that all failures
(and successes) will actually get audited.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Venkat Yekkirala <vyekkirala@trustedcs.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/key/af_key.c
net/xfrm/xfrm_user.c