[Applied][Precise][PATCH] UBUNTU: SAUCE: SECCOMP: audit: always report seccomp violations
Leann Ogasawara
leann.ogasawara at canonical.com
Fri Mar 30 20:43:43 UTC 2012
Applied to Precise master-next.
Thanks,
Leann
On Fri, 2012-03-30 at 13:19 -0700, Kees Cook wrote:
> Violations of seccomp filters should always be reported, regardless
> of audit context. This the minimal change version of what has been
> proposed upstream: https://lkml.org/lkml/2012/3/23/332
>
> Signed-off-by: Kees Cook <kees at ubuntu.com>
> ---
> include/linux/audit.h | 3 +--
> 1 files changed, 1 insertions(+), 2 deletions(-)
>
> diff --git a/include/linux/audit.h b/include/linux/audit.h
> index ab40f49..af4762b 100644
> --- a/include/linux/audit.h
> +++ b/include/linux/audit.h
> @@ -456,8 +456,7 @@ void audit_core_dumps(long signr);
>
> static inline void audit_seccomp(unsigned long syscall, long signr, int code)
> {
> - if (unlikely(!audit_dummy_context()))
> - __audit_seccomp(syscall, signr, code);
> + __audit_seccomp(syscall, signr, code);
> }
>
> static inline void audit_ptrace(struct task_struct *t)
> --
> 1.7.0.4
>
>
> --
> Kees Cook
>
More information about the kernel-team
mailing list