[SRU][Precise][PULL REQUEST] seccomp: forcing auditing of kill condition
Kees Cook
kees at ubuntu.com
Fri Nov 16 00:59:49 UTC 2012
The following changes since commit ba6c2f688e255a1f52f2930ae9e6d62ede804289:
UBUNTU: Ubuntu-3.2.0-34.53 (2012-11-14 15:50:53 +0000)
are available in the git repository at:
https://github.com/kees/linux.git seccomp-audit
for you to fetch changes up to 7c5cb579b51e93442f442d09cd6d6d7248dbece9:
seccomp: forcing auditing of kill condition (2012-11-15 16:33:59 -0800)
----------------------------------------------------------------
Kees Cook (2):
Revert "UBUNTU: SAUCE: SECCOMP: audit: always report seccomp violations"
seccomp: forcing auditing of kill condition
include/linux/audit.h | 3 ++-
kernel/seccomp.c | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
This fixes bug https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1079469
Instead of auditing all seccomp actions, only force the reporting of
those that kill a process. All others should be checked for an existing
audit context on the process. (This improves the adjustment that
commit 426ae7eee59e3de2a4c14ccfc30df0a7d64709fe was attempting.)
(Note that a patch doing this for upstream will be more involved, changing
the audit messages based on seccomp action, etc, but this is sufficient for
eliminating the needless noise/logs in precise.)
Thanks,
-Kees
--
Kees Cook
More information about the kernel-team
mailing list