[PATCH 2/2] seccomp: forcing auditing of kill condition
Tim Gardner
tim.gardner at canonical.com
Mon Nov 19 18:52:19 UTC 2012
From: Kees Cook <kees at ubuntu.com>
BugLink: http://bugs.launchpad.net/bugs/1079469
Instead of auditing all seccomp actions, only force the reporting of
those that kill a process. All others should be checked for an existing
audit context on the process. (This improves the adjustment that
commit 426ae7eee59e3de2a4c14ccfc30df0a7d64709fe was attempting.)
Signed-off-by: Kees Cook <kees at ubuntu.com>
Acked-by: Herton Krzesinski <herton.krzesinski at canonical.com>
Signed-off-by: Tim Gardner <tim.gardner at canonical.com>
---
kernel/seccomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index ee376be..9002cfa 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -443,7 +443,7 @@ int __secure_computing(int this_syscall)
#ifdef SECCOMP_DEBUG
dump_stack();
#endif
- audit_seccomp(this_syscall, exit_sig, ret);
+ __audit_seccomp(this_syscall, exit_sig, ret);
do_exit(exit_sig);
#ifdef CONFIG_SECCOMP_FILTER
skip:
--
1.7.9.5
More information about the kernel-team
mailing list