[Precise][PATCH] UBUNTU: SAUCE: SECCOMP: audit: always report seccomp violations
Kees Cook
kees at ubuntu.com
Fri Mar 30 20:19:08 UTC 2012
Violations of seccomp filters should always be reported, regardless
of audit context. This the minimal change version of what has been
proposed upstream: https://lkml.org/lkml/2012/3/23/332
Signed-off-by: Kees Cook <kees at ubuntu.com>
---
include/linux/audit.h | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/include/linux/audit.h b/include/linux/audit.h
index ab40f49..af4762b 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -456,8 +456,7 @@ void audit_core_dumps(long signr);
static inline void audit_seccomp(unsigned long syscall, long signr, int code)
{
- if (unlikely(!audit_dummy_context()))
- __audit_seccomp(syscall, signr, code);
+ __audit_seccomp(syscall, signr, code);
}
static inline void audit_ptrace(struct task_struct *t)
--
1.7.0.4
--
Kees Cook
More information about the kernel-team
mailing list