| Message ID | 1507265099-17845-2-git-send-email-tyhicks@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | [SRU,ZESTY,1/8] Revert "UBUNTU: SAUCE: seccomp: log actions even when audit is disabled" | expand |
On 06/10/17 05:44, Tyler Hicks wrote: > This reverts commit dc5d6059402681ebc29b1fc471a4518a7892903a. Upcoming > changes that improve seccomp logging controls make this patch obsolete. > > Signed-off-by: Tyler Hicks <tyhicks@canonical.com> > --- > include/linux/audit.h | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/include/linux/audit.h b/include/linux/audit.h > index 1f693a4..f51fca8d 100644 > --- a/include/linux/audit.h > +++ b/include/linux/audit.h > @@ -315,6 +315,9 @@ void audit_core_dumps(long signr); > > static inline void audit_seccomp(unsigned long syscall, long signr, int code) > { > + if (!audit_enabled) > + return; > + > /* Force a record to be reported if a signal was delivered. */ > if (signr || unlikely(!audit_dummy_context())) > __audit_seccomp(syscall, signr, code); > Similar to Stefan's comments. The backports and cherry picks look good to me. Given that these are from upstream, have been tested and are from trusted developers I'm OK with these changes even though they are a large changeset and I'm not 100% sure if these changes are fully correct because I don't have the seccomp domain knowledge. Acked-by: Colin Ian King <colin.king@canonical.com>
diff --git a/include/linux/audit.h b/include/linux/audit.h index 1f693a4..f51fca8d 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -315,6 +315,9 @@ void audit_core_dumps(long signr); static inline void audit_seccomp(unsigned long syscall, long signr, int code) { + if (!audit_enabled) + return; + /* Force a record to be reported if a signal was delivered. */ if (signr || unlikely(!audit_dummy_context())) __audit_seccomp(syscall, signr, code);
This reverts commit dc5d6059402681ebc29b1fc471a4518a7892903a. Upcoming changes that improve seccomp logging controls make this patch obsolete. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> --- include/linux/audit.h | 3 +++ 1 file changed, 3 insertions(+)