diff options
| author | Eric Paris <eparis@redhat.com> | 2012-01-03 19:23:05 (GMT) |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-01-17 21:16:55 (GMT) |
| commit | 85e7bac33b8d5edafc4e219c7dfdb3d48e0b4e31 (patch) | |
| tree | 6a1f178de829d2219a65a8563e12f2c8029d4b13 /kernel/seccomp.c | |
| parent | 16c174bd95cb07c9d0ad3fcd8c70f9cea7214c9d (diff) | |
| download | linux-fsl-qoriq-85e7bac33b8d5edafc4e219c7dfdb3d48e0b4e31.tar.xz | |
seccomp: audit abnormal end to a process due to seccomp
The audit system likes to collect information about processes that end
abnormally (SIGSEGV) as this may me useful intrusion detection information.
This patch adds audit support to collect information when seccomp forces a
task to exit because of misbehavior in a similar way.
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel/seccomp.c')
| -rw-r--r-- | kernel/seccomp.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/kernel/seccomp.c b/kernel/seccomp.c index 57d4b13..e8d76c5 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -6,6 +6,7 @@ * This defines a simple but solid secure-computing mode. */ +#include <linux/audit.h> #include <linux/seccomp.h> #include <linux/sched.h> #include <linux/compat.h> @@ -54,6 +55,7 @@ void __secure_computing(int this_syscall) #ifdef SECCOMP_DEBUG dump_stack(); #endif + audit_seccomp(this_syscall); do_exit(SIGKILL); } |