diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2016-01-18 03:48:49 +0100 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-01-18 03:48:49 +0100 |
commit | 2d663b55816e5c1d211a77fff90687053fe78aac (patch) | |
tree | f74a6d3ce5c8b28a22b571dd5b4400f75317e9c5 /init/Kconfig | |
parent | vm: fix incorrect unlock error path in madvise_free_huge_pmd (diff) | |
parent | audit: always enable syscall auditing when supported and audit is enabled (diff) | |
download | linux-2d663b55816e5c1d211a77fff90687053fe78aac.tar.xz linux-2d663b55816e5c1d211a77fff90687053fe78aac.zip |
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit
Pull audit updates from Paul Moore:
"Seven audit patches for 4.5, all very minor despite the diffstat.
The diffstat churn for linux/audit.h can be attributed to needing to
reshuffle the linux/audit.h header to fix the seccomp auditing issue
(see the commit description for details).
Besides the seccomp/audit fix, most of the fixes are around trying to
improve the connection with the audit daemon and a Kconfig
simplification. Nothing crazy, and everything passes our little
audit-testsuite"
* 'upstream' of git://git.infradead.org/users/pcmoore/audit:
audit: always enable syscall auditing when supported and audit is enabled
audit: force seccomp event logging to honor the audit_enabled flag
audit: Delete unnecessary checks before two function calls
audit: wake up threads if queue switched from limited to unlimited
audit: include auditd's threads in audit_log_start() wait exception
audit: remove audit_backlog_wait_overflow
audit: don't needlessly reset valid wait time
Diffstat (limited to 'init/Kconfig')
-rw-r--r-- | init/Kconfig | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/init/Kconfig b/init/Kconfig index 4644217b2373..5b86082fa238 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -299,20 +299,15 @@ config AUDIT help Enable auditing infrastructure that can be used with another kernel subsystem, such as SELinux (which requires this for - logging of avc messages output). Does not do system-call - auditing without CONFIG_AUDITSYSCALL. + logging of avc messages output). System call auditing is included + on architectures which support it. config HAVE_ARCH_AUDITSYSCALL bool config AUDITSYSCALL - bool "Enable system-call auditing support" + def_bool y depends on AUDIT && HAVE_ARCH_AUDITSYSCALL - default y if SECURITY_SELINUX - help - Enable low-overhead system-call auditing infrastructure that - can be used independently or with another kernel subsystem, - such as SELinux. config AUDIT_WATCH def_bool y |