summaryrefslogtreecommitdiffstats
path: root/init
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2016-01-18 03:48:49 +0100
committerLinus Torvalds <torvalds@linux-foundation.org>2016-01-18 03:48:49 +0100
commit2d663b55816e5c1d211a77fff90687053fe78aac (patch)
treef74a6d3ce5c8b28a22b571dd5b4400f75317e9c5 /init
parentvm: fix incorrect unlock error path in madvise_free_huge_pmd (diff)
parentaudit: always enable syscall auditing when supported and audit is enabled (diff)
downloadlinux-2d663b55816e5c1d211a77fff90687053fe78aac.tar.xz
linux-2d663b55816e5c1d211a77fff90687053fe78aac.zip
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit
Pull audit updates from Paul Moore: "Seven audit patches for 4.5, all very minor despite the diffstat. The diffstat churn for linux/audit.h can be attributed to needing to reshuffle the linux/audit.h header to fix the seccomp auditing issue (see the commit description for details). Besides the seccomp/audit fix, most of the fixes are around trying to improve the connection with the audit daemon and a Kconfig simplification. Nothing crazy, and everything passes our little audit-testsuite" * 'upstream' of git://git.infradead.org/users/pcmoore/audit: audit: always enable syscall auditing when supported and audit is enabled audit: force seccomp event logging to honor the audit_enabled flag audit: Delete unnecessary checks before two function calls audit: wake up threads if queue switched from limited to unlimited audit: include auditd's threads in audit_log_start() wait exception audit: remove audit_backlog_wait_overflow audit: don't needlessly reset valid wait time
Diffstat (limited to 'init')
-rw-r--r--init/Kconfig11
1 files changed, 3 insertions, 8 deletions
diff --git a/init/Kconfig b/init/Kconfig
index 4644217b2373..5b86082fa238 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -299,20 +299,15 @@ config AUDIT
help
Enable auditing infrastructure that can be used with another
kernel subsystem, such as SELinux (which requires this for
- logging of avc messages output). Does not do system-call
- auditing without CONFIG_AUDITSYSCALL.
+ logging of avc messages output). System call auditing is included
+ on architectures which support it.
config HAVE_ARCH_AUDITSYSCALL
bool
config AUDITSYSCALL
- bool "Enable system-call auditing support"
+ def_bool y
depends on AUDIT && HAVE_ARCH_AUDITSYSCALL
- default y if SECURITY_SELINUX
- help
- Enable low-overhead system-call auditing infrastructure that
- can be used independently or with another kernel subsystem,
- such as SELinux.
config AUDIT_WATCH
def_bool y