[RFC][PATCH 0/3] Introduce audit_syscall LSM hook

From: Adrian Drzewiecki (z@private)
Date: Fri Dec 03 2004 - 10:59:28 PST


Goal: let LSMs define custom syscall auditing.

The patch below introduces a new LSM hook security_audit_syscall.
It is meant to be called from ptrace.c:do_syscall_trace(). Architectures
which choose to use this hook should move the syscall audit code
out of do_syscall_trace() into audit_syscall() and
define ARCH_HAVE_AUDIT_SYSCALL. See i386 and UM arch patches for details.

patch-1: introduce security_audit_syscall
patch-2: make i386 arch use security_audit_syscall
patch-3: make UM arch use security_audit_syscall

Please send email directly, as I'm not subscribed to any mailing list.

Thanks,
-Adrian



This archive was generated by hypermail 2.1.3 : Mon Dec 06 2004 - 15:51:47 PST