On Mon, Feb 13, 2017 at 7:55 PM, Tyler Hicks <tyhi...@canonical.com> wrote: > Extend the kernel selftests for seccomp to test the newly added > SECCOMP_RET_LOG action. The added tests follow the example of existing > tests. > > Unfortunately, the tests are not capable of inspecting the audit log to > verify that the syscall was logged.
It could try to read dmesg... :P But I don't need that for this patch, though maybe add it to the test's TODO list? -Kees -- Kees Cook Pixel Security -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit