Re: [PATCH v3 1/4] seccomp: Add sysctl to display available actions

On Mon, Feb 13, 2017 at 7:45 PM, Tyler Hicks wrote: > This patch creates a read-only sysctl containing an ordered list of > seccomp actions that the kernel supports. The ordering, from left to > right, is the lowest action value (kill) to the highest action value > (allow).

Re: [PATCH v4 0/4] Improved seccomp logging

On Mon, Feb 13, 2017 at 7:55 PM, Tyler Hicks wrote: > This patch set is the fourth revision of the following two previously > submitted patch sets: > > v1: > http://lkml.kernel.org/r/1483375990-14948-1-git-send-email-tyhi...@canonical.com > v1: >

Re: [PATCH v4 4/4] seccomp: Add tests for SECCOMP_RET_LOG

On Mon, Feb 13, 2017 at 7:55 PM, Tyler Hicks wrote: > Extend the kernel selftests for seccomp to test the newly added > SECCOMP_RET_LOG action. The added tests follow the example of existing > tests. > > Unfortunately, the tests are not capable of inspecting the audit log

Re: [PATCH v4 2/4] seccomp: Add sysctl to configure actions that should be logged

On Mon, Feb 13, 2017 at 7:55 PM, Tyler Hicks wrote: > diff --git a/kernel/seccomp.c b/kernel/seccomp.c > index e36dfe9..270a227 100644 > --- a/kernel/seccomp.c > +++ b/kernel/seccomp.c > @@ -509,6 +509,22 @@ static void seccomp_send_sigsys(int syscall, int reason) > } >