subject:"\[PATCH\] audit\: add arch field to seccomp event log"

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-21 Thread Richard Guy Briggs

On 14/02/19, Richard Guy Briggs wrote: > On 14/02/18, Richard Guy Briggs wrote: > > On 14/02/18, Steve Grubb wrote: > > > On Tuesday, February 18, 2014 03:50:44 PM Richard Guy Briggs wrote: > > > > > missing '=' but this isn't what audit_get_context() does... it's > > > > > crappy naming...

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-21 Thread Richard Guy Briggs

On 14/02/19, Richard Guy Briggs wrote: On 14/02/18, Richard Guy Briggs wrote: On 14/02/18, Steve Grubb wrote: On Tuesday, February 18, 2014 03:50:44 PM Richard Guy Briggs wrote: missing '=' but this isn't what audit_get_context() does... it's crappy naming...I'd think a

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-19 Thread Richard Guy Briggs

On 14/02/18, Richard Guy Briggs wrote: > On 14/02/18, Steve Grubb wrote: > > On Tuesday, February 18, 2014 03:50:44 PM Richard Guy Briggs wrote: > > > > missing '=' but this isn't what audit_get_context() does... it's > > > > crappy naming...I'd think a combo of audit_dummy_context() and >

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-19 Thread Richard Guy Briggs

On 14/02/18, Richard Guy Briggs wrote: On 14/02/18, Steve Grubb wrote: On Tuesday, February 18, 2014 03:50:44 PM Richard Guy Briggs wrote: missing '=' but this isn't what audit_get_context() does... it's crappy naming...I'd think a combo of audit_dummy_context() and

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-18 Thread Richard Guy Briggs

On 14/02/18, Steve Grubb wrote: > On Tuesday, February 18, 2014 03:50:44 PM Richard Guy Briggs wrote: > > > missing '=' but this isn't what audit_get_context() does... it's > > > crappy naming...I'd think a combo of audit_dummy_context() and > > > current->audit_context would be most

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-18 Thread Steve Grubb

On Tuesday, February 18, 2014 03:50:44 PM Richard Guy Briggs wrote: > > missing '=' but this isn't what audit_get_context() does... it's > > crappy naming...I'd think a combo of audit_dummy_context() and > > current->audit_context would be most appropriate. > > Ok. I think I finally

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-18 Thread Eric Paris

On Tue, 2014-02-18 at 15:50 -0500, Richard Guy Briggs wrote: > On 14/02/14, Eric Paris wrote: > > On Fri, 2014-02-14 at 15:52 -0500, Richard Guy Briggs wrote: > > > On 14/02/14, Richard Guy Briggs wrote: > > > > On 14/02/14, Eric Paris wrote: > > > > > On Fri, 2014-02-14 at 15:23 -0500, Richard

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-18 Thread Richard Guy Briggs

On 14/02/14, Eric Paris wrote: > On Fri, 2014-02-14 at 15:52 -0500, Richard Guy Briggs wrote: > > On 14/02/14, Richard Guy Briggs wrote: > > > On 14/02/14, Eric Paris wrote: > > > > On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: > > > > > The AUDIT_SECCOMP record looks something like

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-18 Thread Richard Guy Briggs

On 14/02/14, Eric Paris wrote: On Fri, 2014-02-14 at 15:52 -0500, Richard Guy Briggs wrote: On 14/02/14, Richard Guy Briggs wrote: On 14/02/14, Eric Paris wrote: On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: The AUDIT_SECCOMP record looks something like this:

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-18 Thread Eric Paris

On Tue, 2014-02-18 at 15:50 -0500, Richard Guy Briggs wrote: On 14/02/14, Eric Paris wrote: On Fri, 2014-02-14 at 15:52 -0500, Richard Guy Briggs wrote: On 14/02/14, Richard Guy Briggs wrote: On 14/02/14, Eric Paris wrote: On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote:

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-18 Thread Steve Grubb

On Tuesday, February 18, 2014 03:50:44 PM Richard Guy Briggs wrote: missing '=' but this isn't what audit_get_context() does... it's crappy naming...I'd think a combo of audit_dummy_context() and current-audit_context would be most appropriate. Ok. I think I finally understand

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-18 Thread Richard Guy Briggs

On 14/02/18, Steve Grubb wrote: On Tuesday, February 18, 2014 03:50:44 PM Richard Guy Briggs wrote: missing '=' but this isn't what audit_get_context() does... it's crappy naming...I'd think a combo of audit_dummy_context() and current-audit_context would be most appropriate.

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Eric Paris

On Fri, 2014-02-14 at 15:52 -0500, Richard Guy Briggs wrote: > On 14/02/14, Richard Guy Briggs wrote: > > On 14/02/14, Eric Paris wrote: > > > On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: > > > > The AUDIT_SECCOMP record looks something like this: > > > > > > > > type=SECCOMP

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Richard Guy Briggs

On 14/02/14, Richard Guy Briggs wrote: > On 14/02/14, Eric Paris wrote: > > On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: > > > The AUDIT_SECCOMP record looks something like this: > > > > > > type=SECCOMP msg=audit(1373478171.953:32775): auid=4325 uid=4325 gid=4325 > > > ses=1

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Richard Guy Briggs

On 14/02/14, Eric Paris wrote: > On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: > > The AUDIT_SECCOMP record looks something like this: > > > > type=SECCOMP msg=audit(1373478171.953:32775): auid=4325 uid=4325 gid=4325 > > ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Eric Paris

On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: > The AUDIT_SECCOMP record looks something like this: > > type=SECCOMP msg=audit(1373478171.953:32775): auid=4325 uid=4325 gid=4325 > ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0 pid=12381 comm="test" > sig=31 syscall=231

[PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Richard Guy Briggs

The AUDIT_SECCOMP record looks something like this: type=SECCOMP msg=audit(1373478171.953:32775): auid=4325 uid=4325 gid=4325 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0 pid=12381 comm="test" sig=31 syscall=231 compat=0 ip=0x39ea8bca89 code=0x0 In order to determine what syscall 231

[PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Richard Guy Briggs

The AUDIT_SECCOMP record looks something like this: type=SECCOMP msg=audit(1373478171.953:32775): auid=4325 uid=4325 gid=4325 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0 pid=12381 comm=test sig=31 syscall=231 compat=0 ip=0x39ea8bca89 code=0x0 In order to determine what syscall 231

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Eric Paris

On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: The AUDIT_SECCOMP record looks something like this: type=SECCOMP msg=audit(1373478171.953:32775): auid=4325 uid=4325 gid=4325 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0 pid=12381 comm=test sig=31 syscall=231 compat=0

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Richard Guy Briggs

On 14/02/14, Eric Paris wrote: On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: The AUDIT_SECCOMP record looks something like this: type=SECCOMP msg=audit(1373478171.953:32775): auid=4325 uid=4325 gid=4325 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0 pid=12381

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Richard Guy Briggs

On 14/02/14, Richard Guy Briggs wrote: On 14/02/14, Eric Paris wrote: On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: The AUDIT_SECCOMP record looks something like this: type=SECCOMP msg=audit(1373478171.953:32775): auid=4325 uid=4325 gid=4325 ses=1

Re: [PATCH] audit: add arch field to seccomp event log

2014-02-14 Thread Eric Paris

On Fri, 2014-02-14 at 15:52 -0500, Richard Guy Briggs wrote: On 14/02/14, Richard Guy Briggs wrote: On 14/02/14, Eric Paris wrote: On Fri, 2014-02-14 at 15:23 -0500, Richard Guy Briggs wrote: The AUDIT_SECCOMP record looks something like this: type=SECCOMP

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

[PATCH] audit: add arch field to seccomp event log

[PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

Re: [PATCH] audit: add arch field to seccomp event log

22 matches

Site Navigation

Mail list logo

Footer information