[PATCH 3/5] v2 seccomp_filters: Enable ftrace-based system call filtering
James Morris
jmorris at namei.org
Thu May 12 21:33:27 EST 2011
On Wed, 11 May 2011, Will Drewry wrote:
> +void seccomp_filter_log_failure(int syscall)
> +{
> + printk(KERN_INFO
> + "%s[%d]: system call %d (%s) blocked at ip:%lx\n",
> + current->comm, task_pid_nr(current), syscall,
> + syscall_nr_to_name(syscall), KSTK_EIP(current));
> +}
I think it'd be a good idea to utilize the audit facility here.
- James
--
James Morris
<jmorris at namei.org>
More information about the Linuxppc-dev
mailing list