audit: always enable syscall auditing when supported and audit is enabled

To the best of our knowledge, everyone who enables audit at compile time also enables syscall auditing; this patch simplifies the Kconfig menus by removing the option to disable syscall auditing when audit is selected and the target arch supports it. Signed-off-by: N Paul Moore <pmoore@redhat.com>

audit: always enable syscall auditing when supported and audit is enabled
To the best of our knowledge, everyone who enables audit at compile time also enables syscall auditing; this patch simplifies the Kconfig menus by removing the option to disable syscall auditing when audit is selected and the target arch supports it. Signed-off-by: N Paul Moore <pmoore@redhat.com>
cb74ed27 · Paul Moore · Paul Moore · 96368701 · cb74ed27
隐藏空白更改
内联并排

Showing with 3 addition and 8 deletion

init/Kconfig init/Kconfig +3 -8

未找到文件。
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -299,20 +299,15 @@ config AUDIT
 	help
 	  Enable auditing infrastructure that can be used with another
 	  kernel subsystem, such as SELinux (which requires this for
-	  logging of avc messages output).  Does not do system-call
+	  logging of avc messages output).  System call auditing is included
-	  auditing without CONFIG_AUDITSYSCALL.
+	  on architectures which support it.
 config HAVE_ARCH_AUDITSYSCALL
 	bool
 config AUDITSYSCALL
-	bool "Enable system-call auditing support"
+	def_bool y
 	depends on AUDIT && HAVE_ARCH_AUDITSYSCALL
-	default y if SECURITY_SELINUX
-	help
-	  Enable low-overhead system-call auditing infrastructure that
-	  can be used independently or with another kernel subsystem,
-	  such as SELinux.
 config AUDIT_WATCH
 	def_bool y