table of contents
other versions
- stretch 4.9.168-1
__AUDIT_SYSCALL_EXIT(9) | Audit Interfaces | __AUDIT_SYSCALL_EXIT(9) |
NAME¶
__audit_syscall_exit - deallocate audit context after a system callSYNOPSIS¶
void __audit_syscall_exit(int success, long return_code);
ARGUMENTS¶
successsuccess value of the syscall
return_code
return value of the syscall
DESCRIPTION¶
Tear down after system call. If the audit context has been marked as auditable (either because of the AUDIT_RECORD_CONTEXT state from filtering, or because some other part of the kernel wrote an audit message), then write out the syscall information. In call cases, free the names stored from getname.COPYRIGHT¶
April 2019 | Kernel Hackers Manual 4.9. |