NAME¶

__audit_syscall_exit - deallocate audit context after a system call

SYNOPSIS¶

void __audit_syscall_exit(int success, long return_code);

ARGUMENTS¶

success

success value of the syscall

return_code

return value of the syscall

DESCRIPTION¶

Tear down after system call. If the audit context has been marked as auditable (either because of the AUDIT_RECORD_CONTEXT state from filtering, or because some other part of the kernel wrote an audit message), then write out the syscall information. In call cases, free the names stored from getname.

COPYRIGHT¶

June 2024

Kernel Hackers Manual 3.10

Source file:	__audit_syscall_exit.9.en.gz (from kernel-doc 3.10.0-1160.119.1.el7)
Source last updated:	2024-06-21 21:10:41
Converted to HTML:	2024-06-22 22:06:57