parisc: add kernel audit feature

Implement missing functions for parisc to provide kernel audit feature. Signed-off-by: Helge Deller <deller@gmx.de>
author: Helge Deller <deller@gmx.de> 2013-10-15 13:25:46 -0400
committer: Helge Deller <deller@gmx.de> 2013-11-07 16:27:20 -0500
commit: 527973c84077eb9273d0b2408655620de2e30136 (patch)
tree: d70e6bb6f4c4f1eed2dd9fcdadded6d000ad19c5 /arch/parisc
parent: 61dbbaeb86c2181c79efae2d186193e0f8008af1 (diff)
7 files changed, 157 insertions, 5 deletions
diff --git a/arch/parisc/Kconfig b/arch/parisc/Kconfig
index ad2ce8dab996..7dcde539d61e 100644
--- a/arch/parisc/Kconfig
+++ b/arch/parisc/Kconfig
@@ -287,6 +287,9 @@ config SYSVIPC_COMPAT
        def_bool y
        depends on COMPAT && SYSVIPC
+config AUDIT_ARCH
+        def_bool y
 config HPUX
        bool "Support for HP-UX binaries"
        depends on !64BIT
diff --git a/arch/parisc/include/asm/ptrace.h b/arch/parisc/include/asm/ptrace.h
index a2db278a5def..3c3cb004b7e2 100644
--- a/arch/parisc/include/asm/ptrace.h
+++ b/arch/parisc/include/asm/ptrace.h
@@ -19,5 +19,9 @@
 #define user_stack_pointer(regs)        ((regs)->gr[30])
 unsigned long profile_pc(struct pt_regs *);
+static inline unsigned long regs_return_value(struct pt_regs *regs)
+{
+        return regs->gr[20];
+}
 #endif
diff --git a/arch/parisc/include/asm/thread_info.h b/arch/parisc/include/asm/thread_info.h
index 540c88fa8f86..bc7cf120106b 100644
--- a/arch/parisc/include/asm/thread_info.h
+++ b/arch/parisc/include/asm/thread_info.h
@@ -59,6 +59,7 @@ struct thread_info {
 #define TIF_32BIT               4       /* 32 bit binary */
 #define TIF_MEMDIE              5       /* is terminating due to OOM killer */
 #define TIF_RESTORE_SIGMASK     6       /* restore saved signal mask */
+#define TIF_SYSCALL_AUDIT       7       /* syscall auditing active */
 #define TIF_NOTIFY_RESUME       8       /* callback before returning to user */
 #define TIF_SINGLESTEP          9       /* single stepping? */
 #define TIF_BLOCKSTEP           10      /* branch stepping? */
@@ -68,6 +69,7 @@ struct thread_info {
 #define _TIF_NEED_RESCHED       (1 << TIF_NEED_RESCHED)
 #define _TIF_POLLING_NRFLAG     (1 << TIF_POLLING_NRFLAG)
 #define _TIF_32BIT              (1 << TIF_32BIT)
+#define _TIF_SYSCALL_AUDIT      (1 << TIF_SYSCALL_AUDIT)
 #define _TIF_NOTIFY_RESUME      (1 << TIF_NOTIFY_RESUME)
 #define _TIF_SINGLESTEP         (1 << TIF_SINGLESTEP)
 #define _TIF_BLOCKSTEP          (1 << TIF_BLOCKSTEP)
@@ -75,7 +77,7 @@ struct thread_info {
 #define _TIF_USER_WORK_MASK     (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | \
                                 _TIF_NEED_RESCHED)
 #define _TIF_SYSCALL_TRACE_MASK (_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP | \
-                                 _TIF_BLOCKSTEP)
+                                 _TIF_BLOCKSTEP | _TIF_SYSCALL_AUDIT)
 #endif /* __KERNEL__ */
diff --git a/arch/parisc/kernel/Makefile b/arch/parisc/kernel/Makefile
index 66ee3f12df58..ff87b4603e3d 100644
--- a/arch/parisc/kernel/Makefile
+++ b/arch/parisc/kernel/Makefile
@@ -29,7 +29,9 @@ obj-$(CONFIG_PCI)	+= pci.o
 obj-$(CONFIG_MODULES)   += module.o
 obj-$(CONFIG_64BIT)     += binfmt_elf32.o sys_parisc32.o signal32.o
 obj-$(CONFIG_STACKTRACE)+= stacktrace.o
+obj-$(CONFIG_AUDIT)     += audit.o
+obj64-$(CONFIG_AUDIT)   += compat_audit.o
 # only supported for PCX-W/U in 64-bit mode at the moment
-obj-$(CONFIG_64BIT)     += perf.o perf_asm.o
+obj-$(CONFIG_64BIT)     += perf.o perf_asm.o $(obj64-y)
 obj-$(CONFIG_FUNCTION_TRACER)           += ftrace.o
 obj-$(CONFIG_FUNCTION_GRAPH_TRACER)     += ftrace.o
diff --git a/arch/parisc/kernel/audit.c b/arch/parisc/kernel/audit.c
new file mode 100644
index 000000000000..eb64a6148c82
--- /dev/null
+++ b/arch/parisc/kernel/audit.c
@@ -0,0 +1,81 @@
+#include <linux/init.h>
+#include <linux/types.h>
+#include <linux/audit.h>
+#include <asm/unistd.h>
+static unsigned dir_class[] = {
+#include <asm-generic/audit_dir_write.h>
+~0U
+};
+static unsigned read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
+static unsigned write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+static unsigned chattr_class[] = {
+#include <asm-generic/audit_change_attr.h>
+~0U
+};
+static unsigned signal_class[] = {
+#include <asm-generic/audit_signal.h>
+~0U
+};
+int audit_classify_arch(int arch)
+{
+#ifdef CONFIG_COMPAT
+        if (arch == AUDIT_ARCH_PARISC)
+                return 1;
+#endif
+        return 0;
+}
+int audit_classify_syscall(int abi, unsigned syscall)
+{
+#ifdef CONFIG_COMPAT
+        extern int parisc32_classify_syscall(unsigned);
+        if (abi == AUDIT_ARCH_PARISC)
+                return parisc32_classify_syscall(syscall);
+#endif
+        switch (syscall) {
+        case __NR_open:
+                return 2;
+        case __NR_openat:
+                return 3;
+        case __NR_execve:
+                return 5;
+        default:
+                return 0;
+        }
+}
+static int __init audit_classes_init(void)
+{
+#ifdef CONFIG_COMPAT
+        extern __u32 parisc32_dir_class[];
+        extern __u32 parisc32_write_class[];
+        extern __u32 parisc32_read_class[];
+        extern __u32 parisc32_chattr_class[];
+        extern __u32 parisc32_signal_class[];
+        audit_register_class(AUDIT_CLASS_WRITE_32, parisc32_write_class);
+        audit_register_class(AUDIT_CLASS_READ_32, parisc32_read_class);
+        audit_register_class(AUDIT_CLASS_DIR_WRITE_32, parisc32_dir_class);
+        audit_register_class(AUDIT_CLASS_CHATTR_32, parisc32_chattr_class);
+        audit_register_class(AUDIT_CLASS_SIGNAL_32, parisc32_signal_class);
+#endif
+        audit_register_class(AUDIT_CLASS_WRITE, write_class);
+        audit_register_class(AUDIT_CLASS_READ, read_class);
+        audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
+        audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
+        audit_register_class(AUDIT_CLASS_SIGNAL, signal_class);
+        return 0;
+}
+__initcall(audit_classes_init);
diff --git a/arch/parisc/kernel/compat_audit.c b/arch/parisc/kernel/compat_audit.c
new file mode 100644
index 000000000000..c74478f6bc74
--- /dev/null
+++ b/arch/parisc/kernel/compat_audit.c
@@ -0,0 +1,40 @@
+#include <asm/unistd.h>
+unsigned int parisc32_dir_class[] = {
+#include <asm-generic/audit_dir_write.h>
+~0U
+};
+unsigned int parisc32_chattr_class[] = {
+#include <asm-generic/audit_change_attr.h>
+~0U
+};
+unsigned int parisc32_write_class[] = {
+#include <asm-generic/audit_write.h>
+~0U
+};
+unsigned int parisc32_read_class[] = {
+#include <asm-generic/audit_read.h>
+~0U
+};
+unsigned int parisc32_signal_class[] = {
+#include <asm-generic/audit_signal.h>
+~0U
+};
+int parisc32_classify_syscall(unsigned syscall)
+{
+        switch (syscall) {
+        case __NR_open:
+                return 2;
+        case __NR_openat:
+                return 3;
+        case __NR_execve:
+                return 5;
+        default:
+                return 1;
+        }
+}
diff --git a/arch/parisc/kernel/ptrace.c b/arch/parisc/kernel/ptrace.c
index 534abd4936e1..e842ee233db4 100644
--- a/arch/parisc/kernel/ptrace.c
+++ b/arch/parisc/kernel/ptrace.c
@@ -19,6 +19,7 @@
 #include <linux/security.h>
 #include <linux/compat.h>
 #include <linux/signal.h>
+#include <linux/audit.h>
 #include <asm/uaccess.h>
 #include <asm/pgtable.h>
@@ -267,11 +268,28 @@ long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
 long do_syscall_trace_enter(struct pt_regs *regs)
 {
+        long ret = 0;
        if (test_thread_flag(TIF_SYSCALL_TRACE) &&
            tracehook_report_syscall_entry(regs))
-                return -1L;
+                ret = -1L;
-        return regs->gr[20];
+#ifdef CONFIG_64BIT
+        if (!is_compat_task())
+                audit_syscall_entry(AUDIT_ARCH_PARISC64,
+                        regs->gr[20],
+                        regs->gr[26], regs->gr[25],
+                        regs->gr[24], regs->gr[23]);
+        else
+#endif
+                audit_syscall_entry(AUDIT_ARCH_PARISC,
+                        regs->gr[20] & 0xffffffff,
+                        regs->gr[26] & 0xffffffff,
+                        regs->gr[25] & 0xffffffff,
+                        regs->gr[24] & 0xffffffff,
+                        regs->gr[23] & 0xffffffff);
+        return ret ? : regs->gr[20];
 }
 void do_syscall_trace_exit(struct pt_regs *regs)
@@ -279,6 +297,8 @@ void do_syscall_trace_exit(struct pt_regs *regs)
        int stepping = test_thread_flag(TIF_SINGLESTEP) ||
                test_thread_flag(TIF_BLOCKSTEP);
+        audit_syscall_exit(regs);
        if (stepping || test_thread_flag(TIF_SYSCALL_TRACE))
                tracehook_report_syscall_exit(regs, stepping);
 }
author	Helge Deller <deller@gmx.de>	2013-10-15 13:25:46 -0400
committer	Helge Deller <deller@gmx.de>	2013-11-07 16:27:20 -0500
commit	527973c84077eb9273d0b2408655620de2e30136 (patch)
tree	d70e6bb6f4c4f1eed2dd9fcdadded6d000ad19c5 /arch/parisc
parent	61dbbaeb86c2181c79efae2d186193e0f8008af1 (diff)

diff --git a/arch/parisc/Kconfig b/arch/parisc/Kconfig index ad2ce8dab996..7dcde539d61e 100644 --- a/arch/parisc/Kconfig +++ b/arch/parisc/Kconfig
@@ -287,6 +287,9 @@ config SYSVIPC_COMPAT
287	def_bool y	287	def_bool y
288	depends on COMPAT && SYSVIPC	288	depends on COMPAT && SYSVIPC
289		289
		290	config AUDIT_ARCH
		291	def_bool y
		292
290	config HPUX	293	config HPUX
291	bool "Support for HP-UX binaries"	294	bool "Support for HP-UX binaries"
292	depends on !64BIT	295	depends on !64BIT


diff --git a/arch/parisc/include/asm/ptrace.h b/arch/parisc/include/asm/ptrace.h index a2db278a5def..3c3cb004b7e2 100644 --- a/arch/parisc/include/asm/ptrace.h +++ b/arch/parisc/include/asm/ptrace.h
@@ -19,5 +19,9 @@
19	#define user_stack_pointer(regs) ((regs)->gr[30])	19	#define user_stack_pointer(regs) ((regs)->gr[30])
20	unsigned long profile_pc(struct pt_regs *);	20	unsigned long profile_pc(struct pt_regs *);
21		21
		22	static inline unsigned long regs_return_value(struct pt_regs *regs)
		23	{
		24	return regs->gr[20];
		25	}
22		26
23	#endif	27	#endif


diff --git a/arch/parisc/include/asm/thread_info.h b/arch/parisc/include/asm/thread_info.h index 540c88fa8f86..bc7cf120106b 100644 --- a/arch/parisc/include/asm/thread_info.h +++ b/arch/parisc/include/asm/thread_info.h
@@ -59,6 +59,7 @@ struct thread_info {
59	#define TIF_32BIT 4 /* 32 bit binary */	59	#define TIF_32BIT 4 /* 32 bit binary */
60	#define TIF_MEMDIE 5 /* is terminating due to OOM killer */	60	#define TIF_MEMDIE 5 /* is terminating due to OOM killer */
61	#define TIF_RESTORE_SIGMASK 6 /* restore saved signal mask */	61	#define TIF_RESTORE_SIGMASK 6 /* restore saved signal mask */
		62	#define TIF_SYSCALL_AUDIT 7 /* syscall auditing active */
62	#define TIF_NOTIFY_RESUME 8 /* callback before returning to user */	63	#define TIF_NOTIFY_RESUME 8 /* callback before returning to user */
63	#define TIF_SINGLESTEP 9 /* single stepping? */	64	#define TIF_SINGLESTEP 9 /* single stepping? */
64	#define TIF_BLOCKSTEP 10 /* branch stepping? */	65	#define TIF_BLOCKSTEP 10 /* branch stepping? */
@@ -68,6 +69,7 @@ struct thread_info {
68	#define _TIF_NEED_RESCHED (1 << TIF_NEED_RESCHED)	69	#define _TIF_NEED_RESCHED (1 << TIF_NEED_RESCHED)
69	#define _TIF_POLLING_NRFLAG (1 << TIF_POLLING_NRFLAG)	70	#define _TIF_POLLING_NRFLAG (1 << TIF_POLLING_NRFLAG)
70	#define _TIF_32BIT (1 << TIF_32BIT)	71	#define _TIF_32BIT (1 << TIF_32BIT)
		72	#define _TIF_SYSCALL_AUDIT (1 << TIF_SYSCALL_AUDIT)
71	#define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME)	73	#define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME)
72	#define _TIF_SINGLESTEP (1 << TIF_SINGLESTEP)	74	#define _TIF_SINGLESTEP (1 << TIF_SINGLESTEP)
73	#define _TIF_BLOCKSTEP (1 << TIF_BLOCKSTEP)	75	#define _TIF_BLOCKSTEP (1 << TIF_BLOCKSTEP)
@@ -75,7 +77,7 @@ struct thread_info {
75	#define _TIF_USER_WORK_MASK (_TIF_SIGPENDING \| _TIF_NOTIFY_RESUME \| \	77	#define _TIF_USER_WORK_MASK (_TIF_SIGPENDING \| _TIF_NOTIFY_RESUME \| \
76	_TIF_NEED_RESCHED)	78	_TIF_NEED_RESCHED)
77	#define _TIF_SYSCALL_TRACE_MASK (_TIF_SYSCALL_TRACE \| _TIF_SINGLESTEP \| \	79	#define _TIF_SYSCALL_TRACE_MASK (_TIF_SYSCALL_TRACE \| _TIF_SINGLESTEP \| \
78	_TIF_BLOCKSTEP)	80	_TIF_BLOCKSTEP \| _TIF_SYSCALL_AUDIT)
79		81
80	#endif /* __KERNEL__ */	82	#endif /* __KERNEL__ */
81		83


diff --git a/arch/parisc/kernel/Makefile b/arch/parisc/kernel/Makefile index 66ee3f12df58..ff87b4603e3d 100644 --- a/arch/parisc/kernel/Makefile +++ b/arch/parisc/kernel/Makefile
@@ -29,7 +29,9 @@ obj-$(CONFIG_PCI) += pci.o
29	obj-$(CONFIG_MODULES) += module.o	29	obj-$(CONFIG_MODULES) += module.o
30	obj-$(CONFIG_64BIT) += binfmt_elf32.o sys_parisc32.o signal32.o	30	obj-$(CONFIG_64BIT) += binfmt_elf32.o sys_parisc32.o signal32.o
31	obj-$(CONFIG_STACKTRACE)+= stacktrace.o	31	obj-$(CONFIG_STACKTRACE)+= stacktrace.o
		32	obj-$(CONFIG_AUDIT) += audit.o
		33	obj64-$(CONFIG_AUDIT) += compat_audit.o
32	# only supported for PCX-W/U in 64-bit mode at the moment	34	# only supported for PCX-W/U in 64-bit mode at the moment
33	obj-$(CONFIG_64BIT) += perf.o perf_asm.o	35	obj-$(CONFIG_64BIT) += perf.o perf_asm.o $(obj64-y)
34	obj-$(CONFIG_FUNCTION_TRACER) += ftrace.o	36	obj-$(CONFIG_FUNCTION_TRACER) += ftrace.o
35	obj-$(CONFIG_FUNCTION_GRAPH_TRACER) += ftrace.o	37	obj-$(CONFIG_FUNCTION_GRAPH_TRACER) += ftrace.o


diff --git a/arch/parisc/kernel/audit.c b/arch/parisc/kernel/audit.c new file mode 100644 index 000000000000..eb64a6148c82 --- /dev/null +++ b/arch/parisc/kernel/audit.c
@@ -0,0 +1,81 @@
		1	#include <linux/init.h>
		2	#include <linux/types.h>
		3	#include <linux/audit.h>
		4	#include <asm/unistd.h>
		5
		6	static unsigned dir_class[] = {
		7	#include <asm-generic/audit_dir_write.h>
		8	~0U
		9	};
		10
		11	static unsigned read_class[] = {
		12	#include <asm-generic/audit_read.h>
		13	~0U
		14	};
		15
		16	static unsigned write_class[] = {
		17	#include <asm-generic/audit_write.h>
		18	~0U
		19	};
		20
		21	static unsigned chattr_class[] = {
		22	#include <asm-generic/audit_change_attr.h>
		23	~0U
		24	};
		25
		26	static unsigned signal_class[] = {
		27	#include <asm-generic/audit_signal.h>
		28	~0U
		29	};
		30
		31	int audit_classify_arch(int arch)
		32	{
		33	#ifdef CONFIG_COMPAT
		34	if (arch == AUDIT_ARCH_PARISC)
		35	return 1;
		36	#endif
		37	return 0;
		38	}
		39
		40	int audit_classify_syscall(int abi, unsigned syscall)
		41	{
		42	#ifdef CONFIG_COMPAT
		43	extern int parisc32_classify_syscall(unsigned);
		44	if (abi == AUDIT_ARCH_PARISC)
		45	return parisc32_classify_syscall(syscall);
		46	#endif
		47	switch (syscall) {
		48	case __NR_open:
		49	return 2;
		50	case __NR_openat:
		51	return 3;
		52	case __NR_execve:
		53	return 5;
		54	default:
		55	return 0;
		56	}
		57	}
		58
		59	static int __init audit_classes_init(void)
		60	{
		61	#ifdef CONFIG_COMPAT
		62	extern __u32 parisc32_dir_class[];
		63	extern __u32 parisc32_write_class[];
		64	extern __u32 parisc32_read_class[];
		65	extern __u32 parisc32_chattr_class[];
		66	extern __u32 parisc32_signal_class[];
		67	audit_register_class(AUDIT_CLASS_WRITE_32, parisc32_write_class);
		68	audit_register_class(AUDIT_CLASS_READ_32, parisc32_read_class);
		69	audit_register_class(AUDIT_CLASS_DIR_WRITE_32, parisc32_dir_class);
		70	audit_register_class(AUDIT_CLASS_CHATTR_32, parisc32_chattr_class);
		71	audit_register_class(AUDIT_CLASS_SIGNAL_32, parisc32_signal_class);
		72	#endif
		73	audit_register_class(AUDIT_CLASS_WRITE, write_class);
		74	audit_register_class(AUDIT_CLASS_READ, read_class);
		75	audit_register_class(AUDIT_CLASS_DIR_WRITE, dir_class);
		76	audit_register_class(AUDIT_CLASS_CHATTR, chattr_class);
		77	audit_register_class(AUDIT_CLASS_SIGNAL, signal_class);
		78	return 0;
		79	}
		80
		81	__initcall(audit_classes_init);


diff --git a/arch/parisc/kernel/compat_audit.c b/arch/parisc/kernel/compat_audit.c new file mode 100644 index 000000000000..c74478f6bc74 --- /dev/null +++ b/arch/parisc/kernel/compat_audit.c
@@ -0,0 +1,40 @@
		1	#include <asm/unistd.h>
		2
		3	unsigned int parisc32_dir_class[] = {
		4	#include <asm-generic/audit_dir_write.h>
		5	~0U
		6	};
		7
		8	unsigned int parisc32_chattr_class[] = {
		9	#include <asm-generic/audit_change_attr.h>
		10	~0U
		11	};
		12
		13	unsigned int parisc32_write_class[] = {
		14	#include <asm-generic/audit_write.h>
		15	~0U
		16	};
		17
		18	unsigned int parisc32_read_class[] = {
		19	#include <asm-generic/audit_read.h>
		20	~0U
		21	};
		22
		23	unsigned int parisc32_signal_class[] = {
		24	#include <asm-generic/audit_signal.h>
		25	~0U
		26	};
		27
		28	int parisc32_classify_syscall(unsigned syscall)
		29	{
		30	switch (syscall) {
		31	case __NR_open:
		32	return 2;
		33	case __NR_openat:
		34	return 3;
		35	case __NR_execve:
		36	return 5;
		37	default:
		38	return 1;
		39	}
		40	}


diff --git a/arch/parisc/kernel/ptrace.c b/arch/parisc/kernel/ptrace.c index 534abd4936e1..e842ee233db4 100644 --- a/arch/parisc/kernel/ptrace.c +++ b/arch/parisc/kernel/ptrace.c
@@ -19,6 +19,7 @@
19	#include <linux/security.h>	19	#include <linux/security.h>
20	#include <linux/compat.h>	20	#include <linux/compat.h>
21	#include <linux/signal.h>	21	#include <linux/signal.h>
		22	#include <linux/audit.h>
22		23
23	#include <asm/uaccess.h>	24	#include <asm/uaccess.h>
24	#include <asm/pgtable.h>	25	#include <asm/pgtable.h>
@@ -267,11 +268,28 @@ long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
267		268
268	long do_syscall_trace_enter(struct pt_regs *regs)	269	long do_syscall_trace_enter(struct pt_regs *regs)
269	{	270	{
		271	long ret = 0;
		272
270	if (test_thread_flag(TIF_SYSCALL_TRACE) &&	273	if (test_thread_flag(TIF_SYSCALL_TRACE) &&
271	tracehook_report_syscall_entry(regs))	274	tracehook_report_syscall_entry(regs))
272	return -1L;	275	ret = -1L;
273		276
274	return regs->gr[20];	277	#ifdef CONFIG_64BIT
		278	if (!is_compat_task())
		279	audit_syscall_entry(AUDIT_ARCH_PARISC64,
		280	regs->gr[20],
		281	regs->gr[26], regs->gr[25],
		282	regs->gr[24], regs->gr[23]);
		283	else
		284	#endif
		285	audit_syscall_entry(AUDIT_ARCH_PARISC,
		286	regs->gr[20] & 0xffffffff,
		287	regs->gr[26] & 0xffffffff,
		288	regs->gr[25] & 0xffffffff,
		289	regs->gr[24] & 0xffffffff,
		290	regs->gr[23] & 0xffffffff);
		291
		292	return ret ? : regs->gr[20];
275	}	293	}
276		294
277	void do_syscall_trace_exit(struct pt_regs *regs)	295	void do_syscall_trace_exit(struct pt_regs *regs)
@@ -279,6 +297,8 @@ void do_syscall_trace_exit(struct pt_regs *regs)
279	int stepping = test_thread_flag(TIF_SINGLESTEP) \|\|	297	int stepping = test_thread_flag(TIF_SINGLESTEP) \|\|
280	test_thread_flag(TIF_BLOCKSTEP);	298	test_thread_flag(TIF_BLOCKSTEP);
281		299
		300	audit_syscall_exit(regs);
		301
282	if (stepping \|\| test_thread_flag(TIF_SYSCALL_TRACE))	302	if (stepping \|\| test_thread_flag(TIF_SYSCALL_TRACE))
283	tracehook_report_syscall_exit(regs, stepping);	303	tracehook_report_syscall_exit(regs, stepping);
284	}	304	}