audit_log_start(9)

1AUDIT_LOG_START(9)             Audit Interfaces             AUDIT_LOG_START(9)
2
3
4

NAME

6       audit_log_start - obtain an audit buffer
7

SYNOPSIS

9       struct audit_buffer * audit_log_start(struct audit_context * ctx,
10                                             gfp_t gfp_mask, int type);
11

ARGUMENTS

13       ctx
14           audit_context (may be NULL)
15
16       gfp_mask
17           type of allocation
18
19       type
20           audit message type
21

DESCRIPTION

23       Returns audit_buffer pointer on success or NULL on error.
24
25       Obtain an audit buffer. This routine does locking to obtain the audit
26       buffer, but then no locking is required for calls to audit_log_*format.
27       If the task (ctx) is a task that is currently in a syscall, then the
28       syscall is marked as auditable and an audit record will be written at
29       syscall exit. If there is no associated task, then task context (ctx)
30       should be NULL.
31

COPYRIGHT

33Kernel Hackers Manual 3.10         June 2019                AUDIT_LOG_START(9)