audit: Add option to enable/disable syscall audit Enable syscall audit has performance impact on Android, add option to enable/disable the syscall audits. Change-Id: I654e553daca388c03774886bf13410e2fdec0b02 Signed-off-by: Channagoud Kadabi <ckadabi@codeaurora.org>

commit: 820ebd23fb50b7caa8d6a9d7e4ea474c03606ee8 [log] [tgz]
author: Channagoud Kadabi <ckadabi@codeaurora.org> Mon Mar 13 11:42:49 2017 -0700
committer: Channagoud Kadabi <ckadabi@codeaurora.org> Mon Mar 13 12:48:42 2017 -0700
tree: 64aa7e232c33bcd90719815554f749314451b6cc
parent: ebc95a77a8c8d311d99ae40e9d8220cfe475ae06 [diff]
diff --git a/init/Kconfig b/init/Kconfig
index 6a4e13a..007186d 100644
--- a/init/Kconfig
+++ b/init/Kconfig

@@ -312,15 +312,20 @@
 	help
 	  Enable auditing infrastructure that can be used with another
 	  kernel subsystem, such as SELinux (which requires this for
-	  logging of avc messages output).  System call auditing is included
-	  on architectures which support it.
+	  logging of avc messages output). Does not do system-call
+	  auditing without CONFIG_AUDITSYSCALL.
 
 config HAVE_ARCH_AUDITSYSCALL
 	bool
 
 config AUDITSYSCALL
-	def_bool y
+	bool "Enable system-call auditing support"
 	depends on AUDIT && HAVE_ARCH_AUDITSYSCALL
+	default y if SECURITY_SELINUX
+	help
+	  Enable low-overhead system-call auditing infrastructure that
+	  can be used independently or with another kernel subsystem,
+	  such as SELinux.
 
 config AUDIT_WATCH
 	def_bool y
commit	820ebd23fb50b7caa8d6a9d7e4ea474c03606ee8	[log] [tgz]
author	Channagoud Kadabi <ckadabi@codeaurora.org>	Mon Mar 13 11:42:49 2017 -0700
committer	Channagoud Kadabi <ckadabi@codeaurora.org>	Mon Mar 13 12:48:42 2017 -0700
tree	64aa7e232c33bcd90719815554f749314451b6cc
parent	ebc95a77a8c8d311d99ae40e9d8220cfe475ae06 [diff]