audit: always enable syscall auditing when supported and audit is enabled

To the best of our knowledge, everyone who enables audit at compile
time also enables syscall auditing; this patch simplifies the Kconfig
menus by removing the option to disable syscall auditing when audit
is selected and the target arch supports it.

Signed-off-by: Paul Moore <pmoore@redhat.com>

diff --git a/init/Kconfig b/init/Kconfig
index 235c7a2c0d2004f1121b7d98f4140683ab45ef53..a9b4c85c036b3910c2fb33604aac43a0b5e999c6 100644 (file)
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -299,20 +299,15 @@ config AUDIT
        help
          Enable auditing infrastructure that can be used with another
          kernel subsystem, such as SELinux (which requires this for
-         logging of avc messages output).  Does not do system-call
-         auditing without CONFIG_AUDITSYSCALL.
+         logging of avc messages output).  System call auditing is included
+         on architectures which support it.
 
 config HAVE_ARCH_AUDITSYSCALL
        bool
 
 config AUDITSYSCALL
-       bool "Enable system-call auditing support"
+       def_bool y
        depends on AUDIT && HAVE_ARCH_AUDITSYSCALL
-       default y if SECURITY_SELINUX
-       help
-         Enable low-overhead system-call auditing infrastructure that
-         can be used independently or with another kernel subsystem,
-         such as SELinux.
 
 config AUDIT_WATCH
        def_bool y