AUDIT_SYSCALL_EXIT(9) Audit Interfaces AUDIT_SYSCALL_EXIT(9)NAMEaudit_syscall_exit - deallocate audit context after a system callSYNOPSISvoid audit_syscall_exit(int valid, long return_code);ARGUMENTSvalid success/failure flag return_code syscall return valueDESCRIPTIONTear down after system call. If the audit context has been marked as auditable (either because of the AUDIT_RECORD_CONTEXT state from filtering, or because some other part of the kernel write an audit message), then write out the syscall information. In call cases, free the names stored from getname.COPYRIGHTKernel Hackers Manual 2.6. July 2010 AUDIT_SYSCALL_EXIT(9)