[RFC PATCH ghak10 v2 0/5] audit: Log modifying adjtimex(2) calls

[Ondrej Mosnacek]

This patchset adds a new AUDIT_TIME_ADJUSTED record type, which is 
associated to the adjtimex(2) syscall record whenever it is invoked in 
non-read-only mode.

Changes in v2:
  - The audit_adjtime() function has been modified to only log those fields that contain values that are actually used, resulting in more compact records.
  - The audit_adjtime() call has been moved to do_adjtimex() in timekeeping.c
  - Added an additional patch (for review) that simplifies the detection if the syscall is read-only.