summary refs log tree commit diff
path: root/seccomp
diff options
context:
space:
mode:
authorZach Reizner <zachr@google.com>2017-09-04 15:59:08 -0700
committerchrome-bot <chrome-bot@chromium.org>2017-09-06 14:31:06 -0700
commit1f77a0daa6ee71de17568c34ad924991cb30a3ee (patch)
tree19aa93938c97a2b243aeb58635cc9ee7ac3a39d7 /seccomp
parentd0a1fde1c1859a7786c03c0209c83395e89d1184 (diff)
downloadcrosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar
crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.gz
crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.bz2
crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.lz
crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.xz
crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.zst
crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.zip
sys_util: use libc's openlog to connect to syslog
By using libc's openlog, we can ensure that the internal state of the
libc syslogger is consistent with the syslog module. Minijail will be
able to print to stderr and the syslog in the same way the logging
macros in crosvm do. The FD the syslog module uses is shared with libc
and via `syslog::get_fds`, jailed processes can inherit the needed FDs
to continue logging.

Now that `sys_log::init()` must be called in single threaded process,
this moves its tests to the list of the serially run ones in
build_test.py.

TEST=./build_test
BUG=None

Change-Id: I8dbc8ebf9d97ef670185259eceac5f6d3d6824ea
Reviewed-on: https://chromium-review.googlesource.com/649951
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Diffstat (limited to 'seccomp')
-rw-r--r--seccomp/x86_64/block_device.policy1
-rw-r--r--seccomp/x86_64/net_device.policy1
-rw-r--r--seccomp/x86_64/rng_device.policy1
-rw-r--r--seccomp/x86_64/vhost_net_device.policy1
4 files changed, 4 insertions, 0 deletions
diff --git a/seccomp/x86_64/block_device.policy b/seccomp/x86_64/block_device.policy
index 67a2786..f1f31f8 100644
--- a/seccomp/x86_64/block_device.policy
+++ b/seccomp/x86_64/block_device.policy
@@ -22,3 +22,4 @@ write: 1
 eventfd2: 1
 dup: 1
 poll: 1
+getpid: 1
diff --git a/seccomp/x86_64/net_device.policy b/seccomp/x86_64/net_device.policy
index 61a1753..e15a00e 100644
--- a/seccomp/x86_64/net_device.policy
+++ b/seccomp/x86_64/net_device.policy
@@ -20,3 +20,4 @@ sigaltstack: 1
 # arg0 is flags. Because kernel.
 clone: arg0 & 0x00010000
 write: 1
+getpid: 1
diff --git a/seccomp/x86_64/rng_device.policy b/seccomp/x86_64/rng_device.policy
index cf7ac9b..a5e5bf7 100644
--- a/seccomp/x86_64/rng_device.policy
+++ b/seccomp/x86_64/rng_device.policy
@@ -21,3 +21,4 @@ write: 1
 eventfd2: 1
 dup: 1
 poll: 1
+getpid: 1
diff --git a/seccomp/x86_64/vhost_net_device.policy b/seccomp/x86_64/vhost_net_device.policy
index 65801fe..30f79d9 100644
--- a/seccomp/x86_64/vhost_net_device.policy
+++ b/seccomp/x86_64/vhost_net_device.policy
@@ -37,3 +37,4 @@ sigaltstack: 1
 # arg0 is flags. Because kernel.
 clone: arg0 & 0x00010000
 write: 1
+getpid: 1
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 18:37:41 +0000