diff options
author | Zach Reizner <zachr@google.com> | 2017-09-04 15:59:08 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-09-06 14:31:06 -0700 |
commit | 1f77a0daa6ee71de17568c34ad924991cb30a3ee (patch) | |
tree | 19aa93938c97a2b243aeb58635cc9ee7ac3a39d7 /seccomp | |
parent | d0a1fde1c1859a7786c03c0209c83395e89d1184 (diff) | |
download | crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.gz crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.bz2 crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.lz crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.xz crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.tar.zst crosvm-1f77a0daa6ee71de17568c34ad924991cb30a3ee.zip |
sys_util: use libc's openlog to connect to syslog
By using libc's openlog, we can ensure that the internal state of the libc syslogger is consistent with the syslog module. Minijail will be able to print to stderr and the syslog in the same way the logging macros in crosvm do. The FD the syslog module uses is shared with libc and via `syslog::get_fds`, jailed processes can inherit the needed FDs to continue logging. Now that `sys_log::init()` must be called in single threaded process, this moves its tests to the list of the serially run ones in build_test.py. TEST=./build_test BUG=None Change-Id: I8dbc8ebf9d97ef670185259eceac5f6d3d6824ea Reviewed-on: https://chromium-review.googlesource.com/649951 Commit-Ready: Zach Reizner <zachr@chromium.org> Tested-by: Zach Reizner <zachr@chromium.org> Reviewed-by: Jason Clinton <jclinton@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org>
Diffstat (limited to 'seccomp')
-rw-r--r-- | seccomp/x86_64/block_device.policy | 1 | ||||
-rw-r--r-- | seccomp/x86_64/net_device.policy | 1 | ||||
-rw-r--r-- | seccomp/x86_64/rng_device.policy | 1 | ||||
-rw-r--r-- | seccomp/x86_64/vhost_net_device.policy | 1 |
4 files changed, 4 insertions, 0 deletions
diff --git a/seccomp/x86_64/block_device.policy b/seccomp/x86_64/block_device.policy index 67a2786..f1f31f8 100644 --- a/seccomp/x86_64/block_device.policy +++ b/seccomp/x86_64/block_device.policy @@ -22,3 +22,4 @@ write: 1 eventfd2: 1 dup: 1 poll: 1 +getpid: 1 diff --git a/seccomp/x86_64/net_device.policy b/seccomp/x86_64/net_device.policy index 61a1753..e15a00e 100644 --- a/seccomp/x86_64/net_device.policy +++ b/seccomp/x86_64/net_device.policy @@ -20,3 +20,4 @@ sigaltstack: 1 # arg0 is flags. Because kernel. clone: arg0 & 0x00010000 write: 1 +getpid: 1 diff --git a/seccomp/x86_64/rng_device.policy b/seccomp/x86_64/rng_device.policy index cf7ac9b..a5e5bf7 100644 --- a/seccomp/x86_64/rng_device.policy +++ b/seccomp/x86_64/rng_device.policy @@ -21,3 +21,4 @@ write: 1 eventfd2: 1 dup: 1 poll: 1 +getpid: 1 diff --git a/seccomp/x86_64/vhost_net_device.policy b/seccomp/x86_64/vhost_net_device.policy index 65801fe..30f79d9 100644 --- a/seccomp/x86_64/vhost_net_device.policy +++ b/seccomp/x86_64/vhost_net_device.policy @@ -37,3 +37,4 @@ sigaltstack: 1 # arg0 is flags. Because kernel. clone: arg0 & 0x00010000 write: 1 +getpid: 1 |