crosvm: enable seccomp logging in debug builds

This will be useful for diagnosing crosvm crashes which are most often caused by seccomp killing a device process. TEST=delete a seccomp filter, run crosvm, check for blocked syscall in /var/log/messages BUG=None Change-Id: I1e01a0794f0349e6ad9b101eb2e32320f60b1283 Reviewed-on: https://chromium-review.googlesource.com/994737 Commit-Ready: Zach Reizner <zachr@chromium.org> Tested-by: Zach Reizner <zachr@chromium.org> Reviewed-by: Stephen Barber <smbarber@chromium.org>
author: Zach Reizner <zachr@google.com> 2018-04-03 20:47:21 -0700
committer: chrome-bot <chrome-bot@chromium.org> 2018-04-04 22:53:21 -0700
commit: 043ddc5c0d281e027f23db049788db29f2fedbe6 (patch)
tree: 21823b9fd3039a5601698b565040f12355bb7281 /src/linux.rs
parent: a7fae252b05b617fd27f58b9bba8122d18154ccb (diff)
download: crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar
crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.gz
crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.bz2
crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.lz
crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.xz
crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.zst
crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/linux.rs b/src/linux.rs
index 1911899..90a2c4d 100644
--- a/src/linux.rs
+++ b/src/linux.rs
@@ -199,6 +199,8 @@ fn create_base_minijail(root: &Path, seccomp_policy: &Path) -> Result<Minijail>
     // Use TSYNC only for the side effect of it using SECCOMP_RET_TRAP, which will correctly kill
     // the entire device process if a worker thread commits a seccomp violation.
     j.set_seccomp_filter_tsync();
+    #[cfg(debug_assertions)]
+    j.log_seccomp_filter_failures();
     j.parse_seccomp_filters(seccomp_policy)
         .map_err(|e| Error::DeviceJail(e))?;
     j.use_seccomp_filter();
author	Zach Reizner <zachr@google.com>	2018-04-03 20:47:21 -0700
committer	chrome-bot <chrome-bot@chromium.org>	2018-04-04 22:53:21 -0700
commit	043ddc5c0d281e027f23db049788db29f2fedbe6 (patch)
tree	21823b9fd3039a5601698b565040f12355bb7281 /src/linux.rs
parent	a7fae252b05b617fd27f58b9bba8122d18154ccb (diff)
download	crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.gz crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.bz2 crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.lz crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.xz crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.tar.zst crosvm-043ddc5c0d281e027f23db049788db29f2fedbe6.zip