Refactor logging in Minijail.
That way, the syscall filtering module can log to syslog without
duplicating code. While I'm at it, make naming more consistent.
BUG=None
TEST=unit
TEST=security_Minijail0, security_Minijail_seccomp, platform_CrosDisksArchive
Change-Id: I7102ca22f49dd7e5bb56bf2997d0d83cb0507e83
Reviewed-on: https://gerrit.chromium.org/gerrit/29080
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Commit-Ready: Jorge Lucangeli Obes <jorgelo@chromium.org>
diff --git a/syscall_filter.c b/syscall_filter.c
index 0908ad8..c075d66 100644
--- a/syscall_filter.c
+++ b/syscall_filter.c
@@ -10,19 +10,14 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <syslog.h>
#include "syscall_filter.h"
#include "libsyscalls.h"
+#include "logging.h"
#define MAX_LINE_LENGTH 1024
-#define error(_msg, ...) do { \
- fprintf(stderr, "minijail: error: " _msg, ## __VA_ARGS__); \
- abort(); \
-} while (0)
-
int str_to_op(const char *op_str)
{
if (!strcmp(op_str, "==")) {
@@ -41,7 +36,7 @@
{
struct sock_filter *buf = calloc(count, sizeof(struct sock_filter));
if (!buf)
- error("could not allocate BPF instruction buffer");
+ die("could not allocate BPF instruction buffer");
return buf;
}
@@ -60,7 +55,7 @@
} else {
new_last = calloc(1, sizeof(struct filter_block));
if (!new_last)
- error("could not allocate BPF filter block");
+ die("could not allocate BPF filter block");
if (head->next != NULL) {
head->last->next = new_last;
@@ -107,7 +102,7 @@
{
int label_id = bpf_label_id(labels, label_str);
if (label_id < 0)
- error("could not allocate BPF label string");
+ die("could not allocate BPF label string");
return label_id;
}