Minijail: add logging for seccomp filter failures. BUG=chromium-os:33361 TEST=unit tests TEST=security_Minijail0, security_Minijail_seccomp, platform_CrosDisksArchive Change-Id: I16cdb8fbcf1cb13f2dee5521f97fb8d0bdbdf93b Reviewed-on: https://gerrit.chromium.org/gerrit/29053 Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Commit-Ready: Jorge Lucangeli Obes <jorgelo@chromium.org>

commit: bda833cbcee330eab91561a9b50b6bc24c47f2e9 [log] [tgz]
author: Jorge Lucangeli Obes <jorgelo@chromium.org> Tue Jul 31 16:25:56 2012 -0700
committer: Gerrit <chrome-bot@google.com> Fri Aug 10 18:07:49 2012 -0700
tree: 0ee5665a5e09e2a58c376b52fa8eca77aa164280
parent: a6b034dedfb1109adcd88eb1bcea15a29067824c [diff] [blame]
diff --git a/bpf.h b/bpf.h
index 04ece14..5b41b55 100644
--- a/bpf.h
+++ b/bpf.h

@@ -59,7 +59,7 @@
 #define ARCH_NR	AUDIT_ARCH_X86_64
 #elif defined(__arm__)
 /*
- * <linux/audit.h> includes <linux/elf-em.h>, which does not include EM_ARM.
+ * <linux/audit.h> includes <linux/elf-em.h>, which does not define EM_ARM.
  * <linux/elf.h> only includes <asm/elf.h> if we're in the kernel.
  */
 # ifndef EM_ARM
@@ -147,6 +147,9 @@
 #define set_bpf_ret_kill(_block) \
 	set_bpf_stmt((_block), BPF_RET+BPF_K, SECCOMP_RET_KILL)
 
+#define set_bpf_ret_trap(_block) \
+	set_bpf_stmt((_block), BPF_RET+BPF_K, SECCOMP_RET_TRAP)
+
 #define set_bpf_ret_errno(_block, _errno) \
 	set_bpf_stmt((_block), BPF_RET+BPF_K, \
 		SECCOMP_RET_ERRNO | ((_errno) & SECCOMP_RET_DATA))
commit	bda833cbcee330eab91561a9b50b6bc24c47f2e9	[log] [tgz]
author	Jorge Lucangeli Obes <jorgelo@chromium.org>	Tue Jul 31 16:25:56 2012 -0700
committer	Gerrit <chrome-bot@google.com>	Fri Aug 10 18:07:49 2012 -0700
tree	0ee5665a5e09e2a58c376b52fa8eca77aa164280
parent	a6b034dedfb1109adcd88eb1bcea15a29067824c [diff] [blame]