add a build-time knob to disable seccomp logging (-L)
People like to turn on -L in places that they shouldn't because it
enables more syscalls in seccomp than is desirable. Turn this into
a build-time knob so we let devs run with this flag while making it
into a stub on release builds.
Bug: chromium:889063
Test: ran `./minijail0 -L -S /dev/null /bin/ls` with `make` and `make ALLOW_DEBUG_LOGGING=no`
Change-Id: I57bea91a0713456e5830312a53f27250a4de5f23
diff --git a/Android.bp b/Android.bp
index acc6ea4..5185aed 100644
--- a/Android.bp
+++ b/Android.bp
@@ -33,6 +33,7 @@
cc_defaults {
name: "libminijail_flags",
cflags: [
+ "-DALLOW_DEBUG_LOGGING",
"-DHAVE_SECUREBITS_H",
"-Wall",
"-Werror",
diff --git a/Makefile b/Makefile
index bcf2217..e303b50 100644
--- a/Makefile
+++ b/Makefile
@@ -18,6 +18,12 @@
CPPFLAGS += -DUSE_SECCOMP_SOFTFAIL
endif
+# Allow people to use -L and related flags.
+ALLOW_DEBUG_LOGGING ?= yes
+ifeq ($(ALLOW_DEBUG_LOGGING),yes)
+CPPFLAGS += -DALLOW_DEBUG_LOGGING
+endif
+
ifeq ($(USE_ASAN),yes)
CPPFLAGS += -fsanitize=address
LDFLAGS += -fsanitize=address
diff --git a/libminijail.c b/libminijail.c
index 5ffe950..651a129 100644
--- a/libminijail.c
+++ b/libminijail.c
@@ -375,7 +375,11 @@
die("minijail_log_seccomp_filter_failures() must be called "
"before minijail_parse_seccomp_filters()");
}
+#ifdef ALLOW_DEBUG_LOGGING
j->flags.seccomp_filter_logging = 1;
+#else
+ warn("non-debug build: ignoring request to enable seccomp logging");
+#endif
}
void API minijail_use_caps(struct minijail *j, uint64_t capmask)
