Replace whitelist with allowlist

PiperOrigin-RevId: 384586164

2 files changed, 15 insertions, 15 deletions

diff --git a/pkg/sentry/control/logging.go b/pkg/sentry/control/logging.go
index 8a500a515..7613dfcbc 100644
--- a/pkg/sentry/control/logging.go
+++ b/pkg/sentry/control/logging.go
@@ -50,20 +50,20 @@ type LoggingArgs struct {
 	// enable strace at all. If this flag is false then a completely
 	// pristine copy of the syscall table will be swapped in. This
 	// approach is used to remain consistent with an empty strace
-	// whitelist meaning trace all system calls.
+	// allowlist meaning trace all system calls.
 	EnableStrace bool
 
-	// Strace is the whitelist of syscalls to trace to log. If this
-	// and StraceEventWhitelist are empty trace all system calls.
-	StraceWhitelist []string
+	// Strace is the allowlist of syscalls to trace to log. If this
+	// and StraceEventAllowlist are empty trace all system calls.
+	StraceAllowlist []string
 
 	// SetEventStrace is a flag used to indicate that event strace
 	// related arguments were passed in.
 	SetEventStrace bool
 
-	// StraceEventWhitelist is the whitelist of syscalls to trace
+	// StraceEventAllowlist is the allowlist of syscalls to trace
 	// to event log.
-	StraceEventWhitelist []string
+	StraceEventAllowlist []string
 }
 
 // Logging provides functions related to logging.
@@ -107,13 +107,13 @@ func (l *Logging) Change(args *LoggingArgs, code *int) error {
 
 func (l *Logging) configureStrace(args *LoggingArgs) error {
 	if args.EnableStrace {
-		// Install the whitelist specified.
-		if len(args.StraceWhitelist) > 0 {
-			if err := strace.Enable(args.StraceWhitelist, strace.SinkTypeLog); err != nil {
+		// Install the allowlist specified.
+		if len(args.StraceAllowlist) > 0 {
+			if err := strace.Enable(args.StraceAllowlist, strace.SinkTypeLog); err != nil {
 				return err
 			}
 		} else {
-			// For convenience, if strace is enabled but whitelist
+			// For convenience, if strace is enabled but allowlist
 			// is empty, enable everything to log.
 			strace.EnableAll(strace.SinkTypeLog)
 		}
@@ -125,8 +125,8 @@ func (l *Logging) configureStrace(args *LoggingArgs) error {
 }
 
 func (l *Logging) configureEventStrace(args *LoggingArgs) error {
-	if len(args.StraceEventWhitelist) > 0 {
-		if err := strace.Enable(args.StraceEventWhitelist, strace.SinkTypeEvent); err != nil {
+	if len(args.StraceEventAllowlist) > 0 {
+		if err := strace.Enable(args.StraceEventAllowlist, strace.SinkTypeEvent); err != nil {
 			return err
 		}
 	} else {
diff --git a/pkg/sentry/strace/strace.go b/pkg/sentry/strace/strace.go
index 3ea9c31dd..757ff2a40 100644
--- a/pkg/sentry/strace/strace.go
+++ b/pkg/sentry/strace/strace.go
@@ -819,10 +819,10 @@ func convertToSyscallFlag(sinks SinkType) uint32 {
 	return ret
 }
 
-// Enable enables the syscalls in whitelist in all syscall tables.
+// Enable enables the syscalls in allowlist in all syscall tables.
 //
 // Preconditions: Initialize has been called.
-func Enable(whitelist []string, sinks SinkType) error {
+func Enable(allowlist []string, sinks SinkType) error {
 	flags := convertToSyscallFlag(sinks)
 	for _, table := range kernel.SyscallTables() {
 		// Is this known?
@@ -832,7 +832,7 @@ func Enable(whitelist []string, sinks SinkType) error {
 		}
 
 		// Convert to a set of system calls numbers.
-		wl, err := sys.ConvertToSysnoMap(whitelist)
+		wl, err := sys.ConvertToSysnoMap(allowlist)
 		if err != nil {
 			return err
 		}