Merge "Add JNI bridge to the new logd security buffer." (900fe241) · Commits · e / os / android_frameworks_base

Android.mk

+1 −0

Original line number	Diff line number	Diff line
		@@ -42,6 +42,7 @@ LOCAL_SRC_FILES := $(call find-other-java-files,$(FRAMEWORKS_BASE_SUBDIRS))

		# EventLogTags files.
		LOCAL_SRC_FILES += \
		core/java/android/auditing/SecurityLogTags.logtags \
		core/java/android/content/EventLogTags.logtags \
		core/java/android/speech/tts/EventLogTags.logtags \
		core/java/android/webkit/EventLogTags.logtags \

api/current.txt

+24 −0

Original line number	Diff line number	Diff line
		@@ -6477,6 +6477,30 @@ package android.appwidget {

		}

		package android.auditing {

		public class SecurityLog {
		ctor public SecurityLog();
		field public static final int TAG_ADB_SHELL_CMD = 210002; // 0x33452
		field public static final int TAG_ADB_SHELL_INTERACTIVE = 210001; // 0x33451
		field public static final int TAG_APP_PROCESS_START = 210005; // 0x33455
		field public static final int TAG_DEVICE_LOCKED = 210007; // 0x33457
		field public static final int TAG_DEVICE_UNLOCK_ATTEMPT = 210006; // 0x33456
		field public static final int TAG_SYNC_RECV_FILE = 210003; // 0x33453
		field public static final int TAG_SYNC_SEND_FILE = 210004; // 0x33454
		}

		public static class SecurityLog.SecurityEvent implements android.os.Parcelable {
		method public int describeContents();
		method public java.lang.Object getData();
		method public int getTag();
		method public long getTimeNanos();
		method public void writeToParcel(android.os.Parcel, int);
		field public static final android.os.Parcelable.Creator<android.auditing.SecurityLog.SecurityEvent> CREATOR;
		}

		}

		package android.bluetooth {

		public final class BluetoothA2dp implements android.bluetooth.BluetoothProfile {

api/system-current.txt

+24 −0

Original line number	Diff line number	Diff line
		@@ -6701,6 +6701,30 @@ package android.appwidget {

		}

		package android.auditing {

		public class SecurityLog {
		ctor public SecurityLog();
		field public static final int TAG_ADB_SHELL_CMD = 210002; // 0x33452
		field public static final int TAG_ADB_SHELL_INTERACTIVE = 210001; // 0x33451
		field public static final int TAG_APP_PROCESS_START = 210005; // 0x33455
		field public static final int TAG_DEVICE_LOCKED = 210007; // 0x33457
		field public static final int TAG_DEVICE_UNLOCK_ATTEMPT = 210006; // 0x33456
		field public static final int TAG_SYNC_RECV_FILE = 210003; // 0x33453
		field public static final int TAG_SYNC_SEND_FILE = 210004; // 0x33454
		}

		public static class SecurityLog.SecurityEvent implements android.os.Parcelable {
		method public int describeContents();
		method public java.lang.Object getData();
		method public int getTag();
		method public long getTimeNanos();
		method public void writeToParcel(android.os.Parcel, int);
		field public static final android.os.Parcelable.Creator<android.auditing.SecurityLog.SecurityEvent> CREATOR;
		}

		}

		package android.bluetooth {

		public final class BluetoothA2dp implements android.bluetooth.BluetoothProfile {

api/test-current.txt

+24 −0

Original line number	Diff line number	Diff line
		@@ -6479,6 +6479,30 @@ package android.appwidget {

		}

		package android.auditing {

		public class SecurityLog {
		ctor public SecurityLog();
		field public static final int TAG_ADB_SHELL_CMD = 210002; // 0x33452
		field public static final int TAG_ADB_SHELL_INTERACTIVE = 210001; // 0x33451
		field public static final int TAG_APP_PROCESS_START = 210005; // 0x33455
		field public static final int TAG_DEVICE_LOCKED = 210007; // 0x33457
		field public static final int TAG_DEVICE_UNLOCK_ATTEMPT = 210006; // 0x33456
		field public static final int TAG_SYNC_RECV_FILE = 210003; // 0x33453
		field public static final int TAG_SYNC_SEND_FILE = 210004; // 0x33454
		}

		public static class SecurityLog.SecurityEvent implements android.os.Parcelable {
		method public int describeContents();
		method public java.lang.Object getData();
		method public int getTag();
		method public long getTimeNanos();
		method public void writeToParcel(android.os.Parcel, int);
		field public static final android.os.Parcelable.Creator<android.auditing.SecurityLog.SecurityEvent> CREATOR;
		}

		}

		package android.bluetooth {

		public final class BluetoothA2dp implements android.bluetooth.BluetoothProfile {

core/java/android/auditing/SecurityLog.java

0 → 100644

+210 −0

Original line number	Diff line number	Diff line
		/*
		* Copyright (C) 2016 The Android Open Source Project
		*
		* Licensed under the Apache License, Version 2.0 (the "License");
		* you may not use this file except in compliance with the License.
		* You may obtain a copy of the License at
		*
		* http://www.apache.org/licenses/LICENSE-2.0
		*
		* Unless required by applicable law or agreed to in writing, software
		* distributed under the License is distributed on an "AS IS" BASIS,
		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		* See the License for the specific language governing permissions and
		* limitations under the License.
		*/

		package android.auditing;

		import android.annotation.IntDef;
		import android.os.Parcel;
		import android.os.Parcelable;
		import android.os.SystemProperties;
		import android.util.EventLog.Event;

		import java.io.IOException;
		import java.lang.annotation.Retention;
		import java.lang.annotation.RetentionPolicy;
		import java.util.Collection;

		public class SecurityLog {

		private static final String PROPERTY_LOGGING_ENABLED = "persist.logd.security";

		/** @hide */
		@Retention(RetentionPolicy.SOURCE)
		@IntDef({TAG_ADB_SHELL_INTERACTIVE, TAG_ADB_SHELL_CMD, TAG_SYNC_RECV_FILE, TAG_SYNC_SEND_FILE,
		TAG_APP_PROCESS_START, TAG_DEVICE_UNLOCK_ATTEMPT, TAG_DEVICE_LOCKED})
		public @interface SECURITY_LOG_TAG {}

		/**
		* Indicate that an ADB interactive shell was opened via "adb shell".
		* There is no extra payload in the log event.
		*/
		public static final int TAG_ADB_SHELL_INTERACTIVE =
		SecurityLogTags.SECURITY_ADB_SHELL_INTERACTIVE;
		/**
		* Indicate that an shell command was issued over ADB via "adb shell command"
		* The log entry contains a string data of the shell command, accessible via
		* {@link SecurityEvent#getData()}
		*/
		public static final int TAG_ADB_SHELL_CMD = SecurityLogTags.SECURITY_ADB_SHELL_COMMAND;
		/**
		* Indicate that a file was pulled from the device via the adb daemon, for example via
		* "adb pull". The log entry contains a string data of the path of the pulled file,
		* accessible via {@link SecurityEvent#getData()}
		*/
		public static final int TAG_SYNC_RECV_FILE = SecurityLogTags.SECURITY_ADB_SYNC_RECV;
		/**
		* Indicate that a file was pushed to the device via the adb daemon, for example via
		* "adb push". The log entry contains a string data of the destination path of the
		* pushed file, accessible via {@link SecurityEvent#getData()}
		*/
		public static final int TAG_SYNC_SEND_FILE = SecurityLogTags.SECURITY_ADB_SYNC_SEND;
		/**
		* Indicate that an app process was started. The log entry contains the following
		* information about the process in order, accessible via {@link SecurityEvent#getData()}}:
		* process name (String), exact start time (long), app Uid (integer), app Pid (integer),
		* seinfo tag (String), SHA-256 hash of the APK in hexadecimal (String)
		*/
		public static final int TAG_APP_PROCESS_START = SecurityLogTags.SECURITY_APP_PROCESS_START;

		/**
		* Indicate that there has been an attempt to unlock the device. The log entry contains the
		* following information about the attempt in order, accessible via
		* {@link SecurityEvent#getData()}}: unlock result (integer, 1 for successful unlock, 0 for
		* unsuccessful), unlock method (String)
		*/
		public static final int TAG_DEVICE_UNLOCK_ATTEMPT =
		SecurityLogTags.SECURITY_DEVICE_UNLOCK_ATTEMPT;

		/**
		* Indicate that the device has been locked, either by user or by timeout.
		*/
		public static final int TAG_DEVICE_LOCKED = SecurityLogTags.SECURITY_DEVICE_LOCKED;


		/**
		* Returns if device logging is enabled. Log producers should only write new logs if this is
		* true. Under the hood this is the logical AND of whether device owner exists and whether
		* it enables logging by setting the system property {@link #PROPERTY_LOGGING_ENABLED}.
		* @hide
		*/
		public static native boolean isLoggingEnabled();

		/**
		* @hide
		*/
		public static void setLoggingEnabledProperty(boolean enabled) {
		SystemProperties.set(PROPERTY_LOGGING_ENABLED, enabled ? "true" : "false");
		}

		/**
		* @hide
		*/
		public static boolean getLoggingEnabledProperty() {
		return SystemProperties.getBoolean(PROPERTY_LOGGING_ENABLED, false);
		}

		/**
		* A class representing a security event log entry.
		*/
		public static class SecurityEvent implements Parcelable {
		private Event mEvent;

		/** @hide */
		/package/ SecurityEvent(byte[] data) {
		mEvent = Event.fromBytes(data);
		}

		/**
		* Returns the timestamp in nano seconds when this event was logged.
		*/
		public long getTimeNanos() {
		return mEvent.getTimeNanos();
		}

		/**
		* Returns the tag of this log entry, which specifies entry's semantics.
		* Could be one of {@link SecurityLog#TAG_SYNC_RECV_FILE},
		* {@link SecurityLog#TAG_SYNC_SEND_FILE}, {@link SecurityLog#TAG_ADB_SHELL_CMD},
		* {@link SecurityLog#TAG_ADB_SHELL_INTERACTIVE}, {@link SecurityLog#TAG_APP_PROCESS_START}.
		*/
		public @SECURITY_LOG_TAG int getTag() {
		return mEvent.getTag();
		}

		/**
		* Returns the payload contained in this log. Each call to this method will
		* retrieve the next payload item. If no more payload exists, it returns {@code null}.
		*/
		public Object getData() {
		return mEvent.getData();
		}

		@Override
		public int describeContents() {
		return 0;
		}

		@Override
		public void writeToParcel(Parcel dest, int flags) {
		dest.writeByteArray(mEvent.getBytes());
		}

		public static final Parcelable.Creator<SecurityEvent> CREATOR =
		new Parcelable.Creator<SecurityEvent>() {
		@Override
		public SecurityEvent createFromParcel(Parcel source) {
		return new SecurityEvent(source.createByteArray());
		}

		@Override
		public SecurityEvent[] newArray(int size) {
		return new SecurityEvent[size];
		}
		};
		}
		/**
		* Retrieve all security logs and return immediately.
		* @hide
		*/
		public static native void readEvents(Collection<SecurityEvent> output) throws IOException;

		/**
		* Retrieve all security logs since the given timestamp in nanoseconds and return immediately.
		* @hide
		*/
		public static native void readEventsSince(long timestamp, Collection<SecurityEvent> output)
		throws IOException;

		/**
		* Retrieve all security logs before the last reboot. May return corrupted data due to
		* unreliable pstore.
		* @hide
		*/
		public static native void readPreviousEvents(Collection<SecurityEvent> output)
		throws IOException;

		/**
		* Retrieve all security logs whose timestamp (in nanosceonds) is equal to or greater than the
		* given timestamp. This method will block until either the last log earlier than the given
		* timestamp is about to be pruned, or after a 2-hour timeout has passed.
		* @hide
		*/
		public static native void readEventsOnWrapping(long timestamp, Collection<SecurityEvent> output)
		throws IOException;

		/**
		* Write a log entry to the underlying storage, with a string payload.
		* @hide
		*/
		public static native int writeEvent(int tag, String str);

		/**
		* Write a log entry to the underlying storage, with several payloads.
		* Supported types of payload are: integer, long, float, string plus array of supported types.
		* @hide
		*/
		public static native int writeEvent(int tag, Object... payloads);
		}