diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp index aa05932b0134c3bb37eda7d0523caa5c836415ed..c26716d550542c30afcfd97a31a0dd37210b73bc 100644 --- a/logd/LogAudit.cpp +++ b/logd/LogAudit.cpp @@ -47,6 +47,10 @@ LogAudit::LogAudit(LogBuffer *buf, LogReader *reader, int fdDmesg) : logbuf(buf), reader(reader), fdDmesg(fdDmesg), + main(__android_logger_property_get_bool("ro.logd.auditd.main", + BOOL_DEFAULT_TRUE)), + events(__android_logger_property_get_bool("ro.logd.auditd.events", + BOOL_DEFAULT_TRUE)), initialized(false) { static const char auditd_message[] = { KMSG_PRIORITY(LOG_INFO), 'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':', @@ -172,6 +176,11 @@ int LogAudit::logPrint(const char *fmt, ...) { } } + if (!main && !events) { + free(str); + return 0; + } + pid_t pid = getpid(); pid_t tid = gettid(); uid_t uid = AID_LOGD; @@ -222,7 +231,7 @@ int LogAudit::logPrint(const char *fmt, ...) { bool notify = false; - { // begin scope for event buffer + if (events) { // begin scope for event buffer uint32_t buffer[(n + sizeof(uint32_t) - 1) / sizeof(uint32_t)]; android_log_event_string_t *event @@ -277,7 +286,7 @@ int LogAudit::logPrint(const char *fmt, ...) { size_t e = strnlen(ecomm, LOGGER_ENTRY_MAX_PAYLOAD - b); n = b + e + l + 2; - { // begin scope for main buffer + if (main) { // begin scope for main buffer char newstr[n]; *newstr = info ? ANDROID_LOG_INFO : ANDROID_LOG_WARN; diff --git a/logd/LogAudit.h b/logd/LogAudit.h index ab30e286332488dd4f927af1050f7b06c101ed72..844951dae16fca8ddba7f9ff0d6ca416032b1960 100644 --- a/logd/LogAudit.h +++ b/logd/LogAudit.h @@ -26,7 +26,9 @@ class LogReader; class LogAudit : public SocketListener { LogBuffer *logbuf; LogReader *reader; - int fdDmesg; + int fdDmesg; // fdDmesg >= 0 is functionally bool dmesg + bool main; + bool events; bool initialized; public: diff --git a/logd/README.property b/logd/README.property index 791b1d5b91fd71e1fad04818dde2378ee1d5edc2..de6767ad597277f98ef11b4bb6de81cf5c94fcd0 100644 --- a/logd/README.property +++ b/logd/README.property @@ -2,8 +2,9 @@ The properties that logd and friends react to are: name type default description ro.logd.auditd bool true Enable selinux audit daemon -ro.logd.auditd.dmesg bool true selinux audit messages duplicated and - sent on to dmesg log +ro.logd.auditd.dmesg bool true selinux audit messages sent to dmesg. +ro.logd.auditd.main bool true selinux audit messages sent to main. +ro.logd.auditd.events bool true selinux audit messages sent to events. persist.logd.security bool false Enable security buffer. ro.device_owner bool false Override persist.logd.security to false ro.logd.kernel bool+ svelte+ Enable klogd daemon diff --git a/logd/main.cpp b/logd/main.cpp index c3343d785a17b6f2e165877084970c1b078d693b..5878f151e126a41b9930567dfbc251d87fc5ff46 100644 --- a/logd/main.cpp +++ b/logd/main.cpp @@ -451,9 +451,8 @@ int main(int argc, char *argv[]) { pthread_attr_destroy(&attr); } - bool auditd = __android_logger_property_get_bool("logd.auditd", - BOOL_DEFAULT_TRUE | - BOOL_DEFAULT_FLAG_PERSIST); + bool auditd = __android_logger_property_get_bool("ro.logd.auditd", + BOOL_DEFAULT_TRUE); if (drop_privs(klogd, auditd) != 0) { return -1; } @@ -513,8 +512,8 @@ int main(int argc, char *argv[]) { if (auditd) { al = new LogAudit(logBuf, reader, __android_logger_property_get_bool( - "logd.auditd.dmesg", - BOOL_DEFAULT_TRUE | BOOL_DEFAULT_FLAG_PERSIST) + "ro.logd.auditd.dmesg", + BOOL_DEFAULT_TRUE) ? fdDmesg : -1); }