Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 83d85563 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

logd: throttle SELinux denials to 20/sec 

Impose a limit of 20 selinux denials per second. Denials beyond
that point don't add any value, and have the potential to cause
crashes or denial of service attacks.

Do some other misc cleanup while I'm here.

Bug: 18341932

(cherry picked from commit c234a1b8)

Change-Id: Ic5c96003db82e504baf301e87be5c8c539c73c2a
parent 86c9e5f7

logd/LogAudit.cpp

+1 −1
Original line number Diff line number Diff line
@@ -248,7 +248,7 @@ int LogAudit::getLogSocket() { 
    if (fd < 0) {

        return fd;

    }

    if (audit_set_pid(fd, getpid(), WAIT_YES) < 0) {

    if (audit_setup(fd, getpid()) < 0) {

        audit_close(fd);

        fd = -1;

    }

logd/libaudit.c

+11 −13
Original line number Diff line number Diff line
@@ -162,7 +162,7 @@ out: 
    return rc;

}



int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode)

int audit_setup(int fd, uint32_t pid)

{

    int rc;

    struct audit_message rep;
@@ -176,7 +176,8 @@ int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode) 
     * and the the mask set to AUDIT_STATUS_PID

     */

    status.pid = pid;

    status.mask = AUDIT_STATUS_PID;

    status.mask = AUDIT_STATUS_PID | AUDIT_STATUS_RATE_LIMIT;

    status.rate_limit = 20; // audit entries per second



    /* Let the kernel know this pid will be registering for audit events */

    rc = audit_send(fd, AUDIT_SET, &status, sizeof(status));
@@ -188,24 +189,21 @@ int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode) 
    /*

     * In a request where we need to wait for a response, wait for the message

     * and discard it. This message confirms and sync's us with the kernel.

     * This daemon is now registered as the audit logger. Only wait if the

     * wmode is != WAIT_NO

     */

    if (wmode != WAIT_NO) {

        /* TODO

     * This daemon is now registered as the audit logger.

     *

     * TODO

     * If the daemon dies and restarts the message didn't come back,

     * so I went to non-blocking and it seemed to fix the bug.

     * Need to investigate further.

     */

    audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, 0);

    }



    return 0;

}



int audit_open()

{

    return socket(PF_NETLINK, SOCK_RAW, NETLINK_AUDIT);

    return socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_AUDIT);

}



int audit_get_reply(int fd, struct audit_message *rep, reply_t block, int peek)

logd/libaudit.h

+1 −8
Original line number Diff line number Diff line
@@ -37,11 +37,6 @@ typedef enum { 
    GET_REPLY_NONBLOCKING

} reply_t;



typedef enum {

    WAIT_NO,

    WAIT_YES

} rep_wait_t;



/* type == AUDIT_SIGNAL_INFO */

struct audit_sig_info {

    uid_t uid;
@@ -92,12 +87,10 @@ extern int audit_get_reply(int fd, struct audit_message *rep, reply_t block, 
 *  The fd returned by a call to audit_open()

 * @param pid

 *  The pid whom to set as the reciever of audit messages

 * @param wmode

 *  Whether or not to block on the underlying socket io calls.

 * @return

 *  This function returns 0 on success, -errno on error.

 */

extern int  audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode);

extern int  audit_setup(int fd, uint32_t pid);



__END_DECLS