Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 891df1c4 authored by Treehugger Robot's avatar Treehugger Robot Committed by Gerrit Code Review
Browse files

Merge "logd: Add support for ro.logd.auditd.[main|events]"

parents fd979edb ce80da30

logd/LogAudit.cpp

+11 −2
Original line number Original line Diff line number Diff line
@@ -47,6 +47,10 @@ LogAudit::LogAudit(LogBuffer *buf, LogReader *reader, int fdDmesg) : 
        logbuf(buf),

        logbuf(buf),

        reader(reader),

        reader(reader),

        fdDmesg(fdDmesg),

        fdDmesg(fdDmesg),

        main(__android_logger_property_get_bool("ro.logd.auditd.main",

                                                BOOL_DEFAULT_TRUE)),

        events(__android_logger_property_get_bool("ro.logd.auditd.events",

                                                  BOOL_DEFAULT_TRUE)),

        initialized(false) {

        initialized(false) {

    static const char auditd_message[] = { KMSG_PRIORITY(LOG_INFO),

    static const char auditd_message[] = { KMSG_PRIORITY(LOG_INFO),

        'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':',

        'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':',
@@ -172,6 +176,11 @@ int LogAudit::logPrint(const char *fmt, ...) { 
        }

        }

    }

    }





    if (!main && !events) {

        free(str);

        return 0;

    }



    pid_t pid = getpid();

    pid_t pid = getpid();

    pid_t tid = gettid();

    pid_t tid = gettid();

    uid_t uid = AID_LOGD;

    uid_t uid = AID_LOGD;
@@ -222,7 +231,7 @@ int LogAudit::logPrint(const char *fmt, ...) { 




    bool notify = false;

    bool notify = false;





    {   // begin scope for event buffer

    if (events) {   // begin scope for event buffer

        uint32_t buffer[(n + sizeof(uint32_t) - 1) / sizeof(uint32_t)];

        uint32_t buffer[(n + sizeof(uint32_t) - 1) / sizeof(uint32_t)];





        android_log_event_string_t *event

        android_log_event_string_t *event
@@ -277,7 +286,7 @@ int LogAudit::logPrint(const char *fmt, ...) { 
    size_t e = strnlen(ecomm, LOGGER_ENTRY_MAX_PAYLOAD - b);

    size_t e = strnlen(ecomm, LOGGER_ENTRY_MAX_PAYLOAD - b);

    n = b + e + l + 2;

    n = b + e + l + 2;





    {   // begin scope for main buffer

    if (main) {   // begin scope for main buffer

        char newstr[n];

        char newstr[n];





        *newstr = info ? ANDROID_LOG_INFO : ANDROID_LOG_WARN;

        *newstr = info ? ANDROID_LOG_INFO : ANDROID_LOG_WARN;

logd/LogAudit.h

+3 −1
Original line number Original line Diff line number Diff line
@@ -26,7 +26,9 @@ class LogReader; 
class LogAudit : public SocketListener {

class LogAudit : public SocketListener {

    LogBuffer *logbuf;

    LogBuffer *logbuf;

    LogReader *reader;

    LogReader *reader;

    int fdDmesg;

    int fdDmesg; // fdDmesg >= 0 is functionally bool dmesg

    bool main;

    bool events;

    bool initialized;

    bool initialized;





public:

public:

logd/README.property

+3 −2
Original line number Original line Diff line number Diff line
@@ -2,8 +2,9 @@ The properties that logd and friends react to are: 




name                       type default  description

name                       type default  description

ro.logd.auditd             bool   true   Enable selinux audit daemon

ro.logd.auditd             bool   true   Enable selinux audit daemon

ro.logd.auditd.dmesg       bool   true   selinux audit messages duplicated and

ro.logd.auditd.dmesg       bool   true   selinux audit messages sent to dmesg.

                                         sent on to dmesg log

ro.logd.auditd.main        bool   true   selinux audit messages sent to main.

ro.logd.auditd.events      bool   true   selinux audit messages sent to events.

persist.logd.security      bool   false  Enable security buffer.

persist.logd.security      bool   false  Enable security buffer.

ro.device_owner            bool   false  Override persist.logd.security to false

ro.device_owner            bool   false  Override persist.logd.security to false

ro.logd.kernel             bool+ svelte+ Enable klogd daemon

ro.logd.kernel             bool+ svelte+ Enable klogd daemon

logd/main.cpp

+4 −5
Original line number Original line Diff line number Diff line
@@ -451,9 +451,8 @@ int main(int argc, char *argv[]) { 
        pthread_attr_destroy(&attr);

        pthread_attr_destroy(&attr);

    }

    }





    bool auditd = __android_logger_property_get_bool("logd.auditd",

    bool auditd = __android_logger_property_get_bool("ro.logd.auditd",

                                                     BOOL_DEFAULT_TRUE |

                                                     BOOL_DEFAULT_TRUE);

                                                     BOOL_DEFAULT_FLAG_PERSIST);

    if (drop_privs(klogd, auditd) != 0) {

    if (drop_privs(klogd, auditd) != 0) {

        return -1;

        return -1;

    }

    }
@@ -513,8 +512,8 @@ int main(int argc, char *argv[]) { 
    if (auditd) {

    if (auditd) {

        al = new LogAudit(logBuf, reader,

        al = new LogAudit(logBuf, reader,

                          __android_logger_property_get_bool(

                          __android_logger_property_get_bool(

                              "logd.auditd.dmesg",

                              "ro.logd.auditd.dmesg",

                              BOOL_DEFAULT_TRUE | BOOL_DEFAULT_FLAG_PERSIST)

                              BOOL_DEFAULT_TRUE)

                                  ? fdDmesg

                                  ? fdDmesg

                                  : -1);

                                  : -1);

    }

    }