Loading logd/LogAudit.cpp +1 −1 Original line number Diff line number Diff line Loading @@ -248,7 +248,7 @@ int LogAudit::getLogSocket() { if (fd < 0) { return fd; } if (audit_set_pid(fd, getpid(), WAIT_YES) < 0) { if (audit_setup(fd, getpid()) < 0) { audit_close(fd); fd = -1; } Loading logd/libaudit.c +11 −13 Original line number Diff line number Diff line Loading @@ -162,7 +162,7 @@ out: return rc; } int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode) int audit_setup(int fd, uint32_t pid) { int rc; struct audit_message rep; Loading @@ -176,7 +176,8 @@ int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode) * and the the mask set to AUDIT_STATUS_PID */ status.pid = pid; status.mask = AUDIT_STATUS_PID; status.mask = AUDIT_STATUS_PID | AUDIT_STATUS_RATE_LIMIT; status.rate_limit = 20; // audit entries per second /* Let the kernel know this pid will be registering for audit events */ rc = audit_send(fd, AUDIT_SET, &status, sizeof(status)); Loading @@ -188,24 +189,21 @@ int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode) /* * In a request where we need to wait for a response, wait for the message * and discard it. This message confirms and sync's us with the kernel. * This daemon is now registered as the audit logger. Only wait if the * wmode is != WAIT_NO */ if (wmode != WAIT_NO) { /* TODO * This daemon is now registered as the audit logger. * * TODO * If the daemon dies and restarts the message didn't come back, * so I went to non-blocking and it seemed to fix the bug. * Need to investigate further. */ audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, 0); } return 0; } int audit_open() { return socket(PF_NETLINK, SOCK_RAW, NETLINK_AUDIT); return socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_AUDIT); } int audit_get_reply(int fd, struct audit_message *rep, reply_t block, int peek) Loading logd/libaudit.h +1 −8 Original line number Diff line number Diff line Loading @@ -37,11 +37,6 @@ typedef enum { GET_REPLY_NONBLOCKING } reply_t; typedef enum { WAIT_NO, WAIT_YES } rep_wait_t; /* type == AUDIT_SIGNAL_INFO */ struct audit_sig_info { uid_t uid; Loading Loading @@ -92,12 +87,10 @@ extern int audit_get_reply(int fd, struct audit_message *rep, reply_t block, * The fd returned by a call to audit_open() * @param pid * The pid whom to set as the reciever of audit messages * @param wmode * Whether or not to block on the underlying socket io calls. * @return * This function returns 0 on success, -errno on error. */ extern int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode); extern int audit_setup(int fd, uint32_t pid); __END_DECLS Loading Loading
logd/LogAudit.cpp +1 −1 Original line number Diff line number Diff line Loading @@ -248,7 +248,7 @@ int LogAudit::getLogSocket() { if (fd < 0) { return fd; } if (audit_set_pid(fd, getpid(), WAIT_YES) < 0) { if (audit_setup(fd, getpid()) < 0) { audit_close(fd); fd = -1; } Loading
logd/libaudit.c +11 −13 Original line number Diff line number Diff line Loading @@ -162,7 +162,7 @@ out: return rc; } int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode) int audit_setup(int fd, uint32_t pid) { int rc; struct audit_message rep; Loading @@ -176,7 +176,8 @@ int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode) * and the the mask set to AUDIT_STATUS_PID */ status.pid = pid; status.mask = AUDIT_STATUS_PID; status.mask = AUDIT_STATUS_PID | AUDIT_STATUS_RATE_LIMIT; status.rate_limit = 20; // audit entries per second /* Let the kernel know this pid will be registering for audit events */ rc = audit_send(fd, AUDIT_SET, &status, sizeof(status)); Loading @@ -188,24 +189,21 @@ int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode) /* * In a request where we need to wait for a response, wait for the message * and discard it. This message confirms and sync's us with the kernel. * This daemon is now registered as the audit logger. Only wait if the * wmode is != WAIT_NO */ if (wmode != WAIT_NO) { /* TODO * This daemon is now registered as the audit logger. * * TODO * If the daemon dies and restarts the message didn't come back, * so I went to non-blocking and it seemed to fix the bug. * Need to investigate further. */ audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, 0); } return 0; } int audit_open() { return socket(PF_NETLINK, SOCK_RAW, NETLINK_AUDIT); return socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_AUDIT); } int audit_get_reply(int fd, struct audit_message *rep, reply_t block, int peek) Loading
logd/libaudit.h +1 −8 Original line number Diff line number Diff line Loading @@ -37,11 +37,6 @@ typedef enum { GET_REPLY_NONBLOCKING } reply_t; typedef enum { WAIT_NO, WAIT_YES } rep_wait_t; /* type == AUDIT_SIGNAL_INFO */ struct audit_sig_info { uid_t uid; Loading Loading @@ -92,12 +87,10 @@ extern int audit_get_reply(int fd, struct audit_message *rep, reply_t block, * The fd returned by a call to audit_open() * @param pid * The pid whom to set as the reciever of audit messages * @param wmode * Whether or not to block on the underlying socket io calls. * @return * This function returns 0 on success, -errno on error. */ extern int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode); extern int audit_setup(int fd, uint32_t pid); __END_DECLS Loading
