diff options
author | Mark Salyzyn <salyzyn@google.com> | 2014-05-27 22:55:35 +0000 |
---|---|---|
committer | Android Git Automerger <android-git-automerger@android.com> | 2014-05-27 22:55:35 +0000 |
commit | 1e4cfe0636f5ade52e8aabac90166b7040e60d8e (patch) | |
tree | 8d39ef1957a0524ca47ca791930b359acddd3fb7 | |
parent | 769db021e6b61d10c13a7b17a72750f18ebdee16 (diff) | |
parent | 5df557f6b05ebde2e3f98affa54ef60b717d4b96 (diff) | |
download | system_core-1e4cfe0636f5ade52e8aabac90166b7040e60d8e.zip system_core-1e4cfe0636f5ade52e8aabac90166b7040e60d8e.tar.gz system_core-1e4cfe0636f5ade52e8aabac90166b7040e60d8e.tar.bz2 |
am 5df557f6: Merge "logd: logcat: debuggerd: audit logs to events and main"
* commit '5df557f6b05ebde2e3f98affa54ef60b717d4b96':
logd: logcat: debuggerd: audit logs to events and main
-rwxr-xr-x | debuggerd/tombstone.cpp | 1 | ||||
-rw-r--r-- | logcat/logcat.cpp | 5 | ||||
-rw-r--r-- | logd/LogAudit.cpp | 107 |
3 files changed, 81 insertions, 32 deletions
diff --git a/debuggerd/tombstone.cpp b/debuggerd/tombstone.cpp index 1a00146..cdaa09f 100755 --- a/debuggerd/tombstone.cpp +++ b/debuggerd/tombstone.cpp @@ -583,7 +583,6 @@ static void dump_log_file(log_t* log, pid_t pid, const char* filename, static void dump_logs(log_t* log, pid_t pid, unsigned tail) { dump_log_file(log, pid, "system", tail); dump_log_file(log, pid, "main", tail); - dump_log_file(log, pid, "events", tail); } static void dump_abort_message(Backtrace* backtrace, log_t* log, uintptr_t address) { diff --git a/logcat/logcat.cpp b/logcat/logcat.cpp index ed2c241..16fe7ee 100644 --- a/logcat/logcat.cpp +++ b/logcat/logcat.cpp @@ -633,11 +633,6 @@ int main(int argc, char **argv) dev = dev->next = new log_device_t("crash", false, 'c'); android::g_devCount++; } - if (android_name_to_log_id("events") == LOG_ID_EVENTS) { - dev = dev->next = new log_device_t("events", true, 'e'); - android::g_devCount++; - needBinary = true; - } } if (android::g_logRotateSizeKBytes != 0 diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp index 0651a92..f8d6162 100644 --- a/logd/LogAudit.cpp +++ b/logd/LogAudit.cpp @@ -70,6 +70,11 @@ int LogAudit::logPrint(const char *fmt, ...) { return rc; } + char *cp; + while ((cp = strstr(str, " "))) { + memmove(cp, cp + 1, strlen(cp + 1) + 1); + } + if (fdDmesg >= 0) { struct iovec iov[2]; @@ -88,12 +93,11 @@ int LogAudit::logPrint(const char *fmt, ...) { static const char audit_str[] = " audit("; char *timeptr = strstr(str, audit_str); - char *cp; if (timeptr && ((cp = now.strptime(timeptr + sizeof(audit_str) - 1, "%s.%q"))) && (*cp == ':')) { memcpy(timeptr + sizeof(audit_str) - 1, "0.0", 3); - strcpy(timeptr + sizeof(audit_str) - 1 + 3, cp); + memmove(timeptr + sizeof(audit_str) - 1 + 3, cp, strlen(cp) + 1); } else { now.strptime("", ""); // side effect of setting CLOCK_REALTIME } @@ -109,37 +113,88 @@ int LogAudit::logPrint(const char *fmt, ...) { } tid = pid; uid = logbuf->pidToUid(pid); - strcpy(pidptr, cp); + memmove(pidptr, cp, strlen(cp) + 1); } - size_t n = strlen(str); - n += sizeof(uint32_t) + sizeof(uint8_t) + sizeof(uint32_t); + // log to events + + size_t l = strlen(str); + size_t n = l + sizeof(uint32_t) + sizeof(uint8_t) + sizeof(uint32_t); + + bool notify = false; char *newstr = reinterpret_cast<char *>(malloc(n)); if (!newstr) { - free(str); - return -ENOMEM; - } - - char *msg = newstr; - *msg++ = AUDITD_LOG_TAG & 0xFF; - *msg++ = (AUDITD_LOG_TAG >> 8) & 0xFF; - *msg++ = (AUDITD_LOG_TAG >> 16) & 0xFF; - *msg++ = (AUDITD_LOG_TAG >> 24) & 0xFF; - *msg++ = EVENT_TYPE_STRING; - size_t l = n - sizeof(uint32_t) - sizeof(uint8_t) - sizeof(uint32_t); - *msg++ = l & 0xFF; - *msg++ = (l >> 8) & 0xFF; - *msg++ = (l >> 16) & 0xFF; - *msg++ = (l >> 24) & 0xFF; - memcpy(msg, str, l); - free(str); + rc = -ENOMEM; + } else { + cp = newstr; + *cp++ = AUDITD_LOG_TAG & 0xFF; + *cp++ = (AUDITD_LOG_TAG >> 8) & 0xFF; + *cp++ = (AUDITD_LOG_TAG >> 16) & 0xFF; + *cp++ = (AUDITD_LOG_TAG >> 24) & 0xFF; + *cp++ = EVENT_TYPE_STRING; + *cp++ = l & 0xFF; + *cp++ = (l >> 8) & 0xFF; + *cp++ = (l >> 16) & 0xFF; + *cp++ = (l >> 24) & 0xFF; + memcpy(cp, str, l); + + logbuf->log(LOG_ID_EVENTS, now, uid, pid, tid, newstr, + (n <= USHRT_MAX) ? (unsigned short) n : USHRT_MAX); + free(newstr); + + notify = true; + } + + // log to main + + static const char comm_str[] = " comm=\""; + const char *comm = strstr(str, comm_str); + const char *estr = str + strlen(str); + if (comm) { + estr = comm; + comm += sizeof(comm_str) - 1; + } else if (pid == getpid()) { + pid = tid; + comm = "auditd"; + } else if (!(comm = logbuf->pidToName(pid))) { + comm = "unknown"; + } + + const char *ecomm = strchr(comm, '"'); + if (ecomm) { + ++ecomm; + l = ecomm - comm; + } else { + l = strlen(comm) + 1; + ecomm = ""; + } + n = (estr - str) + strlen(ecomm) + l + 2; + + newstr = reinterpret_cast<char *>(malloc(n)); + if (!newstr) { + rc = -ENOMEM; + } else { + *newstr = (strstr(str, " permissive=1") + || strstr(str, " policy loaded ")) + ? ANDROID_LOG_INFO + : ANDROID_LOG_WARN; + strlcpy(newstr + 1, comm, l); + strncpy(newstr + 1 + l, str, estr - str); + strcpy(newstr + 1 + l + (estr - str), ecomm); + + logbuf->log(LOG_ID_MAIN, now, uid, pid, tid, newstr, + (n <= USHRT_MAX) ? (unsigned short) n : USHRT_MAX); + free(newstr); + + notify = true; + } - logbuf->log(LOG_ID_EVENTS, now, uid, pid, tid, newstr, - (n <= USHRT_MAX) ? (unsigned short) n : USHRT_MAX); - reader->notifyNewLog(); + free(str); - free(newstr); + if (notify) { + reader->notifyNewLog(); + } return rc; } |