summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMark Salyzyn <salyzyn@google.com>2014-05-27 22:55:35 +0000
committerAndroid Git Automerger <android-git-automerger@android.com>2014-05-27 22:55:35 +0000
commit1e4cfe0636f5ade52e8aabac90166b7040e60d8e (patch)
tree8d39ef1957a0524ca47ca791930b359acddd3fb7
parent769db021e6b61d10c13a7b17a72750f18ebdee16 (diff)
parent5df557f6b05ebde2e3f98affa54ef60b717d4b96 (diff)
downloadsystem_core-1e4cfe0636f5ade52e8aabac90166b7040e60d8e.zip
system_core-1e4cfe0636f5ade52e8aabac90166b7040e60d8e.tar.gz
system_core-1e4cfe0636f5ade52e8aabac90166b7040e60d8e.tar.bz2
am 5df557f6: Merge "logd: logcat: debuggerd: audit logs to events and main"
* commit '5df557f6b05ebde2e3f98affa54ef60b717d4b96': logd: logcat: debuggerd: audit logs to events and main
-rwxr-xr-xdebuggerd/tombstone.cpp1
-rw-r--r--logcat/logcat.cpp5
-rw-r--r--logd/LogAudit.cpp107
3 files changed, 81 insertions, 32 deletions
diff --git a/debuggerd/tombstone.cpp b/debuggerd/tombstone.cpp
index 1a00146..cdaa09f 100755
--- a/debuggerd/tombstone.cpp
+++ b/debuggerd/tombstone.cpp
@@ -583,7 +583,6 @@ static void dump_log_file(log_t* log, pid_t pid, const char* filename,
static void dump_logs(log_t* log, pid_t pid, unsigned tail) {
dump_log_file(log, pid, "system", tail);
dump_log_file(log, pid, "main", tail);
- dump_log_file(log, pid, "events", tail);
}
static void dump_abort_message(Backtrace* backtrace, log_t* log, uintptr_t address) {
diff --git a/logcat/logcat.cpp b/logcat/logcat.cpp
index ed2c241..16fe7ee 100644
--- a/logcat/logcat.cpp
+++ b/logcat/logcat.cpp
@@ -633,11 +633,6 @@ int main(int argc, char **argv)
dev = dev->next = new log_device_t("crash", false, 'c');
android::g_devCount++;
}
- if (android_name_to_log_id("events") == LOG_ID_EVENTS) {
- dev = dev->next = new log_device_t("events", true, 'e');
- android::g_devCount++;
- needBinary = true;
- }
}
if (android::g_logRotateSizeKBytes != 0
diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp
index 0651a92..f8d6162 100644
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp
@@ -70,6 +70,11 @@ int LogAudit::logPrint(const char *fmt, ...) {
return rc;
}
+ char *cp;
+ while ((cp = strstr(str, " "))) {
+ memmove(cp, cp + 1, strlen(cp + 1) + 1);
+ }
+
if (fdDmesg >= 0) {
struct iovec iov[2];
@@ -88,12 +93,11 @@ int LogAudit::logPrint(const char *fmt, ...) {
static const char audit_str[] = " audit(";
char *timeptr = strstr(str, audit_str);
- char *cp;
if (timeptr
&& ((cp = now.strptime(timeptr + sizeof(audit_str) - 1, "%s.%q")))
&& (*cp == ':')) {
memcpy(timeptr + sizeof(audit_str) - 1, "0.0", 3);
- strcpy(timeptr + sizeof(audit_str) - 1 + 3, cp);
+ memmove(timeptr + sizeof(audit_str) - 1 + 3, cp, strlen(cp) + 1);
} else {
now.strptime("", ""); // side effect of setting CLOCK_REALTIME
}
@@ -109,37 +113,88 @@ int LogAudit::logPrint(const char *fmt, ...) {
}
tid = pid;
uid = logbuf->pidToUid(pid);
- strcpy(pidptr, cp);
+ memmove(pidptr, cp, strlen(cp) + 1);
}
- size_t n = strlen(str);
- n += sizeof(uint32_t) + sizeof(uint8_t) + sizeof(uint32_t);
+ // log to events
+
+ size_t l = strlen(str);
+ size_t n = l + sizeof(uint32_t) + sizeof(uint8_t) + sizeof(uint32_t);
+
+ bool notify = false;
char *newstr = reinterpret_cast<char *>(malloc(n));
if (!newstr) {
- free(str);
- return -ENOMEM;
- }
-
- char *msg = newstr;
- *msg++ = AUDITD_LOG_TAG & 0xFF;
- *msg++ = (AUDITD_LOG_TAG >> 8) & 0xFF;
- *msg++ = (AUDITD_LOG_TAG >> 16) & 0xFF;
- *msg++ = (AUDITD_LOG_TAG >> 24) & 0xFF;
- *msg++ = EVENT_TYPE_STRING;
- size_t l = n - sizeof(uint32_t) - sizeof(uint8_t) - sizeof(uint32_t);
- *msg++ = l & 0xFF;
- *msg++ = (l >> 8) & 0xFF;
- *msg++ = (l >> 16) & 0xFF;
- *msg++ = (l >> 24) & 0xFF;
- memcpy(msg, str, l);
- free(str);
+ rc = -ENOMEM;
+ } else {
+ cp = newstr;
+ *cp++ = AUDITD_LOG_TAG & 0xFF;
+ *cp++ = (AUDITD_LOG_TAG >> 8) & 0xFF;
+ *cp++ = (AUDITD_LOG_TAG >> 16) & 0xFF;
+ *cp++ = (AUDITD_LOG_TAG >> 24) & 0xFF;
+ *cp++ = EVENT_TYPE_STRING;
+ *cp++ = l & 0xFF;
+ *cp++ = (l >> 8) & 0xFF;
+ *cp++ = (l >> 16) & 0xFF;
+ *cp++ = (l >> 24) & 0xFF;
+ memcpy(cp, str, l);
+
+ logbuf->log(LOG_ID_EVENTS, now, uid, pid, tid, newstr,
+ (n <= USHRT_MAX) ? (unsigned short) n : USHRT_MAX);
+ free(newstr);
+
+ notify = true;
+ }
+
+ // log to main
+
+ static const char comm_str[] = " comm=\"";
+ const char *comm = strstr(str, comm_str);
+ const char *estr = str + strlen(str);
+ if (comm) {
+ estr = comm;
+ comm += sizeof(comm_str) - 1;
+ } else if (pid == getpid()) {
+ pid = tid;
+ comm = "auditd";
+ } else if (!(comm = logbuf->pidToName(pid))) {
+ comm = "unknown";
+ }
+
+ const char *ecomm = strchr(comm, '"');
+ if (ecomm) {
+ ++ecomm;
+ l = ecomm - comm;
+ } else {
+ l = strlen(comm) + 1;
+ ecomm = "";
+ }
+ n = (estr - str) + strlen(ecomm) + l + 2;
+
+ newstr = reinterpret_cast<char *>(malloc(n));
+ if (!newstr) {
+ rc = -ENOMEM;
+ } else {
+ *newstr = (strstr(str, " permissive=1")
+ || strstr(str, " policy loaded "))
+ ? ANDROID_LOG_INFO
+ : ANDROID_LOG_WARN;
+ strlcpy(newstr + 1, comm, l);
+ strncpy(newstr + 1 + l, str, estr - str);
+ strcpy(newstr + 1 + l + (estr - str), ecomm);
+
+ logbuf->log(LOG_ID_MAIN, now, uid, pid, tid, newstr,
+ (n <= USHRT_MAX) ? (unsigned short) n : USHRT_MAX);
+ free(newstr);
+
+ notify = true;
+ }
- logbuf->log(LOG_ID_EVENTS, now, uid, pid, tid, newstr,
- (n <= USHRT_MAX) ? (unsigned short) n : USHRT_MAX);
- reader->notifyNewLog();
+ free(str);
- free(newstr);
+ if (notify) {
+ reader->notifyNewLog();
+ }
return rc;
}