diff options
author | Mark Salyzyn <salyzyn@google.com> | 2014-05-16 20:34:17 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2014-05-16 20:34:18 +0000 |
commit | bc741ac2126727d9de33042fa308307690efe13f (patch) | |
tree | 3367e9ae6e6ee506c01d18b3bd21d724ce94d204 | |
parent | 8b2d46a5fcbe81edde4b7c405916282a142a09d2 (diff) | |
parent | 989980c55d9a11766b8698a97ce5eef3d8cfa286 (diff) | |
download | system_core-bc741ac2126727d9de33042fa308307690efe13f.zip system_core-bc741ac2126727d9de33042fa308307690efe13f.tar.gz system_core-bc741ac2126727d9de33042fa308307690efe13f.tar.bz2 |
Merge "logd: logcat: debuggerd: auditd logs to events"
-rwxr-xr-x | debuggerd/tombstone.cpp | 36 | ||||
-rw-r--r-- | logcat/logcat.cpp | 15 | ||||
-rw-r--r-- | logd/Android.mk | 5 | ||||
-rw-r--r-- | logd/LogAudit.cpp | 46 | ||||
-rw-r--r-- | logd/event.logtags | 36 |
5 files changed, 89 insertions, 49 deletions
diff --git a/debuggerd/tombstone.cpp b/debuggerd/tombstone.cpp index d0cefc7..6d51171 100755 --- a/debuggerd/tombstone.cpp +++ b/debuggerd/tombstone.cpp @@ -31,9 +31,10 @@ #include <private/android_filesystem_config.h> +#include <cutils/properties.h> #include <log/log.h> #include <log/logger.h> -#include <cutils/properties.h> +#include <log/logprint.h> #include <backtrace/Backtrace.h> #include <backtrace/BacktraceMap.h> @@ -459,6 +460,8 @@ static bool dump_sibling_thread_report( // that don't match the specified pid, and writes them to the tombstone file. // // If "tail" is set, we only print the last few lines. +static EventTagMap* g_eventTagMap = NULL; + static void dump_log_file(log_t* log, pid_t pid, const char* filename, unsigned int tail) { bool first = true; @@ -521,7 +524,28 @@ static void dump_log_file(log_t* log, pid_t pid, const char* filename, if (!hdr_size) { hdr_size = sizeof(log_entry.entry_v1); } - char* msg = (char *)log_entry.buf + hdr_size; + char* msg = reinterpret_cast<char*>(log_entry.buf) + hdr_size; + + char timeBuf[32]; + time_t sec = static_cast<time_t>(entry->sec); + struct tm tmBuf; + struct tm* ptm; + ptm = localtime_r(&sec, &tmBuf); + strftime(timeBuf, sizeof(timeBuf), "%m-%d %H:%M:%S", ptm); + + if (log_entry.id() == LOG_ID_EVENTS) { + if (!g_eventTagMap) { + g_eventTagMap = android_openEventTagMap(EVENT_TAG_MAP_FILE); + } + AndroidLogEntry e; + char buf[512]; + android_log_processBinaryLogBuffer(entry, &e, g_eventTagMap, buf, sizeof(buf)); + _LOG(log, 0, "%s.%03d %5d %5d %c %-8s: %s\n", + timeBuf, entry->nsec / 1000000, entry->pid, entry->tid, + 'I', e.tag, e.message); + continue; + } + unsigned char prio = msg[0]; char* tag = msg + 1; msg = tag + strlen(tag) + 1; @@ -534,13 +558,6 @@ static void dump_log_file(log_t* log, pid_t pid, const char* filename, char prioChar = (prio < strlen(kPrioChars) ? kPrioChars[prio] : '?'); - char timeBuf[32]; - time_t sec = static_cast<time_t>(entry->sec); - struct tm tmBuf; - struct tm* ptm; - ptm = localtime_r(&sec, &tmBuf); - strftime(timeBuf, sizeof(timeBuf), "%m-%d %H:%M:%S", ptm); - // Look for line breaks ('\n') and display each text line // on a separate line, prefixed with the header, like logcat does. do { @@ -565,6 +582,7 @@ static void dump_log_file(log_t* log, pid_t pid, const char* filename, static void dump_logs(log_t* log, pid_t pid, unsigned tail) { dump_log_file(log, pid, "system", tail); dump_log_file(log, pid, "main", tail); + dump_log_file(log, pid, "events", tail); } static void dump_abort_message(Backtrace* backtrace, log_t* log, uintptr_t address) { diff --git a/logcat/logcat.cpp b/logcat/logcat.cpp index db4fddd..ed2c241 100644 --- a/logcat/logcat.cpp +++ b/logcat/logcat.cpp @@ -623,19 +623,20 @@ int main(int argc, char **argv) } if (!devices) { - devices = new log_device_t("main", false, 'm'); + dev = devices = new log_device_t("main", false, 'm'); android::g_devCount = 1; if (android_name_to_log_id("system") == LOG_ID_SYSTEM) { - devices->next = new log_device_t("system", false, 's'); + dev = dev->next = new log_device_t("system", false, 's'); android::g_devCount++; } if (android_name_to_log_id("crash") == LOG_ID_CRASH) { - if (devices->next) { - devices->next->next = new log_device_t("crash", false, 'c'); - } else { - devices->next = new log_device_t("crash", false, 'c'); - } + dev = dev->next = new log_device_t("crash", false, 'c'); + android::g_devCount++; + } + if (android_name_to_log_id("events") == LOG_ID_EVENTS) { + dev = dev->next = new log_device_t("events", true, 'e'); android::g_devCount++; + needBinary = true; } } diff --git a/logd/Android.mk b/logd/Android.mk index 9f4c64f..188511f 100644 --- a/logd/Android.mk +++ b/logd/Android.mk @@ -17,7 +17,8 @@ LOCAL_SRC_FILES := \ LogStatistics.cpp \ LogWhiteBlackList.cpp \ libaudit.c \ - LogAudit.cpp + LogAudit.cpp \ + event.logtags LOCAL_SHARED_LIBRARIES := \ libsysutils \ @@ -25,7 +26,7 @@ LOCAL_SHARED_LIBRARIES := \ libcutils \ libutils -LOCAL_CFLAGS := -Werror +LOCAL_CFLAGS := -Werror $(shell sed -n 's/^\([0-9]*\)[ \t]*auditd[ \t].*/-DAUDITD_LOG_TAG=\1/p' $(LOCAL_PATH)/event.logtags) include $(BUILD_EXECUTABLE) diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp index add0f0e..0651a92 100644 --- a/logd/LogAudit.cpp +++ b/logd/LogAudit.cpp @@ -54,9 +54,6 @@ bool LogAudit::onDataAvailable(SocketClient *cli) { return true; } -#define AUDIT_LOG_ID LOG_ID_MAIN -#define AUDIT_LOG_PRIO ANDROID_LOG_WARN - int LogAudit::logPrint(const char *fmt, ...) { if (fmt == NULL) { return -EINVAL; @@ -115,43 +112,30 @@ int LogAudit::logPrint(const char *fmt, ...) { strcpy(pidptr, cp); } - static const char comm_str[] = " comm=\""; - char *comm = strstr(str, comm_str); - if (comm) { - cp = comm; - comm += sizeof(comm_str) - 1; - char *ecomm = strchr(comm, '"'); - if (ecomm) { - *ecomm = '\0'; - } - comm = strdup(comm); - if (ecomm) { - strcpy(cp, ecomm + 1); - } - } else if (pid == getpid()) { - pid = tid; - comm = strdup("auditd"); - } else if (!(comm = logbuf->pidToName(pid))) { - comm = strdup("unknown"); - } - - size_t l = strlen(comm) + 1; - size_t n = l + strlen(str) + 2; + size_t n = strlen(str); + n += sizeof(uint32_t) + sizeof(uint8_t) + sizeof(uint32_t); char *newstr = reinterpret_cast<char *>(malloc(n)); if (!newstr) { - free(comm); free(str); return -ENOMEM; } - *newstr = AUDIT_LOG_PRIO; - strcpy(newstr + 1, comm); - free(comm); - strcpy(newstr + 1 + l, str); + char *msg = newstr; + *msg++ = AUDITD_LOG_TAG & 0xFF; + *msg++ = (AUDITD_LOG_TAG >> 8) & 0xFF; + *msg++ = (AUDITD_LOG_TAG >> 16) & 0xFF; + *msg++ = (AUDITD_LOG_TAG >> 24) & 0xFF; + *msg++ = EVENT_TYPE_STRING; + size_t l = n - sizeof(uint32_t) - sizeof(uint8_t) - sizeof(uint32_t); + *msg++ = l & 0xFF; + *msg++ = (l >> 8) & 0xFF; + *msg++ = (l >> 16) & 0xFF; + *msg++ = (l >> 24) & 0xFF; + memcpy(msg, str, l); free(str); - logbuf->log(AUDIT_LOG_ID, now, uid, pid, tid, newstr, + logbuf->log(LOG_ID_EVENTS, now, uid, pid, tid, newstr, (n <= USHRT_MAX) ? (unsigned short) n : USHRT_MAX); reader->notifyNewLog(); diff --git a/logd/event.logtags b/logd/event.logtags new file mode 100644 index 0000000..a63f034 --- /dev/null +++ b/logd/event.logtags @@ -0,0 +1,36 @@ +# The entries in this file map a sparse set of log tag numbers to tag names. +# This is installed on the device, in /system/etc, and parsed by logcat. +# +# Tag numbers are decimal integers, from 0 to 2^31. (Let's leave the +# negative values alone for now.) +# +# Tag names are one or more ASCII letters and numbers or underscores, i.e. +# "[A-Z][a-z][0-9]_". Do not include spaces or punctuation (the former +# impacts log readability, the latter makes regex searches more annoying). +# +# Tag numbers and names are separated by whitespace. Blank lines and lines +# starting with '#' are ignored. +# +# Optionally, after the tag names can be put a description for the value(s) +# of the tag. Description are in the format +# (<name>|data type[|data unit]) +# Multiple values are separated by commas. +# +# The data type is a number from the following values: +# 1: int +# 2: long +# 3: string +# 4: list +# +# The data unit is a number taken from the following list: +# 1: Number of objects +# 2: Number of bytes +# 3: Number of milliseconds +# 4: Number of allocations +# 5: Id +# 6: Percent +# Default value for data of type int/long is 2 (bytes). +# +# TODO: generate ".java" and ".h" files with integer constants from this file. + +1003 auditd (avc|3) |