From e0fa291e898b451dc198ed52cebac3ffefac066e Mon Sep 17 00:00:00 2001
From: Mark Salyzyn <salyzyn@google.com>
Date: Mon, 28 Apr 2014 16:39:04 -0700
Subject: logd: add logd.auditd property

- permit us a mechanism to disable auditd
- standardize property boolean

Bug: 14275676
Change-Id: I76f245c6aee511ed44274159e0ea55915b484dda
---
 logd/LogAudit.cpp    | 12 +++++++-----
 logd/LogListener.cpp | 10 +++++-----
 logd/README.property |  5 +++--
 logd/main.cpp        | 37 ++++++++++++++++++++++++++-----------
 4 files changed, 41 insertions(+), 23 deletions(-)

diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp
index 1056ae4..add0f0e 100644
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp
@@ -16,6 +16,7 @@
 
 #include <ctype.h>
 #include <errno.h>
+#include <limits.h>
 #include <stdarg.h>
 #include <stdlib.h>
 #include <sys/klog.h>
@@ -39,6 +40,10 @@ bool LogAudit::onDataAvailable(SocketClient *cli) {
 
     struct audit_message rep;
 
+    rep.nlh.nlmsg_type = 0;
+    rep.nlh.nlmsg_len = 0;
+    rep.data[0] = '\0';
+
     if (audit_get_reply(cli->getSocket(), &rep, GET_REPLY_BLOCKING, 0) < 0) {
         SLOGE("Failed on audit_get_reply with error: %s", strerror(errno));
         return false;
@@ -146,11 +151,8 @@ int LogAudit::logPrint(const char *fmt, ...) {
     strcpy(newstr + 1 + l, str);
     free(str);
 
-    unsigned short len = n; // cap to internal maximum
-    if (len != n) {
-        len = -1;
-    }
-    logbuf->log(AUDIT_LOG_ID, now, uid, pid, tid, newstr, len);
+    logbuf->log(AUDIT_LOG_ID, now, uid, pid, tid, newstr,
+                (n <= USHRT_MAX) ? (unsigned short) n : USHRT_MAX);
     reader->notifyNewLog();
 
     free(newstr);
diff --git a/logd/LogListener.cpp b/logd/LogListener.cpp
index bc7622b..6ff4d3a 100644
--- a/logd/LogListener.cpp
+++ b/logd/LogListener.cpp
@@ -14,6 +14,7 @@
  * limitations under the License.
  */
 
+#include <limits.h>
 #include <sys/prctl.h>
 #include <sys/socket.h>
 #include <sys/types.h>
@@ -100,11 +101,10 @@ bool LogListener::onDataAvailable(SocketClient *cli) {
 
     // NB: hdr.msg_flags & MSG_TRUNC is not tested, silently passing a
     // truncated message to the logs.
-    unsigned short len = n; // cap to internal maximum
-    if (len == n) {
-        logbuf->log(log_id, realtime, cred->uid, cred->pid, tid, msg, len);
-        reader->notifyNewLog();
-    }
+
+    logbuf->log(log_id, realtime, cred->uid, cred->pid, tid, msg,
+        (n <= USHRT_MAX) ? (unsigned short) n : USHRT_MAX);
+    reader->notifyNewLog();
 
     return true;
 }
diff --git a/logd/README.property b/logd/README.property
index 15a49db..5d92d09 100644
--- a/logd/README.property
+++ b/logd/README.property
@@ -1,11 +1,12 @@
 The properties that logd responds to are:
 
 name                       type default  description
+logd.auditd                 bool  true   Enable selinux audit daemon
 logd.auditd.dmesg           bool  true   selinux audit messages duplicated and
                                          sent on to dmesg log
-logd.dgram_qlen.statistics  bool  false  Record dgram_qlen statistics. This
+logd.statistics.dgram_qlen  bool  false  Record dgram_qlen statistics. This
                                          represents a performance impact and
                                          is used to determine the platform's
                                          minimum domain socket network FIFO
                                          size (see source for details) based
-                                         on typical load (logcat -S)
+                                         on typical load (logcat -S to view)
diff --git a/logd/main.cpp b/logd/main.cpp
index 04eef4a..ece5a3a 100644
--- a/logd/main.cpp
+++ b/logd/main.cpp
@@ -107,16 +107,31 @@ static int drop_privs() {
     return 0;
 }
 
+// Property helper
+static bool property_get_bool(const char *key, bool def) {
+    char property[PROPERTY_VALUE_MAX];
+    property_get(key, property, "");
+
+    if (!strcasecmp(property, "true")) {
+        return true;
+    }
+    if (!strcasecmp(property, "false")) {
+        return false;
+    }
+
+    return def;
+}
+
 // Foreground waits for exit of the three main persistent threads that
 // are started here.  The three threads are created to manage UNIX
 // domain client sockets for writing, reading and controlling the user
 // space logger.  Additional transitory per-client threads are created
 // for each reader once they register.
 int main() {
+    bool auditd = property_get_bool("logd.auditd", true);
+
     int fdDmesg = -1;
-    char dmesg[PROPERTY_VALUE_MAX];
-    property_get("logd.auditd.dmesg", dmesg, "1");
-    if (atol(dmesg)) {
+    if (auditd && property_get_bool("logd.auditd.dmesg", true)) {
         fdDmesg = open("/dev/kmsg", O_WRONLY);
     }
 
@@ -135,9 +150,7 @@ int main() {
 
     LogBuffer *logBuf = new LogBuffer(times);
 
-    char dgram_qlen_statistics[PROPERTY_VALUE_MAX];
-    property_get("logd.dgram_qlen.statistics", dgram_qlen_statistics, "");
-    if (atol(dgram_qlen_statistics)) {
+    if (property_get_bool("logd.statistics.dgram_qlen", false)) {
         logBuf->enableDgramQlenStatistics();
     }
 
@@ -171,11 +184,13 @@ int main() {
     // initiated log messages. New log entries are added to LogBuffer
     // and LogReader is notified to send updates to connected clients.
 
-    // failure is an option ... messages are in dmesg (required by standard)
-    LogAudit *al = new LogAudit(logBuf, reader, fdDmesg);
-    if (al->startListener()) {
-        delete al;
-        close(fdDmesg);
+    if (auditd) {
+        // failure is an option ... messages are in dmesg (required by standard)
+        LogAudit *al = new LogAudit(logBuf, reader, fdDmesg);
+        if (al->startListener()) {
+            delete al;
+            close(fdDmesg);
+        }
     }
 
     pause();
-- 
cgit v1.1