ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "logd: auditd remove logDmesg method"

Browse source
This commit is contained in:
Mark Salyzyn 2014-12-05 21:14:28 +00:00 committed by Gerrit Code Review
commit 862e4d5b98
3 changed files with 44 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

57
logd/LogAudit.cpp
View file

@ -19,7 +19,6 @@
#include <limits.h>
#include <stdarg.h>
#include <stdlib.h>
#include <sys/klog.h>
#include <sys/prctl.h>
#include <sys/uio.h>
#include <syslog.h>
@ -33,21 +32,23 @@
'0' + (LOG_AUTH | (PRI)) % 10, \
'>'
LogAudit::LogAudit(LogBuffer *buf, LogReader *reader, int fdDmsg)
LogAudit::LogAudit(LogBuffer *buf, LogReader *reader, int fdDmesg)
: SocketListener(getLogSocket(), false)
, logbuf(buf)
, reader(reader)
, fdDmesg(-1) {
, fdDmesg(fdDmesg)
, initialized(false) {
static const char auditd_message[] = { KMSG_PRIORITY(LOG_INFO),
'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':',
' ', 's', 't', 'a', 'r', 't', '\n' };
write(fdDmsg, auditd_message, sizeof(auditd_message));
logDmesg();
fdDmesg = fdDmsg;
write(fdDmesg, auditd_message, sizeof(auditd_message));
}
bool LogAudit::onDataAvailable(SocketClient *cli) {
prctl(PR_SET_NAME, "logd.auditd");
if (!initialized) {
prctl(PR_SET_NAME, "logd.auditd");
initialized = true;
}
struct audit_message rep;
@ -60,7 +61,8 @@ bool LogAudit::onDataAvailable(SocketClient *cli) {
return false;
}
logPrint("type=%d %.*s", rep.nlh.nlmsg_type, rep.nlh.nlmsg_len, rep.data);
logPrint("type=%d %.*s",
rep.nlh.nlmsg_type, rep.nlh.nlmsg_len, rep.data);
return true;
}
@ -87,7 +89,7 @@ int LogAudit::logPrint(const char *fmt, ...) {
}
bool info = strstr(str, " permissive=1") || strstr(str, " policy loaded ");
if (fdDmesg >= 0) {
if ((fdDmesg >= 0) && initialized) {
struct iovec iov[3];
static const char log_info[] = { KMSG_PRIORITY(LOG_INFO) };
static const char log_warning[] = { KMSG_PRIORITY(LOG_WARNING) };
@ -213,34 +215,23 @@ int LogAudit::logPrint(const char *fmt, ...) {
return rc;
}
void LogAudit::logDmesg() {
int len = klogctl(KLOG_SIZE_BUFFER, NULL, 0);
if (len <= 0) {
return;
int LogAudit::log(char *buf) {
char *audit = strstr(buf, " audit(");
if (!audit) {
return 0;
}
len++;
char buf[len];
*audit = '\0';
int rc = klogctl(KLOG_READ_ALL, buf, len);
buf[len - 1] = '\0';
for(char *tok = buf; (rc >= 0) && ((tok = strtok(tok, "\r\n"))); tok = NULL) {
char *audit = strstr(tok, " audit(");
if (!audit) {
continue;
}
*audit++ = '\0';
char *type = strstr(tok, "type=");
if (type) {
rc = logPrint("%s %s", type, audit);
} else {
rc = logPrint("%s", audit);
}
int rc;
char *type = strstr(buf, "type=");
if (type) {
rc = logPrint("%s %s", type, audit + 1);
} else {
rc = logPrint("%s", audit + 1);
}
*audit = ' ';
return rc;
}
int LogAudit::getLogSocket() {

3
logd/LogAudit.h
View file

@ -24,16 +24,17 @@ class LogAudit : public SocketListener {
LogBuffer *logbuf;
LogReader *reader;
int fdDmesg;
bool initialized;
public:
LogAudit(LogBuffer *buf, LogReader *reader, int fdDmesg);
int log(char *buf);
protected:
virtual bool onDataAvailable(SocketClient *cli);
private:
static int getLogSocket();
void logDmesg();
int logPrint(const char *fmt, ...)
__attribute__ ((__format__ (__printf__, 2, 3)));
};

18
logd/main.cpp
View file

@ -22,6 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <sys/capability.h>
#include <sys/klog.h>
#include <sys/prctl.h>
#include <sys/stat.h>
#include <sys/types.h>
@ -195,6 +196,23 @@ int main() {
if (auditd) {
// failure is an option ... messages are in dmesg (required by standard)
LogAudit *al = new LogAudit(logBuf, reader, fdDmesg);
int len = klogctl(KLOG_SIZE_BUFFER, NULL, 0);
if (len > 0) {
len++;
char buf[len];
int rc = klogctl(KLOG_READ_ALL, buf, len);
buf[len - 1] = '\0';
for(char *ptr, *tok = buf;
(rc >= 0) && ((tok = strtok_r(tok, "\r\n", &ptr)));
tok = NULL) {
rc = al->log(tok);
}
}
if (al->startListener()) {
delete al;
close(fdDmesg);