Merge "logd: logcat -L takes longer causing vold to timeout." into nyc-dev
diff --git a/adb/commandline.cpp b/adb/commandline.cpp
index 2edfd0a..78b49f8 100644
--- a/adb/commandline.cpp
+++ b/adb/commandline.cpp
@@ -292,11 +292,16 @@
// stdout/stderr are routed independently and the remote exit code will be
// returned.
// if |output| is non-null, stdout will be appended to it instead.
-static int read_and_dump(int fd, bool use_shell_protocol=false, std::string* output=nullptr) {
+// if |err| is non-null, stderr will be appended to it instead.
+static int read_and_dump(int fd, bool use_shell_protocol=false, std::string* output=nullptr,
+ std::string* err=nullptr) {
int exit_code = 0;
+ if (fd < 0) return exit_code;
+
std::unique_ptr<ShellProtocol> protocol;
int length = 0;
FILE* outfile = stdout;
+ std::string* outstring = output;
char raw_buffer[BUFSIZ];
char* buffer_ptr = raw_buffer;
@@ -309,7 +314,7 @@
buffer_ptr = protocol->data();
}
- while (fd >= 0) {
+ while (true) {
if (use_shell_protocol) {
if (!protocol->Read()) {
break;
@@ -317,9 +322,11 @@
switch (protocol->id()) {
case ShellProtocol::kIdStdout:
outfile = stdout;
+ outstring = output;
break;
case ShellProtocol::kIdStderr:
outfile = stderr;
+ outstring = err;
break;
case ShellProtocol::kIdExit:
exit_code = protocol->data()[0];
@@ -337,11 +344,11 @@
}
}
- if (output == nullptr) {
+ if (outstring == nullptr) {
fwrite(buffer_ptr, 1, length, outfile);
fflush(outfile);
} else {
- output->append(buffer_ptr, length);
+ outstring->append(buffer_ptr, length);
}
}
@@ -1123,7 +1130,8 @@
static int send_shell_command(TransportType transport_type, const char* serial,
const std::string& command,
bool disable_shell_protocol,
- std::string* output=nullptr) {
+ std::string* output=nullptr,
+ std::string* err=nullptr) {
int fd;
bool use_shell_protocol = false;
@@ -1158,7 +1166,7 @@
}
}
- int exit_code = read_and_dump(fd, use_shell_protocol, output);
+ int exit_code = read_and_dump(fd, use_shell_protocol, output, err);
if (adb_close(fd) < 0) {
PLOG(ERROR) << "failure closing FD " << fd;
@@ -1169,8 +1177,7 @@
static int bugreport(TransportType transport_type, const char* serial, int argc,
const char** argv) {
- // No need for shell protocol with bugreport, always disable for simplicity.
- if (argc == 1) return send_shell_command(transport_type, serial, "bugreport", true);
+ if (argc == 1) return send_shell_command(transport_type, serial, "bugreport", false);
if (argc != 2) return usage();
// Zipped bugreport option - will call 'bugreportz', which prints the location of the generated
@@ -1184,7 +1191,7 @@
fprintf(stderr, "Bugreport is in progress and it could take minutes to complete.\n"
"Please be patient and do not cancel or disconnect your device until it completes.\n");
- int status = send_shell_command(transport_type, serial, "bugreportz", true, &output);
+ int status = send_shell_command(transport_type, serial, "bugreportz", false, &output, nullptr);
if (status != 0 || output.empty()) return status;
output = android::base::Trim(output);
@@ -1199,10 +1206,10 @@
}
if (android::base::StartsWith(output, BUGZ_FAIL_PREFIX)) {
const char* error_message = &output[strlen(BUGZ_FAIL_PREFIX)];
- fprintf(stderr, "device failed to take a zipped bugreport: %s\n", error_message);
+ fprintf(stderr, "Device failed to take a zipped bugreport: %s\n", error_message);
return -1;
}
- fprintf(stderr, "unexpected string (%s) returned by bugreportz, "
+ fprintf(stderr, "Unexpected string (%s) returned by bugreportz, "
"device probably does not support -z option\n", output.c_str());
return -1;
}
diff --git a/logd/Android.mk b/logd/Android.mk
index 203943c..feca8d5 100644
--- a/logd/Android.mk
+++ b/logd/Android.mk
@@ -42,10 +42,6 @@
LOCAL_CFLAGS := -Werror $(event_flag)
-ifeq ($(TARGET_BUILD_VARIANT),user)
-LOCAL_CFLAGS += -DAUDITD_ENFORCE_INTEGRITY=true
-endif
-
include $(BUILD_EXECUTABLE)
include $(call first-makefiles-under,$(LOCAL_PATH))
diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp
index 9124bfd..24c3f52 100644
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp
@@ -25,9 +25,6 @@
#include <sys/uio.h>
#include <syslog.h>
-#include <string>
-
-#include <cutils/properties.h>
#include <log/logger.h>
#include <private/android_filesystem_config.h>
#include <private/android_logger.h>
@@ -38,10 +35,6 @@
#include "LogKlog.h"
#include "LogReader.h"
-#ifndef AUDITD_ENFORCE_INTEGRITY
-#define AUDITD_ENFORCE_INTEGRITY false
-#endif
-
#define KMSG_PRIORITY(PRI) \
'<', \
'0' + LOG_MAKEPRI(LOG_AUTH, LOG_PRI(PRI)) / 10, \
@@ -53,10 +46,11 @@
logbuf(buf),
reader(reader),
fdDmesg(fdDmesg),
- policyLoaded(false),
- rebootToSafeMode(false),
initialized(false) {
- logToDmesg("start");
+ static const char auditd_message[] = { KMSG_PRIORITY(LOG_INFO),
+ 'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':',
+ ' ', 's', 't', 'a', 'r', 't', '\n' };
+ write(fdDmesg, auditd_message, sizeof(auditd_message));
}
bool LogAudit::onDataAvailable(SocketClient *cli) {
@@ -82,55 +76,6 @@
return true;
}
-void LogAudit::logToDmesg(const std::string& str)
-{
- static const char prefix[] = { KMSG_PRIORITY(LOG_INFO),
- 'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':',
- ' ', '\0' };
- std::string message = prefix + str + "\n";
- write(fdDmesg, message.c_str(), message.length());
-}
-
-std::string LogAudit::getProperty(const std::string& name)
-{
- char value[PROP_VALUE_MAX] = {0};
- property_get(name.c_str(), value, "");
- return value;
-}
-
-void LogAudit::enforceIntegrity() {
- static bool loggedOnce;
- bool once = loggedOnce;
-
- loggedOnce = true;
-
- if (!AUDITD_ENFORCE_INTEGRITY) {
- if (!once) {
- logToDmesg("integrity enforcement suppressed; not rebooting");
- }
- } else if (rebootToSafeMode) {
- if (getProperty("persist.sys.safemode") == "1") {
- if (!once) {
- logToDmesg("integrity enforcement suppressed; in safe mode");
- }
- return;
- }
-
- logToDmesg("enforcing integrity; rebooting to safe mode");
- property_set("persist.sys.safemode", "1");
-
- std::string buildDate = getProperty("ro.build.date.utc");
- if (!buildDate.empty()) {
- property_set("persist.sys.audit_safemode", buildDate.c_str());
- }
-
- property_set("sys.powerctl", "reboot");
- } else {
- logToDmesg("enforcing integrity: rebooting to recovery");
- property_set("sys.powerctl", "reboot,recovery");
- }
-}
-
int LogAudit::logPrint(const char *fmt, ...) {
if (fmt == NULL) {
return -EINVAL;
@@ -152,27 +97,7 @@
memmove(cp, cp + 1, strlen(cp + 1) + 1);
}
- bool loaded = strstr(str, " policy loaded ");
-
- if (loaded) {
- if (policyLoaded) {
- // SELinux policy changes are not allowed
- enforceIntegrity();
- } else {
- logToDmesg("policy loaded");
- policyLoaded = true;
- }
- }
-
- bool permissive = strstr(str, " enforcing=0") ||
- strstr(str, " permissive=1");
-
- if (permissive) {
- // SELinux in permissive mode is not allowed
- enforceIntegrity();
- }
-
- bool info = loaded || permissive;
+ bool info = strstr(str, " permissive=1") || strstr(str, " policy loaded ");
if ((fdDmesg >= 0) && initialized) {
struct iovec iov[3];
static const char log_info[] = { KMSG_PRIORITY(LOG_INFO) };
diff --git a/logd/LogAudit.h b/logd/LogAudit.h
index 3a84541..ab30e28 100644
--- a/logd/LogAudit.h
+++ b/logd/LogAudit.h
@@ -27,15 +27,12 @@
LogBuffer *logbuf;
LogReader *reader;
int fdDmesg;
- bool policyLoaded;
- bool rebootToSafeMode;
bool initialized;
public:
LogAudit(LogBuffer *buf, LogReader *reader, int fdDmesg);
int log(char *buf, size_t len);
bool isMonotonic() { return logbuf->isMonotonic(); }
- void allowSafeMode(bool allow = true) { rebootToSafeMode = allow; }
protected:
virtual bool onDataAvailable(SocketClient *cli);
@@ -44,9 +41,6 @@
static int getLogSocket();
int logPrint(const char *fmt, ...)
__attribute__ ((__format__ (__printf__, 2, 3)));
- void logToDmesg(const std::string& str);
- std::string getProperty(const std::string& name);
- void enforceIntegrity();
};
#endif
diff --git a/logd/README.property b/logd/README.property
index 6c84b25..22f86b9 100644
--- a/logd/README.property
+++ b/logd/README.property
@@ -1,6 +1,7 @@
The properties that logd responds to are:
name type default description
+ro.logd.auditd bool true Enable selinux audit daemon
ro.logd.auditd.dmesg bool true selinux audit messages duplicated and
sent on to dmesg log
persist.logd.security bool false Enable security buffer.
diff --git a/logd/main.cpp b/logd/main.cpp
index 11c9372..8aa1abb 100644
--- a/logd/main.cpp
+++ b/logd/main.cpp
@@ -223,7 +223,6 @@
static sem_t reinit;
static bool reinit_running = false;
static LogBuffer *logBuf = NULL;
-static LogAudit *logAudit = NULL;
static bool package_list_parser_cb(pkg_info *info, void * /* userdata */) {
@@ -274,10 +273,6 @@
logBuf->init();
logBuf->initPrune(NULL);
}
-
- if (logAudit) {
- logAudit->allowSafeMode();
- }
}
return NULL;
@@ -498,19 +493,25 @@
// initiated log messages. New log entries are added to LogBuffer
// and LogReader is notified to send updates to connected clients.
- logAudit = new LogAudit(logBuf, reader,
- property_get_bool("logd.auditd.dmesg",
- BOOL_DEFAULT_TRUE |
- BOOL_DEFAULT_FLAG_PERSIST)
- ? fdDmesg
- : -1);
+ bool auditd = property_get_bool("logd.auditd",
+ BOOL_DEFAULT_TRUE |
+ BOOL_DEFAULT_FLAG_PERSIST);
+ LogAudit *al = NULL;
+ if (auditd) {
+ al = new LogAudit(logBuf, reader,
+ property_get_bool("logd.auditd.dmesg",
+ BOOL_DEFAULT_TRUE |
+ BOOL_DEFAULT_FLAG_PERSIST)
+ ? fdDmesg
+ : -1);
+ }
LogKlog *kl = NULL;
if (klogd) {
- kl = new LogKlog(logBuf, reader, fdDmesg, fdPmesg, logAudit != NULL);
+ kl = new LogKlog(logBuf, reader, fdDmesg, fdPmesg, al != NULL);
}
- readDmesg(logAudit, kl);
+ readDmesg(al, kl);
// failure is an option ... messages are in dmesg (required by standard)
@@ -518,9 +519,8 @@
delete kl;
}
- if (logAudit && logAudit->startListener()) {
- delete logAudit;
- logAudit = NULL;
+ if (al && al->startListener()) {
+ delete al;
}
TEMP_FAILURE_RETRY(pause());
