resolve merge conflicts of 998f507 to nyc-mr1-dev-plus-aosp

Change-Id: Ifa8ee7044170afe869e4ebb7d80032a92db9a93d

logd/Android.mk

@@ -42,10 +42,6 @@ event_flag := -DAUDITD_LOG_TAG=1003 -DLOGD_LOG_TAG=1004
 
 LOCAL_CFLAGS := -Werror $(event_flag)
 
-ifeq ($(TARGET_BUILD_VARIANT),user)
-LOCAL_CFLAGS += -DAUDITD_ENFORCE_INTEGRITY=true
-endif
-
 include $(BUILD_EXECUTABLE)
 
 include $(call first-makefiles-under,$(LOCAL_PATH))

logd/LogAudit.cpp

@@ -25,9 +25,6 @@
 #include <sys/uio.h>
 #include <syslog.h>
 
-#include <string>
-
-#include <cutils/properties.h>
 #include <log/logger.h>
 #include <private/android_filesystem_config.h>
 #include <private/android_logger.h>
@@ -38,10 +35,6 @@
 #include "LogKlog.h"
 #include "LogReader.h"
 
-#ifndef AUDITD_ENFORCE_INTEGRITY
-#define AUDITD_ENFORCE_INTEGRITY false
-#endif
-
 #define KMSG_PRIORITY(PRI)                          \
     '<',                                            \
     '0' + LOG_MAKEPRI(LOG_AUTH, LOG_PRI(PRI)) / 10, \
@@ -53,10 +46,11 @@ LogAudit::LogAudit(LogBuffer *buf, LogReader *reader, int fdDmesg) :
         logbuf(buf),
         reader(reader),
         fdDmesg(fdDmesg),
-        policyLoaded(false),
-        rebootToSafeMode(false),
         initialized(false) {
-    logToDmesg("start");
+    static const char auditd_message[] = { KMSG_PRIORITY(LOG_INFO),
+        'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':',
+        ' ', 's', 't', 'a', 'r', 't', '\n' };
+    write(fdDmesg, auditd_message, sizeof(auditd_message));
 }
 
 bool LogAudit::onDataAvailable(SocketClient *cli) {
@@ -82,55 +76,6 @@ bool LogAudit::onDataAvailable(SocketClient *cli) {
     return true;
 }
 
-void LogAudit::logToDmesg(const std::string& str)
-{
-    static const char prefix[] = { KMSG_PRIORITY(LOG_INFO),
-        'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':',
-        ' ', '\0' };
-    std::string message = prefix + str + "\n";
-    write(fdDmesg, message.c_str(), message.length());
-}
-
-std::string LogAudit::getProperty(const std::string& name)
-{
-    char value[PROP_VALUE_MAX] = {0};
-    property_get(name.c_str(), value, "");
-    return value;
-}
-
-void LogAudit::enforceIntegrity() {
-    static bool loggedOnce;
-    bool once = loggedOnce;
-
-    loggedOnce = true;
-
-    if (!AUDITD_ENFORCE_INTEGRITY) {
-        if (!once) {
-            logToDmesg("integrity enforcement suppressed; not rebooting");
-        }
-    } else if (rebootToSafeMode) {
-        if (getProperty("persist.sys.safemode") == "1") {
-            if (!once) {
-                logToDmesg("integrity enforcement suppressed; in safe mode");
-            }
-            return;
-        }
-
-        logToDmesg("enforcing integrity; rebooting to safe mode");
-        property_set("persist.sys.safemode", "1");
-
-        std::string buildDate = getProperty("ro.build.date.utc");
-        if (!buildDate.empty()) {
-            property_set("persist.sys.audit_safemode", buildDate.c_str());
-        }
-
-        property_set("sys.powerctl", "reboot");
-    } else {
-        logToDmesg("enforcing integrity: rebooting to recovery");
-        property_set("sys.powerctl", "reboot,recovery");
-    }
-}
-
 int LogAudit::logPrint(const char *fmt, ...) {
     if (fmt == NULL) {
         return -EINVAL;
@@ -152,31 +97,7 @@ int LogAudit::logPrint(const char *fmt, ...) {
         memmove(cp, cp + 1, strlen(cp + 1) + 1);
     }
 
-    bool loaded = strstr(str, " policy loaded ");
-
-    if (loaded) {
-        if (policyLoaded) {
-            // SELinux policy changes are not allowed
-            enforceIntegrity();
-        } else {
-            logToDmesg("policy loaded");
-            policyLoaded = true;
-        }
-    }
-
-    // Note: The audit log can include untrusted strings, but those containing
-    // "a control character, unprintable character, double quote mark, or a
-    // space" are hex encoded. The space character before the search term is
-    // therefore needed to prevent denial of service. Do not remove the space.
-    bool permissive = strstr(str, " enforcing=0") ||
-                      strstr(str, " permissive=1");
-
-    if (permissive) {
-        // SELinux in permissive mode is not allowed
-        enforceIntegrity();
-    }
-
-    bool info = loaded || permissive;
+    bool info = strstr(str, " permissive=1") || strstr(str, " policy loaded ");
     if ((fdDmesg >= 0) && initialized) {
         struct iovec iov[3];
         static const char log_info[] = { KMSG_PRIORITY(LOG_INFO) };

logd/LogAudit.h

@@ -27,15 +27,12 @@ class LogAudit : public SocketListener {
     LogBuffer *logbuf;
     LogReader *reader;
     int fdDmesg;
-    bool policyLoaded;
-    bool rebootToSafeMode;
     bool initialized;
 
 public:
     LogAudit(LogBuffer *buf, LogReader *reader, int fdDmesg);
     int log(char *buf, size_t len);
     bool isMonotonic() { return logbuf->isMonotonic(); }
-    void allowSafeMode(bool allow = true) { rebootToSafeMode = allow; }
 
 protected:
     virtual bool onDataAvailable(SocketClient *cli);
@@ -44,9 +41,6 @@ private:
     static int getLogSocket();
     int logPrint(const char *fmt, ...)
         __attribute__ ((__format__ (__printf__, 2, 3)));
-    void logToDmesg(const std::string& str);
-    std::string getProperty(const std::string& name);
-    void enforceIntegrity();
 };
 
 #endif

logd/README.property

@@ -1,6 +1,7 @@
 The properties that logd responds to are:
 
 name                       type default  description
+ro.logd.auditd             bool   true   Enable selinux audit daemon
 ro.logd.auditd.dmesg       bool   true   selinux audit messages duplicated and
                                          sent on to dmesg log
 persist.logd.security      bool   false  Enable security buffer.

logd/main.cpp

@@ -245,7 +245,6 @@ static char *name;
 static sem_t reinit;
 static bool reinit_running = false;
 static LogBuffer *logBuf = NULL;
-static LogAudit *logAudit = NULL;
 
 static bool package_list_parser_cb(pkg_info *info, void * /* userdata */) {
 
@@ -296,10 +295,6 @@ static void *reinit_thread_start(void * /*obj*/) {
             logBuf->init();
             logBuf->initPrune(NULL);
         }
-
-        if (logAudit) {
-            logAudit->allowSafeMode();
-        }
     }
 
     return NULL;
@@ -520,19 +515,25 @@ int main(int argc, char *argv[]) {
     // initiated log messages. New log entries are added to LogBuffer
     // and LogReader is notified to send updates to connected clients.
 
-    logAudit = new LogAudit(logBuf, reader,
-                            property_get_bool("logd.auditd.dmesg",
-                                              BOOL_DEFAULT_TRUE |
-                                              BOOL_DEFAULT_FLAG_PERSIST)
-                                ? fdDmesg
-                                : -1);
+    bool auditd = property_get_bool("logd.auditd",
+                                    BOOL_DEFAULT_TRUE |
+                                    BOOL_DEFAULT_FLAG_PERSIST);
+    LogAudit *al = NULL;
+    if (auditd) {
+        al = new LogAudit(logBuf, reader,
+                          property_get_bool("logd.auditd.dmesg",
+                                            BOOL_DEFAULT_TRUE |
+                                            BOOL_DEFAULT_FLAG_PERSIST)
+                              ? fdDmesg
+                              : -1);
+    }
 
     LogKlog *kl = NULL;
     if (klogd) {
-        kl = new LogKlog(logBuf, reader, fdDmesg, fdPmesg, logAudit != NULL);
+        kl = new LogKlog(logBuf, reader, fdDmesg, fdPmesg, al != NULL);
     }
 
-    readDmesg(logAudit, kl);
+    readDmesg(al, kl);
 
     // failure is an option ... messages are in dmesg (required by standard)
 
@@ -540,9 +541,8 @@ int main(int argc, char *argv[]) {
         delete kl;
     }
 
-    if (logAudit && logAudit->startListener()) {
-        delete logAudit;
-        logAudit = NULL;
+    if (al && al->startListener()) {
+        delete al;
     }
 
     TEMP_FAILURE_RETRY(pause());