diff --git a/logd/Android.mk b/logd/Android.mk index 203943c31..feca8d555 100644 --- a/logd/Android.mk +++ b/logd/Android.mk @@ -42,10 +42,6 @@ event_flag := -DAUDITD_LOG_TAG=1003 -DLOGD_LOG_TAG=1004 LOCAL_CFLAGS := -Werror $(event_flag) -ifeq ($(TARGET_BUILD_VARIANT),user) -LOCAL_CFLAGS += -DAUDITD_ENFORCE_INTEGRITY=true -endif - include $(BUILD_EXECUTABLE) include $(call first-makefiles-under,$(LOCAL_PATH)) diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp index 4eb5e8310..24c3f52d9 100644 --- a/logd/LogAudit.cpp +++ b/logd/LogAudit.cpp @@ -25,9 +25,6 @@ #include #include -#include - -#include #include #include #include @@ -38,10 +35,6 @@ #include "LogKlog.h" #include "LogReader.h" -#ifndef AUDITD_ENFORCE_INTEGRITY -#define AUDITD_ENFORCE_INTEGRITY false -#endif - #define KMSG_PRIORITY(PRI) \ '<', \ '0' + LOG_MAKEPRI(LOG_AUTH, LOG_PRI(PRI)) / 10, \ @@ -53,10 +46,11 @@ LogAudit::LogAudit(LogBuffer *buf, LogReader *reader, int fdDmesg) : logbuf(buf), reader(reader), fdDmesg(fdDmesg), - policyLoaded(false), - rebootToSafeMode(false), initialized(false) { - logToDmesg("start"); + static const char auditd_message[] = { KMSG_PRIORITY(LOG_INFO), + 'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':', + ' ', 's', 't', 'a', 'r', 't', '\n' }; + write(fdDmesg, auditd_message, sizeof(auditd_message)); } bool LogAudit::onDataAvailable(SocketClient *cli) { @@ -82,55 +76,6 @@ bool LogAudit::onDataAvailable(SocketClient *cli) { return true; } -void LogAudit::logToDmesg(const std::string& str) -{ - static const char prefix[] = { KMSG_PRIORITY(LOG_INFO), - 'l', 'o', 'g', 'd', '.', 'a', 'u', 'd', 'i', 't', 'd', ':', - ' ', '\0' }; - std::string message = prefix + str + "\n"; - write(fdDmesg, message.c_str(), message.length()); -} - -std::string LogAudit::getProperty(const std::string& name) -{ - char value[PROP_VALUE_MAX] = {0}; - property_get(name.c_str(), value, ""); - return value; -} - -void LogAudit::enforceIntegrity() { - static bool loggedOnce; - bool once = loggedOnce; - - loggedOnce = true; - - if (!AUDITD_ENFORCE_INTEGRITY) { - if (!once) { - logToDmesg("integrity enforcement suppressed; not rebooting"); - } - } else if (rebootToSafeMode) { - if (getProperty("persist.sys.safemode") == "1") { - if (!once) { - logToDmesg("integrity enforcement suppressed; in safe mode"); - } - return; - } - - logToDmesg("enforcing integrity; rebooting to safe mode"); - property_set("persist.sys.safemode", "1"); - - std::string buildDate = getProperty("ro.build.date.utc"); - if (!buildDate.empty()) { - property_set("persist.sys.audit_safemode", buildDate.c_str()); - } - - property_set("sys.powerctl", "reboot"); - } else { - logToDmesg("enforcing integrity: rebooting to recovery"); - property_set("sys.powerctl", "reboot,recovery"); - } -} - int LogAudit::logPrint(const char *fmt, ...) { if (fmt == NULL) { return -EINVAL; @@ -152,31 +97,7 @@ int LogAudit::logPrint(const char *fmt, ...) { memmove(cp, cp + 1, strlen(cp + 1) + 1); } - bool loaded = strstr(str, " policy loaded "); - - if (loaded) { - if (policyLoaded) { - // SELinux policy changes are not allowed - enforceIntegrity(); - } else { - logToDmesg("policy loaded"); - policyLoaded = true; - } - } - - // Note: The audit log can include untrusted strings, but those containing - // "a control character, unprintable character, double quote mark, or a - // space" are hex encoded. The space character before the search term is - // therefore needed to prevent denial of service. Do not remove the space. - bool permissive = strstr(str, " enforcing=0") || - strstr(str, " permissive=1"); - - if (permissive) { - // SELinux in permissive mode is not allowed - enforceIntegrity(); - } - - bool info = loaded || permissive; + bool info = strstr(str, " permissive=1") || strstr(str, " policy loaded "); if ((fdDmesg >= 0) && initialized) { struct iovec iov[3]; static const char log_info[] = { KMSG_PRIORITY(LOG_INFO) }; diff --git a/logd/LogAudit.h b/logd/LogAudit.h index 3a84541a7..ab30e2863 100644 --- a/logd/LogAudit.h +++ b/logd/LogAudit.h @@ -27,15 +27,12 @@ class LogAudit : public SocketListener { LogBuffer *logbuf; LogReader *reader; int fdDmesg; - bool policyLoaded; - bool rebootToSafeMode; bool initialized; public: LogAudit(LogBuffer *buf, LogReader *reader, int fdDmesg); int log(char *buf, size_t len); bool isMonotonic() { return logbuf->isMonotonic(); } - void allowSafeMode(bool allow = true) { rebootToSafeMode = allow; } protected: virtual bool onDataAvailable(SocketClient *cli); @@ -44,9 +41,6 @@ private: static int getLogSocket(); int logPrint(const char *fmt, ...) __attribute__ ((__format__ (__printf__, 2, 3))); - void logToDmesg(const std::string& str); - std::string getProperty(const std::string& name); - void enforceIntegrity(); }; #endif diff --git a/logd/README.property b/logd/README.property index 4bc5541c0..6200d3ee5 100644 --- a/logd/README.property +++ b/logd/README.property @@ -1,6 +1,7 @@ The properties that logd responds to are: name type default description +ro.logd.auditd bool true Enable selinux audit daemon ro.logd.auditd.dmesg bool true selinux audit messages duplicated and sent on to dmesg log persist.logd.security bool false Enable security buffer. diff --git a/logd/main.cpp b/logd/main.cpp index 3095f7f9d..19946b7f1 100644 --- a/logd/main.cpp +++ b/logd/main.cpp @@ -245,7 +245,6 @@ static char *name; static sem_t reinit; static bool reinit_running = false; static LogBuffer *logBuf = NULL; -static LogAudit *logAudit = NULL; static bool package_list_parser_cb(pkg_info *info, void * /* userdata */) { @@ -296,10 +295,6 @@ static void *reinit_thread_start(void * /*obj*/) { logBuf->init(); logBuf->initPrune(NULL); } - - if (logAudit) { - logAudit->allowSafeMode(); - } } return NULL; @@ -520,19 +515,25 @@ int main(int argc, char *argv[]) { // initiated log messages. New log entries are added to LogBuffer // and LogReader is notified to send updates to connected clients. - logAudit = new LogAudit(logBuf, reader, - property_get_bool("logd.auditd.dmesg", - BOOL_DEFAULT_TRUE | - BOOL_DEFAULT_FLAG_PERSIST) - ? fdDmesg - : -1); + bool auditd = property_get_bool("logd.auditd", + BOOL_DEFAULT_TRUE | + BOOL_DEFAULT_FLAG_PERSIST); + LogAudit *al = NULL; + if (auditd) { + al = new LogAudit(logBuf, reader, + property_get_bool("logd.auditd.dmesg", + BOOL_DEFAULT_TRUE | + BOOL_DEFAULT_FLAG_PERSIST) + ? fdDmesg + : -1); + } LogKlog *kl = NULL; if (klogd) { - kl = new LogKlog(logBuf, reader, fdDmesg, fdPmesg, logAudit != NULL); + kl = new LogKlog(logBuf, reader, fdDmesg, fdPmesg, al != NULL); } - readDmesg(logAudit, kl); + readDmesg(al, kl); // failure is an option ... messages are in dmesg (required by standard) @@ -540,9 +541,8 @@ int main(int argc, char *argv[]) { delete kl; } - if (logAudit && logAudit->startListener()) { - delete logAudit; - logAudit = NULL; + if (al && al->startListener()) { + delete al; } TEMP_FAILURE_RETRY(pause());