(cherry pick from commit bf7d0b8875)
The setgid() and setuid() call failure in logd.daemon thread
do not block overall functionality, so clearly tell static
analyzer and developers that we do not care to check their
return values.
SideEffects: None
Bug: 27434072
Change-Id: I6fdc87e8311ebc0173716080bbd72c86b3f00f78
If a SELinux policy change or a switch to permissive mode is detected
on a user build, restart the device into safe mode, and keep it there
until an OTA is applied or user data is wiped.
This change deprecates the ro.logd.auditd property.
Needs matching changes from
I781c3059ea8d4fb2f0c923e4488b1932d69678d3
Ica825cf2af74f5624cf4091544bd24bb5482dbe7
Id3ca7889ede30b54b7af73dd50653ca1a20d59aa
Bug: 26902605
Change-Id: Idcdc5bff133f13c1267f0ec0a75cc8cf1ddbda0d
(cherry picked from commit d122ee65b6)
If a SELinux policy change or a switch to permissive mode is detected
on a user build, restart the device into safe mode, and keep it there
until an OTA is applied or user data is wiped.
This change deprecates the ro.logd.auditd property.
Needs matching changes from
I781c3059ea8d4fb2f0c923e4488b1932d69678d3
Ica825cf2af74f5624cf4091544bd24bb5482dbe7
Id3ca7889ede30b54b7af73dd50653ca1a20d59aa
Bug: 26902605
Change-Id: Idcdc5bff133f13c1267f0ec0a75cc8cf1ddbda0d
Usage: android::prdebug(const char *fmt, ...) __printflike(1, 2);
Will add logd prefix tag, log as debug priority in kernel logs,
and will suffix a newline if one is not supplied. To be used to
aid debugging of the logger only.
Change-Id: I217326ef34dc4eb0ea076bacb7a7a8b564c931c3
- enhance property_get_bool, drop property_get_bool_svelte
- enhance base properties with ro and persist variants
- update and fortify README.property
- primarily move auditd and kernel logger into a realm where
they can be controlled by build properties.
- Move logd.klogd to logd.kernel, and add ro.logd.kernel
and persist.logd.kernel.
- Add ro.logd.auditd and persist.logd.auditd.
- Document persist.logd.security
- Document log.tag and persist.logd.tag properties.
- Document ro.logd.size, persist.logd.size and logd.size
properties.
Bug: 26178938
Bug: 26029733
Bug: 17760225
Change-Id: Ibc1a497e45d69db5cf52133937f7ba6fb1d6cd21
Add the following mount options to the /proc filesystem:
hidepid=2,gid=3009
This change blocks /proc access unless you're in group 3009
(aka AID_READPROC).
Please see
https://github.com/torvalds/linux/blob/master/Documentation/filesystems/proc.txt
for documentation on the hidepid option.
hidepid=2 is preferred over hidepid=1 since it leaks less information
and doesn't generate SELinux ptrace denials when trying to access
/proc without being in the proper group.
Add AID_READPROC to processes which need to access /proc entries for
other UIDs.
Bug: 23310674
Change-Id: I22bb55ff7b80ff722945e224845215196f09dafa
if ro.logd.timestamp or persist.logd.timestamp are set to the value
monotonic then liblog writer, liblog printing and logd all switch to
recording/printing monotonic time rather than realtime. If reinit
detects a change for presist.logd.timestamp, correct the older entry
timestamps in place.
ToDo: A corner case condition where new log entries in monotonic time
occur before logd reinit detects persist.logd.timestamp, there
will be a few out-of-order entries, but with accurate
timestamps. This problem does not happen for ro.logd.timestamp
as it is set before logd starts.
NB: This offers a nano second time accuracy on all log entries
that may be more suitable for merging with other system
activities, such as systrace, that also use monotonic time. This
feature is for debugging.
Bug: 23668800
Change-Id: Iee6dab7140061b1a6627254921411f61b01aa5c2
- Add device (ro.logd.filter), persistent (persist.logd.filter)
properties to control the default filters
- Allow logcat -P default to produce expected results
- Allow logcat -P disable to produce expected results
Change-Id: I651cb705373ec1e88a99e4b9086da4f9668a468a
Switch from the internal packages.list file parser
implementation to a common parser library.
Change-Id: I87a406802f95d8e7bfd8ee85f723f80e9e6b6c0c
Signed-off-by: William Roberts <william.c.roberts@intel.com>
* commit '1b2fb587eb7db6f9de1dda8663b33d87a2f5a27e':
logd: klogd deal with nuls in dmesg
logd: log_strtok_r deal with nuls
liblog: logprint: printable nul
logd: klogd: sniff for time correction on Mediatek
Switch to using string and length in all transactions, treating
trailing nuls the same as spaces.
ToDo: change dumpstate (bugreport) to use logcat -b printable _regardless_
Bug: 23517551
Change-Id: I42162365e6bf8ed79d356e7b689a673902116fdb
Rename to log_strntok_r and change from dealing with strings
to dealing with a string and an associated length.
Bug: 23517551
Change-Id: Ia72f1305a53f55eeef9861ac378fb8205fd2378e
Required by logd on devices with USE_CPUSETS defined.
Make /dev/cpuset/background, /dev/cpuset/foreground and
/dev/cpuset/task writeable by system gid. Add logd to system
group for writing to cpuset files and to root group to avoid
regressions. When dropping privs, also drop supplementary groups.
Bug: 22699101
Change-Id: Icc01769b18b5e1f1649623da8325a8bfabc3a3f0
(cherry pick from commit ee49c6a670)
- regression in log_strtok_r (part deux) In commit
'logd: fix kernel logline stutter'
2c3b300fd8 we introduced log_strtok_r.
as a replacement for strtok_r that dealt with a problem with
some kernel log messages. Fix is to refine definition of
is_timestamp to not match on patterns like [0], requiring
a single period. Another fix is to refine definition of
is_prio to properly escape non-digit content.
- Missing content because SYSLOG_ACTION_SIZE_BUFFER with added logging
is too short for full read of SYSLOG_ACTION_READ_ALL dropping
initial content. Add a margin for additional 1024 bytes.
- Absolute _first_ log entry has sequence number of 1, which is
specifically dropped, start sequence count at 1 rather than 0.
- Remove trailing space for efficiency.
- If tag exists but no content, trick into kernel logging.
Bug: 21851884
Change-Id: I0867a555a3bca09bbf18d18e75e41dffffe57a23
- regression in log_strtok_r (part deux) In commit
'logd: fix kernel logline stutter'
2c3b300fd8 we introduced log_strtok_r.
as a replacement for strtok_r that dealt with a problem with
some kernel log messages. Fix is to refine definition of
is_timestamp to not match on patterns like [0], requiring
a single period. Another fix is to refine definition of
is_prio to properly escape non-digit content.
- Missing content because SYSLOG_ACTION_SIZE_BUFFER with added logging
is too short for full read of SYSLOG_ACTION_READ_ALL dropping
initial content. Add a margin for additional 1024 bytes.
- Absolute _first_ log entry has sequence number of 1, which is
specifically dropped, start sequence count at 1 rather than 0.
- Remove trailing space for efficiency.
- If tag exists but no content, trick into kernel logging.
Bug: 21851884
Change-Id: I0867a555a3bca09bbf18d18e75e41dffffe57a23
(cherry pick from commit d98f4e8af5)
sched_batch implies only a penalty to latency in scheduling, but
does not imply that the process will be given less cpu time. Increase
the nice level to 10 to prioritize it below ui threads.
Bug: 21696721
Change-Id: I075af059dc755402f7df9b0d7a66cca921ff04b2
sched_batch implies only a penalty to latency in scheduling, but
does not imply that the process will be given less cpu time. Increase
the nice level to 10 to prioritize it below ui threads.
Bug: 21696721
Change-Id: I075af059dc755402f7df9b0d7a66cca921ff04b2
(cherry pick from commit 2c3b300fd8)
- look for cases where one log line contains two without a newline.
- rare condition, occurs when a printk does not have
a terminating newline under certain race conditions.
- the newline may be performed broken up as a second call
- the timestamps can be reversed (showing the race effects).
- driver(s) should really have the newline in their log messages.
Change-Id: Ibfb56b32047da3d6513db059ca6edad0f0105168
- look for cases where one log line contains two without a newline.
- rare condition, occurs when a printk does not have
a terminating newline under certain race conditions.
- the newline may be performed broken up as a second call
- the timestamps can be reversed (showing the race effects).
- driver(s) should really have the newline in there log messages.
Change-Id: Ibfb56b32047da3d6513db059ca6edad0f0105168
(cherry pick from commit ae4d928d81)
- Add a klogd to collect the kernel logs and place them into a
new kernel log buffer
- Parse priority, tag and message from the kernel log messages.
- Turn off pruning for worst UID for the kernel log buffer
- Sniff for 'PM: suspend exit', 'PM: suspend enter' and
'Suspended for' messages and correct the internal definition
time correction against monotonic dynamically.
- Discern if we have monotonic or real time (delineation 1980) in
audit messages.
- perform appropriate math to correct the timestamp to be real time
- filter out any external sources of kernel logging
Change-Id: I8d4c7c5ac19f1f3218079ee3a05a50e2ca55f60d
- Add a klogd to collect the kernel logs and place them into a
new kernel log buffer
- Parse priority, tag and message from the kernel log messages.
- Turn off pruning for worst UID for the kernel log buffer
- Sniff for 'PM: suspend exit', 'PM: suspend enter' and
'Suspended for' messages and correct the internal definition
time correction against monotonic dynamically.
- Discern if we have monotonic or real time (delineation 1980) in
audit messages.
- perform appropriate math to correct the timestamp to be real time
- filter out any external sources of kernel logging
Change-Id: I8d4c7c5ac19f1f3218079ee3a05a50e2ca55f60d
(cherry pick from commit 344bff4391)
- Optional class of statistics for events Tags
- export tagToName from LogBuffer (located in main.cp to address
https://android-review.googlesource.com/#/c/110204)
- Can not handle dropped because getTag() can not work,
will need to be fixed if we start filtering.
Bug: 19608965
Change-Id: I7b90607ca588bf37bab71f19b1570a290e772776
- Optional class of statistics for events Tags
- export tagToName from LogBuffer (located in main.cp to address
https://android-review.googlesource.com/#/c/110204)
- Can not handle dropped because getTag() can not work,
will need to be fixed if we start filtering.
Bug: 19608965
Change-Id: I7b90607ca588bf37bab71f19b1570a290e772776
(Cherry pick from commit 21fb7e0b75)
- Report applications UID, TID/PID by name.
- change wording to have an accurate connotation
- drop privilege check since filtered upstream
Bug: 19608965
Bug: 20334069
Bug: 20370119
Change-Id: I2b1c26580b4c2de293874214ff5ae745546f3cca
- Report applications UID, TID/PID by name.
- change wording to have an accurate connotation
- drop privilege check since filtered upstream
Bug: 19608965
Bug: 20334069
Bug: 20370119
Change-Id: I2b1c26580b4c2de293874214ff5ae745546f3cca
Add a return value for the ::log() methods, this allows
us to optimize the wakeup for the readers to only occur
when the log message is actually placed.
This is for a future where we may dedupe identical log
messages, filter out log messages, and certainly if we
filter the messages out with an internal logd check of
__android_log_is_loggable().
Change-Id: I763b2a7c29502ab7fa0a5d5022c7b60244fcfde4
- read packages.list to acquire package names
- hijack the reinit handler as a privileged worker
Bug: 19608965
Change-Id: If7becb34354d6415e5c387ecea7d4109a15259c9
This forward port reverts
commit e457b74ce6
No longer as necessary once we add
liblog: Instrument logging of logd write drops
Although this provided an indication of how close statistically we
were to overloading logd it is simpler to understand fails thus to
hunt and peck a corrected value for /proc/sys/net/unix/max_dgram_qlen
Change-Id: I2b30e0fc30625a48fd11a12c2d2cc6a41f26226f
- logDmesg method consumes considerable memory
resources (typically 128KB depending on kernel)
- In the future (eg: klogd, syslogd) there may be need to
feed multiple logs or threads with the retrieved data.
- By moving the actions of logDmesg into the mainline that
instantiates the thread objects, we can leverage a single
allocation of the the kernel log allocation.
- logDmesg (private) is replaced with log (public) which
has a more useful and descriptive purpose for the class.
Change-Id: Ie2dd0370661493c1e596a7e486904a0e8caab9ff
Initial commit for an audit daemon that writes kernel audit
messages to the Android logger. The daemon searches dmesg
for all lines that contain "audit" and writes them. Then
receiving the messages from the netlink socket.
It also formats the messages so they are compatable with
ausearch (type=<t> <m> format)
Modified: Mark Salyzyn <salyzyn@google.com>
- do not start auditd
- merge into logd, stripping unnecessary file logging.
- Convert headers and code to support C++
- Fix bugs in libaudit
- squash timestamp (replace with 0.0) due to duplication
- squash pid due to duplication
- squash comm due to duplication
Change-Id: I421bcf33e7e670d596628b1b5c7c25536ce2d3fe
* Only enabled for dev builds because halves performance.
- Used to establish if /proc/sys/net/unix/max_dgram_qlen
is appropriate for the platform
(see logd/LogStatistics.cpp comments)
- enabled if logd.dgram_qlen.statistics is not zero/empty
Change-Id: Ib8ecfeb75b6f0f954c099a6b1032b8afb5efcbd4