Initial commit for an audit daemon that writes kernel audit
messages to the Android logger. The daemon searches dmesg
for all lines that contain "audit" and writes them. Then
receiving the messages from the netlink socket.
It also formats the messages so they are compatable with
ausearch (type=<t> <m> format)
Modified: Mark Salyzyn <salyzyn@google.com>
- do not start auditd
- merge into logd, stripping unnecessary file logging.
- Convert headers and code to support C++
- Fix bugs in libaudit
- squash timestamp (replace with 0.0) due to duplication
- squash pid due to duplication
- squash comm due to duplication
Change-Id: I421bcf33e7e670d596628b1b5c7c25536ce2d3fe
forceencrypt= will encrypt the drive at boot if it is not encrypted. This change
will not have an impact until we set this flag in appropirate fstabs.
Bug: 11985952
Change-Id: I6c65eda7f109e4936aa160da50f871703aefb351
The way libunwind handles local unwinds is different from remote unwinds,
so create a new map object to handle the differences.
Add new test to verify the map data is being generated correctly.
Add new tests to check for leaks.
Refactor the BACK_LOGW code into a single header file.
Change-Id: I01f3cbfc4b927646174ea1b614fa25d23b9b3427
A normal sequence of calls is as follows:
str_parms_create_str, str_parms_add_str, str_parms_destroy.
In some cases the destroy caused double free.
str_parms_add_str will clone the input and send it to hashmapPut
for storage. If hashmapPut did not store the strings it will raise
errno = ENOMEM and leave caller with ownership of the strings.
In any of these cases it will be safe to destroy the str_parms.
But what if it wasn't hashmapPut that said NOMEM? What if there
was a stale NOMEM already before a successful hashmapPut?
In that case the strings will be successfully added to the list
(if new), but when str_parms_add_str sees the NOMEM it will free
them anyway, leaving dangling pointers in the str_parms!!
It is the responsibility of the caller to clear errno before any
interesting call. This patch makes sure that str_parms_add_str
reacts only on errno emmitted from hashmapPut.
Change-Id: If87e4bcc482f09e1c66133d33517b152ebdac65f
This checks ro.debuggable to determine whether a device is in the
debuggable state or not, disabling verification if it is.
Eventually we'd like to narrow this down to only devices which
need to disable it, but we aren't there yet.
Change-Id: I06a329fe5449deab6bae595877dbb1f200850241
default.prop is generated out of several makefile variables,
and it isn't possible to neatly express a dependency on those
variables (except perhaps by adding every possible makefile that
could define them to the deps list).
Change-Id: I93ea45c956aa22922f2389f735c058700621f674
This was broken about 5 months ago in change I78435ed49aa196a0efb45bf9b2d58b62c41737d3.
See: https://goto.google.com/jhtss
Change-Id: Icc32993552efed3015bc1b79a7bd872d7510e020
* Only enabled for dev builds because halves performance.
- Used to establish if /proc/sys/net/unix/max_dgram_qlen
is appropriate for the platform
(see logd/LogStatistics.cpp comments)
- enabled if logd.dgram_qlen.statistics is not zero/empty
Change-Id: Ib8ecfeb75b6f0f954c099a6b1032b8afb5efcbd4
Mark Salyzyn