Commit Graph

232 Commits

Author SHA1 Message Date
Mark Salyzyn 5cceee6404 liblog: sleep 20ms before critical property_set
Going too fast can result in the property not being set
and causing an extreme corner case failure being reported
and blamed on is_loggable functionality.

Bug: 25792367
Change-Id: Idda6f67d655d8a84d2809daf695394d5293e7431
2016-05-12 15:58:57 +00:00
Rubin Xu 9c2f803e9d Return correct length from pmsgRead()
Bug: 28610769
Change-Id: I38cac786ca43ef8d9530f4e2e5a0bdd4cc3bccef
2016-05-05 16:50:44 +01:00
Mark Salyzyn 78786da116 liblog: O_CLOEXEC flag on opens
Bug: 28455828
Change-Id: Ic00101a6192aab7271cb0c3461e249a77d7f29ed
2016-04-29 07:52:36 -07:00
Mark Salyzyn ccfb244b36 liblog: logcat -g readable size wrong
Bug: 28451229
Change-Id: I4bbc2bed933d69416c23cc7af617be3fb55d0b62
2016-04-29 07:39:51 -07:00
Colin Cross 0652728e2a Merge "Update sanitize property format" 2016-04-19 22:42:04 +00:00
Colin Cross 5d35ce649c Update sanitize property format
Change-Id: I81c299609ece7a1c7f27093f563d5df08efe989b
2016-04-15 16:33:21 -07:00
Mark Salyzyn efe8ecc1d9 liblog: android_log_isloggable failing apct
- periodic failures in apct, dropped second serial test
  in refresh_cache, trusting check_cache or global.
- The retry loop to see if is_loggable recovers of 1000
  was hiding subsequent tests, drop to 10 retries.
- On the whole, the average performance remains the same.

Bug: 25792367
Change-Id: I4110440ef46671d7a1c128689bde623808bed04f
2016-04-15 11:04:24 -07:00
William Roberts 8a5b9caaa6 liblog: remove android_ids and replace with getpwuid
Note: This code makes the assumption that getpwuid is
thread safe, which it is ONLY ON BIONIC. Thus,
if you attempt to use this on a non-target build, you
may get burned. Thus, an ifndef checking on __BIONIC__
is used to produce a build error if you attempt to do
so.

Change-Id: I61038c428b71771edcfc76f18d8fc5cbe349238b
Bug: 27999086
Signed-off-by: William Roberts <william.c.roberts@intel.com>
2016-04-11 14:55:56 +00:00
Mark Salyzyn 7ef5249afa liblog: suppress pmsg on user builds
- add optimized & cached LIBLOG_HIDDEN __android_log_is_debuggable()
- check when writing, either LOG_ID_SECURITY, SafetyNet or
  debuggable when pushing content to the pmsg buffer.

Bug: 27566046
Change-Id: I85f1b55ec329b38e00f4183836b6ed53046c323d
2016-03-29 13:52:21 -07:00
Mark Salyzyn c33103c440 liblog: gate write on log id available
- Secure LOG_ID_KERNEL in writer
- Secure LOG_ID_SECURITY in reader and writer
- if writer transport says not available, do not write to that log id

Bug: 27566046
Bug: 27896341
Change-Id: If63a78a56fb94adfbf9979454c4cadb81af45c19
2016-03-29 12:29:04 -07:00
Mark Salyzyn abdb758ef6 Merge "liblog: logprint: deal with malformed log messages" 2016-03-24 19:20:29 +00:00
Mark Salyzyn 864e8e80e4 liblog: add __android_log_pmsg_file_read
- This is considered an Android Private function, not exported
  for general use.
- goal is to retreive a file's content from a series of log
  messages from pmsg, to be retrieved after a reboot for
  transfer to a persistent location.
- files are presented in reverse sorted order, first based on
  _any_ numerical content, then by alphanumeric order.
- Add a gTest for this function, relies on gTest for
  liblog.__android_log_pmsg_file_write from prior to reboot.

Bug: 27176738
Change-Id: If37ef423009bd28b598b233af3bccef3429bdc22
2016-03-22 13:03:53 -07:00
Mark Salyzyn d4b061bde2 liblog: add __android_log_pmsg_file_write
- This is considered an Android Private function, not exported
  for general use.
- goal is to record a file's content into a series of log
  messages into pmsg, to be retrieved after a reboot for
  transfer to a persistent location.
- filename reference is converted to a tag-unique
  "<dirbase>:<filebase>".
- buffer and length representing the filename contents are
  recorded, along with a sequence number placed into the nsec
  time field to ANDROID_LOG_PMSG_FILE_MAX_SEQUENCE.
- Add a gTest for this function.

Bug: 27176738
Change-Id: If93df3ae8bfc1bb75516d4a1fd8dae0301af644b
2016-03-22 13:03:36 -07:00
Mark Salyzyn 018a96d03f liblog: split out transports into separate files
Create config_logger, logger and logger_read to house the log
interfaces. Add fake_logger, logd_logger and pmsg_logger to
house the write and read transports. Allows for an easier and
direct path to add new transports to the library.

SideEffects: None, logger benchmark performance unaffected

Bug: 27176738
Bug: 27405083
Change-Id: I01b38637334a5242905c8c89f6ab0a92e2540008
2016-03-22 13:01:15 -07:00
Mark Salyzyn 083c53462a liblog: logprint: deal with malformed log messages
Try to print as much content as possible should the application
logging only submit content as part of a tag with an empty message.
We search for the first non-printable ascii character in the tag, in
order to split it up for printing.

Applications (such as com.yahoo.mobile.client.android.weather) that
malform their log messages will no longer be punished by truncating
the content, but this should never be considered advocacy for their
bad behavior.

Bug: 27585978
Change-Id: Idb0680e8d6a6ad2bef5150661905acccb5b70afb
2016-03-21 23:06:29 +00:00
Mark Salyzyn c040600baf Merge changes I7cbc8fda,Ibb7cf4b1
* changes:
  liblog: test: security buffer is allowed to be denied
  liblog: test: do not LOG in signal handler
2016-03-16 16:02:48 +00:00
Mark Salyzyn 29e70a98fe liblog: test: security buffer is allowed to be denied
Bug: 27405083
Change-Id: I7cbc8fda326a2aea3bef5dabee9d3290cc818b24
2016-03-14 09:18:55 -07:00
Mark Salyzyn 50af7f8b1d liblog: test: do not LOG in signal handler
- We actually are logging in a signal handler, the title is bluster
  to remind developers. It is not a reliable path though as it can
  lock up. Our goal is to minimize the chances of a lockup regardless
  in the name of stability only. The test remains to catch regression
  in the name of code quality and reliability. Expected to be
  >99.999% reliable.
- Add a new _correct_ duplicate test that uses signal to release a
  semaphore to a thread that performs the task. This path is expected
  to be 100% reliable.

Bug: 27405083
Change-Id: Ibb7cf4b13e34ebfac2db2af8724b7db7a27f81a8
2016-03-14 09:18:38 -07:00
Mark Salyzyn 2f83d679dd liblog: truncate logtags that overflow prefixBuf
Bug: 27585978
Change-Id: If2f45e8787b05b46491a771702746cfc248b9ccd
2016-03-14 09:12:24 -07:00
Mark Salyzyn be1d3c21b5 liblog: audit declare LIBLOG_ABI_PUBLIC
- replace <sys/cdefs.h> with local "log_cdefs.h" which
  fortifies and expands definitions, adding LIBLOG_ABI_PUBLIC,
  LIBLOG_HIDDEN, LIBLOG_ABI_PRIVATE and LIBLOG_WEAK.
- clearly tag each interface as LIBLOG_ABI_PUBLIC, LIBLOG_HIDDEN,
  LIBLOG_ABI_PRIVATE, LIBLOG_WEAK or static depending on scope
- Add -fvisibility=hidden to ensure nothing else leaks
- some code standard adjustments

Bug: 27566046
Change-Id: Ic14033c4e6d833d973beb035ddc1c6134fb35a3f
2016-03-10 13:49:38 -08:00
Dan Willemsen 7d5457e150 liblog: Update Android.bp for Android.mk changes
Change-Id: I5062583a45efa2774f01339e7601767b817f54ee
2016-02-29 10:46:18 -08:00
Elliott Hughes 74c9052fe4 Remove another test for a private API I'm about to remove.
Change-Id: I541d1de549aa62d43867889f41bd0757ed414636
2016-02-26 22:04:26 -08:00
Elliott Hughes 0962ecd4e3 Merge "Remove a test for an API I'm removing." 2016-02-27 01:26:30 +00:00
Elliott Hughes 9ce327200c Remove a test for an API I'm removing.
Change-Id: I44ee84b92fdbf561551e5cf90e0c44df535de83f
2016-02-26 16:57:54 -08:00
Mark Salyzyn 81f407be36 liblog: __android_log_error_write use event list library
Switch to the event list library to compose the associated event.

SideEffects: Instead of composing event on a stack buffer of 512
             bytes in size, a PAGE is allocated temporarily.

Bug: 27356456
Change-Id: Ic15a87f49385834c2287ed82c26439b2c5eb4f77
2016-02-25 12:29:32 -08:00
Mark Salyzyn 5cecedc6e8 liblog: test: __android_log_error_write accuracy
Add a test to confirm exact expected content using the testframe
setup for the events log handler. Remove dependency on 512 truncation
in liblog->
android_errorWriteWithInfoLog__android_logger_list_read__data_too_large
to something more liberal.

Bug: 27356456
Change-Id: I8a53ad3a16cf16b14856efe5b95417e857c7e09b
2016-02-25 12:29:32 -08:00
Mark Salyzyn 67d7eafd56 liblog: add android_log_write_string8_len
android_log_write_string8_len(android_log_context ctx,
                              const char *value, size_t maxlen)

Caps the supplied string to a maxlen length. Alter API to handle
a NULL pointer for the value string for this and
android_log_write_string8() and instead of returning -EINVAL,
act like a null string "" was supplied to preserve the list
location. API is also changed to report the number of characters
actually placed into the android_log_context.

Bug: 27356456
Bug: 19235719
Change-Id: I6a03d405eac1d741555dd05555513ec691e7a46e
2016-02-25 12:29:32 -08:00
Mark Salyzyn bd1ad049b2 liblog: event log list logging handler
Based off an initial request and effort by williamluh@google.com

- Added the following functions:

* Composing and Writing:

android_log_context create_android_logger(uint32_t tag)

int android_log_write_list_begin(android_log_context ctx)
int android_log_write_list_end(android_log_context ctx)

int android_log_write_int32(android_log_context ctx, int32_t value)
int android_log_write_int64(android_log_context ctx, int64_t value)
int android_log_write_string8(android_log_context ctx, const char *value)
int android_log_write_float32(android_log_context ctx, float value)

int android_log_write_list(android_log_context ctx, log_id_t id)

* Reading and Interpreting:

android_log_context create_android_log_parser(const char *msg, size_t len)

android_log_list_element android_log_read_next(android_log_context ctx)
android_log_list_element android_log_peek_next(android_log_context ctx)

* Destroy context used above:

int android_log_destroy(android_log_context *ctx);

- Added unit gTests

We moved implemented android_log_buffer_to_string() to the test since
it is an alternate for already existing logprint functionality.
Please move into liblog should it be of some common use, otherwise
as is it is a good means of stessing the reading and interpreting
handlers.

Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 19235719
Change-Id: I4aa1927e8e6a75f0a129d15a27c891cf1ccd4f5c
2016-02-22 16:04:41 -08:00
Mark Salyzyn b525884edb liblog: deal with warning messages
- Fix bug in fake_log_devices when it can not allocate memory
  failing to use the full on-stack buffer as backup.
- remove superfluous code.

Bug: 27265662
Change-Id: I97b6cca5f4ce8ecad9beb3a08353de596d6a4ad1
2016-02-19 14:40:16 -08:00
Mark Salyzyn 0085a135b9 fake_log_device: long lived allocations
Use static space for long lived allocations as they
will appear to act like a memory leak. Resort to a
larger on-stack iovec to reduce the chances of an
allocation. Fix bug in writer where not enough size
was available for "security" buffer name. Minor
transitions to more consistent coding style.

Bug: 27107691
Change-Id: I68c918e7b916b1ae3b04829d48b3eddaa0a7e739
2016-02-17 12:22:18 -08:00
Mark Salyzyn bc81b17e06 liblog: document fakeLogClose never to be called
Bug: 27107691
Change-Id: Ia699646ec2e83ca46f8b62b5d4f144e533b36074
2016-02-16 10:35:06 -08:00
Mark Salyzyn 663687270c liblog: test: newline space prefix and max length print tests
Add some more tests for logprint library

Bug: 27091726
Change-Id: I264c0607967e0121fefb1b8698f9b02b1463c662
2016-02-11 10:43:14 -08:00
Mark Salyzyn 3f94122ced liblog: add gTests for logging with leading newline
Bug: 27091726
Change-Id: Idff0e4e7c025426002c6381c3afb00e12d9fc1b5
2016-02-10 09:52:13 -08:00
Dan Willemsen 86cf941c48 Fix windows 64-bit builds
pid_t is 64-bit in 64-bit mingw, but the windows process/thread
functions return a DWORD(uint32_t). Instead of promoting to a pid_t and
fixing the format strings, just use a uint32_t to store the values.

android_thread_id also cannot be a 64-bit pointer, so for windows just
force it to be a uint32_t.

libutils/ProcessCallStack only works under Linux, since it makes heavy
use of /proc. Don't compile it under Windows or Darwin.

Bug: 26957718
Change-Id: I4e43e7cf18a96f22b3a9a08dbab8c3e960c12930
2016-02-05 16:10:10 -08:00
Colin Cross a2dd73424f Merge "liblog: remove strdup from logging calls" 2016-02-03 21:48:37 +00:00
Colin Cross 7a106f7c12 liblog: remove strdup from logging calls
strdup to a static pointer is unnecessary, strlcpy into a static buffer
instead.  Avoids allocations in the ALOG* path, allowing liblog to be
used by libmemleak.

Change-Id: Ie0986da27c1fc5eb8ce4ebb076b513be8e1ee676
2016-02-02 13:55:42 -08:00
Mark Salyzyn 8fa8896d2e logd: security buffer only AID_SYSTEM reader
- limit AID_SYSTEM uid or gid to read security buffer messages
- adjust liblog tests to reflect the reality of this adjustment

To fully test all security buffer paths and modes

$ su 0,0,0 /data/nativetest/liblog-unit-tests/liblog-unit-tests --gtest_filter=liblog.__security*
$ su 1000,1000,1000 /data/nativetest/liblog-unit-tests/liblog-unit-tests --gtest_filter=liblog.__security*
$ su 2000,2000,2000 /data/nativetest/liblog-unit-tests/liblog-unit-tests --gtest_filter=liblog.__security*

ToDo: Integrate the above individually into the gTest Q/A testing

Bug: 26029733
Change-Id: Idcf5492db78fa6934ef6fb43f3ef861052675651
2016-02-01 13:29:06 -08:00
Mark Salyzyn 9107c462ce liblog: check getgroups for AID_LOG for AID_LOG_SECURITY
Bug: 26792035
Change-Id: I634d3c8f9f3175956bd70e80daa479af40180f90
2016-01-26 13:32:02 -08:00
Mark Salyzyn 7cc8013e37 liblog: fix android_log_printLogLine empty event string
Allow _one_ empty line to get through before evaluating
further. Add __android_log_bswrite testing for content
and contentless cases; checking for propagation and for
expected printing. As for printing which is fixed here,
security variants cover the same code paths as the events.

Bug: 26646213
Change-Id: I484718aa604e0a00afde4c34a00e87468ea93aa5
2016-01-20 14:15:19 -08:00
Rubin Xu d545d2930e Add logd security buffer tag types and string write API.
Bug: 22860162
Change-Id: I1cceed3462eaebdd8208abf101b127f27f0023a7
2016-01-19 17:13:28 +00:00
Mark Salyzyn 1a5bac2069 Merge "Revert "logd: liblog: whitelist "snet_event_log""" 2016-01-06 21:22:04 +00:00
Mark Salyzyn 0ee8de3c2d Revert "logd: liblog: whitelist "snet_event_log""
Callers will not guarantee that they can or will ratelimit, we need to
retain the ability to blacklist snet_event_log as a result.

This reverts commit 6aa21b225d.

Bug: 26178938
Change-Id: Ibf47d2e23a84c56f5f72d02312c698df7ff2b601
2016-01-06 21:19:23 +00:00
Dan Willemsen d68c35a9ce liblog: Update Android.bp to match Android.mk
Change-Id: Ic887493c03d133a566a96c1c5b65dcd67e5d7131
2016-01-05 13:09:35 -08:00
Mark Salyzyn 6aa21b225d logd: liblog: whitelist "snet_event_log"
Dangerous bridge to cross to whitelist, who is special, who is not?
Rationalized as these events are used to catch exploits on platform.
As it stands no one should be allowed to block any messages in the
security context, not even for development purposes.

Bug: 26178938
Change-Id: Ibdc76bc0fe29ba05be168b623af1c9f41d7edbd2
2015-12-30 10:07:19 -08:00
Mark Salyzyn a014004752 liblog: add __android_log_is_loggable checking to writer
Add __android_log_is_loggable() checking for all buffers except
LOG_ID_SECURITY. Return -EPERM if blocked. Since we are sniffing
the log tag, check validity and return -EINVAL.

NB: Try not to call __android_log_is_loggable() in native code within
a signal handler. Both here, and in the system properties, there
are locking paths that are not guaranteed to play well in that
environment. This has also been the case for the log writer path
even before this change. All attempts have been made to use trylock,
and to use a more expensive code path when contention occurs rather
than lead to deadlock.

Bug: 19544788
Bug: 26178938
Change-Id: I98738c662f6328189a6703251eb8721a05e956f9
2015-12-30 10:03:37 -08:00
Mark Salyzyn 31ca3c3770 liblog: build break
Some compilers erroneously see uninitialized use, even despite all
accesses being behind !not_locked. Confirmed initialization does not
affect expected performance.

Bug: 26178938
Bug: 26029733
Bug: 17760225
Change-Id: Ib36ed8dd2c4b196ca84ef79a9531625dcee77e15
2015-12-22 10:49:35 -08:00
Mark Salyzyn a67d8a53c7 liblog: is loggable is flaky
- Deal with __android_log_is_loggable inside signal handler by
  treating a lock contention system call as more costly than reading
  the associated property directly. Rather waiting around in a
  contended stat to hit cache.
- Check both the individual known __system_property_serial() and
  global __system_property_area_serial() to detect updates or
  additions to the properties to respond in the most aggressive and
  timely manner. __android_log_is_loggable() return at max CPU
  clockrate on a N9 in 61ns.
- Craft a common do_cache2 inline that adds the above to the other
  functions that utilize cache handling and preserves (within 3ns)
  performance in android_log_clockid() and __android_log_security().
  These functions return at max CPU clockrate on a N9 in 23ns.

Bug: 19544788
Bug: 25693940
Bug: 25792367
Bug: 26178938
Change-Id: I9cd94598f5c558e946b93977ad3714a4b03d0422
2015-12-22 10:06:22 -08:00
Mark Salyzyn 77c166b5dd liblog: test: instrument is_loggable failures
Bug: 25792367
Change-Id: Ia34f8e7ea0bd7f15bf705afd3a1c631a56d1c479
2015-12-18 15:17:51 -08:00
Mark Salyzyn ee3b838e13 logd: statistics per-pid filter
Primarily gives access to the Chattiest TIDs and TAGs
associated with a pid.

Has a secondary effect of allowing us to pull out the
command line, comm and in some cases the associated
PACKAGE for a specific pid while the logs are still
present even if the executable is gone.

Bug: 26029733
Bug: 21615139
Change-Id: I1ea63165a680a9318360579b70b1512078ed5682
2015-12-18 13:17:37 -08:00
Mark Salyzyn 5d8742feb6 Merge "liblog: test: pmsg overhead measurement" 2015-12-18 20:34:55 +00:00