Add logging for kernel audit failures, including SELinux.
Bug: 7707280
Change-Id: I3788b465cb5733c93dbf36c91ce26e37d4be41c2
diff --git a/services/java/com/android/server/BootReceiver.java b/services/java/com/android/server/BootReceiver.java
index 235c662..3dade37 100644
--- a/services/java/com/android/server/BootReceiver.java
+++ b/services/java/com/android/server/BootReceiver.java
@@ -126,6 +126,7 @@
-LOG_SIZE, "APANIC_CONSOLE");
addFileToDropBox(db, prefs, headers, "/data/dontpanic/apanic_threads",
-LOG_SIZE, "APANIC_THREADS");
+ addAuditErrorsToDropBox(db, prefs, headers, -LOG_SIZE, "SYSTEM_AUDIT");
} else {
if (db != null) db.addText("SYSTEM_RESTART", headers);
}
@@ -174,4 +175,32 @@
Slog.i(TAG, "Copying " + filename + " to DropBox (" + tag + ")");
db.addText(tag, headers + FileUtils.readTextFile(file, maxSize, "[[TRUNCATED]]\n"));
}
+
+ private static void addAuditErrorsToDropBox(DropBoxManager db, SharedPreferences prefs,
+ String headers, int maxSize, String tag) throws IOException {
+ if (db == null || !db.isTagEnabled(tag)) return; // Logging disabled
+ Slog.i(TAG, "Copying audit failures to DropBox");
+
+ File file = new File("/proc/last_kmsg");
+ long fileTime = file.lastModified();
+ if (fileTime <= 0) return; // File does not exist
+
+ if (prefs != null) {
+ long lastTime = prefs.getLong(tag, 0);
+ if (lastTime == fileTime) return; // Already logged this particular file
+ // TODO: move all these SharedPreferences Editor commits
+ // outside this function to the end of logBootEvents
+ prefs.edit().putLong(tag, fileTime).apply();
+ }
+
+ String log = FileUtils.readTextFile(file, maxSize, "[[TRUNCATED]]\n");
+ StringBuilder sb = new StringBuilder();
+ for (String line : log.split("\n")) {
+ if (line.contains("audit")) {
+ sb.append(line + "\n");
+ }
+ }
+ Slog.i(TAG, "Copied " + sb.toString().length() + " worth of audits to DropBox");
+ db.addText(tag, headers + sb.toString());
+ }
}