logd: inherit android_get_control_file()

Setup and then collect from the environment /proc/kmsg and /dev/kmsg file descriptors. Do not do so for logcat --reinit. Test: gTest logd-unit-tests, liblog-unit-tests and logcat-unit-tests Bug: 32450474 Change-Id: Ied537ca561fcd4e71a9ad9c57398a23ba23f6ced
author: Mark Salyzyn <salyzyn@google.com> 2016-10-27 08:21:35 -0700
committer: Mark Salyzyn <salyzyn@google.com> 2016-11-03 13:34:27 -0700
commit: e0b8ccd1a3db7059c56322ad6cbcb7d7c34c2954 (patch)
tree: fd33ec05d013ddbfde9e5bd7d331c9b6a47fd473 /logd
parent: 62767fe29f8aaf62470781a3cf419ba11187d178 (diff)
download: system_core-e0b8ccd1a3db7059c56322ad6cbcb7d7c34c2954.tar.gz
system_core-e0b8ccd1a3db7059c56322ad6cbcb7d7c34c2954.tar.bz2
system_core-e0b8ccd1a3db7059c56322ad6cbcb7d7c34c2954.zip
2 files changed, 30 insertions, 16 deletions
diff --git a/logd/logd.rc b/logd/logd.rc
index 31ed4df34..5fc92e1b0 100644
--- a/logd/logd.rc
+++ b/logd/logd.rc
@@ -2,6 +2,8 @@ service logd /system/bin/logd
     socket logd stream 0666 logd logd
     socket logdr seqpacket 0666 logd logd
     socket logdw dgram 0222 logd logd
+    file /proc/kmsg r
+    file /dev/kmsg w
     group root system readproc
     writepid /dev/cpuset/system-background/tasks
 
diff --git a/logd/main.cpp b/logd/main.cpp
index 1ac1415ed..7c71e7d5c 100644
--- a/logd/main.cpp
+++ b/logd/main.cpp
@@ -39,6 +39,7 @@
 #include <android-base/macros.h>
 #include <cutils/properties.h>
 #include <cutils/sched_policy.h>
+#include <cutils/files.h>
 #include <cutils/sockets.h>
 #include <libminijail.h>
 #include <log/event_tag_map.h>
@@ -189,11 +190,11 @@ static void *reinit_thread_start(void * /*obj*/) {
     set_sched_policy(0, SP_BACKGROUND);
     setpriority(PRIO_PROCESS, 0, ANDROID_PRIORITY_BACKGROUND);
 
-    // If we are AID_ROOT, we should drop to AID_SYSTEM, if we are anything
-    // else, we have even lesser privileges and accept our fate. Not worth
-    // checking for error returns setting this thread's privileges.
-    (void)setgid(AID_SYSTEM);
-    (void)setuid(AID_SYSTEM);
+    // If we are AID_ROOT, we should drop to AID_LOGD+AID_SYSTEM, if we are
+    // anything else, we have even lesser privileges and accept our fate. Not
+    // worth checking for error returns setting this thread's privileges.
+    (void)setgid(AID_SYSTEM); // readonly access to /data/system/packages.list
+    (void)setuid(AID_LOGD);   // access to everything logd.
 
     while (reinit_running && !sem_wait(&reinit) && reinit_running) {
 
@@ -318,17 +319,6 @@ static void readDmesg(LogAudit *al, LogKlog *kl) {
 // logging plugins like auditd and restart control. Additional
 // transitory per-client threads are created for each reader.
 int main(int argc, char *argv[]) {
-    int fdPmesg = -1;
-    bool klogd = __android_logger_property_get_bool("logd.kernel",
-                                                    BOOL_DEFAULT_TRUE |
-                                                    BOOL_DEFAULT_FLAG_PERSIST |
-                                                    BOOL_DEFAULT_FLAG_ENG |
-                                                    BOOL_DEFAULT_FLAG_SVELTE);
-    if (klogd) {
-        fdPmesg = open("/proc/kmsg", O_RDONLY | O_NDELAY);
-    }
-    fdDmesg = open("/dev/kmsg", O_WRONLY);
-
     // issue reinit command. KISS argument parsing.
     if ((argc > 1) && argv[1] && !strcmp(argv[1], "--reinit")) {
         int sock = TEMP_FAILURE_RETRY(
@@ -364,6 +354,28 @@ int main(int argc, char *argv[]) {
         return strncmp(buffer, success, sizeof(success) - 1) != 0;
     }
 
+    static const char dev_kmsg[] = "/dev/kmsg";
+    fdDmesg = android_get_control_file(dev_kmsg);
+    if (fdDmesg < 0) {
+        fdDmesg = TEMP_FAILURE_RETRY(open(dev_kmsg, O_WRONLY | O_CLOEXEC));
+    }
+
+    int fdPmesg = -1;
+    bool klogd = __android_logger_property_get_bool("logd.kernel",
+                                                    BOOL_DEFAULT_TRUE |
+                                                    BOOL_DEFAULT_FLAG_PERSIST |
+                                                    BOOL_DEFAULT_FLAG_ENG |
+                                                    BOOL_DEFAULT_FLAG_SVELTE);
+    if (klogd) {
+        static const char proc_kmsg[] = "/proc/kmsg";
+        fdPmesg = android_get_control_file(proc_kmsg);
+        if (fdPmesg < 0) {
+            fdPmesg = TEMP_FAILURE_RETRY(open(proc_kmsg,
+                                              O_RDONLY | O_NDELAY | O_CLOEXEC));
+        }
+        if (fdPmesg < 0) android::prdebug("Failed to open %s\n", proc_kmsg);
+    }
+
     // Reinit Thread
     sem_init(&reinit, 0, 0);
     sem_init(&uidName, 0, 0);
author	Mark Salyzyn <salyzyn@google.com>	2016-10-27 08:21:35 -0700
committer	Mark Salyzyn <salyzyn@google.com>	2016-11-03 13:34:27 -0700
commit	e0b8ccd1a3db7059c56322ad6cbcb7d7c34c2954 (patch)
tree	fd33ec05d013ddbfde9e5bd7d331c9b6a47fd473 /logd
parent	62767fe29f8aaf62470781a3cf419ba11187d178 (diff)
download	system_core-e0b8ccd1a3db7059c56322ad6cbcb7d7c34c2954.tar.gz system_core-e0b8ccd1a3db7059c56322ad6cbcb7d7c34c2954.tar.bz2 system_core-e0b8ccd1a3db7059c56322ad6cbcb7d7c34c2954.zip