logd: security buffer only AID_SYSTEM reader
- limit AID_SYSTEM uid or gid to read security buffer messages
- adjust liblog tests to reflect the reality of this adjustment
To fully test all security buffer paths and modes
$ su 0,0,0 /data/nativetest/liblog-unit-tests/liblog-unit-tests --gtest_filter=liblog.__security*
$ su 1000,1000,1000 /data/nativetest/liblog-unit-tests/liblog-unit-tests --gtest_filter=liblog.__security*
$ su 2000,2000,2000 /data/nativetest/liblog-unit-tests/liblog-unit-tests --gtest_filter=liblog.__security*
ToDo: Integrate the above individually into the gTest Q/A testing
Bug: 26029733
Change-Id: Idcf5492db78fa6934ef6fb43f3ef861052675651
diff --git a/logd/LogTimes.cpp b/logd/LogTimes.cpp
index b4c97a9..a4b96d3 100644
--- a/logd/LogTimes.cpp
+++ b/logd/LogTimes.cpp
@@ -126,6 +126,7 @@
LogBuffer &logbuf = me->mReader.logbuf();
bool privileged = FlushCommand::hasReadLogs(client);
+ bool security = FlushCommand::hasSecurityLogs(client);
me->leadingDropped = true;
@@ -150,10 +151,10 @@
unlock();
if (me->mTail) {
- logbuf.flushTo(client, start, privileged, FilterFirstPass, me);
+ logbuf.flushTo(client, start, privileged, security, FilterFirstPass, me);
me->leadingDropped = true;
}
- start = logbuf.flushTo(client, start, privileged, FilterSecondPass, me);
+ start = logbuf.flushTo(client, start, privileged, security, FilterSecondPass, me);
lock();