tequilaOS/platform_system_security
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "audit_log.rs: handle Results in LogContext handling" am: 402750dae1

Browse source 
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2625929

Change-Id: I2204328271c3f6aab4ec003a7dfe51fc6fd35532
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Marcin Radomski 2023-06-15 15:05:01 +00:00 committed by Automerger Merge Worker
commit 69bfd9e86a
1 changed files with 10 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
keystore2/src/audit_log.rs
View file

@ -20,7 +20,7 @@ use android_system_keystore2::aidl::android::system::keystore2::{
Domain::Domain, KeyDescriptor::KeyDescriptor,
};
use libc::uid_t;
use log_event_list::{LogContext, LogIdSecurity};
use log_event_list::{LogContext, LogContextError, LogIdSecurity};
const TAG_KEY_GENERATED: u32 = 210024;
const TAG_KEY_IMPORTED: u32 = 210025;
@ -60,27 +60,28 @@ pub fn log_key_deleted(key: &KeyDescriptor, calling_app: uid_t, success: bool) {
pub fn log_key_integrity_violation(key: &KeyDescriptor) {
with_log_context(TAG_KEY_INTEGRITY_VIOLATION, |ctx| {
let owner = key_owner(key.domain, key.nspace, key.nspace as i32);
ctx.append_str(key.alias.as_ref().map_or("none", String::as_str)).append_i32(owner)
ctx.append_str(key.alias.as_ref().map_or("none", String::as_str))?.append_i32(owner)
})
}
fn log_key_event(tag: u32, key: &KeyDescriptor, calling_app: uid_t, success: bool) {
with_log_context(tag, |ctx| {
let owner = key_owner(key.domain, key.nspace, calling_app as i32);
ctx.append_i32(i32::from(success))
.append_str(key.alias.as_ref().map_or("none", String::as_str))
ctx.append_i32(i32::from(success))?
.append_str(key.alias.as_ref().map_or("none", String::as_str))?
.append_i32(owner)
})
}
fn with_log_context<F>(tag: u32, f: F)
where
F: Fn(LogContext) -> LogContext,
F: Fn(LogContext) -> Result<LogContext, LogContextError>,
{
if let Some(ctx) = LogContext::new(LogIdSecurity, tag) {
let event = f(ctx);
LOGS_HANDLER.queue_lo(move |_| {
event.write();
});
if let Ok(event) = f(ctx) {
LOGS_HANDLER.queue_lo(move |_| {
let _result = event.write();
});
}
}
}