175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu/* 275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Copyright (C) 2016 The Android Open Source Project 375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * 475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Licensed under the Apache License, Version 2.0 (the "License"); 575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * you may not use this file except in compliance with the License. 675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * You may obtain a copy of the License at 775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * 875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * http://www.apache.org/licenses/LICENSE-2.0 975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * 1075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Unless required by applicable law or agreed to in writing, software 1175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * distributed under the License is distributed on an "AS IS" BASIS, 1275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * See the License for the specific language governing permissions and 1475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * limitations under the License. 1575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 1675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 176235a94ffaed1d82cee2317481c18776f601da1bMichal Karpinskipackage android.app.admin; 1875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 1975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xuimport android.annotation.IntDef; 2075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xuimport android.os.Parcel; 2175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xuimport android.os.Parcelable; 2275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xuimport android.os.SystemProperties; 2375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xuimport android.util.EventLog.Event; 2475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 2575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xuimport java.io.IOException; 2675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xuimport java.lang.annotation.Retention; 2775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xuimport java.lang.annotation.RetentionPolicy; 2875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xuimport java.util.Collection; 2975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 3073f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov/** 3173f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov * Definitions for working with security logs. 3273f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov * 3373f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov * <p>Device owner apps can control the logging with 3473f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov * {@link DevicePolicyManager#setSecurityLoggingEnabled}. When security logs are enabled, device 3573f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov * owner apps receive periodic callbacks from {@link DeviceAdminReceiver#onSecurityLogsAvailable}, 3673f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov * at which time new batch of logs can be collected via 3773f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov * {@link DevicePolicyManager#retrieveSecurityLogs}. {@link SecurityEvent} describes the type and 3873f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov * format of security logs being collected. 3973f747ba25b3aa881437d8de1285fc9712660604Pavel Grafov */ 4075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xupublic class SecurityLog { 4175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 4275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu private static final String PROPERTY_LOGGING_ENABLED = "persist.logd.security"; 4375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 4475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** @hide */ 4575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu @Retention(RetentionPolicy.SOURCE) 4675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu @IntDef({TAG_ADB_SHELL_INTERACTIVE, TAG_ADB_SHELL_CMD, TAG_SYNC_RECV_FILE, TAG_SYNC_SEND_FILE, 4731502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski TAG_APP_PROCESS_START, TAG_KEYGUARD_DISMISSED, TAG_KEYGUARD_DISMISS_AUTH_ATTEMPT, 4831502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski TAG_KEYGUARD_SECURED}) 4975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public @interface SECURITY_LOG_TAG {} 5075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 5175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 5275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Indicate that an ADB interactive shell was opened via "adb shell". 5375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * There is no extra payload in the log event. 5475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 5575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static final int TAG_ADB_SHELL_INTERACTIVE = 5675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu SecurityLogTags.SECURITY_ADB_SHELL_INTERACTIVE; 5775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 5875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Indicate that an shell command was issued over ADB via "adb shell command" 5975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * The log entry contains a string data of the shell command, accessible via 6075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * {@link SecurityEvent#getData()} 6175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 6275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static final int TAG_ADB_SHELL_CMD = SecurityLogTags.SECURITY_ADB_SHELL_COMMAND; 6375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 6475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Indicate that a file was pulled from the device via the adb daemon, for example via 6575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * "adb pull". The log entry contains a string data of the path of the pulled file, 6675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * accessible via {@link SecurityEvent#getData()} 6775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 6875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static final int TAG_SYNC_RECV_FILE = SecurityLogTags.SECURITY_ADB_SYNC_RECV; 6975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 7075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Indicate that a file was pushed to the device via the adb daemon, for example via 7175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * "adb push". The log entry contains a string data of the destination path of the 7275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * pushed file, accessible via {@link SecurityEvent#getData()} 7375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 7475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static final int TAG_SYNC_SEND_FILE = SecurityLogTags.SECURITY_ADB_SYNC_SEND; 7575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 7675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Indicate that an app process was started. The log entry contains the following 77232990d0ccb42ea4d5605f10a77f1718e4a51d07Rubin Xu * information about the process encapsulated in an {@link Object} array, accessible via 78232990d0ccb42ea4d5605f10a77f1718e4a51d07Rubin Xu * {@link SecurityEvent#getData()}: 7975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * process name (String), exact start time (long), app Uid (integer), app Pid (integer), 80e0e1009820f114d1f179c8d167d679788087be46Michal Karpinski * seinfo tag (String), SHA-256 hash of the base APK in hexadecimal (String) 8175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 8275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static final int TAG_APP_PROCESS_START = SecurityLogTags.SECURITY_APP_PROCESS_START; 8375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 8431502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski * Indicate that keyguard is being dismissed. 8531502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski * There is no extra payload in the log event. 8675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 8731502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski public static final int TAG_KEYGUARD_DISMISSED = 8831502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski SecurityLogTags.SECURITY_KEYGUARD_DISMISSED; 8931502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski /** 9031502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski * Indicate that there has been an authentication attempt to dismiss the keyguard. The log entry 91232990d0ccb42ea4d5605f10a77f1718e4a51d07Rubin Xu * contains the following information about the attempt encapsulated in an {@link Object} array, 92232990d0ccb42ea4d5605f10a77f1718e4a51d07Rubin Xu * accessible via {@link SecurityEvent#getData()}: 93232990d0ccb42ea4d5605f10a77f1718e4a51d07Rubin Xu * attempt result (integer, 1 for successful, 0 for unsuccessful), strength of auth method 94232990d0ccb42ea4d5605f10a77f1718e4a51d07Rubin Xu * (integer, 1 if strong auth method was used, 0 otherwise) 9531502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski */ 9631502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski public static final int TAG_KEYGUARD_DISMISS_AUTH_ATTEMPT = 9731502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski SecurityLogTags.SECURITY_KEYGUARD_DISMISS_AUTH_ATTEMPT; 9875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 9975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Indicate that the device has been locked, either by user or by timeout. 10031502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski * There is no extra payload in the log event. 10175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 10231502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski public static final int TAG_KEYGUARD_SECURED = SecurityLogTags.SECURITY_KEYGUARD_SECURED; 10375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 10475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 1056235a94ffaed1d82cee2317481c18776f601da1bMichal Karpinski * Returns if security logging is enabled. Log producers should only write new logs if this is 10675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * true. Under the hood this is the logical AND of whether device owner exists and whether 10775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * it enables logging by setting the system property {@link #PROPERTY_LOGGING_ENABLED}. 10875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * @hide 10975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 11075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static native boolean isLoggingEnabled(); 11175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 11275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 11375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * @hide 11475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 11575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static void setLoggingEnabledProperty(boolean enabled) { 11675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu SystemProperties.set(PROPERTY_LOGGING_ENABLED, enabled ? "true" : "false"); 11775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 11875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 11975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 12075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * @hide 12175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 12275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static boolean getLoggingEnabledProperty() { 12375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu return SystemProperties.getBoolean(PROPERTY_LOGGING_ENABLED, false); 12475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 12575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 12675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 12775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * A class representing a security event log entry. 12875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 12950d1c044b5ce4b6fef532dc6e083cef903f554b2Jeff Sharkey public static final class SecurityEvent implements Parcelable { 13075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu private Event mEvent; 13175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 13275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** @hide */ 13375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /*package*/ SecurityEvent(byte[] data) { 13475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu mEvent = Event.fromBytes(data); 13575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 13675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 13775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 13875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Returns the timestamp in nano seconds when this event was logged. 13975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 14075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public long getTimeNanos() { 14175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu return mEvent.getTimeNanos(); 14275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 14375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 14475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 14575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Returns the tag of this log entry, which specifies entry's semantics. 14675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Could be one of {@link SecurityLog#TAG_SYNC_RECV_FILE}, 14775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * {@link SecurityLog#TAG_SYNC_SEND_FILE}, {@link SecurityLog#TAG_ADB_SHELL_CMD}, 14831502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski * {@link SecurityLog#TAG_ADB_SHELL_INTERACTIVE}, {@link SecurityLog#TAG_APP_PROCESS_START}, 14931502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski * {@link SecurityLog#TAG_KEYGUARD_DISMISSED}, {@link SecurityLog#TAG_KEYGUARD_SECURED}, 15031502d3d95610930b56bb7931dbd57a997f9ce8fMichal Karpinski * {@link SecurityLog#TAG_KEYGUARD_DISMISS_AUTH_ATTEMPT}. 15175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 15275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public @SECURITY_LOG_TAG int getTag() { 15375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu return mEvent.getTag(); 15475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 15575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 15675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 157739cda8f31e7002724412447140e0b8ae4085c36Pavel Grafov * Returns the payload contained in this log entry or {@code null} if there is no payload. 15875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 15975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public Object getData() { 16075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu return mEvent.getData(); 16175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 16275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 16375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu @Override 16475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public int describeContents() { 16575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu return 0; 16675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 16775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 16875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu @Override 16975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public void writeToParcel(Parcel dest, int flags) { 17075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu dest.writeByteArray(mEvent.getBytes()); 17175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 17275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 17375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static final Parcelable.Creator<SecurityEvent> CREATOR = 17475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu new Parcelable.Creator<SecurityEvent>() { 17575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu @Override 17675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public SecurityEvent createFromParcel(Parcel source) { 17775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu return new SecurityEvent(source.createByteArray()); 17875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 17975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 18075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu @Override 18175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public SecurityEvent[] newArray(int size) { 18275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu return new SecurityEvent[size]; 18375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 18475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu }; 1854ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov 1864ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov /** 1874ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov * @hide 1884ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov */ 1894ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov @Override 1904ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov public boolean equals(Object o) { 1914ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov if (this == o) return true; 1924ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov if (o == null || getClass() != o.getClass()) return false; 1934ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov SecurityEvent other = (SecurityEvent) o; 1944ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov return mEvent.equals(other.mEvent); 1954ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov } 1964ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov 1974ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov /** 1984ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov * @hide 1994ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov */ 2004ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov @Override 2014ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov public int hashCode() { 2024ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov return mEvent.hashCode(); 2034ce59d45a779cea662dbd56e61a98ba2a966b09bPavel Grafov } 20475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu } 20575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 20675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Retrieve all security logs and return immediately. 20775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * @hide 20875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 20975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static native void readEvents(Collection<SecurityEvent> output) throws IOException; 21075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 21175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 21275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Retrieve all security logs since the given timestamp in nanoseconds and return immediately. 21375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * @hide 21475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 21575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static native void readEventsSince(long timestamp, Collection<SecurityEvent> output) 21675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu throws IOException; 21775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 21875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 21975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Retrieve all security logs before the last reboot. May return corrupted data due to 22075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * unreliable pstore. 22175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * @hide 22275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 22375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static native void readPreviousEvents(Collection<SecurityEvent> output) 22475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu throws IOException; 22575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 22675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 22775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Retrieve all security logs whose timestamp (in nanosceonds) is equal to or greater than the 22875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * given timestamp. This method will block until either the last log earlier than the given 22975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * timestamp is about to be pruned, or after a 2-hour timeout has passed. 23075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * @hide 23175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 23275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static native void readEventsOnWrapping(long timestamp, Collection<SecurityEvent> output) 23375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu throws IOException; 23475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 23575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 23675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Write a log entry to the underlying storage, with a string payload. 23775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * @hide 23875431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 23975431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static native int writeEvent(int tag, String str); 24075431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu 24175431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu /** 24275431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Write a log entry to the underlying storage, with several payloads. 24375431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * Supported types of payload are: integer, long, float, string plus array of supported types. 24475431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu * @hide 24575431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu */ 24675431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu public static native int writeEvent(int tag, Object... payloads); 24775431fbe361e16cfdc43c16cc65b86b8dab39e82Rubin Xu} 248