Improve log message for locksettings shell commands

Instead of the cryptic message "Caller pid %d Caller uid %d" at ERROR level, use the clearer message "Executing shell command '%s'; callingPid=%d, callingUid=%d" at INFO level. Intentionally log only the command name, not the other arguments. This is motivated by trying to debug b/262185378. Test: ran some shell commands and checked logcat Bug: 262185378 Change-Id: Ibd0e2763deaedf0c12823aa890398a35e4c46d8d
author: Eric Biggers <ebiggers@google.com> 2022-12-16 23:58:47 +0000
committer: Eric Biggers <ebiggers@google.com> 2022-12-17 01:01:48 +0000
commit: d7e819f9eadd27cfaf151ba088fc3e8f9d1a8216 (patch)
tree: 07df6a5076bdb5350165b4716af78a635e1666ba
parent: 13101fe9d27c41856fe09acb2831c88ebd729756 (diff)
1 files changed, 9 insertions, 5 deletions
diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
index 5f39a523b3ac..e2b1ae1f9e8c 100644
--- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
+++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java
@@ -2424,16 +2424,20 @@ public class LockSettingsService extends ILockSettings.Stub {
     public void onShellCommand(FileDescriptor in, FileDescriptor out, FileDescriptor err,
             String[] args, ShellCallback callback, ResultReceiver resultReceiver) {
         enforceShell();
-        final int origPid = Binder.getCallingPid();
-        final int origUid = Binder.getCallingUid();
+        final int callingPid = Binder.getCallingPid();
+        final int callingUid = Binder.getCallingUid();
+
+        // Don't log arguments other than the first one (the command name), since they might contain
+        // secrets that must not be written to the log.
+        Slogf.i(TAG, "Executing shell command '%s'; callingPid=%d, callingUid=%d",
+                ArrayUtils.isEmpty(args) ? "" : args[0], callingPid, callingUid);
 
-        Slog.e(TAG, "Caller pid " + origPid + " Caller uid " + origUid);
         // The original identity is an opaque integer.
         final long origId = Binder.clearCallingIdentity();
         try {
             final LockSettingsShellCommand command =
-                    new LockSettingsShellCommand(new LockPatternUtils(mContext), mContext, origPid,
-                            origUid);
+                    new LockSettingsShellCommand(new LockPatternUtils(mContext), mContext,
+                            callingPid, callingUid);
             command.exec(this, in, out, err, args, callback, resultReceiver);
         } finally {
             Binder.restoreCallingIdentity(origId);
author	Eric Biggers <ebiggers@google.com>	2022-12-16 23:58:47 +0000
committer	Eric Biggers <ebiggers@google.com>	2022-12-17 01:01:48 +0000
commit	d7e819f9eadd27cfaf151ba088fc3e8f9d1a8216 (patch)
tree	07df6a5076bdb5350165b4716af78a635e1666ba
parent	13101fe9d27c41856fe09acb2831c88ebd729756 (diff)