GrapheneOS adds a user-facing log viewer to the Settings app for Android's + standard in-memory logging system. The feature acts as a substitute for + automated crash reporting which is not implemented by GrapheneOS for privacy + reasons. Instead, users are in control of what's captured and shared Our log + viewer supports filtering the output based on log level, log buffers and text + search. Users can copy, share or save the currently shown logs to a file. A + description can be added to document why the logs were captured.
+ +Overall system logs can be accessed at Settings > + System > View logs. Per-app logs can + be accessed at Settings > + Apps > App name > View logs.
+ +We implement user-facing crash reporting tied to our log viewer for OS and + app crashes, greatly improving upon the very limited user-facing crash reporting + available in Android. This helps users report crashes to the OS or app + developers without requiring invasive automated crash reporting where users + don't control the data that's sent to developers.
+ +Our user-facing crash reporting has special support for memory corruption + caught by hardened_malloc and hardware memory tagging informing users that + memory corruption was detected. Users choose how to proceed and whether it makes + sense to enable our compatibility toggles for the app if they don't believe it + was an exploit but rather an app bug they need to work around. It's a careful + balance between not encouraging users to disable security features protecting + user installed apps from exploits and making it easy to work around app bugs. We + don't allow disabling these exploit protection features for the base OS + including base OS apps, but too many user installed apps have latent memory + corruption bugs and we need to provide the option to work around them.
+ +Users can enable more system crash reporting via Settings > + Security & privacy > + More security & privacy > + Notify about system process crashes. We don't enable reporting all kernel or + system process crashes by default since we can't manage triaging and + investigating every single Android OS bug causing a crash. We're focused on the + memory corruption crashes caught by hardware memory tagging so those are always + reported. Fixing every Android bug ourselves is not something we can hope to + accomplish so we focus our resources on the ones found by our improvements which + also have a higher chance of being security bugs.
+