| # llkd Live LocK Daemon |
| typeattribute llkd coredomain; |
| |
| init_daemon_domain(llkd) |
| |
| get_prop(llkd, llkd_prop) |
| |
| allow llkd self:global_capability_class_set kill; |
| userdebug_or_eng(` |
| allow llkd self:global_capability_class_set sys_ptrace; |
| allow llkd self:global_capability_class_set { dac_override dac_read_search }; |
| ') |
| |
| # llkd optionally locks itself in memory, to prevent it from being |
| # swapped out and unable to discover a kernel in live-lock state. |
| allow llkd self:global_capability_class_set ipc_lock; |
| |
| # Send kill signals to _anyone_ suffering from Live Lock |
| allow llkd domain:process sigkill; |
| |
| # read stack to check for Live Lock |
| userdebug_or_eng(` |
| allow llkd { |
| domain |
| -kernel |
| -keystore |
| -init |
| -llkd |
| -ueventd |
| -vendor_init |
| }:process ptrace; |
| ') |
| |
| # live lock watchdog process allowed to look through /proc/ |
| allow llkd domain:dir r_dir_perms; |
| allow llkd domain:file r_file_perms; |
| allow llkd domain:lnk_file read; |
| # Set /proc/sys/kernel/hung_task_* |
| allow llkd proc_hung_task:file rw_file_perms; |
| |
| # live lock watchdog process allowed to dump process trace and |
| # reboot because orderly shutdown may not be possible. |
| allow llkd proc_sysrq:file w_file_perms; |
| allow llkd kmsg_device:chr_file w_file_perms; |
| |
| ### neverallow rules |
| |
| neverallow { domain -init } llkd:process { dyntransition transition }; |
| neverallow { domain userdebug_or_eng(`-crash_dump') } llkd:process ptrace; |
| |
| # never honor LD_PRELOAD |
| neverallow * llkd:process noatsecure; |