Keystore 2.0: Add keystore2 to llkd ignore list. Due to Keystore's handling of sensitive information we cannot allow any other process ptrace privileges over Keystore. To silence SELinux denials llkd must ignore the keystore process. This CL adds keystore2 to the ignore list because it replaces keystore. In a followup the keystore entry will be removed. Bug: 170144267 Test: N/A Change-Id: I28eafc1f4341cdd371ad78d3a7a9ba8ac128c1b1

commit: 028437445eb21850fd35d6afc5aee31206b93d8f [log] [tgz]
author: Janis Danisevskis <jdanis@google.com> Mon Mar 15 09:17:58 2021 -0700
committer: Janis Danisevskis <jdanis@google.com> Mon Mar 15 16:37:55 2021 -0700
tree: 93ace85e53962ef2268930ed6716580d9e0d2e34
parent: f85f3d628e23b5c45f0648b1541e2a3bbb52206e [diff] [blame]
diff --git a/llkd/libllkd.cpp b/llkd/libllkd.cpp
index 9f3e218..b3101f4 100644
--- a/llkd/libllkd.cpp
+++ b/llkd/libllkd.cpp

@@ -115,8 +115,8 @@
 // list of uids, and uid names, to skip, default nothing
 std::unordered_set<std::string> llkIgnorelistUid;
 #ifdef __PTRACE_ENABLED__
-// list of names to skip stack checking. "init", "lmkd", "llkd", "keystore" or
-// "logd" (if not userdebug).
+// list of names to skip stack checking. "init", "lmkd", "llkd", "keystore",
+// "keystore2", or "logd" (if not userdebug).
 std::unordered_set<std::string> llkIgnorelistStack;
 #endif
commit	028437445eb21850fd35d6afc5aee31206b93d8f	[log] [tgz]
author	Janis Danisevskis <jdanis@google.com>	Mon Mar 15 09:17:58 2021 -0700
committer	Janis Danisevskis <jdanis@google.com>	Mon Mar 15 16:37:55 2021 -0700
tree	93ace85e53962ef2268930ed6716580d9e0d2e34
parent	f85f3d628e23b5c45f0648b1541e2a3bbb52206e [diff] [blame]