commit 2b392fccf35c790bdc55bdce51a196f4953644ce
author Nick Kralevich <nnk@google.com> Thu Dec 05 16:55:34 2013 -0800
committer Nick Kralevich <nnk@google.com> Fri Dec 06 08:16:39 2013 -0800
tree 57bdde76612b3865d239754076b0e5e25b5c01fa
parent 7adb999e701ee96356c506ffa93fce190791e8b7

Move lmkd into it's own domain.

lmkd low memory killer daemon

The kernel low memory killer logic has been moved to a new daemon
called lmkd.  ActivityManager communicates with this daemon over a
named socket.

This is just a placeholder policy, starting off in unconfined_domain.

Change-Id: Ia3f9a18432c2ae37d4f5526850e11432fd633e10

file.te

diff --git a/file.te b/file.te
index 39d139c..ed56ec9 100644
--- a/file.te
+++ b/file.te
@@ -101,6 +101,7 @@
 type gps_socket, file_type;
 type installd_socket, file_type;
 type keystore_socket, file_type;
+type lmkd_socket, file_type;
 type mdns_socket, file_type;
 type netd_socket, file_type;
 type property_socket, file_type;

file_contexts

diff --git a/file_contexts b/file_contexts
index 2907183..5c25545 100644
--- a/file_contexts
+++ b/file_contexts
@@ -80,6 +80,7 @@
 /dev/socket/gps		u:object_r:gps_socket:s0
 /dev/socket/installd	u:object_r:installd_socket:s0
 /dev/socket/keystore	u:object_r:keystore_socket:s0
+/dev/socket/lmkd        u:object_r:lmkd_socket:s0
 /dev/socket/mdns	u:object_r:mdns_socket:s0
 /dev/socket/netd	u:object_r:netd_socket:s0
 /dev/socket/property_service	u:object_r:property_socket:s0
@@ -142,6 +143,7 @@
 /system/bin/dnsmasq     u:object_r:dnsmasq_exec:s0
 /system/bin/hostapd     u:object_r:hostapd_exec:s0
 /system/bin/clatd	u:object_r:clatd_exec:s0
+/system/bin/lmkd        u:object_r:lmkd_exec:s0
 #############################
 # Vendor files
 #

lmkd.te

diff --git a/lmkd.te b/lmkd.te
new file mode 100644
index 0000000..9af658f
--- /dev/null
+++ b/lmkd.te
@@ -0,0 +1,7 @@
+# lmkd low memory killer daemon
+type lmkd, domain;
+type lmkd_exec, exec_type, file_type;
+
+init_daemon_domain(lmkd)
+
+unconfined_domain(lmkd);

system_server.te

diff --git a/system_server.te b/system_server.te
index 25ce2a4..f603ea3 100644
--- a/system_server.te
+++ b/system_server.te
@@ -73,6 +73,7 @@
 unix_socket_connect(system_server, property, init)
 unix_socket_connect(system_server, qemud, qemud)
 unix_socket_connect(system_server, installd, installd)
+unix_socket_connect(system_server, lmkd, lmkd)
 unix_socket_connect(system_server, netd, netd)
 unix_socket_connect(system_server, vold, vold)
 unix_socket_connect(system_server, zygote, zygote)