llkd: requires sys_admin permissions As a result of commit f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7 ("proc: restrict kernel stack dumps to root") the userdebug feature where llkd can monitor for live lock signatures in the stack traces broke. So now userdebug variant of llkd requires sys_admin permissions. Signed-off-by: Mark Salyzyn <salyzyn@google.com> Test: llkd_unit_test Bug: 147486902 Change-Id: I31572afa08daa490a69783855bce55313eaed96c

commit: 37daf9f48ed6456d613e7326e9ac5407d29e2107 [log] [tgz]
author: Mark Salyzyn <salyzyn@google.com> Fri Jan 10 14:23:38 2020 -0800
committer: Mark Salyzyn <salyzyn@google.com> Wed Jan 15 08:08:59 2020 -0800
tree: b280df1e22a16db72a1b172499110b8ee5e1be16
parent: edc513c8c17dbd411a5439d398015ae7fdf2cb14 [diff]
diff --git a/private/llkd.te b/private/llkd.te
index 385f930..f218dec 100644
--- a/private/llkd.te
+++ b/private/llkd.te

@@ -7,7 +7,7 @@
 
 allow llkd self:global_capability_class_set kill;
 userdebug_or_eng(`
-  allow llkd self:global_capability_class_set sys_ptrace;
+  allow llkd self:global_capability_class_set { sys_ptrace sys_admin };
   allow llkd self:global_capability_class_set { dac_override dac_read_search };
 ')
commit	37daf9f48ed6456d613e7326e9ac5407d29e2107	[log] [tgz]
author	Mark Salyzyn <salyzyn@google.com>	Fri Jan 10 14:23:38 2020 -0800
committer	Mark Salyzyn <salyzyn@google.com>	Wed Jan 15 08:08:59 2020 -0800
tree	b280df1e22a16db72a1b172499110b8ee5e1be16
parent	edc513c8c17dbd411a5439d398015ae7fdf2cb14 [diff]