llkd: add live-lock daemon
Introduce a standalone live-lock daemon (llkd), to catch kernel
or native user space deadlocks and take mitigating actions.
Test: llkd_unit_test
Bug: 33808187
Bug: 72838192
Change-Id: If869ecd06e5ce7b04bba1dafd0a77971b71aa517
diff --git a/private/llkd.te b/private/llkd.te
new file mode 100644
index 0000000..54c6d04
--- /dev/null
+++ b/private/llkd.te
@@ -0,0 +1,32 @@
+# llkd Live LocK Daemon
+typeattribute llkd coredomain;
+
+init_daemon_domain(llkd)
+
+allow llkd self:global_capability_class_set kill;
+
+# llkd optionally locks itself in memory, to prevent it from being
+# swapped out and unable to discover a kernel in live-lock state.
+allow llkd self:global_capability_class_set ipc_lock;
+
+# Send kill signals to _anyone_ suffering from Live Lock
+allow llkd domain:process sigkill;
+
+# live lock watchdog process allowed to look through /proc/
+allow llkd domain:dir r_dir_perms;
+allow llkd domain:file r_file_perms;
+allow llkd domain:lnk_file read;
+# Set /proc/sys/kernel/hung_task_*
+allow llkd proc_hung_task:file rw_file_perms;
+
+# live lock watchdog process allowed to dump process trace and
+# reboot because orderly shutdown may not be possible.
+allow llkd proc_sysrq:file w_file_perms;
+allow llkd kmsg_device:chr_file w_file_perms;
+
+### neverallow rules
+
+neverallow { domain -init } llkd:process { dyntransition transition };
+
+# never honor LD_PRELOAD
+neverallow * llkd:process noatsecure;