| Alex Klyubin | f5446eb | 2017-03-23 14:27:32 -0700 | [diff] [blame] | 1 | typeattribute lmkd coredomain; |
| Steven Moreland | 6598175 | 2022-02-10 00:32:44 +0000 | [diff] [blame] | 2 | typeattribute lmkd bpfdomain; |
| Alex Klyubin | f5446eb | 2017-03-23 14:27:32 -0700 | [diff] [blame] | 3 | |
| dcashman | cc39f63 | 2016-07-22 13:13:11 -0700 | [diff] [blame] | 4 | init_daemon_domain(lmkd) |
| Inseob Kim | 55e5c9b | 2020-03-04 17:20:35 +0900 | [diff] [blame] | 5 | |
| 6 | # Set sys.lmk.* properties. |
| 7 | set_prop(lmkd, system_lmk_prop) |
| Suren Baghdasaryan | b221e66 | 2020-05-05 12:41:02 -0700 | [diff] [blame] | 8 | |
| 9 | # Set lmkd.* properties. |
| 10 | set_prop(lmkd, lmkd_prop) |
| 11 | |
| Suren Baghdasaryan | 592e06c | 2021-08-04 12:31:43 -0700 | [diff] [blame] | 12 | # Get persist.device_config.lmk_native.* properties. |
| 13 | get_prop(lmkd, device_config_lmkd_native_prop) |
| 14 | |
| Carlos Galo | ea1bd5d | 2024-03-12 20:04:41 +0000 | [diff] [blame] | 15 | # Needed for reading tracepoint ids in order to attach bpf programs. |
| 16 | allow lmkd debugfs_tracing:file r_file_perms; |
| 17 | allow lmkd self:perf_event { cpu kernel open write }; |
| 18 | |
| Suren Baghdasaryan | ea2941b | 2021-05-27 18:22:41 -0700 | [diff] [blame] | 19 | allow lmkd fs_bpf:file read; |
| Carlos Galo | ea1bd5d | 2024-03-12 20:04:41 +0000 | [diff] [blame] | 20 | allow lmkd bpfloader:bpf { map_read map_write prog_run }; |
| 21 | |
| Carlos Galo | 63880c5 | 2024-09-04 16:14:54 +0000 | [diff] [blame^] | 22 | # Needed to interact with memevents-eBPF and receive notifications for memory events |
| 23 | allow lmkd fs_bpf_memevents:file { read write }; |
| 24 | allow lmkd fs_bpf_memevents:dir search; |
| Suren Baghdasaryan | ea2941b | 2021-05-27 18:22:41 -0700 | [diff] [blame] | 25 | |
| Inseob Kim | 75806ef | 2024-03-27 17:18:41 +0900 | [diff] [blame] | 26 | allow lmkd self:global_capability_class_set { dac_override dac_read_search sys_resource kill }; |
| 27 | |
| 28 | # lmkd locks itself in memory, to prevent it from being |
| 29 | # swapped out and unable to kill other memory hogs. |
| 30 | # system/core commit b28ff9131363f7b4a698990da5748b2a88c3ed35 |
| 31 | # b/16236289 |
| 32 | allow lmkd self:global_capability_class_set ipc_lock; |
| 33 | |
| 34 | ## Open and write to /proc/PID/oom_score_adj and /proc/PID/timerslack_ns |
| 35 | ## TODO: maybe scope this down? |
| 36 | r_dir_file(lmkd, domain) |
| 37 | allow lmkd domain:file write; |
| 38 | |
| 39 | ## Writes to /sys/module/lowmemorykiller/parameters/minfree |
| 40 | r_dir_file(lmkd, sysfs_lowmemorykiller) |
| 41 | allow lmkd sysfs_lowmemorykiller:file w_file_perms; |
| 42 | |
| 43 | # setsched and send kill signals to any registered process |
| 44 | allow lmkd domain:process { setsched sigkill }; |
| 45 | # TODO: delete this line b/131761776 |
| 46 | allow lmkd kernel:process { setsched }; |
| 47 | |
| 48 | # Clean up old cgroups |
| 49 | allow lmkd cgroup:dir { remove_name rmdir }; |
| 50 | allow lmkd cgroup_v2:dir { remove_name rmdir }; |
| 51 | |
| 52 | # Allow to read memcg stats |
| 53 | allow lmkd cgroup:file r_file_perms; |
| 54 | allow lmkd cgroup_v2:file r_file_perms; |
| 55 | |
| 56 | # Set self to SCHED_FIFO |
| 57 | allow lmkd self:global_capability_class_set sys_nice; |
| 58 | |
| 59 | allow lmkd proc_zoneinfo:file r_file_perms; |
| 60 | allow lmkd proc_vmstat:file r_file_perms; |
| 61 | |
| 62 | # live lock watchdog process allowed to look through /proc/ |
| 63 | allow lmkd domain:dir { search open read }; |
| 64 | allow lmkd domain:file { open read }; |
| 65 | |
| 66 | # live lock watchdog process allowed to dump process trace and |
| 67 | # reboot because orderly shutdown may not be possible. |
| 68 | allow lmkd proc_sysrq:file rw_file_perms; |
| 69 | |
| 70 | # Read /proc/lowmemorykiller |
| 71 | allow lmkd proc_lowmemorykiller:file r_file_perms; |
| 72 | |
| 73 | # Read /proc/meminfo |
| 74 | allow lmkd proc_meminfo:file r_file_perms; |
| 75 | |
| 76 | # Read /proc/pressure/cpu and /proc/pressure/io |
| 77 | allow lmkd proc_pressure_cpu:file r_file_perms; |
| 78 | allow lmkd proc_pressure_io:file r_file_perms; |
| 79 | |
| 80 | # Read/Write /proc/pressure/memory |
| 81 | allow lmkd proc_pressure_mem:file rw_file_perms; |
| 82 | |
| 83 | # Allow lmkd to connect during reinit. |
| 84 | allow lmkd lmkd_socket:sock_file write; |
| 85 | |
| 86 | # Allow lmkd to write to statsd. |
| 87 | unix_socket_send(lmkd, statsdw, statsd) |
| 88 | |
| Carlos Galo | 0a274a4 | 2024-04-11 22:37:39 +0000 | [diff] [blame] | 89 | # Allow lmkd to create io_uring |
| 90 | allow lmkd self:anon_inode { create map read write }; |
| 91 | |
| Inseob Kim | 75806ef | 2024-03-27 17:18:41 +0900 | [diff] [blame] | 92 | ### neverallow rules |
| 93 | |
| 94 | # never honor LD_PRELOAD |
| 95 | neverallow * lmkd:process noatsecure; |
| 96 | neverallow lmkd self:global_capability_class_set sys_ptrace; |
| Inseob Kim | 85acf6e | 2021-03-10 10:42:23 +0900 | [diff] [blame] | 97 | neverallow { domain -init -lmkd -vendor_init } lmkd_prop:property_service set; |
| Carlos Galo | ea1bd5d | 2024-03-12 20:04:41 +0000 | [diff] [blame] | 98 | neverallow lmkd self:perf_event ~{ cpu kernel open write }; |