| Tri Vo | bc8dc3a | 2019-05-26 13:17:08 -0700 | [diff] [blame^] | 1 | # lmkd low memory killer daemon |
| 2 | type lmkd, domain, mlstrustedsubject; |
| 3 | type lmkd_exec, system_file_type, exec_type, file_type; |
| 4 | |
| 5 | allow lmkd self:global_capability_class_set { dac_override dac_read_search sys_resource kill }; |
| 6 | |
| 7 | # lmkd locks itself in memory, to prevent it from being |
| 8 | # swapped out and unable to kill other memory hogs. |
| 9 | # system/core commit b28ff9131363f7b4a698990da5748b2a88c3ed35 |
| 10 | # b/16236289 |
| 11 | allow lmkd self:global_capability_class_set ipc_lock; |
| 12 | |
| 13 | ## Open and write to /proc/PID/oom_score_adj |
| 14 | ## TODO: maybe scope this down? |
| 15 | r_dir_file(lmkd, appdomain) |
| 16 | allow lmkd appdomain:file write; |
| 17 | r_dir_file(lmkd, system_server) |
| 18 | allow lmkd system_server:file write; |
| 19 | |
| 20 | ## Writes to /sys/module/lowmemorykiller/parameters/minfree |
| 21 | r_dir_file(lmkd, sysfs_lowmemorykiller) |
| 22 | allow lmkd sysfs_lowmemorykiller:file w_file_perms; |
| 23 | |
| 24 | # setsched and send kill signals |
| 25 | allow lmkd appdomain:process { setsched sigkill }; |
| 26 | # TODO: delete this line b/131761776 |
| 27 | allow lmkd kernel:process { setsched }; |
| 28 | |
| 29 | # Clean up old cgroups |
| 30 | allow lmkd cgroup:dir { remove_name rmdir }; |
| 31 | |
| 32 | # Allow to read memcg stats |
| 33 | allow lmkd cgroup:file r_file_perms; |
| 34 | |
| 35 | # Set self to SCHED_FIFO |
| 36 | allow lmkd self:global_capability_class_set sys_nice; |
| 37 | |
| 38 | allow lmkd proc_zoneinfo:file r_file_perms; |
| 39 | |
| 40 | # Set sys.lmk.* properties. |
| 41 | set_prop(lmkd, system_lmk_prop) |
| 42 | |
| 43 | # live lock watchdog process allowed to look through /proc/ |
| 44 | allow lmkd domain:dir { search open read }; |
| 45 | allow lmkd domain:file { open read }; |
| 46 | |
| 47 | # live lock watchdog process allowed to dump process trace and |
| 48 | # reboot because orderly shutdown may not be possible. |
| 49 | allow lmkd proc_sysrq:file rw_file_perms; |
| 50 | |
| 51 | # Read /proc/lowmemorykiller |
| 52 | |
| 53 | # Read /proc/meminfo |
| 54 | allow lmkd proc_meminfo:file r_file_perms; |
| 55 | |
| 56 | # Read /proc/pressure/cpu and /proc/pressure/io |
| 57 | allow lmkd proc_pressure_cpu:file r_file_perms; |
| 58 | allow lmkd proc_pressure_io:file r_file_perms; |
| 59 | |
| 60 | # Read/Write /proc/pressure/memory |
| 61 | allow lmkd proc_pressure_mem:file rw_file_perms; |
| 62 | |
| 63 | # Allow lmkd to write to statsd. |
| 64 | unix_socket_send(lmkd, statsdw, statsd) |
| 65 | |
| 66 | ### neverallow rules |
| 67 | |
| 68 | # never honor LD_PRELOAD |
| 69 | neverallow * lmkd:process noatsecure; |