Skip to content
Snippets Groups Projects
Commit d583e596 authored by Mark Salyzyn's avatar Mark Salyzyn
Browse files

lmkd: add live-lock killer daemon 

llkd needs the ability to forcibly crash the kernel if
cause is unlikely to result in an orderly shutdown. It
also needs to scan /proc/<pid> for additional process
information.

Test: lmkd_unit_test --gtest_filter=llkd.*
Bug: 33808187
Change-Id: I7f158a13814e79d5ec71fe90dbc7461abb521945
parent 4c19b3d1
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 8 additions and 0 deletions
public/lmkd.te
+ 8
0
View file @ d583e596
...@@ -35,6 +35,14 @@ allow lmkd self:global_capability_class_set sys_nice; ...@@ -35,6 +35,14 @@ allow lmkd self:global_capability_class_set sys_nice;
allow lmkd proc_zoneinfo:file r_file_perms; allow lmkd proc_zoneinfo:file r_file_perms;
# live lock watchdog process allowed to look through /proc/
allow lmkd domain:dir { search open read };
allow lmkd domain:file { open read };
# live lock watchdog process allowed to dump process trace and
# reboot because orderly shutdown may not be possible.
allow lmkd proc_sysrq:file rw_file_perms;
### neverallow rules ### neverallow rules
# never honor LD_PRELOAD # never honor LD_PRELOAD
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment