PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Give lmkd kill capability

Browse Source 
lmkd needs the capability to kill processes.

Addresses the following denial:

<5>[12619.064604] type=1400 audit(1393540506.745:2565): avc:  denied  { kill } for  pid=116 comm="lmkd" capability=5  scontext=u:r:lmkd:s0 tcontext=u:r:lmkd:s0 tclass=capability

Addresses the following errors:

02-27 13:13:50.995   116   116 I lowmemorykiller: Killing 'com.google.android.deskclock' (7133), adj 15
02-27 13:13:50.995   116   116 I lowmemorykiller:    to free 33836kB because cache 118512kB is below limit 122880kB for oom_adj 15
02-27 13:13:50.995   116   116 I lowmemorykiller:    Free memory is -28472kB below reserved
02-27 13:13:50.995   116   116 E lowmemorykiller: kill(7133): errno=1

Change-Id: I7cca238610307aba9d77aa2e52a32ebd6aec3f3c
This commit is contained in:
Nick Kralevich 2014-02-27 15:38:45 -08:00
parent 0296b9434f
commit 24be391681
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lmkd.te
View File

@ -4,7 +4,7 @@ type lmkd_exec, exec_type, file_type;
init_daemon_domain(lmkd)
allow lmkd self:capability { dac_override sys_resource };
allow lmkd self:capability { dac_override sys_resource kill };
## Open and write to /proc/PID/oom_score_adj
## TODO: maybe scope this down?