allow system_server to set kernel scheduling priority
Addresses the following denial: avc: denied { setsched } for comm="system_server" scontext=u:r:system_server:s0 tcontext=u:r:kernel:s0 tclass=process permissive=0 It's not clear why system_server is adjusting the scheduling priority of kernel processes (ps -Z | grep kernel). For now, allow the operation, although this is likely a kernel bug. Maybe fix bug 18085992. Bug: 18085992 Change-Id: Ic10a4da63a2c392d90084eb1106bc5b42f95b855
This commit is contained in:
parent
683ac49d9d
commit
2d1650f407
@ -76,6 +76,10 @@ allow system_server self:netlink_route_socket nlmsg_write;
|
||||
# Kill apps.
|
||||
allow system_server appdomain:process { sigkill signal };
|
||||
|
||||
# This line seems suspect, as it should not really need to
|
||||
# set scheduling parameters for a kernel domain task.
|
||||
allow system_server kernel:process setsched;
|
||||
|
||||
# Set scheduling info for apps.
|
||||
allow system_server appdomain:process { getsched setsched };
|
||||
allow system_server mediaserver:process { getsched setsched };
|
||||
|
Loading…
Reference in New Issue
Block a user