llkd: add live-lock daemon

Introduce a standalone live-lock daemon (llkd), to catch kernel or native user space deadlocks and take mitigating actions. Test: llkd_unit_test Bug: 33808187 Bug: 72838192 Change-Id: If869ecd06e5ce7b04bba1dafd0a77971b71aa517

llkd: add live-lock daemon
Introduce a standalone live-lock daemon (llkd), to catch kernel or native user space deadlocks and take mitigating actions. Test: llkd_unit_test Bug: 33808187 Bug: 72838192 Change-Id: If869ecd06e5ce7b04bba1dafd0a77971b71aa517
e4b3e0b6 · Mark Salyzyn · 11bfc05c · e4b3e0b6 · e4b3e0b6 · e4b3e0b6
Commit e4b3e0b6 authored 7 years ago by Mark Salyzyn
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -62,6 +62,9 @@
    incident_helper
    incident_helper_exec
    kmsg_debug_device
+    llkd
+    llkd_exec
+    llkd_tmpfs
    last_boot_reason_prop
    mediaprovider_tmpfs
    netd_stable_secret_prop

--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -54,6 +54,9 @@
    incident_helper
    incident_helper_exec
    last_boot_reason_prop
+    llkd
+    llkd_exec
+    llkd_tmpfs
    lowpan_device
    lowpan_prop
    lowpan_service

--- a/private/file_contexts
+++ b/private/file_contexts
@@ -249,6 +249,7 @@
 /system/bin/dnsmasq     u:object_r:dnsmasq_exec:s0
 /system/bin/healthd     u:object_r:healthd_exec:s0
 /system/bin/clatd	u:object_r:clatd_exec:s0
+/system/bin/llkd        u:object_r:llkd_exec:s0
 /system/bin/lmkd        u:object_r:lmkd_exec:s0
 /system/bin/usbd   u:object_r:usbd_exec:s0
 /system/bin/inputflinger u:object_r:inputflinger_exec:s0

--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -38,7 +38,7 @@ genfscon proc /sys/kernel/domainname u:object_r:proc_hostname:s0
 genfscon proc /sys/kernel/dmesg_restrict u:object_r:proc_security:s0
 genfscon proc /sys/kernel/hostname u:object_r:proc_hostname:s0
 genfscon proc /sys/kernel/hotplug u:object_r:usermodehelper:s0
-genfscon proc /sys/kernel/hung_task_timeout_secs u:object_r:proc_hung_task:s0
+genfscon proc /sys/kernel/hung_task_ u:object_r:proc_hung_task:s0
 genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0
 genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0
 genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0

--- a/private/llkd.te
+++ b/private/llkd.te
+# llkd Live LocK Daemon
+typeattribute llkd coredomain;
+init_daemon_domain(llkd)
+allow llkd self:global_capability_class_set kill;
+# llkd optionally locks itself in memory, to prevent it from being
+# swapped out and unable to discover a kernel in live-lock state.
+allow llkd self:global_capability_class_set ipc_lock;
+# Send kill signals to _anyone_ suffering from Live Lock
+allow llkd domain:process sigkill;
+# live lock watchdog process allowed to look through /proc/
+allow llkd domain:dir r_dir_perms;
+allow llkd domain:file r_file_perms;
+allow llkd domain:lnk_file read;
+# Set /proc/sys/kernel/hung_task_*
+allow llkd proc_hung_task:file rw_file_perms;
+# live lock watchdog process allowed to dump process trace and
+# reboot because orderly shutdown may not be possible.
+allow llkd proc_sysrq:file w_file_perms;
+allow llkd kmsg_device:chr_file w_file_perms;
+### neverallow rules
+neverallow { domain -init } llkd:process { dyntransition transition };
+# never honor LD_PRELOAD
+neverallow * llkd:process noatsecure;
--- a/public/llkd.te
+++ b/public/llkd.te
+# llkd Live LocK Daemon
+type llkd, domain, mlstrustedsubject;
+type llkd_exec, exec_type, file_type;