tequilaOS/platform_system_core

Fork 0

Commit graph

Author	SHA1	Message	Date
Mark Salyzyn	be2e2f2beb	llkd: requires sys_admin permissions As a result of commit f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7 ("proc: restrict kernel stack dumps to root") the userdebug feature where llkd can monitor for live lock signatures in the stack traces broke. So now userdebug variant of llkd requires sys_admin permissions. Signed-off-by: Mark Salyzyn <salyzyn@google.com> Test: llkd_unit_test Bug: 147486902 Change-Id: I31572afa08daa490a69783855bce55313eaed96c	2020-01-15 09:08:48 -08:00
Mark Salyzyn	96505fad80	llkd: Add stack symbol checking Feature outlined here is only available on userdebug or eng builds. Blocked for security reasons because requires ptrace capabilities. Add ro.llk.stack to list a set of symbols that should rarely happen but if persistent in multiple checks, indicates a live lock condition. At ro.llk.stack.timeout_ms the process is sent a kill, if it remains, then panic the kernel. There is no ABA detection in the paths, the condition for the stack symbol being present instantaneously must be its rarity of being caught. If a livelock occurs in the path of the symbol, then it is possible more than one path could be stuck in the state, but the best candidate symbols are found underneath a lock resulting in only one process being the culprit, and the best aim. There may be processes that induce a look of persistence, if so the symbol is not a candidate for checking. Add ro.llk.blacklist.process.stack to list process names we want to skip checking. This configuration parameter is also used to prevent sepolicy noise when trying to acquire stacks from non ptrace'able services. Test: gTest llkd_unit_tests Bug: 33808187 Bug: 111910505 Bug: 80502612 Change-Id: Ie71221e371b189bbdda2a1155d47826997842dcc	2018-08-30 13:53:19 -07:00

Author

SHA1

Message

Date

Mark Salyzyn

be2e2f2beb

llkd: requires sys_admin permissions

As a result of commit f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7
("proc: restrict kernel stack dumps to root")
the userdebug feature where llkd can monitor for live lock
signatures in the stack traces broke.

So now userdebug variant of llkd requires sys_admin permissions.

Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Test: llkd_unit_test
Bug: 147486902
Change-Id: I31572afa08daa490a69783855bce55313eaed96c

2020-01-15 09:08:48 -08:00

Mark Salyzyn

96505fad80

llkd: Add stack symbol checking

Feature outlined here is only available on userdebug or eng builds.
Blocked for security reasons because requires ptrace capabilities.

Add ro.llk.stack to list a set of symbols that should rarely happen
but if persistent in multiple checks, indicates a live lock condition.
At ro.llk.stack.timeout_ms the process is sent a kill, if it remains,
then panic the kernel.

There is no ABA detection in the paths, the condition for the
stack symbol being present instantaneously must be its rarity of
being caught.  If a livelock occurs in the path of the symbol, then
it is possible more than one path could be stuck in the state, but
the best candidate symbols are found underneath a lock resulting in
only one process being the culprit, and the best aim.  There may be
processes that induce a look of persistence, if so the symbol is not
a candidate for checking.

Add ro.llk.blacklist.process.stack to list process names we want
to skip checking.  This configuration parameter is also used to
prevent sepolicy noise when trying to acquire stacks from non
ptrace'able services.

Test: gTest llkd_unit_tests
Bug: 33808187
Bug: 111910505
Bug: 80502612
Change-Id: Ie71221e371b189bbdda2a1155d47826997842dcc

2018-08-30 13:53:19 -07:00

2 commits