tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_core/rootdir
History
Mark Salyzyn 64d97d8761 lmkd: limit capability set to minimum 
Set F() capability set and 'drop' lmkd from AID_ROOT to AID_LMKD uid
and from AID_ROOT to AID_LMKD and AID_SYSTEM gid.

/dev/memcg/memory.pressure defaults to root.root mode 0000, set it up
as root.system mode 0040 to allow lmkd read access.

Instrument failure to set SCHED_FIFO.

Annotate access points that require elevated capabilities.

Test: check /proc/`pidof lmkd`/status for capability set
Test: lmkd_unit_test
Bug: 77650566
Change-Id: I986081a0434cf6e842b63a55726380205b30a3ea
2018-04-16 14:51:56 -07:00
..
etc Allow VNDK-SP extensions to use vendor lib 2018-03-29 17:18:40 +08:00
Android.mk Adding /odm support 2018-03-09 17:34:29 +08:00
asan.options Include asan options from data partition. 2017-08-09 15:32:23 -07:00
asan_extract.rc Asan_extract: Use sys.powerctl 2017-04-19 18:32:27 -07:00
asan_extract.sh Asan_extract: Use sys.powerctl 2017-04-19 18:32:27 -07:00
init-debug.rc init-debug.rc: don't mount debugfs 2017-03-14 21:56:24 -07:00
init.environ.rc.in Add global GCOV_PREFIX option. 2017-02-27 15:00:18 -08:00
init.rc lmkd: limit capability set to minimum 2018-04-16 14:51:56 -07:00
init.usb.configfs.rc Move adbd stopped trigger for configfs into core. 2017-04-27 14:59:48 -07:00
init.usb.rc emulator: not start adbd upon ro.kernel.qemu=1 2018-02-03 17:22:15 -08:00
init.zygote32.rc Add reserved disk GID to critical component. 2018-01-07 19:25:00 -07:00
init.zygote32_64.rc Add reserved disk GID to critical component. 2018-01-07 19:25:00 -07:00
init.zygote64.rc Add reserved disk GID to critical component. 2018-01-07 19:25:00 -07:00
init.zygote64_32.rc Add reserved disk GID to critical component. 2018-01-07 19:25:00 -07:00
OWNERS OWNERS: add myself 2018-01-12 13:31:54 -08:00
ueventd.rc Allow input system access to /dev/v4l-touch 2017-12-22 17:06:24 -08:00