Increase RLIMIT_MEMLOCK for keystore2
By default Android only allows processes to lock up to 65536 bytes of
memory, resulting from the command 'setrlimit memlock 65536 65536' in
system/core/rootdir/init.rc. The recent Keystore changes to create each
user's super keys at user creation time cause Keystore to sometimes lock
more memory and sometimes exceed this limit. To reproduce this issue
myself, I had to create almost 100 users. However, it apparently can
happen with fewer users too, based on CTS test failure report.
Fix this issue by setting the memlock limit for keystore2 to unlimited.
Note that the amount actually used remains fairly small, but I don't
think there's a reason to set an arbitrary limit here. A memlock limit
makes sense for unprivileged apps but not for system processes.
Bug: 296464083
Bug: 314474709
Bug: 314561033
Test: adb shell setprop debug.user.creation_override 1
for i in `seq 1 100`; do adb shell pm create-user --profileOf 0 --managed profile; done
adb logcat | grep -i keystore
# Saw ENOMEM error near the end without this CL, but not with it.
Flag: Not feasible to flag this CL, and it's a pretty safe change.
Change-Id: I3ef062d737ffb1431dca78c0d568ad6c2d713de6
This commit is contained in:
Eric Biggers
parent
6f80e95312
commit
2202fcc19f
1 changed files with 2 additions and 0 deletions
|
|
@ -11,3 +11,5 @@ service keystore2 /system/bin/keystore2 /data/misc/keystore
|
|||
user keystore
|
||||
group keystore readproc log
|
||||
task_profiles ProcessCapacityHigh
|
||||
# The default memlock limit of 65536 bytes is too low for keystore.
|
||||
rlimit memlock unlimited unlimited
|
||||
|
|
|
|||
Loading…
Reference in a new issue