Allow system_server to kill crosvm/virtualizationmanager
VirtualizationManager (and indirectly crosvm) now runs as a child process of the client, which could be a process forked from zygote. As a result, these get tracked as phantom processes of the client and system_server will try to kill them if it chooses to kill the client. Currently this does not work because system_server is not allowed sigkill for the corresponding domains. In theory, that should not be a problem because virtualizationmanager will automatically kill any crosvm instances and terminate itself if its parent dies, but we should not rely on that fact and instead give system_server the ultimate control over app process termination. Bug: 269461627 Test: atest MicrodroidTestApp Change-Id: Ie0ba5388d00a51812c9424c37f2f74983bea9db8
This commit is contained in:
David Brazdil
parent
10a639613a
commit
f3a922c453
1 changed files with 3 additions and 1 deletions
|
|
@ -102,10 +102,12 @@ allow system_server self:process ptrace;
|
|||
allow system_server zygote:fd use;
|
||||
allow system_server zygote:process sigchld;
|
||||
|
||||
# May kill zygote on crashes.
|
||||
# May kill zygote (or its child processes) on crashes.
|
||||
allow system_server {
|
||||
app_zygote
|
||||
crash_dump
|
||||
crosvm
|
||||
virtualizationmanager
|
||||
webview_zygote
|
||||
zygote
|
||||
}:process { getpgid sigkill signull };
|
||||
|
|
|
|||
Loading…
Reference in a new issue