diff options
author | Nick Kralevich <nnk@google.com> | 2018-10-15 09:17:40 -0700 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2018-10-15 09:17:40 -0700 |
commit | 5390b9add4e567eeeeeabc3d39d588c21cb5d543 (patch) | |
tree | d57cb7aea100bc63e3bd3f0c1c70c7ab942cfcb8 /llkd | |
parent | 6853a187e37b541fb536154cc6a6057dae1e916a (diff) | |
download | system_core-5390b9add4e567eeeeeabc3d39d588c21cb5d543.tar.gz system_core-5390b9add4e567eeeeeabc3d39d588c21cb5d543.tar.bz2 system_core-5390b9add4e567eeeeeabc3d39d588c21cb5d543.zip |
llkd: Do not check apexd by default for stack
apexd is now blocked by sepolicy, so skip checking it to
prevent an avc warning.
See system/sepolicy commit ac097ac4c7718f8593f2b6b96a93a776984ec7c4
Addresses the following SELinux denial:
type=1400 audit(0.0:386): avc: denied { ptrace } for comm="llkd" scontext=u:r:llkd:s0 tcontext=u:r:apexd:s0 tclass=process permissive=0
Test: manual
Change-Id: Iad24447c8200e915ac8397a8f84923feebc20613
Diffstat (limited to 'llkd')
-rw-r--r-- | llkd/include/llkd.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/llkd/include/llkd.h b/llkd/include/llkd.h index 1e2df2f2b..4d39dd917 100644 --- a/llkd/include/llkd.h +++ b/llkd/include/llkd.h @@ -57,7 +57,7 @@ unsigned llkCheckMilliseconds(void); #define LLK_BLACKLIST_UID_PROPERTY "ro.llk.blacklist.uid" #define LLK_BLACKLIST_UID_DEFAULT "" #define LLK_BLACKLIST_STACK_PROPERTY "ro.llk.blacklist.process.stack" -#define LLK_BLACKLIST_STACK_DEFAULT "init,lmkd.llkd,llkd,keystore,/system/bin/keystore,ueventd" +#define LLK_BLACKLIST_STACK_DEFAULT "init,lmkd.llkd,llkd,keystore,/system/bin/keystore,ueventd,apexd" /* clang-format on */ __END_DECLS |