Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c75c59bc authored by Mark Salyzyn's avatar Mark Salyzyn
Browse files

CtsLogdTestCases#sepolicy_rate_limiter failure 

(cherry pick from commit b825faee)

Cts tests can run in appdomain, which have access to /data/backup/
which leads to zero injection of sepolicy signal to check the logd
and kernel rate limiter.  Switch to /data/drm/ as a better choice
to inject a sepolicy denial either due to dac_override or
dac_read_search because owned by the drm uid and gid, or due to
create sepolicy denial to u:object_r:drm_data_file:s0 to all but
select services.

Test: gTest
Bug: 65843095
Change-Id: I2d72b1407a930c270636a206066d2d15fdec2f77
parent 93764d3c

logd/tests/logd_test.cpp

+1 −1
Original line number Diff line number Diff line
@@ -1091,7 +1091,7 @@ static pid_t sepolicy_rate(unsigned rate, unsigned num) { 
    // and dac_read_search on every try to get past the message

    // de-duper.  We will also rotate the file name in the directory

    // as another measure.

    static const char file[] = "/data/backup/cannot_access_directory_%u";

    static const char file[] = "/data/drm/cannot_access_directory_%u";

    static const unsigned avc_requests_per_access = 2;



    rate /= avc_requests_per_access;