Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ce32539c authored by Mark Salyzyn's avatar Mark Salyzyn
Browse files

lmkd: test: access /sys/module/lowmemorykiller/ as u:r:shell:s0 

lmkd_unit_test gets an selinux violation when run unprivileged:

lmkd_unit_test: type=1400 audit(0.0:???): avc: denied { search } for
    name="lowmemorykiller" dev="sysfs" ino=??? scontext=u:r:shell:s0
    tcontext=u:object_r:sysfs_lowmemorykiller:s0 tclass=dir
    permissive=0

resulting in log noise.  Check for INKERNEL_MINFREE_PATH existence
after known to be escalated as root user to suppress noise.

Test: lmkd_unit_test as unprivileged user, there should be no audits.
Change-Id: Ia5c7824e7070c98ee6eea20ca53097e4e56d61b6
parent b9b967e2

lmkd/tests/lmkd_test.cpp

+7 −6
Original line number Diff line number Diff line
@@ -210,6 +210,13 @@ void runMemStressTest() { 
    pid_t pid;

    uid_t uid = getuid();



    // check if in-kernel LMK driver is present

    if (!access(INKERNEL_MINFREE_PATH, W_OK)) {

        GTEST_LOG_(INFO) << "Must not have kernel lowmemorykiller driver,"

                         << " terminating test";

        return;

    }



    ASSERT_FALSE((sock = lmkd_connect()) < 0)

        << "Failed to connect to lmkd process, err=" << strerror(errno);
@@ -282,12 +289,6 @@ TEST(lmkd, check_for_oom) { 
        GTEST_LOG_(INFO) << "Must be userdebug build, terminating test";

        return;

    }

    // check if in-kernel LMK driver is present

    if (!access(INKERNEL_MINFREE_PATH, W_OK)) {

        GTEST_LOG_(INFO) << "Must not have kernel lowmemorykiller driver,"

                         << " terminating test";

        return;

    }



    // if respawned test process then run the test and exit (no analysis)

    if (getenv(LMKDTEST_RESPAWN_FLAG) != NULL) {