lmkd: test: access /sys/module/lowmemorykiller/ as u:r:shell:s0
lmkd_unit_test gets an selinux violation when run unprivileged:
lmkd_unit_test: type=1400 audit(0.0:???): avc: denied { search } for
name="lowmemorykiller" dev="sysfs" ino=??? scontext=u:r:shell:s0
tcontext=u:object_r:sysfs_lowmemorykiller:s0 tclass=dir
permissive=0
resulting in log noise. Check for INKERNEL_MINFREE_PATH existence
after known to be escalated as root user to suppress noise.
Test: lmkd_unit_test as unprivileged user, there should be no audits.
Change-Id: Ia5c7824e7070c98ee6eea20ca53097e4e56d61b6
diff --git a/lmkd/tests/lmkd_test.cpp b/lmkd/tests/lmkd_test.cpp
index f17512d..8c7a75f 100644
--- a/lmkd/tests/lmkd_test.cpp
+++ b/lmkd/tests/lmkd_test.cpp
@@ -210,6 +210,13 @@
pid_t pid;
uid_t uid = getuid();
+ // check if in-kernel LMK driver is present
+ if (!access(INKERNEL_MINFREE_PATH, W_OK)) {
+ GTEST_LOG_(INFO) << "Must not have kernel lowmemorykiller driver,"
+ << " terminating test";
+ return;
+ }
+
ASSERT_FALSE((sock = lmkd_connect()) < 0)
<< "Failed to connect to lmkd process, err=" << strerror(errno);
@@ -282,12 +289,6 @@
GTEST_LOG_(INFO) << "Must be userdebug build, terminating test";
return;
}
- // check if in-kernel LMK driver is present
- if (!access(INKERNEL_MINFREE_PATH, W_OK)) {
- GTEST_LOG_(INFO) << "Must not have kernel lowmemorykiller driver,"
- << " terminating test";
- return;
- }
// if respawned test process then run the test and exit (no analysis)
if (getenv(LMKDTEST_RESPAWN_FLAG) != NULL) {