Hi team ,
On android- with latest kernels 4.14 we are seeing some denials which seem
to be very much genuine to be address . Where kernel is trying to kill its
own created process ( might be for maintenance) .
These are seen in long Stress testing . But I dont see any one adding
such rule in general so the question is do we see any risk which made us
not to add such rules ?
1. avc: denied { kill } for pid=2432 comm="irq/66-90b6300." capability=5
scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
2. avc: denied { kill } for pid=69 comm="rcuop/6" capability=5
scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
3. avc: denied { kill } for pid=0 comm="swapper/1" capability=5
scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
4. avc: denied { kill } for pid=4185 comm="kworker/0:4" capability=5
scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
This is self capability any one in kernel context should be able to do
such operations I guess.
Regards,
Ravi
_______________________________________________
Selinux mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to [email protected].
