ANDROID: sched/psi: disable the privilege check if

CONFIG_DEFAULT_SECURITY_SELINUX is enabled

Since 'commit d82caa2735 ("sched/psi: Allow unprivileged polling
of N*2s period")' only processes with CAP_SYS_RESOURCE privilege can
register with window_us < WINDOW_MAX_US. Unprivileged ones can only
use multiples of 2s for window_us to register.

So on the Android V with kernel-6.6, system_server without
CAP_SYS_RESOURCE using 1s for window_us failed to register.

The relative code as follows:
frameworks/base/services/core/jni/com_android_server_am_LowMemDetector.cpp;l=44
// stall tracking window size in us
static constexpr int PSI_WINDOW_SIZE_US = 1000000;

The failed log:
libpsi  : /proc/pressure/memory write failed for psi stall type 'some'; errno=22
LowMemDetector: Failed to register psi trigger

To fix this, disable the privilege check if CONFIG_DEFAULT_SECURITY_SELINUX
is enabled, Besides change proc_create() calls to 0 to keep consistency with
the previous version of the kernel.

Bug: 348152354
Change-Id: Ica596c210604661e37fd3ff4c7c3aa22855573f5
Signed-off-by: Hailong.Liu <liuhailong@oppo.com>
This commit is contained in:
Hailong.Liu 2024-06-19 17:58:53 +08:00 committed by Todd Kjos
parent 5f59226f87
commit 79591ebabf

View File

@ -1294,10 +1294,12 @@ struct psi_trigger *psi_trigger_create(struct psi_group *group, char *buf,
return ERR_PTR(-EOPNOTSUPP); return ERR_PTR(-EOPNOTSUPP);
/* /*
* Checking the privilege here on file->f_cred implies that a privileged user * Checking the privilege on file->f_cred or selinux enabled here imply
* could open the file and delegate the write to an unprivileged one. * that a privileged user could open the file and delegate the write
* to an unprivileged one.
*/ */
privileged = cap_raised(file->f_cred->cap_effective, CAP_SYS_RESOURCE); privileged = cap_raised(file->f_cred->cap_effective, CAP_SYS_RESOURCE) ||
IS_ENABLED(CONFIG_DEFAULT_SECURITY_SELINUX);
if (sscanf(buf, "some %u %u", &threshold_us, &window_us) == 2) if (sscanf(buf, "some %u %u", &threshold_us, &window_us) == 2)
state = PSI_IO_SOME + res * 2; state = PSI_IO_SOME + res * 2;
@ -1656,11 +1658,11 @@ static int __init psi_proc_init(void)
{ {
if (psi_enable) { if (psi_enable) {
proc_mkdir("pressure", NULL); proc_mkdir("pressure", NULL);
proc_create("pressure/io", 0666, NULL, &psi_io_proc_ops); proc_create("pressure/io", 0, NULL, &psi_io_proc_ops);
proc_create("pressure/memory", 0666, NULL, &psi_memory_proc_ops); proc_create("pressure/memory", 0, NULL, &psi_memory_proc_ops);
proc_create("pressure/cpu", 0666, NULL, &psi_cpu_proc_ops); proc_create("pressure/cpu", 0, NULL, &psi_cpu_proc_ops);
#ifdef CONFIG_IRQ_TIME_ACCOUNTING #ifdef CONFIG_IRQ_TIME_ACCOUNTING
proc_create("pressure/irq", 0666, NULL, &psi_irq_proc_ops); proc_create("pressure/irq", 0, NULL, &psi_irq_proc_ops);
#endif #endif
} }
return 0; return 0;