ANDROID: exec_domains: Disable request_module() call for personalities

(cherry pick from commit a9ac1262ce80c287562e604f3bb24f232fcb686e) With Android M, Android environments use a separate execution domain for 32bit processes. See: https://android-review.googlesource.com/#/c/122131/ This results in systems that use kernel modules to see selinux audit noise like: type=1400 audit(28.989:15): avc: denied { module_request } for pid=1622 comm="app_process32" kmod="personality-8" scontext=u:r:zygote:s0 tcontext=u:r:kernel:s0 tclass=system While using kernel modules is unadvised, some systems do require them. Thus to avoid developers adding sepolicy exceptions to allow for request_module calls, this patch disables the logic which tries to call request_module for the 32bit personality (ie: personality-8), which doesn't actually exist. Signed-off-by: John Stultz <john.stultz@linaro.org> Change-Id: I32774083340e0f928d0e3bb4295517218e23c66c
2015-11-17 08:35:54 -08:00 · 2015-11-17 08:35:54 -08:00 · e2861bf297
parent 947b0a510f
commit e2861bf297
1 changed files with 8 additions and 1 deletions
--- a/kernel/exec_domain.c
+++ b/kernel/exec_domain.c
@ -68,7 +68,14 @@ lookup_exec_domain(unsigned int personality)
 				goto out;
 	}

-#ifdef CONFIG_MODULES
+/*
+ * Disable the request_module here to avoid trying to
+ * load the personality-8 module, which  doesn't exist,
+ * and results in selinux audit noise.
+ * Disabling this here avoids folks adding module_request
+ * to their sepolicy, which is maybe too generous
+ */
+#if 0
 	read_unlock(&exec_domains_lock);
 	request_module("personality-%d", pers);
 	read_lock(&exec_domains_lock);