From ce32539cf34bc18dc6621f869ef3312bc50cdcc2 Mon Sep 17 00:00:00 2001
From: Mark Salyzyn <salyzyn@google.com>
Date: Tue, 27 Mar 2018 08:08:48 -0700
Subject: [PATCH] lmkd: test: access /sys/module/lowmemorykiller/ as
 u:r:shell:s0

lmkd_unit_test gets an selinux violation when run unprivileged:

lmkd_unit_test: type=1400 audit(0.0:???): avc: denied { search } for
    name="lowmemorykiller" dev="sysfs" ino=??? scontext=u:r:shell:s0
    tcontext=u:object_r:sysfs_lowmemorykiller:s0 tclass=dir
    permissive=0

resulting in log noise.  Check for INKERNEL_MINFREE_PATH existence
after known to be escalated as root user to suppress noise.

Test: lmkd_unit_test as unprivileged user, there should be no audits.
Change-Id: Ia5c7824e7070c98ee6eea20ca53097e4e56d61b6
---
 lmkd/tests/lmkd_test.cpp | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/lmkd/tests/lmkd_test.cpp b/lmkd/tests/lmkd_test.cpp
index f17512daf..8c7a75fa1 100644
--- a/lmkd/tests/lmkd_test.cpp
+++ b/lmkd/tests/lmkd_test.cpp
@@ -210,6 +210,13 @@ void runMemStressTest() {
     pid_t pid;
     uid_t uid = getuid();
 
+    // check if in-kernel LMK driver is present
+    if (!access(INKERNEL_MINFREE_PATH, W_OK)) {
+        GTEST_LOG_(INFO) << "Must not have kernel lowmemorykiller driver,"
+                         << " terminating test";
+        return;
+    }
+
     ASSERT_FALSE((sock = lmkd_connect()) < 0)
         << "Failed to connect to lmkd process, err=" << strerror(errno);
 
@@ -282,12 +289,6 @@ TEST(lmkd, check_for_oom) {
         GTEST_LOG_(INFO) << "Must be userdebug build, terminating test";
         return;
     }
-    // check if in-kernel LMK driver is present
-    if (!access(INKERNEL_MINFREE_PATH, W_OK)) {
-        GTEST_LOG_(INFO) << "Must not have kernel lowmemorykiller driver,"
-                         << " terminating test";
-        return;
-    }
 
     // if respawned test process then run the test and exit (no analysis)
     if (getenv(LMKDTEST_RESPAWN_FLAG) != NULL) {