Commit d9f65fc6 authored by spiiroin's avatar spiiroin

[systemd] Add capabilities required by compositor killer. Fixes JB#48754

The intent is that (devel flavor) mce will make an attempt to
coredump / kill compositor process that stops responding to
display blank/unblank control ipc - when it is unlikely that
compositor is unresponsive because it has been stopped in
debugger. This feature stopped working after systemd sandboxing
features were taken in use.

Add CAP_SYS_PTRACE - required by debugger detection.

Add CAP_KILL - required for sending signals to unrelated processes.

Add diagnostic logging in error paths of related code.
Signed-off-by: spiiroin's avatarSimo Piiroinen <simo.piiroinen@jollamobile.com>
parent ebbdbfb0
......@@ -2,8 +2,9 @@
* @file display.c
* Display module -- this implements display handling for MCE
* <p>
* Copyright © 2007-2011 Nokia Corporation and/or its subsidiary(-ies).
* Copyright (C) 2012-2019 Jolla Ltd.
* Copyright (c) 2007 - 2011 Nokia Corporation and/or its subsidiary(-ies).
* Copyright (c) 2012 - 2020 Jolla Ltd.
* Copyright (c) 2020 Open Mobile Platform LLC.
* <p>
* @author David Weinehall <david.weinehall@nokia.com>
* @author Tapio Rantala <ext-tapio.rantala@nokia.com>
......@@ -6721,8 +6722,11 @@ compositor_stm_core_timer_cb(void *aptr)
* handled "nicely" by compositor. SIGXCPU fits that description and
* is also c) somewhat relevant "CPU time limit exceeded" d) easily
* distinguishable from other "normal" crash reports. */
if( kill(self->csi_service_pid, SIGXCPU) == -1 && errno == ESRCH )
goto EXIT;
if( kill(self->csi_service_pid, SIGXCPU) == -1 ) {
if( errno == ESRCH )
goto EXIT;
mce_log(LL_WARN, "could not SIGXCPU compositor: %m");
}
self->csi_kill_timer_id = g_timeout_add(mdy_compositor_kill_delay * 1000,
compositor_stm_kill_timer_cb,
......@@ -6749,8 +6753,11 @@ compositor_stm_kill_timer_cb(void *aptr)
if( self->csi_service_pid == COMPOSITOR_STM_INVALID_PID )
goto EXIT;
if( kill(self->csi_service_pid, SIGKILL) == -1 && errno == ESRCH )
goto EXIT;
if( kill(self->csi_service_pid, SIGKILL) == -1 ) {
if( errno == ESRCH )
goto EXIT;
mce_log(LL_WARN, "could not SIGKILL compositor: %m");
}
self->csi_kill_timer_id = g_timeout_add(mdy_compositor_bury_delay * 1000,
compositor_stm_bury_timer_cb,
......
......@@ -12,7 +12,7 @@ Type=notify
ExecStart=/usr/sbin/mce --systemd
Restart=always
# Sandboxing
CapabilityBoundingSet=CAP_BLOCK_SUSPEND CAP_DAC_OVERRIDE CAP_FOWNER
CapabilityBoundingSet=CAP_BLOCK_SUSPEND CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_PTRACE CAP_KILL
# System update uses /tmp/os-update-running which should be relocated
PrivateTmp=no
ProtectHome=yes
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment