avc:拒绝default_android_hwservice,紫罗兰从不允许
avc:拒绝default_android_hwservice,紫罗兰从不允许
提问于 2020-05-15 00:03:16
首先,我得到的日志如下:
11-11 11:11:14.779 2287 2287 E SELinux : **avc: denied** { add } for interface=vendor.abc.wifi.wifidiagnostic::IWifiDiagnostic sid=u:r:wifidiagnostic:s0 pid=2838 scontext=u:r:wifidiagnostic:s0 tcontext=u:object_r:**default_android_hwservice**:s0 tclass=hwservice_manager permissive=1
11-11 11:11:14.781 2838 2838 I ServiceManagement: Registered vendor.abc.wifi.wifidiagnostic@1.0::IWifiDiagnostic/default (start delay of 128ms)
11-11 11:11:14.781 2838 2838 I ServiceManagement: Removing namespace from process name vendor.abc.wifi.wifidiagnostic@1.0-service to wifidiagnostic@1.0-service.但如果我加上
allow wifidiagnostic default_android_hwservice:hwservice_manager {add}获取编译错误:
libsepol.report_failure: neverallow on line 511 of system/sepolicy/public/domain.te (or line 11982 of policy.conf) violated by allow wifidiagnostic default_android_hwservice:hwservice_manager { add };
libsepol.check_assertions: **1 neverallow failures occurred**
Error while expanding policy我怎么解决它呢?
wifidiagnostic是一个提供诊断功能的本机服务。我在wifidiagnostic.te中定义了类型
# wifidiagnostic service
type wifidiagnostic, domain;
type wifidiagnostic_exec, exec_type, file_type, vendor_file_type;
init_daemon_domain(wifidiagnostic)
allow wifidiagnostic hwservicemanager_prop:file { getattr map open read };
allow wifidiagnostic hwservicemanager:binder { call transfer };
#allow wifidiagnostic default_android_hwservice:hwservice_manager { add };
allow wifidiagnostic hidl_base_hwservice:hwservice_manager { add };并在file_contexts中添加标签
/vendor/bin/hw/vendor.abc.wifi.wifidiagnostic@1.0-service u:object_r:wifidiagnostic_exec:s0
回答 2
Stack Overflow用户
发布于 2020-05-15 03:57:31
要允许服务访问HAL,可以使用hal_client_domain()宏(在system/sepolicy/public/te_macros中定义)。
从你的描述中我不知道你的hal类型是什么。允许访问wifi HAL将如下所示:
type wifidiagnostic, domain;
type wifidiagnostic_exec, exec_type, file_type, vendor_file_type;
# Allow context switch from init to wifidiagnostic.
init_daemon_domain(wifidiagnostic)
# Allow accessing wifi HAL.
hal_client_domain(wifidiagnostic, hal_wifi_hwservice)Stack Overflow用户
发布于 2020-08-25 08:58:49
您还应定义服务类型
请尝试以下操作
# hwservice_contexts
vendor.abc.wifi.wifidiagnostic::IWifiDiagnostic u:object_r:vendor_abc_wifi_wifidiagnostic_hwservice:s0
# wifidiagnostic.te
type vendor_abc_wifi_wifidiagnostic_hwservice, hwservice_manager_type;
add_hwservice(wifidiagnostic, vendor_abc_wifi_wifidiagnostic_hwservice)页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/61801956
复制相关文章
相似问题
腾讯云开发者
