On AOSP build, I am getting following avc denied messages,
01-01 00:01:28.600 1458-1458/? W/iw﹕ type=1400 audit(0.0:5): avc: denied { create } for scontext=u:r:system_app:s0 tcontext=u:r:system_app:s0 tclass=netlink_socket permissive=0
01-01 00:01:28.660 1460-1460/? W/ndc﹕ type=1400 audit(0.0:6): avc: denied { write } for name="netd" dev="tmpfs" ino=1575 scontext=u:r:system_app:s0 tcontext=u:object_r:netd_socket:s0 tclass=sock_file permissive=0
01-01 00:01:28.720 1461-1461/? W/ndc﹕ type=1400 audit(0.0:7): avc: denied { write } for name="netd" dev="tmpfs" ino=1575 scontext=u:r:system_app:s0 tcontext=u:object_r:netd_socket:s0 tclass=sock_file permissive=0
01-01 00:01:28.790 1462-1462/? W/ndc﹕ type=1400 audit(0.0:8): avc: denied { write } for name="netd" dev="tmpfs" ino=1575 scontext=u:r:system_app:s0 tcontext=u:object_r:netd_socket:s0 tclass=sock_file permissive=0
01-01 00:01:28.860 1463-1463/? W/ndc﹕ type=1400 audit(0.0:9): avc: denied { write } for name="netd" dev="tmpfs" ino=1575 scontext=u:r:system_app:s0 tcontext=u:object_r:netd_socket:s0 tclass=sock_file permissive=0
Using the audit2allow I got following
allow system_app netd_socket:sock_file write;
allow system_app self:netlink_socket create;
I have added the same to device/<vendor-path>/sepolicy/system_app.te
Also excluded system app from neverallow policy as below in external/sepolicy/app.te
neverallow { appdomain -system_app }
self:{
netlink_socket
netlink_firewall_socket
netlink_tcpdiag_socket
netlink_nflog_socket
netlink_xfrm_socket
netlink_audit_socket
netlink_ip6fw_socket
netlink_dnrt_socket
} *;
But still getting the same permission denied avc logs.
Cannot see anything wrong from your change. Suppose your sepolicy change was not building into kernel.
pls try make kernelclean and rebuild kernel, vim at the following file:
out/target/product/xxxx/obj/ETC/sepolicy_intermediates/policy.conf
All the sepolicy should in the policy.conf, grep your new adding policy to check if it has been compiled into kernel.
Related
I am integrating a Quectel EC25 into an existing Lineage ROM and am receiving the following message in dmesg
Could not find service hosting interface android.hardware.radio.config#1.0::IRadioConfig/default
What does this issue come from? I am I missing a package during build? The original Radio for this device/ROM was Qualcomm and not Quectel.
I have the following HAL definitions:
<hal format="hidl">
<name>android.hardware.broadcastradio</name>
<transport>hwbinder</transport>
<version>1.0</version>
<interface>
<name>IBroadcastRadioFactory</name>
<instance>default</instance>
</interface>
</hal>
<hal format="hidl">
<name>android.hardware.radio.deprecated</name>
<transport>hwbinder</transport>
<version>1.0</version>
<interface>
<name>IOemHook</name>
<instance>slot1</instance>
</interface>
</hal>
<hal format="hidl">
<name>android.hardware.radio</name>
<transport>hwbinder</transport>
<version>1.0</version>
<interface>
<name>IRadio</name>
<instance>slot1</instance>
</interface>
</hal>
Source:
https://github.com/darran-kelinske-fivestars/android_device_lenovo_tb-common/blob/dff9d6c0d81b83f8541a76f7c9beccd84ea889d9/manifest.xml#L204-L230
Full log:
[ 166.333636] usb 1-1.1: new high-speed USB device number 3 using msm_hsusb_host
[ 166.444063] usb 1-1.1: New USB device found, idVendor=2c7c, idProduct=0125
[ 166.444081] usb 1-1.1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[ 166.444090] usb 1-1.1: Product: Android
[ 166.444100] usb 1-1.1: Manufacturer: Android
[ 166.450194] option 1-1.1:1.0: GSM modem (1-port) converter detected
[ 166.451457] usb 1-1.1: GSM modem (1-port) converter now attached to ttyUSB0
[ 166.455370] option 1-1.1:1.1: GSM modem (1-port) converter detected
[ 166.456632] usb 1-1.1: GSM modem (1-port) converter now attached to ttyUSB1
[ 166.461523] option 1-1.1:1.2: GSM modem (1-port) converter detected
[ 166.462494] usb 1-1.1: GSM modem (1-port) converter now attached to ttyUSB2
[ 166.466384] option 1-1.1:1.3: GSM modem (1-port) converter detected
[ 166.467252] usb 1-1.1: GSM modem (1-port) converter now attached to ttyUSB3
[ 166.471994] qmi_wwan 1-1.1:1.4: cdc-wdm0: USB WDM device
[ 166.472015] qmi_wwan 1-1.1:1.4: Quectel EC21&EC25 work on RawIP mode
[ 166.480868] qmi_wwan 1-1.1:1.4 wwan0: register 'qmi_wwan' at usb-msm_hsusb_host-1.1, WWAN/QMI device, 0000000000000000
[ 168.904509] type=1400 audit(1588111305.685:263): avc: denied { open } for pid=3405 comm="getprop" path="/dev/__properties__/u:object_r:bluetooth_prop:s0" dev="tmpfs" ino=280 scontext=u:r:shell:s0 tcontext=u:object_r:bluetooth_prop:s0 tclass=file permissive=1
[ 168.904559] type=1400 audit(1588111332.185:475): avc: denied { getattr } for pid=618 comm="rild" path="/dev/cdc-wdm0" dev="tmpfs" ino=77796 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 168.906456] type=1400 audit(1588111332.185:475): avc: denied { getattr } for pid=618 comm="rild" path="/dev/cdc-wdm0" dev="tmpfs" ino=77796 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 168.906507] type=1400 audit(1588111332.189:476): avc: denied { read write } for pid=618 comm="rild" name="ttyUSB2" dev="tmpfs" ino=77794 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 168.906670] type=1400 audit(1588111332.189:476): avc: denied { read write } for pid=618 comm="rild" name="ttyUSB2" dev="tmpfs" ino=77794 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 168.906697] type=1400 audit(1588111332.189:477): avc: denied { open } for pid=618 comm="rild" path="/dev/ttyUSB2" dev="tmpfs" ino=77794 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 168.907309] type=1400 audit(1588111332.189:477): avc: denied { open } for pid=618 comm="rild" path="/dev/ttyUSB2" dev="tmpfs" ino=77794 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 168.907340] type=1400 audit(1588111332.189:478): avc: denied { ioctl } for pid=618 comm="rild" path="/dev/ttyUSB2" dev="tmpfs" ino=77794 ioctlcmd=5401 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 169.852985] init: Received control message 'interface_start' for 'android.hardware.radio.config#1.0::IRadioConfig/default' from pid: 330 (/system/bin/hwservicemanager)
[ 169.853056] init: Could not find service hosting interface android.hardware.radio.config#1.0::IRadioConfig/default
My manifest is here:
https://github.com/darran-kelinske-fivestars/local-manifest-lineage/blob/TB-8504/manifest.xml
Qualcomm use RIL framework different form the usual one.
device/qcom/msmxxx/msmxxx.mk
add as follow
PRODUCT_PACKAGES += android.hardware.radio.config#1.0-service
Actually I am not aware of your application. But I had also faced the same issue when I was building one of the HAL.
According to your manifest, instance for your HAL will be present in the folder "default" in your HAL package. But if during runtime, if your instance is not created then this error will be thrown.
So, my error went off when I created an instance of my HAL interface in the main.cpp file.
Can you try the same. And recheck whether the folder named "default" is present in your HAL package, and your HAL interface is getting instantiated in the main.cpp file.
I am getting these "Access denied finding property "camera.aux.packagelist"" errors when using camera 2 api in android studio. It does not create some crashes and camera works but still what are these errors and how to solve them?
Also how to solve "W/Gralloc3: allocator 3.x is not supported" error?
I have provided logs below.
E/libc: Access denied finding property "camera.aux.packagelist"
W/le.ocrdetection: type=1400 audit(0.0:5957056): avc: denied { read } for name="u:object_r:camera_prop:s0" dev="tmpfs" ino=13808 scontext=u:r:untrusted_app:s0:c187,c257,c512,c768 tcontext=u:object_r:camera_prop:s0 tclass=file permissive=0
E/libc: Access denied finding property "camera.aux.packagelist"
Access denied finding property "camera.aux.packagelist"
W/le.ocrdetection: type=1400 audit(0.0:5957058): avc: denied { read } for name="u:object_r:camera_prop:s0" dev="tmpfs" ino=13808 scontext=u:r:untrusted_app:s0:c187,c257,c512,c768 tcontext=u:object_r:camera_prop:s0 tclass=file permissive=0
W/CameraManagerGlobal: [soar.cts] ignore the status update of camera: 2
W/le.ocrdetection: type=1400 audit(0.0:5957059): avc: denied { read } for name="u:object_r:camera_prop:s0" dev="tmpfs" ino=13808 scontext=u:r:untrusted_app:s0:c187,c257,c512,c768 tcontext=u:object_r:camera_prop:s0 tclass=file permissive=0
E/libc: Access denied finding property "camera.aux.packagelist"
W/CameraManagerGlobal: [soar.cts] ignore the status update of camera: 3
W/le.ocrdetection: type=1400 audit(0.0:5957060): avc: denied { read } for name="u:object_r:camera_prop:s0" dev="tmpfs" ino=13808 scontext=u:r:untrusted_app:s0:c187,c257,c512,c768 tcontext=u:object_r:camera_prop:s0 tclass=file permissive=0
E/libc: Access denied finding property "camera.aux.packagelist"
W/CameraManagerGlobal: [soar.cts] ignore the status update of camera: 4
E/libc: Access denied finding property "camera.aux.packagelist"
W/CameraManagerGlobal: [soar.cts] ignore the status update of camera: 5
E/libc: Access denied finding property "camera.aux.packagelist"
E/libc: Access denied finding property "camera.aux.packagelist"
Access denied finding property "camera.aux.packagelist"
W/CameraManagerGlobal: ignore the torch status update of camera: 3
E/libc: Access denied finding property "camera.aux.packagelist"
W/CameraManagerGlobal: ignore the torch status update of camera: 4
I/Screen: height :2037
width :1080
D/TextureView: TextureView Width : 1080 TextureView Height : 1440
E/libc: Access denied finding property "persist.vendor.camera.privapp.list"
E/libc: Access denied finding property "camera.aux.packagelist"
E/libc: Access denied finding property "camera.aux.packagelist"
W/Gralloc3: allocator 3.x is not supported```
I've asked around and done some research on it but can't seem to find a fix
I/example.localme( 3862): type=1400 audit(0.0:2646): avc: denied {
write } for name="cache" dev="sdb3" ino=82035
scontext=u:r:untrusted_app:s0:c512,c768
tcontext=u:object_r:system_data_file:s0 tclass=dir permissive=1
I/example.localme( 3862): type=1400 audit(0.0:2647): avc: denied {
add_name } for name="localmeGMGRPB"
scontext=u:r:untrusted_app:s0:c512,c768
tcontext=u:object_r:system_data_file:s0 tclass=dir permissive=1
I/example.localme( 3862): type=1400 audit(0.0:2648): avc: denied {
create } for name="localmeGMGRPB"
scontext=u:r:untrusted_app:s0:c512,c768
tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir
permissive=1
I had the same issue and it turned out to be a network / connection issue with the simulator.
Possible solutions:
Turn on WiFi connection
Factory reset the simulator (This solved my issue)
Add internet permission if you are targeting older android versions:
<uses-permission android:name="android.permission.INTERNET"/>
I get this warning when I try to read a USB device
06-14 15:19:57.926 14580-14580/sadboy.circadian W/adboy.circadian: type=1400 audit(0.0:671): avc: denied { search } for name="usb" dev="tmpfs" ino=6196 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:usb_device:s0 tclass=dir permissive=0
I have an app which is crashing from time to time and the only reason for the crash I can thing of, has to be the following LogCat content (yep, two times the same line):
07-19 18:16:16.636 W/the.app: type=1400 audit(0.0:4418): avc: denied { read } for comm=4173796E635461736B202331 name="mem" dev="debugfs" ino=81636 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
07-19 18:16:16.636 W/the.app: type=1400 audit(0.0:4419): avc: denied { read } for comm=4173796E635461736B202331 name="mem" dev="debugfs" ino=81636 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
Followed by "Force finishing activity". The biggest "surprise" here is, that it is sometimes working totally fine, but more often not. I have no idea what I can do with those messages.
Device: Zuk Z2 Pro (rooted)
OS: Android 6.0.1 (ZUI 2.0)