When I run my application I get frosen some operation. I get logs. But there is nothing form my app but there are many times same logs:
01-22 11:58:32.085 562 562 D STATUSBAR-NetworkController: refreshSignalCluster: data=0 bt=false
01-22 11:58:33.695 458 512 E DirEncryptConnector: Communications error: java.io.IOException: No such file or directory
01-22 11:58:33.695 458 512 E DirEncryptConnector: Error in NativeDaemonConnector: java.io.IOException: No such file or directory
01-22 11:58:34.105 562 562 D STATUSBAR-NetworkController: refreshSignalCluster: data=0 bt=false
What is DirEncryptConnector?
For more details, take a look here, is the Android source code:
http://gitorious.org/ginger/frameworks-base/blobs/2435a927f30efe38c673bfaed64a9880028da9e8/services/java/com/android/server/NativeDaemonConnector.java
Inside, you can se when those logs are written, for example, you have
log.e(TAG, "Error in NativeDaemonConnector", e);
on line 85.
Related
if I run my application on Android I always get this error and the application crashes immediately:
03-25 14:29:44.011 1833 7290 I ActivityManager: START u0 {flg=0x10000000 cmp=cz.jech.muzika/.Muzika} from uid 2000
03-25 14:29:44.093 1833 1998 I ActivityManager: Start proc 17399:cz.jech.muzika/u0a464 for activity cz.jech.muzika/.Muzika
03-25 14:29:44.098 17399 17399 E cz.jech.muzika: Not starting debugger since process cannot load the jdwp agent.
03-25 14:29:44.193 1833 2400 I WindowManager: SURFACE show Surface(name=Splash Screen cz.jech.muzika)/#0xbe60fc9: Splash Screen cz.jech.muzika
03-25 14:29:44.298 14007 17395 D InstalledAppProviderSer: insertAppIntoDb cz.jech.muzika
03-25 14:29:44.302 17399 17414 E AndroidRuntime: Process: cz.jech.muzika, PID: 17399
03-25 14:29:44.302 17399 17414 E AndroidRuntime: java.lang.UnsatisfiedLinkError: dlopen failed: invalid ELF file "/data/app/cz.jech.muzika-iMRmvRSnmwPpVhRlaZJJwg==/lib/arm64/libswscale.so" load segment[4]: p_offset (0x41000) + p_filesz (0x0) ( = 0x41000) past end of file (0x40910)
03-25 14:29:44.306 1833 9531 W ActivityManager: Force finishing activity cz.jech.muzika/.Muzika
03-25 14:29:44.327 1833 4076 I ActivityManager: Process cz.jech.muzika (pid 17399) has died: vis TOP
03-25 14:29:44.336 1140 1237 W SurfaceFlinger: Attempting to destroy on removed layer: AppWindowToken{485887d token=Token{1c63ed4 ActivityRecord{a8f0c27 u0 cz.jech.muzika/.Muzika t4527}}}#0
What could be the root cause of the error? The ffmpeg libraries I use are from here. What does the error "invalid ELF file" mean?
The file /lib/arm64/libswscale.so is corrupt. In particular, it has a PT_LOAD segment with offset that is past the end of the file (file size is 0x40910) and has 0 length.
One way the file may have become corrupt is if you did an FTP transfer and forgot to set binary mode. (Of course there are numerous other ways, such as decompressing the archive and running out of disk space.)
Your best bet is to re-extract the archive, check the length and md5sum of the file, and use scp or something other than ASCII FTP transfer, then verify that the md5sum is still the same on the target device.
I recently updated an Android app from targeted API 23 to 28. The biggest issue I am having after deploying to my users is that maybe 1 in 1000 users cannot log in anymore! After getting the logs from them, I found something I hadn't ever seen before. The certificate they're getting is not the certificate I'm serving, and it's being rejected by Android.
I know that some offices and such will MITM SSL certificates, and I suppose some of my users could be completely hacked... I had the users try to use our website, which uses the same SSL certificates as the app, and it works fine for them--so, if this is some MITM (on purpose or not), it's "configured correctly" on their web browser, but not for our app.
When looking at the false certificate details, I see multiple users have the same false Issuer:
06-25 16:49:00.800 25286 25377 E CONSCRYPT: ------------------Untrusted chain: ----------------------
06-25 16:49:00.800 25286 25377 E CONSCRYPT: == Chain0 ==
06-25 16:49:00.800 25286 25377 E CONSCRYPT: Version: 3
06-25 16:49:00.800 25286 25377 E CONSCRYPT: Serial Number: d0ca...0df
06-25 16:49:00.800 25286 25377 E CONSCRYPT: SubjectDN: CN=*.REDACTED.COM, CN=*.REDACTED.COM
06-25 16:49:00.800 25286 25377 E CONSCRYPT: IssuerDN: CN=afwlocalproxy
06-25 16:49:00.802 25286 25377 E CONSCRYPT: Get not before: Sun Jun 23 13:43:18 GMT+12:00 2019
06-25 16:49:00.802 25286 25377 E CONSCRYPT: Get not after: Mon Jun 22 13:43:18 GMT+12:00 2020
06-25 16:49:00.802 25286 25377 E CONSCRYPT: Sig ALG name: SHA256withRSA
06-25 16:49:00.802 25286 25377 E CONSCRYPT: Signature: 59c279...07f810
06-25 16:49:00.814 25286 25377 E CONSCRYPT: Public key:
06-25 16:49:00.814 25286 25377 E CONSCRYPT:
06-25 16:49:00.814 25286 25377 E CONSCRYPT: 30 82 ... 00 03
06-25 16:49:00.814 25286 25377 E CONSCRYPT: 82 01 ... 88 d7
....
(I replaced the domain with REDACTED and some numbers with ...)
Does anyone know what afwlocalproxy is? Is it an Android for Work thing? Is it AFW Proxy (https://afw-proxy-server.soft112.com/)? I scoured the internet a bit and didn't see anything, except two or three packet log analyses that look almost identical to mine above. I guess another possibility is that afwlocalproxy is just the name of some configured SSL proxy server, and these affected users all work at the same company or something.
These users were using the app just fine before the upgrade, and then upgraded, and it instantly stopped working for them. It is now 100% reproducible for them. One of them is on a Pixel 2, but they all have mentioned "security software" being installed on their phones by their providers or workplace.
I'm working on HiKey aosp installed running on Linux 16.04, trying to connect v4l2 camera and use it. Currently, I've added the device drivers for v4l2 and usbcamera, and added the camera-hal to ~/(aosp)/device/linaro/hikey/camera directory. media_profiles.xml is contained in this directory.
I'm facing this problem where the camera service provider is killed in the init process and runs infinite loop of the booting process as it constantly tries to start camera service and kill all related processes.
Logcat:
01-01 00:00:14.067 1999 1999 I mediaserver: ServiceManager: 0xf69994c0
01-01 00:00:14.068 1903 1903 E SELinux : avc: denied { add } for service=media.cas pid=1999 uid=1013 scontext=u:r:mediadrmserver:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0
01-01 00:00:14.069 1903 1903 E ServiceManager: **add_service**('media.cas',3) uid=1013 - **PERMISSION DENIED**
01-01 00:00:14.199 1968 1968 W android.hardwar: type=1400 audit(0.0:61): avc: denied { read write } for name="vndbinder" dev="tmpfs" ino=10306 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file permissive=0
01-01 00:00:14.205 1968 1968 I **android.hardware.camera.provider#2.4-service**: Camera provider Service is starting.
01-01 00:00:14.205 1968 1968 W ProcessState: **Opening '/dev/vndbinder' failed: Permission denied**
01-01 00:00:14.205 1968 1968 F **ProcessState: Binder driver could not be opened. Terminating.**
--------- beginning of crash
01-01 00:00:14.205 1968 1968 F libc : Fatal signal 6 (SIGABRT), code -6 in tid 1968 (android.hardwar), pid 1968 (android.hardwar)
01-01 00:00:14.266 2005 2005 I /vendor/bin/hw/android.hardware.media.omx#1.0-service: mediacodecservice starting
01-01 00:00:14.266 2005 2005 I ProcessState: Wonn1e: initWithDriver [1]
01-01 00:00:14.288 2005 2005 W /vendor/bin/hw/android.hardware.media.omx#1.0-service: Could not read additional policy file '/vendor/etc/seccomp_policy/mediacodec.policy'
01-01 00:00:14.288 2005 2005 W /vendor/bin/hw/android.hardware.media.omx#1.0-service: libminijail[2005]: failed to get path of fd 5: No such file or directory
According to the answer given to Start native service at early-init before coldboot done, native service including this camera provider service would not open the /dev/binder because it starts before the coldboot. Also, it uses the passthrough mode. How can I tweak the init process so that camera provider service would run and not kill itself?
I have problem with Android O HIDL. The failure log shows it can't find out the service.
However I can see it by adb shell ps -A | grep fingerprint
system 18758 1 17408 3276 pipe_wait 7c79e93e08 R android.hardware.biometrics.fingerprint#2.1-service`
Could anyone give me a hint how to solve the problem? I checked https://source.android.com/devices/architecture/hidl/ but could not get the solution.
Error log:
08-21 06:00:35.864 1890 2264 V FingerprintService: mDeamon was null, reconnect to fingerprint
08-21 06:00:35.864 1890 2264 I system_server: Looking for service android.hardware.biometrics.fingerprint#2.1::IBiometricsFingerprint/default
08-21 06:00:35.864 2240 2240 D wpa_supplicant: nl80211: Set mode ifindex 24 iftype 2 (STATION)
08-21 06:00:35.866 566 566 W /system/bin/hwservicemanager: getTransportFromManifest: Cannot find entry android.hardware.biometrics.fingerprint#2.1::IBiometricsFingerprint in either framework or device manifest, using default transport.
08-21 06:00:35.866 1890 2264 E system_server: service android.hardware.biometrics.fingerprint#2.1::IBiometricsFingerprint declares transport method EMPTY but framework expects hwbinder.
08-21 06:00:35.867 1890 2264 E FingerprintService: Failed to get biometric interface
08-21 06:00:35.867 1890 2264 E FingerprintService: android.os.RemoteException: HwBinder Error: (-2147483648)
08-21 06:00:35.867 1890 2264 E FingerprintService: at android.os.HwBinder.getService(Native Method)
08-21 06:00:35.867 1890 2264 E FingerprintService: at android.hardware.biometrics.fingerprint.V2_1.IBiometricsFingerprint.getService(IBiometricsFingerprint.java:44)
08-21 06:00:35.867 1890 2264 E FingerprintService: at com.android.server.fingerprint.FingerprintService.getFingerprintDaemon(FingerprintService.java:239)
08-21 06:00:35.867 1890 2264 E FingerprintService: at com.android.server.fingerprint.FingerprintService$FingerprintServiceWrapper.isHardwareDetected(FingerprintService.java:1198)
08-21 06:00:35.867 1890 2264 E FingerprintService: at android.hardware.fingerprint.IFingerprintService$Stub.onTransact(IFingerprintService.java:156)
08-21 06:00:35.867 1890 2264 E FingerprintService: at android.os.Binder.execTransact(Binder.java:674)
08-21 06:00:35.867 1890 2264 W FingerprintService: fingerprint HIDL not available
I've succeeded in running my fingerprint HAL on Android 8.1 executing on HiKey
96 board after modified files as below.
Firstly, it's necessary that adding HIDL configures to declare a device as a vendor or you would get VTS failed.
About HIDL configures
device/linaro/hikey/manifest.xml
+<hal format="hidl">
<name>android.hardware.biometrics.fingerprint</name>
<transport>hwbinder</transport>
<version>2.1</version>
<interface>
<name>IBiometricsFingerprint</name>
<instance>default</instance>
</interface>
</hal>
Secondly, finger service will be started after you define it in the file below.
device/linaro/hikey/device-common.mk
+#init finger service and copy
android.hardware.biometrics.fingerprint#2.1-service.rc to
system/vendor/etc/init
+PRODUCT_PACKAGES += \
+android.hardware.biometrics.fingerprint#2.1-service
+# copy permission file of finger service
+PRODUCT_COPY_FILES += \
+frameworks/native/data/etc/android.hardware.fingerprint.xml:system/etc
/permissions/android.hardware.fingerprint.xml
Finally, check finger service has been started and running in Android system by using terminal commands such as "adb shell" and "ps | grep finger".
Any suggestion is welcome.
I found out that I need to add the code to the manifest.xml
(Ref. https://source.android.com/devices/architecture/vintf/objects )
<hal format="hidl">
<name>android.hardware.biometrics.fingerprint</name>
<transport>hwbinder</transport>
<impl level="generic"></impl>
<version>2.1</version>
<interface>
<name>IBiometricsFingerprint</name>
<instance>default</instance>
</interface>
</hal>
I have added a new System Service into Android Framework in earlier versions (4.4) following this tutorial from Texas Instruments
But when I try to do a similar thing in Android Lollipop, the SELinux policy denies me to do so.
This is the output from logcat.
05-11 15:49:51.362 248 248 I SystemServer: Test Service Starting
05-11 15:49:51.364 248 248 I TestManagerService: Started Test Manager Service
05-11 15:49:51.370 54 54 E SELinux : avc: denied { add } for service=TestManagerService scontext=u:r:system_server:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager
05-11 15:49:51.371 54 54 E ServiceManager: add_service('TestManagerService',28) uid=1000 - PERMISSION DENIED
05-11 15:49:51.378 248 248 E SystemServer: Failure starting TestManagerService
05-11 15:49:51.378 248 248 E SystemServer: java.lang.SecurityException
05-11 15:49:51.378 248 248 E SystemServer: at android.os.BinderProxy.transactNative(Native Method)
05-11 15:49:51.378 248 248 E SystemServer: at android.os.BinderProxy.transact(Binder.java:496)
05-11 15:49:51.378 248 248 E SystemServer: at android.os.ServiceManagerProxy.addService(ServiceManagerNative.java:150)
05-11 15:49:51.378 248 248 E SystemServer: at android.os.ServiceManager.addService(ServiceManager.java:72)
05-11 15:49:51.378 248 248 E SystemServer: at com.android.server.SystemServer.startOtherServices(SystemServer.java:551)
05-11 15:49:51.378 248 248 E SystemServer: at com.android.server.SystemServer.run(SystemServer.java:257)
05-11 15:49:51.378 248 248 E SystemServer: at com.android.server.SystemServer.main(SystemServer.java:171)
05-11 15:49:51.378 248 248 E SystemServer: at java.lang.reflect.Method.invoke(Native Method)
05-11 15:49:51.378 248 248 E SystemServer: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:723)
05-11 15:49:51.378 248 248 E SystemServer: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:613)
I do not want to disable SELinux policy. I just want the policy to allow my new service too. What should I do?
Check this link: http://androidosp.blogspot.com.tr/2014/11/selinux-seandroid-exceptions-for-system.html
You can simply goto: /external/sepolicy/service_contexts
and add your new service there. Thats it!
To file:
android-dev\external\sepolicy\service.te
Add:
type mytest_service, system_api_service, system_server_service,
service_manager_type;
To file:
android-dev\external\sepolicy\service_contexts
Add:
mytestservice u:object_r:mytest_service:s0
where mytestservice your name service
It's help me
In Android 7.1.1 the service_contexts file has moved to system/sepolicy
to add A service "foo" to the policy add to the file service_contexts
foo u:object_r:foo_service:s0
And in service.te add:
type foo_service, app_api_service, system_server_service, service_manager_type;
A device specific policy can be created by adding a service_contexts & service.te file in the devices sepolicy directory: device/myDevice/versionName/sepolicy
add in your sepolicy file
allow system_server default_android_service:service_manager add