Android 6.0中在/dev下添加新设备驱动下Selinux相关设置【转】
本文转载自:https://blog.csdn.net/fantasy_wxe/article/details/52013922
错误1:
07-23 13:06:57.617 117 117 I SystemServer: Freg Service
07-23 13:06:57.618 117 117 I FregServiceJNI: Initializing HAL stub freg.....
07-23 13:06:57.633 117 117 I FregServiceJNI: Device freg found.
07-23 13:06:57.634 117 117 E freg_hw : Failed to open device file /dev/freg -- Permission denied.
07-24 13:07:25.200 143 143 W system_server: type=1400 audit(0.0:5): avc: denied { read write } for name="freg" dev="tmpfs" ino=1576 scontext=u:r:system_server:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
错误2:
07-24 13:57:25.209 143 143 E FregServiceJNI: Failed to open device freg.
07-24 13:57:25.209 143 143 E FregService: Failed to initialize freg service.
07-24 13:57:25.219 62 62 E SELinux : avc: denied { add } for service=freg pid=143 uid=1000 scontext=u:r:system_server:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0
07-24 13:57:25.222 62 62 E ServiceManager: add_service('freg',4a) uid=1000 - PERMISSION DENIED
07-24 13:57:25.231 143 143 E SystemServer: Failure staring Freg Service
错误3:
07-24 13:01:50.326 62 62 E SELinux : avc: denied { find } for service=freg pid=1043 uid=10047 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:freg_service:s0 tclass=service_manager permissive=0
解决方法:
在device.te文件中添加
type freg_device, dev_type;
在domain.te文件中添加
allow domain freg_device:chr_file rw_file_perms;
在file_contexts文件中添加
/dev/freg u:object_r:freg_device:s0
在service.te中文件中添加
type freg_service, system_api_service, system_server_service, service_manager_type;
在service_contexts文件中添加
freg u:object_r:freg_service:s0
在system_server.te文件中添加
allow system_server freg_device:chr_file rw_file_perms;
在untrusted_app.te文件中添加
allow untrusted_app freg_service:service_manager find;
在system_app.te文件中添加
allow system_app freg_service:service_manager find;
参考: