On 01/24/2013 01:33 PM, Stephen Smalley wrote:
On 01/24/2013 12:16 AM, Peck, Michael A wrote:
An app I installed (Big Win Basketball) kept crashing whenever SELinux
enforcing mode was turned on. This is on a Galaxy Nexus (maguro).
Oddly, with enforcing mode turned off, no denial messages were showing
up in the log.
<5>[ 552.326965] type=1400 audit(1358990973.587:16): avc: denied {
search } for pid=1907 comm="igwinbasketball" name="/" dev=tmpfs
ino=2500 scontext=u:r:untrusted_app:s0:c48,c256
tcontext=u:object_r:tmpfs:s0 tclass=dir
From logcat:
E/AndroidRuntime( 3105): Caused by: java.lang.IllegalArgumentException:
Invalid path: /storage/emulated/0
E/AndroidRuntime( 3105): Caused by: libcore.io.ErrnoException: statfs
failed: EACCES (Permission denied)
I eventually noticed (using a Terminal Emulator app) that from the
perspective of running apps, /storage/emulated is labeled as
u:object_r:tmpfs:s0 (but from the perspective of ‘adb shell’ it’s
labeled u:object_r:rootfs:s0), which I think was preventing the app from
being able to access /storage/emulated/0 (which is correctly labeled
u:object_r:sdcard:s0).
I modified dalvik/vm/Init.cpp to label /storage/emulated as
u:object_r:sdcard:s0 when mounting and that seemed to fix the problem.
Not sure if that is the right approach or the right label (though it’s
already setting gid=1028 which is sdcard_r, so labeling as sdcard might
make sense).
diff --git a/vm/Init.cpp b/vm/Init.cpp
index 11d884e..639da90 100644
--- a/vm/Init.cpp
+++ b/vm/Init.cpp
@@ -1658,7 +1658,7 @@ static bool initZygote()
const char* target_base = getenv("EMULATED_STORAGE_TARGET");
if (target_base != NULL) {
if (mount("tmpfs", target_base, "tmpfs", MS_NOSUID | MS_NODEV,
- "uid=0,gid=1028,mode=0050") == -1) {
+
"uid=0,gid=1028,mode=0050,fscontext=u:object_r:sdcard:s0") == -
SLOGE("Failed to mount tmpfs to %s: %s", target_base,
strerror(errn
return -1;
}
Thanks for investigating this. I have also seen this at times but had
not yet chased it down. I agree that we should label it with something
other than just the default tmpfs type, and sdcard is at least a
reasonable starting point and consistent with the group ownership as you
say. Perhaps you could upload this change to AOSP and see if you can
get any comments? Add me as a reviewer and I'll add others.
Actually, as the mode is only 050, we likely want a type other than
sdcard as it should be searchable but not writable by app domains.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
