Well it depends on who is doing the create and in that code its not obvious to me. Is your socket created by the service declaration in init.rc? If so then look at the readme, theirs an option for specifying the contexts. You may need to do a dynamic type trans for that socket type. Depending on kernel version you can use named dynamic type trans. On Feb 17, 2014 5:49 PM, "Tai Nguyen (tainguye)" <[email protected]> wrote:
> This is a sample code of HCI socket that blueZ use ( > http://people.csail.mit.edu/albert/bluez-intro/c404.html) > > #include <stdio.h> > #include <stdlib.h> > #include <unistd.h> > #include <sys/socket.h> > #include <bluetooth/bluetooth.h> > #include <bluetooth/hci.h> > #include <bluetooth/hci_lib.h> > > int main(int argc, char **argv) > { > inquiry_info *ii = NULL; > int max_rsp, num_rsp; > int dev_id, sock, len, flags; > int i; > char addr[19] = { 0 }; > char name[248] = { 0 }; > > dev_id = hci_get_route(NULL); > sock = hci_open_dev( dev_id ); > if (dev_id < 0 || sock < 0) { > perror("opening socket"); > exit(1); > } > > len = 8; > max_rsp = 255; > flags = IREQ_CACHE_FLUSH; > ii = (inquiry_info*)malloc(max_rsp * sizeof(inquiry_info)); > > num_rsp = hci_inquiry(dev_id, len, max_rsp, NULL, &ii, flags); > if( num_rsp < 0 ) perror("hci_inquiry"); > > for (i = 0; i < num_rsp; i++) { > ba2str(&(ii+i)->bdaddr, addr); > memset(name, 0, sizeof(name)); > if (hci_read_remote_name(sock, &(ii+i)->bdaddr, sizeof(name), > name, 0) < 0) > strcpy(name, "[unknown]"); > printf("%s %s\n", addr, name); > } > > free( ii ); > close( sock ); > return 0; > } > > Tai > > From: William Roberts <[email protected]> > Date: Monday, February 17, 2014 at 8:27 PM > To: Tai Nguyen <[email protected]> > Cc: "[email protected]" <[email protected]> > Subject: Re: How to set Security context for blueZ HCI socket > > Depends on how the socket gets created. Could you provide more details? > On Feb 17, 2014 4:01 PM, "Tai Nguyen (tainguye)" <[email protected]> > wrote: > >> Our device uses blueZ stack instead of bluedroid, and we have audit >> message about unlabeled socket >> >> audit(1392652331.875:225): avc: denied { read } for pid=5249 >> comm="bluetoothd" scontext=u:r:bluetoothd:s0 >> tcontext=u:object_r:unlabeled:s0 tclass=socket >> >> This could be the hci socket that blueZ uses. How do I set security >> label for this type of socket? >> >> Thanks, >> Tai >> >> _______________________________________________ >> Seandroid-list mailing list >> [email protected] >> To unsubscribe, send email to [email protected]. >> To get help, send an email containing "help" to >> [email protected]. >> >>
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
