It seems I have old code of SEAndroid which does not implement look_common, selabel_lookup_partitial_match(). It seems lookup() functionality is moved to lookup_common(). Last commit in my workspace is following:
commit 8b4760949bbafdee6f7825f39423f3db745f4115 Author: Stephen Smalley <[email protected]> Date: Mon Dec 23 13:51:15 2013 -0500 DO NOT MERGE: Fix a bug in the userspace AVC that broke per-domain permissive mode. Failure to copy the entire av_decision structure, including the flags field, would prevent preservation of the SELINUX_AVD_FLAGS_PERMISSIVE flag and thus cause per-domain permissive to not be honored for userspace permission checks. Also ensure that we clear the entire structure. Signed-off-by: Stephen Smalley <[email protected]> On Tue, Jun 17, 2014 at 11:51 AM, Dinesh Garg <[email protected]> wrote: > I am still facing setup issues. I will update the list as soon as I am > able to test the patch. > > > On Jun 17, 2014, at 11:47 AM, Stephen Smalley <[email protected]> wrote: > > > > Did this address your issue? > > > >> On 06/13/2014 02:09 AM, Dinesh Garg wrote: > >> Thanks a lot for the patches. I had trouble setting up my workspace. I > >> will update the result on Monday. > >> > >> > >> On Thu, Jun 12, 2014 at 11:27 AM, Stephen Smalley <[email protected] > >> <mailto:[email protected]>> wrote: > >> > >>> On 06/12/2014 08:41 AM, Stephen Smalley wrote: > >>> On 06/12/2014 03:08 AM, Dinesh Garg wrote: > >>>>>> Is that good enough or do you need this to be done for all device > >>>> nodes automatically when > >>>> created by ueventd? > >>>> I am not sure about the need to do it for all device. While > >> setting the > >>>> symlink, i get the corresponding device and then label from > >> policy and > >>>> use setfilecon to apply it. Is my understanding correct ? > >>> > >>> If we create a patch for system/core/init, can you test it with your > >>> setup to see if it resolves your issue? > >> > >> The code changes for external/libselinux and system/core are: > >> https://android-review.googlesource.com/#/c/97701/ > >> and > >> https://android-review.googlesource.com/#/c/97721/ > >> and a change to test the support on hammerhead is: > >> https://android-review.googlesource.com/#/c/97750/ > >> > >> The latter rewrites the file_contexts entries for hammerhead to use > the > >> /dev/block/platform/msm_sdcc.1/by-name/<name> symlink pathnames > rather > >> than the /dev/block/mmcblk* real pathnames, thereby demonstrating > that > >> the label-by-symlink support works correctly. This allows you to > label > >> based on the partition name rather than the partition number. Does > that > >> address your issue? > >> > >> > >> > >> > >> _______________________________________________ > >> Seandroid-list mailing list > >> [email protected] > >> To unsubscribe, send email to [email protected]. > >> To get help, send an email containing "help" to > [email protected]. > > >
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
