On Dec 3, 2015 8:26 AM, "William Roberts" <[email protected]> wrote: > > > On Dec 3, 2015 8:19 AM, "Elena Reshetova" <[email protected]> wrote: > > > > Hi Richard, > > > > >I fixed a problem of this type in libselinux with the change at: > > > > >https://android-review.googlesource.com/#/c/157661/ > > >in June as part of the Enhanced spec file support. Could you check if this is present, > > >if so I'll investigate further. > > > > Yes, we do have this change in our tree. Let me know what more details you might need for investigation. So far I had to put the workaround with adding a new line and it solves the issue, but would be great to get it fixed properly. > > > > It might be hard for Richard to reproduce. > The build recipe is via m4 and had no libsepol dependency, my guess is some bug there. Likely the best solution is always add a newline. > > Even in the binary form the intermediate is built off of m4 then handed to sefcontext_compile. Perhaps the compiler could implicitly add a newline.
Well possible likely not a good approach. > > I would confirm the bug is in m4 by changing it to cat in the makefile. That won't work as cat doesn't add the newline. Perhaps some combo of echo and cat or your own script to do it. This would prove the bugs in m4. Also look at m4 upstream and see if theirs a bug filed/fixed for this. > > Bill > > > > > Best Regards, > > Elena > > > > > > On Thu, 3 Dec 2015 at 13:08 Richard Haines < [email protected]> wrote: > >> > >> > >> On Thursday, 3 December 2015, 10:07, Elena Reshetova < [email protected]> wrote: > >> > >> > >> > > >> > > >> >Hi guys, > >> > > >> >I have been investigating a really weird issue and want to ask if you know what might go wrong. > >> >So, normally file_contexts file is composed from the external/sepolicy/file_contexts and OEM modifications that can be declared in different places in file_contexts files, but joined using the BOARD_SEPOLICY_DIRS. For example: > >> >BOARD_SEPOLICY_DIRS += device/intel/sepolicy/bla/xyz > >> > > >> >All is good and it worked for ages, but now it works strangely on one (and only one) particular addition in file_contexts like this: > >> > > >> >/dev/xyz u:object_r:xyz_device:s0 > >> > > >> > > >> > >> >Important part here is that there is no newline at the end of the above line (which is quite normal and the same for many other similar file_contexts file). > >> > >> > >> I fixed a problem of this type in libselinux with the change at: > >> > >> https://android-review.googlesource.com/#/c/157661/ > >> in June as part of the Enhanced spec file support. Could you check if this is present, > >> if so I'll investigate further. > >> > > >> > > >> >So, what happens is that line gets added to the resulted file_contexts there is a no newline after and the next addition to file_contexts get written to the same line (straight after the label). So, in the resulting file_contexts we have: > >> > > >> >/dev/xyz u:object_r:xyz_device:s0#Additional file_contexts > >> > > >> > > >> >Where "#Additional file_contexts" is the first line of another file_contexts file that happens to be added after. > >> > > >> > > >> >Of course selinux has an issue with the above label, so it complains: > >> > > >> >out/target/product/bla/root/file_contexts: line 721 has invalid file type u:object_r:xyz_device:s0# > >> >out/target/product/bla/root/file_contexts: line 721 has invalid file type u:object_r:xyz_device:s0# > >> >out/target/product/bla/root/file_contexts: line 721 has invalid file type u:object_r:xyz_device:s0# > >> >out/target/product/bla/root/file_contexts: line 721 has invalid file type u:object_r:xyz_device:s0# > >> > > >> > > >> > > >> >Any ideas why this happens? > >> > > >> > > >> >Best Regards, > >> > > >> >Elena. > >> > > >> > > >> > > >> > > >> >_______________________________________________ > >> >Seandroid-list mailing list > >> >[email protected] > >> >To unsubscribe, send email to [email protected]. > >> >To get help, send an email containing "help" to [email protected]. > >> > > >> > > > > > > > _______________________________________________ > > Seandroid-list mailing list > > [email protected] > > To unsubscribe, send email to [email protected]. > > To get help, send an email containing "help" to [email protected].
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
