Is there a list of patched to cherry-pick for addressing tracing denials in Android M + Kernel 4.4 combination?
-----Original Message----- From: Seandroid-list [mailto:[email protected]] On Behalf Of Stephen Smalley Sent: Friday, May 27, 2016 12:30 PM To: Inamdar Sharif; [email protected] Subject: Re: tracefs avc denial on k4.4 On 05/27/2016 01:14 PM, Stephen Smalley wrote: > On 05/27/2016 12:03 PM, Inamdar Sharif wrote: >> I am also getting the below denial: >> >> avc: denied { write } for pid=1 comm="init" name="/" dev="debugfs" >> ino=1 scontext=u:r:init:s0 tcontext=u:object_r:debugfs:s0 tclass=dir >> permissive=0 >> >> We have following rule for file: >> # debugfs access >> allow domain debugfs:dir r_dir_perms; allow domain debugfs:file >> w_file_perms; >> >> Anything I am missing here?? > > The denial was on dir (directory) rather than file, and we are only > allowing read to dir above. But init shouldn't be trying to write (e.g. > create or delete a file) in debugfs AFAIK. Are you doing something > wrong in your init.board.rc file with regard to /sys/kernel/debug? Are you mounting tracefs in your init.<board>.rc file? _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected]. _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
