On 05/27/2018 09:08 AM, Mantesh Eksambe wrote: > Hi, > > I want to perform file read write operation from /hardware > <http://androidxref.com/8.0.0_r4/xref/hardware/>/qcom > <http://androidxref.com/8.0.0_r4/xref/hardware/qcom/>/audio > <http://androidxref.com/8.0.0_r4/xref/hardware/qcom/audio/>/post_proc > <http://androidxref.com/8.0.0_r4/xref/hardware/qcom/audio/post_proc/>/volume_listener.c > > <http://androidxref.com/8.0.0_r4/xref/hardware/qcom/audio/post_proc/volume_listener.c> > effect file. I have created directory at /data/vendor/misc/my_dir. > So i want to write effect data from volume_listener.c to my directory. > > As per my understanding post_proc effect comes under hal_audio_default > domain. Then i have added "allow hal_audio_default system_data_file:file { > write create };" in hal_audio.te file. But after adding I'm facing following > issue while building AOSP > > NOTE - I'm working on Android Oreo. > > Error - > > libsepol.report_failure: neverallow on line 856 of > system/sepolicy/public/domain.te (or line 9111 of policy.conf) violated by > allow hal_audio_default system_data_file:file { write create }; > > I hope you understand my issue. please help me to solve this issue. > Please find attached build log for more clarity.
You need to define a type other than system_data_file and assign it to your directory via file_contexts so that your process only needs create/write to your own type and not arbitrary system data files. _______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.