Thank you sir. I would like to learn in detail about android SELINUX. Could you please suggest me the correct reference for that.
On Tue, May 29, 2018 at 7:12 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote: > On 05/27/2018 09:08 AM, Mantesh Eksambe wrote: > > Hi, > > > > I want to perform file read write operation from /hardware < > http://androidxref.com/8.0.0_r4/xref/hardware/>/qcom < > http://androidxref.com/8.0.0_r4/xref/hardware/qcom/>/audio < > http://androidxref.com/8.0.0_r4/xref/hardware/qcom/audio/>/post_proc < > http://androidxref.com/8.0.0_r4/xref/hardware/qcom/audio/post_proc/>/volume_listener.c > <http://androidxref.com/8.0.0_r4/xref/hardware/qcom/audio/ > post_proc/volume_listener.c> effect file. I have created directory at > /data/vendor/misc/my_dir. > > So i want to write effect data from volume_listener.c to my directory. > > > > As per my understanding post_proc effect comes under hal_audio_default > domain. Then i have added "allow hal_audio_default system_data_file:file { > write create };" in hal_audio.te file. But after adding I'm facing > following issue while building AOSP > > > > NOTE - I'm working on Android Oreo. > > > > Error - > > > > libsepol.report_failure: neverallow on line 856 of > system/sepolicy/public/domain.te (or line 9111 of policy.conf) violated > by allow hal_audio_default system_data_file:file { write create }; > > > > I hope you understand my issue. please help me to solve this issue. > > Please find attached build log for more clarity. > > You need to define a type other than system_data_file and assign it to > your directory via file_contexts so that your process only needs > create/write to your own type and not arbitrary system data files. > >
_______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.