I tried dora(poky + meta-selinux + meta-fsl-ppc), following error message appears during kernel boot up, please help.
RAMDISK: gzip image found at block 0 VFS: Mounted root (ext2 filesystem) on device 1:0. devtmpfs: mounted Freeing unused kernel memory: 340k freed Mount failed for selinuxfs on /sys/fs/selinux: No such file or directory Unable to load SELinux Policy. Machine is in enforcing mode. Halting now. Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000100 Call Trace: [c0000002f9143ae0] [c000000000008b2c] .show_stack+0x7c/0x1f0 (unreliable) [c0000002f9143bb0] [c000000000816e48] .panic+0xec/0x24c [c0000002f9143c40] [c00000000003d094] .do_exit+0x964/0xa40 [c0000002f9143d30] [c00000000003e354] .do_group_exit+0x54/0xf0 [c0000002f9143dc0] [c00000000003e404] .SyS_exit_group+0x14/0x20 [c0000002f9143e30] [c000000000000598] syscall_exit+0x0/0x88 Rebooting in 180 seconds.. Best Regards, Zhenhua > -----Original Message----- > From: yocto-boun...@yoctoproject.org [mailto:yocto- > boun...@yoctoproject.org] On Behalf Of zhenhua....@freescale.com > Sent: Wednesday, July 23, 2014 10:29 AM > To: Mark Hatle; yocto@yoctoproject.org > Subject: Re: [yocto] SELinux doesn't work on t4240qds > > Hi Mark, > > Thanks for your comments. > > > -----Original Message----- > > From: yocto-boun...@yoctoproject.org [mailto:yocto- > > boun...@yoctoproject.org] On Behalf Of Mark Hatle > > > > On 7/22/14, 10:11 AM, zhenhua....@freescale.com wrote: > > > Hi all, > > > > Which release are you using. > [Luo Zhenhua-B19537] I tried poky daisy + meta-fsl-ppc master + meta- > selinux master > > > The last version I used w/ meta-selinux was the 1.5 release. > > > > We're planning on updating it to master in the 'near' future [patches > > welcome!], and I've been told by a few others of success w/ 1.7. > [Luo Zhenhua-B19537] I will try master and dora. > > > Did you enable the 'selinux' distribution flag? > > If so, it should have enabled all of the components necessary for this > stuff to be enabled. > [Luo Zhenhua-B19537] Yes, selinux is in DISTRO_FEATURES. > > > Best Regards, > > Zhenhua > > > --Mark > > > > > I use the meta-selinux layer to build a core-image-selinux rootfs > > > image, and build kernel with following options enabled. > > > > > > CONFIG_AUDIT=y > > > > > > CONFIG_NETWORK_SECMARK=y > > > > > > CONFIG_EXT2_FS_SECURITY=y > > > > > > CONFIG_EXT3_FS_SECURITY=y > > > > > > CONFIG_EXT4_FS_SECURITY=y > > > > > > CONFIG_JFS_SECURITY=y > > > > > > CONFIG_REISERFS_FS_SECURITY=y > > > > > > CONFIG_JFFS2_FS_SECURITY=y > > > > > > CONFIG_SECURITY_NETWORK=y > > > > > > CONFIG_SECURITY_SELINUX=y > > > > > > CONFIG_SECURITY_SELINUX_BOOTPARAM=y > > > > > > CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 > > > > > > CONFIG_SECURITY_SELINUX_DISABLE=y > > > > > > CONFIG_SECURITY_SELINUX_DEVELOP=y > > > > > > CONFIG_SECURITY_SELINUX_AVC_STATS=y > > > > > > CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 > > > > > > I use the generated images to boot up FSL PPC t4240qds board(tried > > > both NFS boot and RAM boot with ext2.gz.u-boot rootfs), the SELinux > > > is not turned on after kernel boot up. > > > > > > following is some information in rootfs. > > > > > > root@t4240qds:~# sestatus > > > > > > SELinux status: disabled > > > > > > root@t4240qds:~# > > > > > > root@t4240qds:~# cat /etc/selinux/config > > > > > > # This file controls the state of SELinux on the system. > > > > > > # SELINUX= can take one of these three values: > > > > > > # enforcing - SELinux security policy is enforced. > > > > > > # permissive - SELinux prints warnings instead of enforcing. > > > > > > # disabled - No SELinux policy is loaded. > > > > > > SELINUX=enforcing > > > > > > # SELINUXTYPE= can take one of these two values: > > > > > > # standard - Standard Security protection. > > > > > > # mls - Multi Level Security protection. > > > > > > SELINUXTYPE=mls > > > > > > root@t4240qds:~# cat /proc/cmdline > > > > > > root=/dev/ram rw console=ttyS0,115200 selinux=1 > > > > > > root@t4240qds:~# setenforce 1 > > > > > > setenforce: SELinux is disabled > > > > > > root@t4240qds:~# getenforce > > > > > > Disabled > > > > > > root@t4240qds:~# > > > > > > Can somebody shed some light on the issue? > > > > > > Best Regards, > > > > > > Zhenhua > > > > > > > > > > > > > -- > > _______________________________________________ > > yocto mailing list > > yocto@yoctoproject.org > > https://lists.yoctoproject.org/listinfo/yocto > -- > _______________________________________________ > yocto mailing list > yocto@yoctoproject.org > https://lists.yoctoproject.org/listinfo/yocto -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto