tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Annotate denials

Browse source 
There is a race condition between when /data is mounted
and when processes attempt to access it. Attempting to access
/data before it's mounted causes an selinux denial. Attribute
these denials to a bug.

07-04 23:48:53.646   503   503 I auditd  : type=1400 audit(0.0:7): avc:
denied { search } for comm="surfaceflinger" name="/" dev="sda35" ino=2
scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:unlabeled:s0
tclass=dir permissive=0
07-15 17:41:18.100   582   582 I auditd  : type=1400 audit(0.0:4): avc:
denied { search } for comm="BootAnimation" name="/" dev="sda35" ino=2
scontext=u:r:bootanim:s0 tcontext=u:object_r:unlabeled:s0 tclass=dir
permissive=0

Bug: 68864350
Test: build
Change-Id: I07f751d54b854bdc72f3e5166442a5e21b3a9bf5
This commit is contained in:
Jeff Vander Stoep 2018-01-16 19:47:36 -08:00
parent 97753529fd
commit 1e1a3f7c58
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
private/bug_map
View file

@ -5,3 +5,7 @@ crash_dump app_data_file dir 68319037
crash_dump bluetooth_data_file dir 68319037
crash_dump vendor_overlay_file dir 68319037
statsd statsd capability 71537285
hal_graphics_allocator_default unlabeled dir 70180742
surfaceflinger unlabeled dir 68864350
hal_graphics_composer_default unlabeled dir 68864350
bootanim unlabeled dir 68864350