Running v78 arm64 on my Nexus 5x, and while my module works fine, it seems to be throwing an error that appears to be selinux-related:
Code:
11-18 14:56:43.517 17325 17325 I re-initialized>: type=1400 audit(0.0:66): avc: denied { search } for name="com.dr8.xposed.tdfuzzer" dev="mmcblk0p45" ino=393334 scontext=u:r:system_app:s0 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=1
11-18 14:56:43.537 17341 17341 I XSharedPreferen: type=1400 audit(0.0:67): avc: denied { open } for path="/data/data/com.dr8.xposed.tdfuzzer/shared_prefs/com.dr8.xposed.tdfuzzer_preferences.xml" dev="mmcblk0p45" ino=393304 scontext=u:r:system_app:s0 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=file permissive=1
Thing is, I've got selinux in permissive (via ElementalX kernel), so I'm not quite sure what should be done. Does XSharedPreferences need some selinux-loving, maybe like the SELinuxHelper class?
Related
Hello.
I have really silly problem with my Nexus 5X. After some times video related functions will stop to work (like video recording, video playing, youtube...) until I reboot the phone.
I tried to fully raflash stock ROM and then again install custom ROM. Tested with PureNexus and Chroma. But I didn't see anyone with the same problem.
After the reflash it worked for longest time - 3 days. Then it unfortunately again stopped to work when I was watching on youtube videos. Now it again work for about 1 day.
When it happen I took the logs. I don't know if it's related error but I found this in the log:
Code:
[13442.750584] type=1400 audit(1467234102.598:321): avc: denied { write } for pid=23139 comm="app_process" name="[email protected]<email omitted>" dev="dm-0" ino=32712 scontext=u:r:shell:s0 tcontext=u:object_r:dalvikcache_data_file:s0 tclass=file permissive=0
[13442.796198] type=1400 audit(1467234102.645:322): avc: denied { write } for pid=23139 comm="main" name="arm64" dev="dm-0" ino=32707 scontext=u:r:shell:s0 tcontext=u:object_r:dalvikcache_data_file:s0 tclass=dir permissive=0
[13442.850242] type=1400 audit(1467234102.698:323): avc: denied { dac_override } for pid=23151 comm="main" capability=1 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
[13442.852497] type=1400 audit(1467234102.698:324): avc: denied { dac_override } for pid=23151 comm="main" capability=1 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
[13442.852805] type=1400 audit(1467234102.698:325): avc: denied { dac_override } for pid=23151 comm="main" capability=1 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
Logs are in attachment. The problem should be near the end of the logs...
Thanks for any help.
Benik3 said:
Hello.
I have really silly problem with my Nexus 5X. After some times video related functions will stop to work (like video recording, video playing, youtube...) until I reboot the phone.
I tried to fully raflash stock ROM and then again install custom ROM. Tested with PureNexus and Chroma. But I didn't see anyone with the same problem.
After the reflash it worked for longest time - 3 days. Then it unfortunately again stopped to work when I was watching on youtube videos. Now it again work for about 1 day.
When it happen I took the logs. I don't know if it's related error but I found this in the log:
Code:
[13442.750584] type=1400 audit(1467234102.598:321): avc: denied { write } for pid=23139 comm="app_process" name="[email protected]<email omitted>" dev="dm-0" ino=32712 scontext=u:r:shell:s0 tcontext=u:object_r:dalvikcache_data_file:s0 tclass=file permissive=0
[13442.796198] type=1400 audit(1467234102.645:322): avc: denied { write } for pid=23139 comm="main" name="arm64" dev="dm-0" ino=32707 scontext=u:r:shell:s0 tcontext=u:object_r:dalvikcache_data_file:s0 tclass=dir permissive=0
[13442.850242] type=1400 audit(1467234102.698:323): avc: denied { dac_override } for pid=23151 comm="main" capability=1 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
[13442.852497] type=1400 audit(1467234102.698:324): avc: denied { dac_override } for pid=23151 comm="main" capability=1 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
[13442.852805] type=1400 audit(1467234102.698:325): avc: denied { dac_override } for pid=23151 comm="main" capability=1 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
Logs are in attachment. The problem should be near the end of the logs...
Thanks for any help.
Click to expand...
Click to collapse
Have you tried with only the rom/gapps and most essential apps you need to see if the problem comes back then reinstall each app one at a time to see if you find the problem app? Slow I know but I logcat reading skills are still new.
What is your selinux status?
Yes. I tried to have the phone for a while in "clean" state, and still I had the error.
SELinux doesn't have effect on it. Same with permissive and enforcing mode.
Benik3 said:
Yes. I tried to have the phone for a while in "clean" state, and still I had the error.
SELinux doesn't have effect on it. Same with permissive and enforcing mode.
Click to expand...
Click to collapse
Thats asfar as I can help i'm afraid.
I searched "avc: denied" in google which returned a bunch of results to do with se linux which is why I asked.
Yeah, I tried to google it too, but I didn't get any related info :/
Anyway thanks for interest
Hello.
I will revive this topic, because I still didn't find the solution
I still have problem, that after some time of using, video related functions doesn't work (recording, youtube...).
What's interesting, only in Chrome youtube works...
Only thing which changed is, that I'm now not able to immediately evoke this problem by manual camera settings.
Do you think, that LG TOT can fix this? It doesn't look like HW problem, but on the other hand it happen on all ROMs/kernels
I bought LG Optimus G E975 (international) one year ago. I rooted my phone and unlock bootloader using FreeGee. Everything went well. I had unlocked bootloader and installed TWRP 2.6.3.0. I decided that It was time for installation new ROM. I chose CM 12 (snapshot version), I flashed it, but I had a bootloop problem (stuck on boot animation). After, I tried latest CM 12.1 nightly version, but I had error about umount system during flashing. I solved it by latest TWRP 3.0.0 for geehrc from mordesku.pl/show/geehrc/other/twrp-3.0.0-0-geehrc.zip site and latest bootloader makoz30f from mordesku.pl/show/geehrc/other/makoz30f_flasher.zip. Everything went well, I again flashed CM 12 and 12.1, but I have another error in both cases, that this versions is for E975, not for geehrc. I was suprised, because It is the same. So, I tried flashed another ROM (for geehrc) such as Xenon HD (all versions), Resurection Remix (all versions), PACman ROM, but I always problem with boot (stuck on boot animation). Of course I always did full wipe before flashing whatever. I also tried a trick with flashing, making backup, full wiping and restoring backuped ROM and fix selinux context, but nothing helped.
Fortunately, I have made backup of stock ROM, that works.
My logcat:
Code:
--------- beginning of main
W/auditd ( 158): type=2000 audit(0.0:1): initialized
I/auditd ( 158): type=1403 audit(0.0:2): policy loaded auid=4294967295 ses=4294967295
I/logd ( 158): type=1400 audit(0.0:3): avc: denied { audit_control } for capability=30 scontext=u:r:init:s0 tcontext=u:r:init:s0 tclass=capability permissive=1
I/logd ( 158): type=1400 audit(0.0:4): avc: denied { syslog_read } for scontext=u:r:init:s0 tcontext=u:r:kernel:s0 tclass=system permissive=1
I/setenforce( 166): type=1400 audit(0.0:5): avc: denied { write } for name="enforce" dev="selinuxfs" ino=4 scontext=u:r:recovery:s0 tcontext=ubject_r:selinuxfs:s0 tclass=file permissive=1
I/recovery( 161): type=1400 audit(0.0:6): avc: denied { execmem } for scontext=u:r:init:s0 tcontext=u:r:init:s0 tclass=process permissive=1
I/recovery( 161): type=1400 audit(0.0:7): avc: denied { execute } for path="/dev/ashmem" dev="tmpfs" ino=6351 scontext=u:r:init:s0 tcontext=ubject_r:ashmem_device:s0 tclass=chr_file permissive=1
I/ARMAssembler( 161): generated scanline__00000077:03010101_00008001_00000000 [ 91 ipp] (112 ins) at [0xb696a1f0:0xb696a3b0] in 152602 ns
I/ARMAssembler( 161): generated scanline__00000077:03545402_00000A01_00000000 [ 31 ipp] (52 ins) at [0xb696a3c0:0xb696a490] in 91561 ns
I/ARMAssembler( 161): generated scanline__00000077:03545402_00000A08_00000000 [ 31 ipp] (53 ins) at [0xb696a4a0:0xb696a574] in 61041 ns
I/recovery( 161): type=1400 audit(0.0:8): avc: denied { rename } for name="twrp.fstab" dev="rootfs" ino=5433 scontext=u:r:init:s0 tcontext=ubject_r:rootfs:s0 tclass=file permissive=1
I/recovery( 161): type=1400 audit(0.0:9): avc: denied { create } for name="fstab" scontext=u:r:init:s0 tcontext=ubject_r:rootfs:s0 tclass=file permissive=1
I/recovery( 161): type=1400 audit(0.0:10): avc: denied { write } for name="fstab" dev="rootfs" ino=1816 scontext=u:r:init:s0 tcontext=ubject_r:rootfs:s0 tclass=file permissive=1
I/ARMAssembler( 161): generated scanline__00000077:03545402_00000000_00000000 [ 30 ipp] (44 ins) at [0xb696a580:0xb696a630] in 183122 ns
What's the size of ur system partition ? It needs 2G version
Sent from my Optimus G using XDA-Developers mobile app
paul_zm said:
What's the size of ur system partition ? It needs 2G version
Click to expand...
Click to collapse
My system partition has 1,5G. How can I Increase it easily?
For example, after flashing XenonHD ROM, I have 964,6M free space, so I don't think the size of the system partition was important here.
I noticed that system partition size after flashing custom ROM has 1,4G, after restore stock ROM backup 1,5G. Is it normal?
Having Same issue any fix or workaround ?
I am trying to troubleshoot freezing issues I started having after OOS 5.0.5 - from 5.0.6 (I am currently on 5.0.8 hotfix).
My phone freezes randomly (mostly when on standby).
The phone is completely stock, never been unlocked.
I enabled logs, but after freezing and rebooting (holding the power button 10+ sec.), the error logs I get, all start from the time of the last restart and are useless to me... How can I find out what caused the freeze...?!
Actually - very strange, the oldest part of the log is 31 July (2018 I assume), 3AM and then jumps to the time of the most recent restart, for example I am pasting a portion of the event log and it same for the kernel, etc.:
Starts here:
07-31 03:06:39.316 460 460 I auditd : type=2000 audit(0.0:1): initialized
07-31 03:06:40.959 460 460 I auditd : type=1403 audit(0.0:2): policy loaded auid=4294967295 ses=4294967295
07-31 03:06:40.959 460 460 I auditd : type=1404 audit(0.0:3): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295
07-31 03:06:43.579 451 451 I auditd : type=1400 audit(0.0:4): avc: granted { read } for comm="init" name="param" dev="tmpfs" ino=16448 scontext=u:r:init:s0 tcontext=ubject_rem_device:s0 tclass=chr_file
07-31 03:06:43.579 451 451 I auditd : type=1400 audit(0.0:5): avc: granted { read open } for comm="init" path="/dev/param" dev="tmpfs" ino=16448 scontext=u:r:init:s0 tcontext=ubject_rem_device:s0 tclass=chr_file
07-31 03:06:43.721 0 463 I auditd : SELinux: Loaded service_contexts from:
07-31 03:06:43.722 0 463 I auditd : /vndservice_contexts
07-31 03:06:43.725 461 461 I auditd : SELinux: Loaded service_contexts from:
07-31 03:06:43.726 461 461 I auditd : /plat_service_contexts
07-31 03:06:43.726 461 461 I auditd : /nonplat_service_contexts
07-31 03:06:44.419 548 548 I auditd : type=1400 audit(0.0:6): avc: denied { write } for comm="[email protected]" name="kmsg" dev="tmpfs" ino=7812 scontext=u:r:hal_health_default:s0 tcontext=ubject_r:kmsg_device:s0 tclass=chr_file permissive=0
07-31 03:06:44.429 579 579 I auditd : type=1400 audit(0.0:7): avc: denied { write } for comm="rmt_storage" name="rmts" dev="debugfs" ino=11 scontext=u:r:rmt_storage:s0 tcontext=ubject_r:debugfs:s0 tclass=file permissive=0
07-31 03:06:44.439 610 610 I auditd : type=1400 audit(0.0:8): avc: denied { write } for comm="mkdir" name="sensors" dev="sda2" ino=12 scontext=u:r:qti_init_shell:s0 tcontext=ubject_r:sensors_persist_file:s0 tclass=dir permissive=0
07-31 03:06:44.489 560 560 I auditd : type=1400 audit(0.0:9): avc: denied { write } for comm="vendor.qti.hard" name="property_service" dev="tmpfs" ino=7927 scontext=u:r:hal_perf_default:s0 tcontext=ubject_rroperty_socket:s0 tclass=sock_file permissive=0
07-31 03:06:44.489 560 560 I auditd : type=1400 audit(0.0:10): avc: denied { write } for comm="vendor.qti.hard" name="property_service" dev="tmpfs" ino=7927 scontext=u:r:hal_perf_default:s0 tcontext=ubject_rroperty_socket:s0 tclass=sock_file permissive=0
07-31 03:06:44.489 560 560 I auditd : type=1400 audit(0.0:11): avc: denied { write } for comm="vendor.qti.hard" name="lib_name" dev="sysfs" ino=21849 scontext=u:r:hal_perf_default:s0 tcontext=ubject_r:sysfs:s0 tclass=file permissive=0
07-31 03:06:44.489 560 560 I chatty : uid=0(root) [email protected] identical 1 line
07-31 03:06:44.489 560 560 I auditd : type=1400 audit(0.0:13): avc: denied { write } for comm="vendor.qti.hard" name="lib_name" dev="sysfs" ino=21849 scontext=u:r:hal_perf_default:s0 tcontext=ubject_r:sysfs:s0 tclass=file permissive=0
07-31 03:06:44.809 547 547 I auditd : type=1400 audit(0.0:14): avc: denied { read write } for comm="android.hardwar" name="diag" dev="tmpfs" ino=16429 scontext=u:r:hal_graphics_composer_default:s0 tcontext=ubject_r:diag_device:s0 tclass=chr_file permissive=0
07-31 03:06:47.479 889 889 I auditd : type=1400 audit(0.0:15): avc: denied { read write } for comm="imsqmidaemon" name="diag" dev="tmpfs" ino=16429 scontext=u:r:ims:s0 tcontext=ubject_r:diag_device:s0 tclass=chr_file permissive=0
07-31 03:06:47.489 537 537 I auditd : type=1400 audit(0.0:16): avc: denied { read write } for comm="[email protected]" name="diag" dev="tmpfs" ino=16429 scontext=u:r:hal_audio_default:s0 tcontext=ubject_r:diag_device:s0 tclass=chr_file permissive=0
07-31 03:06:47.679 881 881 I auditd : type=1400 audit(0.0:17): avc: denied { read write } for comm="cnd" name="diag" dev="tmpfs" ino=16429 scontext=u:r:cnd:s0 tcontext=ubject_r:diag_device:s0 tclass=chr_file permissive=0
07-31 03:06:47.761 892 892 I boot_progress_start: 9223
01-09 16:32:18.027 892 892 I sysui_histogram: [boot_zygote_init,10019]
01-09 16:32:18.031 892 892 I sysui_multi_action: [757,804,799,boot_zygote_init,801,10019,802,1]
01-09 16:32:18.035 892 892 I boot_progress_preload_start: 10028
01-09 16:32:18.040 893 893 I sysui_histogram: [boot_zygote_init,10032]
01-09 16:32:18.048 893 893 I sysui_multi_action: [757,804,799,boot_zygote_init,801,10032,802,1]
01-09 16:32:18.669 461 461 I auditd : avc: denied { find } for service=storaged pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:storaged_service:s0 tclass=service_manager
01-09 16:32:18.686 461 461 I auditd : avc: denied { find } for service=media.metrics pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:mediametrics_service:s0 tclass=service_manager
01-09 16:32:18.699 461 461 I auditd : avc: denied { find } for service=media.extractor pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:mediaextractor_service:s0 tclass=service_manager
01-09 16:32:18.700 461 461 I auditd : avc: denied { find } for service=drm.drmManager pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:drmserver_service:s0 tclass=service_manager
01-09 16:32:18.703 461 461 I auditd : avc: denied { find } for service=wificond pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:wificond_service:s0 tclass=service_manager
01-09 16:32:18.719 461 461 I auditd : avc: denied { find } for service=android.service.gatekeeper.IGateKeeperService pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:gatekeeper_service:s0 tclass=service_manager
01-09 16:32:18.720 461 461 I auditd : avc: denied { find } for service=android.samsung.IRemosaicDaemon pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:remosaic_service:s0 tclass=service_manager
01-09 16:32:18.749 461 461 I auditd : avc: denied { find } for service=ifaadaemon pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:ifaadaemon_service:s0 tclass=service_manager
01-09 16:32:18.749 461 461 I auditd : avc: denied { find } for service=installd pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:installd_service:s0 tclass=service_manager
01-09 16:32:18.750 461 461 I auditd : avc: denied { find } for service=media.cas pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:mediacasserver_service:s0 tclass=service_manager
01-09 16:32:18.750 461 461 I auditd : avc: denied { find } for service=media.drm pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:mediadrmserver_service:s0 tclass=service_manager
01-09 16:32:18.751 461 461 I auditd : avc: denied { find } for service=android.security.keystore pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:keystore_service:s0 tclass=service_manager
01-09 16:32:18.751 461 461 I auditd : avc: denied { find } for service=batteryproperties pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:batteryproperties_service:s0 tclass=service_manager
01-09 16:32:18.751 461 461 I auditd : avc: denied { find } for service=gpu pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:gpu_service:s0 tclass=service_manager
01-09 16:32:18.753 461 461 I auditd : avc: denied { find } for service=faceulnative pid=1069 uid=0 scontext=u:r:izanami:s0 tcontext=ubject_r:faceulnative_service:s0 tclass=service_manager
01-09 16:32:18.739 1117 1117 I auditd : type=1400 audit(0.0:19): avc: denied { read write } for comm="imsdatadaemon" name="diag" dev="tmpfs" ino=16429 scontext=u:r:ims:s0 tcontext=ubject_r:diag_device:s0 tclass=chr_file permissive=0
01-09 16:32:18.739 462 462 I auditd : type=1400 audit(0.0:20): avc: denied { search } for comm="hwservicemanage" name="1069" dev="proc" ino=18855 scontext=u:r:hwservicemanager:s0 tcontext=u:r:izanami:s0 tclass=dir permissive=0
01-09 16:32:19.069 1044 1044 I auditd : type=1400 audit(0.0:21): avc: denied { dac_override } for comm="dpmd" capability=1 scontext=u:r:dpmd:s0 tcontext=u:r:dpmd:s0 tclass=capability permissive=0
01-09 16:32:19.079 1044 1044 I auditd : type=1400 audit(0.0:22): avc: denied { dac_read_search } for comm="dpmd" capability=2 scontext=u:r:dpmd:s0 tcontext=u:r:dpmd:s0 tclass=capability permissive=0
01-09 16:32:19.139 1044 1044 I auditd : type=1400 audit(0.0:23): avc: denied { dac_override } for comm="dpmd" capability=1 scontext=u:r:dpmd:s0 tcontext=u:r:dpmd:s0 tclass=capability permissive=0
01-09 16:32:19.139 1044 1044 I auditd : type=1400 audit(0.0:24): avc: denied { dac_read_search } for comm="dpmd" capability=2 scontext=u:r:dpmd:s0 tcontext=u:r:dpmd:s0 tclass=capability permissive=0
Please help!
I very recently decided to mod my wonderful, but neglected, LG V30. H933. By following the various guides, I unlocked the bootloader, installed twrp, rooted with magisk. Then using this thread https://forum.xda-developers.com/lg-v30/how-to/canadian-h933-compatibility-h930-roms-t3897586 prepared it for a Pie custom ROM (a tedious process, but it works just fine). I then installed LOS16 H930, no gapps. Using opencamera instead of gcam. All went well, but the camera/flashlight and a few of my user apps wouldn't work.
As many of you know, you can get the camera/flashlight working by setting selinux permissive. However, you need the permissions enabled at the boot/startup level. Executing setenforce 0 as root won't get the camera working in this situation. However, patching the kernel command line, which is what Kernel-Sepolicy-Patcher.zip does will do the trick. Unfortunately, this situation presents us with a dilemma. Running your device in selinux permissive full-time is a security risk one should not take. But having to boot into recovery, run a patcher, then reboot when you want to take a photo...and then repeating the process to go back to enforcing mode, is too tedious.
After spending days deep diving into the seemingly bottomless pit of android camera (a terrific learning experience), running through all the init scripts, services, selinux stuff, etc., etc. For a number of reasons, I never really found the exact solution I was looking for. Finally, I decided upon the following method to deal with the issue. Keep in mind that this still opens up security a little bit, but it's a helluva lot better than running SELinux *permissive* (i.e. no SElinux security at all). I performed most of the work on my arch linux system, but alternatively you can do this using an adb shell or a terminal app on the device.
WARNING / DISCLAIMER: If you mess up or brick your phone, it's on you. It's YOUR responsibility - not mine.
Directions:
1) Obtain a copy of your current boot partition:
Code:
dd if=/dev/block/bootdevice/by-name/boot of=/sdcard/boot.img
2) Copy boot.img to the PC's current directory:
Code:
adb pull /sdcard/boot.img
3) Use magisk's magiskboot utility to unpack boot.img (kernel, ramdisk, kernel dtb, etc):
Code:
./magiskboot unpack boot.img
4) Extract the sepolicy file from ramdisk.cpio:
Code:
./magiskboot cpio ramdisk.cpio "extract sepolicy sepolicy"
The quotes are necessary. You can also just use xarchiver or anything that can handle cpio. Don't copy from /sepolicy or /sys/fs/selinux/policy from the live device because they contain a large number of magisk rules (assuming you're rooted). Copy it from the current boot partition.
5) Add/modify selinux rules in the sepolicy file. I used setools-android https://github.com/xmikos/setools-android It built fine on arch linux, I believe dependencies are built in, but YMMV. The sepolicy-inject command is used to add/modify rules. Use logcat and dmesg (save the output to examine it more easily with an editor). See what caused your avc denied entries. Correct some or all of them by adding permissions to existing entries or adding new entries to the policy file.
Update: The only rule change you need to get the camera working is:
Code:
sepolicy-inject -s sensors -t sensors -c capability -p dac_override -P sepolicy
However, you might want to change other rules that are generating avc denieds (audio, battery health, ...). You can also use magiskpolicy or other tools for this. You can either add permissions to an existing rule, or add a new rule.
6) Replace the original sepolicy file in ramdisk.cpio with the modified one:
Code:
./magiskboot cpio ramdisk.cpio "add 644 sepolicy sepolicy"
7) Repack the boot image:
Code:
./magiskboot repack boot.img
magiskboot reads the original unpacked boot.img to get certain info for the repack, and then creates by default a new-boot.img image file.
8) Copy new-boot.img from to your device if it's not already there:
Code:
adb push new-boot.img /sdcard
9) Write the new boot image to the device:
Code:
dd if=/sdcard/new-boot.img of=/dev/block/bootdevice/by-name/boot
10) Boot. Voila!
I should add that there are other ways to get this accomplished as well. Mostly courtesy of magisk. However, the method above will work even without being rooted.
A few people have said flashing nougat kdz, then updating to oreo allows you to use aosp Pie roms with working camera on enforcing
tech_infinity said:
A few people have said flashing nougat kdz, then updating to oreo allows you to use aosp Pie roms with working camera on enforcing
Click to expand...
Click to collapse
Thank you. Yes, I had read that.
In my case, because I followed the Canadian guide linked in my original post, that's exactly what had been done. Nougat 10d -> Oreo 20i -> LOS16 Pie. It could very well be an issue specific to that LOS rom.
When looking over the logs and watching the processes in realtime, in addition to doing a lot of other investigation (with my limited tools/resources), it seems that "something" that is normally there on startup is absent, and then an alternative route and configuration is taken for camera setup. Without those permissions, it pukes around the part where it is trying to configure the three different camera sensors. Why else would there be a need for additional permissions (assuming relevant sepolicy rules are the same versus stock), and why else would those additional permissions make the difference? There's no system camera app in this rom (unlike other LOS roms). You can see what looks like orphaned "camera code" in /system.
You get this over and over without permissive or adding specific rules (see OP).
Code:
03-06 08:21:27.668 0 0 I init : Service 'vendor.camera-provider-2-4' (pid 2462) exited with status 1
03-06 08:21:27.668 0 0 I init : Sending signal 9 to service 'vendor.camera-provider-2-4' (pid 2462) process group...
03-06 08:21:27.668 0 0 I libprocessgroup: Successfully killed process cgroup uid 1047 pid 2462 in 0ms
03-06 08:21:27.669 0 0 I init : starting service 'vendor.camera-provider-2-4'...
An interesting page on android camera framework:
https://programmer.ink/think/camera-android-camera2-hal3-framework-analysis.html
Given the idiosyncracies of this phone (versus my OP6 or other phones), I'm somewhat hesitant to test a bunch of different ROMs (stock and custom) to gain more insight. But perhaps when I have adequate time I'll do more digging. I'd like to compare the sepolicy files as well as a number of other things (e.g. "blobs"). If I find anything interesting, I will post it.
BTW, it's not just the camera issue that needed to be taken care of. There are other services that (most likely unbeknownst to the users of the rom) are caught in a kill/restart loop (battery, audio,...). Adding specific permissions resolved those issues as well.
Upon inspection of sepolicy of a few of the ROMs in question.
Stock Nougat 998 10d:
Code:
allow sensors sensors : capability { chown [B]dac_override[/B] dac_read_search fowner setgid setuid net_bind_service net_raw } ;
Stock Oreo 933 20i:
Code:
allow sensors sensors : capability { chown [B]dac_override[/B] dac_read_search fowner setgid setuid net_bind_service net_raw } ;
Stock Pie 933 20k:
Code:
allow sensors sensors : capability { chown fowner setgid setuid net_bind_service net_raw } ;
Interesting.
This is brilliant work, congrats
You mentioned other services that need permissions. Care to share those as well?
Thanks.
*Edit*
I did manage to return to the state it was before flashing stock pie.
I did a full backup in twrp (especially efs), then I used chip erase on lgup and flashed "H93022j_00_OPEN_EU_OP_0403.kdz" and then I restored efs (chip erase deletes ALL partitions including efs where imei and serial number are stored, that's why an efs backup is essential).
Now I'm using enforcing and everything seems to work.
Be careful though, chip erase is VERY dangerous.
Hi thanks for this awesome tutorial
I'm not very familiar with sepolicy-inject
Could you please tell me how to translate these avc errors into an ALLOW rule for bypassing that annoying "permission denied" message as shell user? Thanks!
Code:
mount : type=1400 audit(0.0:645): avc: denied { dac_override } for capability=1 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
mount : type=1400 audit(0.0:646): avc: denied { dac_read_search } for capability=2 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
mount : type=1400 audit(0.0:647): avc: denied { mounton } for path="/system" dev="dm-0" ino=2 scontext=u:r:shell:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=0
mount : type=1400 audit(0.0:648): avc: denied { read } for name="dm-0" dev="tmpfs" ino=20822 scontext=u:r:shell:s0 tcontext=u:object_r:dm_device:s0 tclass=blk_file permissive=0
cat : type=1400 audit(0.0:755): avc: denied { syslog } for capability=34 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability2 permissive=0
cat : type=1400 audit(0.0:756): avc: denied { sys_admin } for capability=21 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability permissive=0
The following error is reported in adb logcat
05-26 17:32:01.812 1 1 W /system/bin/init: type=1107 audit(0.0:152): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.radio.call_waiting_for_sync_0 pid=32058 uid=10140 gid=10140 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0'
05-26 17:32:01.808 32058 32058 W pool-5-thread-1: type=1400 audit(0.0:151): avc: denied { read } for name="u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=357 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=0 app=com.shannon.imsservice
05-26 17:32:02.035 535 535 E SELinux : avc: denied { find } for pid=30652 uid=10156 name=hardware.qorvo.uwb.IUwbVendor/default scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:hal_uwb_vendor_service:s0 tclass=service_manager permissive=0
I'm compiling a custom rom, I can see the same errors (along with others) in LogCat, but there's not issues or bugs in the rom
Does your rom crash or something?