Since this is a bring up i think you should try with selinux permissive at this stage you can add policies for the denials in the later stage . in the targets Boardconfig makefile find kernel command line and add to the end
androidboot.selinux=permissive On Tuesday, August 29, 2017 at 11:15:03 PM UTC+5:30, Mantesh Eksambe wrote: > > > I have added device in android M for AM438x and I'm using 4.4 kernel. > I have used attached create-sdcard.sh script to create rootfs and also > attached the screen shots of boot and rootfs partation. > > uEnv.txt file - > kloadaddr=0x81000010 > dtbaddr=0x87000010 > load_kernel=fatload mmc 0 ${kloadaddr} zImage > load_dtb=fatload mmc 0 ${dtbaddr} am43x-epos-evm.dtb > set_bootargs=setenv bootargs console=ttyO0,115200n8 > androidboot.console=ttyO0 mem=256M root=/dev/mmcblk0p2 rw rootwait ro > enforcing=0 androidboot.selinux=permissive > > but I'm facing issue related to selinux, > i think selinux is not allowing to init process to read "mmcblk0p2" and > "file_contexts". it shows the files are "unlabele0". > please someone help me to solve this issue. > > 1.869693] Creating 10 MTD partitions on "8000000.nand": > [ 1.875398] 0x000000000000-0x000000040000 : "NAND.SPL" > [ 1.888116] 0x000000040000-0x000000080000 : "NAND.SPL.backup1" > [ 1.898361] 0x000000080000-0x0000000c0000 : "NAND.SPL.backup2" > [ 1.909208] 0x0000000c0000-0x000000100000 : "NAND.SPL.backup3" > [ 1.920761] 0x000000100000-0x000000180000 : "NAND.u-boot-spl-os" > [ 1.930615] mmc0: host does not support reading read-only switch, > assuming write-enable > [ 1.940006] 0x000000180000-0x000000280000 : "NAND.u-boot" > [ 1.947788] mmc0: new high speed SDHC card at address 0007 > [ 1.957652] 0x000000280000-0x0000002c0000 : "NAND.u-boot-env" > [ 1.966909] mmcblk0: mmc0:0007 SS08G 7.21 GiB > [ 1.975629] 0x0000002c0000-0x000000300000 : "NAND.u-boot-env.backup1" > [ 1.986038] mmcblk0: p1 p2 > [ 1.996293] 0x000000300000-0x000000a00000 : "NAND.kernel" > [ 2.006651] 0x000000a00000-0x000020000000 : "NAND.file-system" > [ 2.119007] omap_i2c 44e0b000.i2c: bus 0 rev0.12 at 100 kHz > [ 2.128429] omap_i2c 4819c000.i2c: bus 2 rev0.12 at 100 kHz > [ 2.136651] hctosys: unable to open rtc device (rtc0) > [ 2.142093] sr_init: No PMIC hook to init smartreflex > [ 2.147676] sr_init: platform driver register failed for SR > [ 2.178213] vbat: disabling > [ 2.181427] v1_0bat: disabling > [ 2.185679] v1_8bat: disabling > [ 2.235844] EXT4-fs (mmcblk0p2): mounted filesystem with ordered data > mode. Opts: (null) > [ 2.244745] VFS: Mounted root (ext4 filesystem) on device 179:2. > [ 2.255998] devtmpfs: mounted > [ 2.260344] Freeing unused kernel memory: 480K (c096a000 - c09e2000) > [ 2.267039] This architecture does not have kernel memory protection. > [ 2.327045] init: init started! > [ 2.359565] SELinux: Android master kernel running Android M policy in > compatibility mode. > [ 2.460124] audit: type=1403 audit(2.450:2): policy loaded > auid=4294967295 ses=4294967295 > [ 2.470869] audit: type=1404 audit(2.460:3): enforcing=1 > old_enforcing=0 auid=4294967295 ses=4294967295 > [ 2.482958] init: (Initializing SELinux enforcing took 0.15s.) > [ 2.489408] audit: type=1400 audit(2.470:4): avc: denied { read } > for pid=1 comm="init" name="selinux_version" dev="mmcblk0p2" ino=27 > scontext=u:r:kernel:s0 tcontext=u:object_r:unlabele0 > [ 2.514619] audit: type=1400 audit(2.500:5): avc: denied { read } > for pid=1 comm="init" name="file_contexts" dev="mmcblk0p2" ino=1475 > scontext=u:r:kernel:s0 tcontext=u:object_r:unlabele0 > [ 2.535412] init: selinux_android_file_context_handle: Error getting > file context handle (Permission denied) > [ 2.546252] audit: type=1400 audit(2.530:6): avc: denied { execute } > for pid=1 comm="init" name="init" dev="mmcblk0p2" ino=15 > scontext=u:r:kernel:s0 tcontext=u:object_r:unlabeled:s0 tcl0 > [ 2.566012] init: execv("/init") failed: Permission denied > [ 2.571955] init: Security failure; rebooting into recovery mode... > [ 4.285521] sysrq: SysRq : Emergency Remount R/O > [ 4.301170] reboot: Restarting system with command 'recovery' > > > Thanks, > Mantesh > > > > -- -- unsubscribe: android-porting+unsubscr...@googlegroups.com website: http://groups.google.com/group/android-porting --- You received this message because you are subscribed to the Google Groups "android-porting" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-porting+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.