There is existing rule in sepolicy that prohibit you to do it. Your new
rule conflict with the old rule. You need to change the old rule or find
another rule for this.
Vào 23:00, T.3, 21 Th1, 2020 Dave McLaughlin <davemclaughli...@gmail.com>
đã viết:
> I finally have something close to working. I managed to build Android 7.0
>> with an RTL8188CUS module and this gets detected and I can see my wifi
>> network in the search.
>>
>
> The issue that remains is the SEPOLICY and I get an audit denied as
> follows:
>
> [ 128.993333] init: Starting service 'p2p_supplicant'...
> [ 151.403333] type=1400 audit(1579495192.328:5): avc: denied { read } for
> pid=1375 comm="wpa_supplicant" name="rfkill" dev="tmpfs" ino=9258
> scontext=u:r:wpa:s0 tcontext=u:object_r:device:s0 tclass=chr_file
> permissive=0
>
> I ran audti2allow which generated the following, which I placed in wpa.te
> but the build complains with the error below.
>
> allow wpa device:chr_file {read open };
>
> The following error appears in the build output.
>
> FAILED: /bin/bash -c "(out/host/linux-x86/bin/checkpolicy -M -c 30 -o
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates/sepolicy.tmp
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates/policy.conf ) &&
> (out/host/linux-x86/bin/checkpolicy -M -c 30 -o
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates//sepolicy.dontaudit
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates/policy.conf.dontaudit
> ) && (out/host/linux-x86/bin/sepolicy-analyze
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates/sepolicy.tmp
> permissive >
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates/sepolicy.permissivedomains
> ) && (if [ \"userdebug\" = \"user\" -a -s
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates/sepolicy.permissivedomains
> ]; then echo \"==========\" 1>&2; echo \"ERROR: permissive domains not
> allowed in user builds\" 1>&2; echo \"List of invalid domains:\" 1>&2; cat
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates/sepolicy.permissivedomains
> 1>&2; exit 1; fi ) && (mv
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates/sepolicy.tmp
> out/target/product/nanopi3/obj/ETC/sepolicy_intermediates/sepolicy )"
> libsepol.report_failure: neverallow on line 263 of
> system/sepolicy/domain.te (or line 9058 of policy.conf) violated by allow
> wpa device:chr_file { read open };
>
> Any idea why this doesn't work?
>
> --
> --
> unsubscribe: android-porting+unsubscr...@googlegroups.com
> website: http://groups.google.com/group/android-porting
>
> ---
> You received this message because you are subscribed to the Google Groups
> "android-porting" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to android-porting+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/android-porting/a5f608d1-8bdd-4a85-a469-ccddd0c0460e%40googlegroups.com
> <https://groups.google.com/d/msgid/android-porting/a5f608d1-8bdd-4a85-a469-ccddd0c0460e%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
--
--
unsubscribe: android-porting+unsubscr...@googlegroups.com
website: http://groups.google.com/group/android-porting
---
You received this message because you are subscribed to the Google Groups
"android-porting" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to android-porting+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/android-porting/CADfFnWhOm2ytwUs8F_ZcKhB5XD3Kqgs3CD1Da8zKhZq1XazKvg%40mail.gmail.com.
