Are you getting any PATH records in your audit logs? I'm still not sure what the reference is to this socket? I'm assuming its some file system node somewhere, and I think Stephen is wondering why it didn't pick up the parent directories label.
I think if this is an anonymous socket the current context is correct as their is no parent node to inherit from? If you apply this patch to your kernel you will get much more verbose output: https://bitbucket.org/seandroid/kernel-msm/commits/dd600b8214ad4345554e64a1f494182b17644126?at=master I am asking, "Do you have the full path of the socket if applicable"? On Tue, Feb 18, 2014 at 7:49 AM, Tai Nguyen (tainguye) <[email protected]> wrote: > Hi Stephen, > > Do you have any suggestion where and what do I look for in the kernel? > What context should it have in this case? > > Thanks, > Tai > > On 2/18/14, 10:06 AM, "Tai Nguyen (tainguye)" <[email protected]> wrote: > >>root@android:/ # uname -a >>Linux localhost 3.0.31-00003-OMAP-Android #1 SMP PREEMPT Mon Feb 17 >>11:04:04 EST 2014 armv7l GNU/Linux >> >>Tai >> >> >>On 2/18/14, 9:59 AM, "Stephen Smalley" <[email protected]> wrote: >> >>>On 02/17/2014 06:59 PM, Tai Nguyen (tainguye) wrote: >>>> Our device uses blueZ stack instead of bluedroid, and we have audit >>>>message about unlabeled socket >>>> >>>> >>>> audit(1392652331.875:225): avc: denied { read } for pid=5249 >>>>comm="bluetoothd" scontext=u:r:bluetoothd:s0 >>>>tcontext=u:object_r:unlabeled:s0 tclass=socket >>>> >>>> This could be the hci socket that blueZ uses. How do I set security >>>>label for this type of socket? >>> >>>The fact that it is unlabeled suggests that you have a kernel bug. >>>Kernel version? >>> >>> >>>_______________________________________________ >>>Seandroid-list mailing list >>>[email protected] >>>To unsubscribe, send email to [email protected]. >>>To get help, send an email containing "help" to >>>[email protected]. >> >> >>_______________________________________________ >>Seandroid-list mailing list >>[email protected] >>To unsubscribe, send email to [email protected]. >>To get help, send an email containing "help" to >>[email protected]. > > > _______________________________________________ > Seandroid-list mailing list > [email protected] > To unsubscribe, send email to [email protected]. > To get help, send an email containing "help" to > [email protected]. -- Respectfully, William C Roberts _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
