-----Original Message-----
From: Stephen Smalley [mailto:[email protected]]
Sent: Monday, May 04, 2015 6:15 PM
To: Inamdar Sharif; [email protected]
Subject: Re: system server accessing dex2oat
On 05/04/2015 01:57 AM, Inamdar Sharif wrote:
> Hi Guys,
>
> I am facing the following avc denied
>
> avc: denied { execute } for pid=667 comm="android.ui" name="dex2oat"
> dev="sda22" ino=158 scontext=u:r:system_server:s0
> tcontext=u:object_r:dex2oat_exec:s0 tclass=file
>
>
>
> But on AOSP this is a neverallow rule.
>
> https://android.googlesource.com/platform/external/sepolicy/+/361cdaff
> 3096fafc16bbe88b84d6f99f7944def7
>
>
>
> I can see that the process is "android.ui" (process running when this
> avc occured)
>
> Is this a bug in Android or something in the code went wrong??
Are you running AOSP master?
No , I am not using AOSP master.
[Sharif]I don't have this neverallow rule in my external/sepolicy.
But since this will be coming in later releases ,it makes sense not to add as
this will be a part of CTS as well.
Did you get logcat output for the failure beyond just the avc denial?
[Sharif]I don't see any suspecting log in logcat beyond the avc.
This happens while booting Android L.
The change that added the neverallow was:
https://android-review.googlesource.com/#/c/127510/
-----------------------------------------------------------------------------------
This email message is for the sole use of the intended recipient(s) and may
contain
confidential information. Any unauthorized review, use, disclosure or
distribution
is prohibited. If you are not the intended recipient, please contact the
sender by
reply email and destroy all copies of the original message.
-----------------------------------------------------------------------------------
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
