I get these records with comm set to kdevtempfs. The targert context is device,
however when interrogating the node from userspace, I notice 2 things:
1. The inode doesn't match
2. The label is correct per file_contexts
root@device:/dev # ls -laiZ media0
10000 crw-rw---- system camera u:object_r:camera_device:s0
media0
root@device:/dev # ls -laiZ ttyS1
1217 crw-rw---- bluetooth bluetooth u:object_r:hci_attach_dev:s0
ttyS1
[ 4.421817] audit: type=1400 audit(1263534127.178:4): avc: denied { write
} for pid=24 comm="kdevtmpfs" name="/" dev="devtmpfs" ino=1025
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 4.421859] audit: type=1400 audit(1263534127.178:5): avc: denied {
add_name } for pid=24 comm="kdevtmpfs" name="dm-0" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 5.745165] type=1400 audit(1263534128.499:23): avc: denied { getattr } for
pid=24 comm="kdevtmpfs" path="/ttyS1" dev="devtmpfs" ino=1051
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
permissive=1
[ 5.746180] type=1400 audit(1263534128.499:24): avc: denied { setattr } for
pid=24 comm="kdevtmpfs" name="ttyS1" dev="devtmpfs" ino=1051
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
permissive=1
[ 5.746384] type=1400 audit(1263534128.499:25): avc: denied { remove_name }
for pid=24 comm="kdevtmpfs" name="ttyS1" dev="devtmpfs" ino=1051
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 5.746742] type=1400 audit(1263534128.499:26): avc: denied { unlink } for
pid=24 comm="kdevtmpfs" name="ttyS1" dev="devtmpfs" ino=1051
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
permissive=1
[ 5.746966] type=1400 audit(1263534128.500:27): avc: denied { create } for
pid=24 comm="kdevtmpfs" name="ttyS1" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 7.605775] type=1400 audit(1263534130.358:35): avc: denied { write } for
pid=24 comm="kdevtmpfs" name="/" dev="devtmpfs" ino=1025 scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 7.606116] type=1400 audit(1263534130.358:36): avc: denied { add_name } for
pid=24 comm="kdevtmpfs" name="media0" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 7.606350] type=1400 audit(1263534130.358:37): avc: denied { create } for
pid=24 comm="kdevtmpfs" name="media0" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 7.606582] type=1400 audit(1263534130.358:38): avc: denied { setattr } for
pid=24 comm="kdevtmpfs" name="media0" dev="devtmpfs" ino=9999
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
permissive=1
[ 10.152747] type=1400 audit(1263534132.902:52): avc: denied { write } for
pid=24 comm="kdevtmpfs" name="/" dev="devtmpfs" ino=1025 scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 10.153026] type=1400 audit(1263534132.902:53): avc: denied { add_name } for
pid=24 comm="kdevtmpfs" name="dm-1" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 4.421817] audit: type=1400 audit(1263534127.178:4): avc: denied { write
} for pid=24 comm="kdevtmpfs" name="/" dev="devtmpfs" ino=1025
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 4.421859] audit: type=1400 audit(1263534127.178:5): avc: denied {
add_name } for pid=24 comm="kdevtmpfs" name="dm-0" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 5.745165] type=1400 audit(1263534128.499:23): avc: denied { getattr } for
pid=24 comm="kdevtmpfs" path="/ttyS1" dev="devtmpfs" ino=1051
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
permissive=1
[ 5.746180] type=1400 audit(1263534128.499:24): avc: denied { setattr } for
pid=24 comm="kdevtmpfs" name="ttyS1" dev="devtmpfs" ino=1051
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
permissive=1
[ 5.746384] type=1400 audit(1263534128.499:25): avc: denied { remove_name }
for pid=24 comm="kdevtmpfs" name="ttyS1" dev="devtmpfs" ino=1051
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 5.746742] type=1400 audit(1263534128.499:26): avc: denied { unlink } for
pid=24 comm="kdevtmpfs" name="ttyS1" dev="devtmpfs" ino=1051
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
permissive=1
[ 5.746966] type=1400 audit(1263534128.500:27): avc: denied { create } for
pid=24 comm="kdevtmpfs" name="ttyS1" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 7.605775] type=1400 audit(1263534130.358:35): avc: denied { write } for
pid=24 comm="kdevtmpfs" name="/" dev="devtmpfs" ino=1025 scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 7.606116] type=1400 audit(1263534130.358:36): avc: denied { add_name } for
pid=24 comm="kdevtmpfs" name="media0" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 7.606350] type=1400 audit(1263534130.358:37): avc: denied { create } for
pid=24 comm="kdevtmpfs" name="media0" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
[ 7.606582] type=1400 audit(1263534130.358:38): avc: denied { setattr } for
pid=24 comm="kdevtmpfs" name="media0" dev="devtmpfs" ino=9999
scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
permissive=1
[ 10.152747] type=1400 audit(1263534132.902:52): avc: denied { write } for
pid=24 comm="kdevtmpfs" name="/" dev="devtmpfs" ino=1025 scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
[ 10.153026] type=1400 audit(1263534132.902:53): avc: denied { add_name } for
pid=24 comm="kdevtmpfs" name="dm-1" scontext=u:r:kernel:s0
tcontext=u:object_r:device:s0 tclass=dir permissive=1
Ive never really ran into these before, can someone perhaps enlighten me as to
what's going on here?
_______________________________________________
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to
seandroid-list-requ...@tycho.nsa.gov.
