Thanks Bill. We are working on Marshmallow , so we need the old version 30 patches for kernel it seems.
>From the email chain that was shared by Sharif , it seems following are the patches required to be merged for Kernel version 3.10: c8c3cd48e44fe12a41cd20e46d36fcfe5a759fd7 security: lsm_audit: add ioctl specific auditing 8daca972e410f42a4fc1fe2de804c50013b24a28 SELinux: per-command whitelisting of ioctls c9a8571249fa3a55a0490bd571eaf0cea097fab0 SELinux: use deletion-safe iterator to free list 8cdfb356b51e29494ca0b9e4e86727d6f841a52d SELinux: ss: Fix policy write for ioctl operations Can anyone confirm if these are the final patches needed for Kernel 3.10? Regards, Sameer Joshi On Tue, Aug 2, 2016 at 9:50 AM, William Roberts <bill.c.robe...@gmail.com> wrote: > > On Aug 1, 2016 04:17, "Sameer Joshi" <sameerpjo...@gmail.com> wrote: > > > > Hi All, > > > > We are trying to enable SELinux in kernel and have defined following > options in the config file. > > > > CONFIG_SECURITY_SELINUX=y > > CONFIG_SECURITY_SELINUX_BOOTPARAM=y > > > > Command line options for kernel have "selinux=1 security=selinux" set. > > > > However during boot time, we get following error: > > > > [ 5.549941] SELinux: policydb version 30 does not match my version > range 15-28 > > > > [ 5.557486] init: SELinux: Could not load policy: Invalid argument > > > > [ 5.563990] init: failed to load policy: Invalid argument > > > > [ 5.569413] init: Security failure; rebooting into recovery mode... > > > > > > Can someone help us what this error means? Any help in fixing this would > be appreciated. > > > > You're kernel is not up to date. You need the patches from Androids kernel > common tree. Bear in mind that their are two version 30s, and you'll need > to have the right one. Marshmallow uses the old version 30. Newer releases > use the new and upstream merged version 30. > > I don't have the patch links handy but I'm pretty sure jeffv or nnk at > Google posted them, check the mail archives. > > > > > Regards, > > > > Sameer Joshi > > > > > > _______________________________________________ > > Seandroid-list mailing list > > Seandroid-list@tycho.nsa.gov > > To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. > > To get help, send an email containing "help" to > seandroid-list-requ...@tycho.nsa.gov. >
_______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.
