Re: Avc denied for isolated app

2016-09-20 Thread William Roberts
On Sep 19, 2016 22:28, "Inamdar Sharif" wrote: > > Hi , > > > > I am getting the following avc denied No, that woukd defeat the purpose if an isolated application. Isolated applications are sandboxed even away from their own on disk resources.

Re: [RFC] mmap file_contexts and property_contexts:

2016-09-20 Thread William Roberts
On Sep 19, 2016 21:16, "Jason Zaman" wrote: > > On 20 Sep 2016 5:47 am, wrote: > > > > From: William Roberts > > > > THIS IS WIP... > > > > Rather than using stdio and making copies, just mmap the files > > and use

Re: [RFC] mmap file_contexts and property_contexts:

2016-09-20 Thread Jason Zaman
On 20 Sep 2016 12:50 pm, "William Roberts" wrote: > > On Sep 19, 2016 21:16, "Jason Zaman" wrote: > > > > On 20 Sep 2016 5:47 am, wrote: > > > > > > From: William Roberts > > > > > > THIS

Re: [RFC] mmap file_contexts and property_contexts:

2016-09-20 Thread Jason Zaman
On 20 Sep 2016 5:47 am, wrote: > > From: William Roberts > > THIS IS WIP... > > Rather than using stdio and making copies, just mmap the files > and use the pointers in place. The affect of this change, is that > text file load time is

Re: [RFC] mmap file_contexts and property_contexts:

2016-09-20 Thread William Roberts
On Sep 19, 2016 22:25, "Jason Zaman" wrote: > > On 20 Sep 2016 12:50 pm, "William Roberts" wrote: > > > > On Sep 19, 2016 21:16, "Jason Zaman" wrote: > > > > > > On 20 Sep 2016 5:47 am, wrote: > >

Re: [RFC] mmap file_contexts and property_contexts:

2016-09-20 Thread Stephen Smalley
On 09/20/2016 02:27 AM, William Roberts wrote: > On Sep 19, 2016 22:25, "Jason Zaman" wrote: >> >> On 20 Sep 2016 12:50 pm, "William Roberts" > wrote: >>> >>> On Sep 19, 2016 21:16, "Jason Zaman" wrote: On 20 Sep 2016

RE: [RFC] mmap file_contexts and property_contexts:

2016-09-20 Thread Roberts, William C
> > -Original Message- > > From: Roberts, William C > > Sent: Monday, September 19, 2016 2:45 PM > > To: seli...@tycho.nsa.gov; seandroid-list@tycho.nsa.gov; > > s...@tycho.nsa.gov; jda...@google.com > > Cc: Roberts, William C > > Subject: [RFC] mmap

RE: [RFC] mmap file_contexts and property_contexts:

2016-09-20 Thread Roberts, William C
> -Original Message- > From: Stephen Smalley [mailto:s...@tycho.nsa.gov] > Sent: Tuesday, September 20, 2016 6:18 AM > To: Roberts, William C ; seli...@tycho.nsa.gov; > seandroid-list@tycho.nsa.gov; jda...@google.com > Subject: Re: [RFC] mmap file_contexts

RE: [RFC] mmap file_contexts and property_contexts:

2016-09-20 Thread Roberts, William C
> > On 09/19/2016 05:51 PM, Roberts, William C wrote: > > > FYI I only tested this with checkfc... > > > > Evidently. matchpathcon and sefcontext_compile both report calls to > > free() on invalid pointers and abort. > > That doesn’t surprise me, I only tested the checkfc usages. Hence #4 in