search

chenxiaolong / DualBootPatcher

Patches Android ROMs for dual boot support
https://dbp.noobdev.io
Other
527 stars 470 forks source link

Android <=4.4 ROMs cannot read/write media_rw_data_file-labeled /data/media #1396

Closed chenxiaolong closed 5 years ago

chenxiaolong commented 5 years ago 
type=1400 msg=audit(1388028869.640:251): avc:  denied  { write } for  pid=5583 comm="pool-23-thread-" path="/data/media/0/DoNothing_legacy_multi-slot-1.zip" dev="mmcblk0p29" ino=245821 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:media_rw_data_file:s0:c512,c768 tclass=file SEPF_SGH-M919_4.4.4_0048

mbtool's sepolpatch currently adds whichever type /data/media is labeled as to the mlstrustedobject attribute in order to satisfy the following constraint:

https://android.googlesource.com/platform/external/sepolicy/+/android-4.4.4_r2.0.1/mls#91

https://github.com/chenxiaolong/DualBootPatcher/blob/7bb9ef345cb2e95f0b814281e04d3777bfd4665b/mbtool/src/util/sepolpatch.cpp#L1054

However, this doesn't seem to be sufficient. It seems that during sepolicy compilation, the constraint references the affected types directly, rather than through the attribute:

[platform_system_sepolicy] seinfo /tmp/secondary/temp/sepolicy.new --constrain | grep '\bfile\b.*append'
   mlsconstrain file { unlink setattr write rename link append } (l1 == l2 or ( t1 == { media_app mpdecision adbd surfaceflinger keystore shared_app store_app itsonclient_app shell writedatafix_app dumpsys drmserver samsung_sns_app carrier_app mobicoredaemon radio drsd epmd mediaserver netd syscope_app knox_system_app init init_shell createsystemfile zygote apaservice system_app release_app knox_untrusted_app bridged_platform_app runas installd system bugreport vold samsung_app dumpstate platform_app racoon debuggerd recovery kernel }  ) or ( t2 == { asec_apk_file app_efs_file mobicore-user_device bluetooth_prop sysfs_lcd_writable log_device nv_device imei_efs_file alarm_device qtaguid_device backup_data_file system_file cache_file apk_tmp_file knox_dar_device bluetooth_serial_device inotify usb_bus efs_file sysfs_writable owntty_device container_app_data_backend event_log_tags_file null_device sysfs_music_power_writable anr_data_file dnsproxyd_socket sysfs_nfc_power_writable usbaccessory_device proc system_data_file obb_apk_file qtaguid_proc mpctl_socket bluetooth_data_file graphics_device platform_app_data_file system_fifo ump_device sysfs_bluetooth_writable epm_socket smd_device tun_device ashmem_device tombstone_data_file video_device urandom_device ion_device media_data_file random_device debugfs sdcard_internal sysfs bluetooth_efs_file kgsl_device wifi_efs_file app_library_file kernel apk_private_tmp_file genlock mtp_device vmware_device devpts dumplog_data_file binder_device powervr_device smartcard_data_file ptmx_device cgroup wallpaper_file property_socket sdcard_external sysfs_exynos_writable system_library_file keystore_socket sysfs_vmware_writable recovery cache_backup_file }  ));