Closed utzcoz closed 5 years ago
I also test it with user build(pixel), and the MaruOS Linux can show in Android secondary simulate display. I will test it with network and other functions later with real WiFi display.
Thanks for looking into this! Yes, I just made it permissive when I was initially developing Maru to save time, and later on I discovered that we had to modify system/sepolicy
so I just kept it permissive. I wish we didn't need to modify Android default sepolicy rules.
Also, since we are based on LineageOS now, we just publish userdebug
builds rather than user
builds like we did before, so this may not be an urgent problem right now.
Regarding SYSVIPC
, Maru uses shared memory between mclient
and xorg
to reduce buffer copies. I think we are ok for now since we do not use semaphores or message queues. Hopefully when we transition to using hardware acceleration we can remove this entirely.
Okay, I got it. If publishing userdebug
can be accepted, keeping permissive
is a good solution to process it. SYSVIPC
maybe be used by other processes
inner Linux
, regarding mclient
and xorg
, I guess. I don't check whether Linux
can work fine without SYSVIPC
sepolicy permissive
.
Lastly, @pdsouza thanks for your response.
Hi @pdsouza , now MaruOS uses
permissive perspectived
to permissiveperspectived
operations. It is easy and works fine. But in Android 8.0, when we build user variant images, thesystem/sepolicy
will ensure there doesn't existpermissive
rule in.te
, and it will cause building failed forMaruOS
user variant building. So I try to removepermissive
rule fromperspectived.te
and make MaruOS works fine again.My modification are in
vendor/maruos
andsystem/sepolicy
. And I use below command to get the rules thatperspectived
needs to work fine:And finally, the
perspectived.te
is :Some rules can't assigned to coredomain, so I also modify the
system/sepolicy
to remove thoseneverallow
rules forcoredomain
(perspectived
iscoredomain
).After above modifications, the MaruOS can run and show Linux to Android secondary display. Also I can visit the network in tty created by
lxc-start --name default
.This work is fussy, and changes the Android default sepolicy rules, what maybe cause security problem. For example, the Android doesn't support
System V IPC
, but MaruOS' Linux part needsSystem V IPC
, what may cause global kernel resource leakage.Maybe it's time to discuss the solution to restrict
perspectived
sepolicy rules, so I post it here to discuss.Thanks.