Something went wrong on our end
-
Nick Kralevich authoredAllow vold, healthd, slideshow, and watchdogd access to /dev/kmsg. These processes log to the kernel dmesg ring buffer, so they need write access to that file. Addresses the following denials: avc: denied { write } for pid=134 comm="watchdogd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:watchdogd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0 avc: denied { write } for pid=166 comm="healthd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:healthd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0 avc: denied { write } for pid=180 comm="vold" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:vold:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0 These denials were triggered by the change in https://android-review.googlesource.com/151209 . Prior to that change, any code which called klog_init would (unnecessarily) create the device node themselves, rather than using the already existing device node. Drop special /dev/__null__ handling from watchdogd. As of https://android-review.googlesource.com/148288 , watchdogd no longer creates it's own /dev/null device, so it's unnecessary for us to allow for it. Drop mknod from healthd, slideshow, and watchdogd. healthd and slideshow only needed mknod to create /dev/__kmsg__, which is now obsolete. watchdogd only needed mknod to create /dev/__kmsg__ and /dev/__null__, which again is now obsolete. (cherry picked from e2651972) Bug: 21242418 Change-Id: If01c8001084575e7441253f0fa8b4179ae33f534Nick Kralevich authoredAllow vold, healthd, slideshow, and watchdogd access to /dev/kmsg. These processes log to the kernel dmesg ring buffer, so they need write access to that file. Addresses the following denials: avc: denied { write } for pid=134 comm="watchdogd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:watchdogd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0 avc: denied { write } for pid=166 comm="healthd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:healthd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0 avc: denied { write } for pid=180 comm="vold" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:vold:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0 These denials were triggered by the change in https://android-review.googlesource.com/151209 . Prior to that change, any code which called klog_init would (unnecessarily) create the device node themselves, rather than using the already existing device node. Drop special /dev/__null__ handling from watchdogd. As of https://android-review.googlesource.com/148288 , watchdogd no longer creates it's own /dev/null device, so it's unnecessary for us to allow for it. Drop mknod from healthd, slideshow, and watchdogd. healthd and slideshow only needed mknod to create /dev/__kmsg__, which is now obsolete. watchdogd only needed mknod to create /dev/__kmsg__ and /dev/__null__, which again is now obsolete. (cherry picked from e2651972) Bug: 21242418 Change-Id: If01c8001084575e7441253f0fa8b4179ae33f534