Skip to content
Snippets Groups Projects
Commit 1e1a3f7c authored by Jeff Vander Stoep's avatar Jeff Vander Stoep
Browse files

Annotate denials 

There is a race condition between when /data is mounted
and when processes attempt to access it. Attempting to access
/data before it's mounted causes an selinux denial. Attribute
these denials to a bug.

07-04 23:48:53.646   503   503 I auditd  : type=1400 audit(0.0:7): avc:
denied { search } for comm="surfaceflinger" name="/" dev="sda35" ino=2
scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:unlabeled:s0
tclass=dir permissive=0
07-15 17:41:18.100   582   582 I auditd  : type=1400 audit(0.0:4): avc:
denied { search } for comm="BootAnimation" name="/" dev="sda35" ino=2
scontext=u:r:bootanim:s0 tcontext=u:object_r:unlabeled:s0 tclass=dir
permissive=0

Bug: 68864350
Test: build
Change-Id: I07f751d54b854bdc72f3e5166442a5e21b3a9bf5
parent 97753529
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 4 additions and 0 deletions
private/bug_map
+ 4
0
View file @ 1e1a3f7c
...@@ -5,3 +5,7 @@ crash_dump app_data_file dir 68319037 ...@@ -5,3 +5,7 @@ crash_dump app_data_file dir 68319037
crash_dump bluetooth_data_file dir 68319037 crash_dump bluetooth_data_file dir 68319037
crash_dump vendor_overlay_file dir 68319037 crash_dump vendor_overlay_file dir 68319037
statsd statsd capability 71537285 statsd statsd capability 71537285
hal_graphics_allocator_default unlabeled dir 70180742
surfaceflinger unlabeled dir 68864350
hal_graphics_composer_default unlabeled dir 68864350
bootanim unlabeled dir 68864350
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment