Accessing GPIO with an app
2,271 views
Skip to first unread message
Jerry Naidoo
Feb 27, 2020, 10:13:33 AM2/27/20
to android-platform
Hello Guys,
Without using Android Things I need to access some GPIO ports on a custom board i.e. not supported by Android things. I have gone as far as using the ADB shell toggling the IO, so I know the hardware works.
I have written some code which uses the FileWriter to send a 1 or 0 to the value file. I have also set direction to out. I created the GPIO export using ADB shell. When I do run my app I get a "Permission Denied" in the logcat.
I have tried several options e.g. changing the init.rc to add these files as 0777 permissive but the changes never seem to happen using the init.rc. I have manually set the top level sys/class/gpio >>>> all the way down to the files but still I get the permission denied error.
What am I doing wrong ? What am I missing ? I have spent 8 days reading almost every bit of information I can. I see guys doing on Raspberry PI etc and I can do it with a Raspberry PI but not with Android based project. I am using Android 9.
I don't want my app to use bluetooth or wifi to connect to another device and then control the GPIO on that external device. I want to toggle a local pin on the devices ARM processor and see an LED go on or off.
If I am missing something to tell you or you want to see my code etc, I will gladly post it it but for now any suggestions,tips or pointing to a direction I will take. Many Thanks
Kind Regards
Jeranio
Dave McLaughlin
May 26, 2020, 10:56:13 AM5/26/20
to android-platform
Good day, are you still trying to get this to work?
I am having the same issue. From the command line via the debug interface I can use SU to go into kernel space and then export the GPIO and control it as long as I am in kernel space. If I drop back to user space, commands fail with DENIED. This seems to be related to SELINUX as I too set the directories to 777 but still get denied and the debug output shows an avc:denied message.
I've searched around and cannot find any setup for an SEPOLICY to allow GPIO file access. I did find a driver that would allow access but it requires you to build your app with the platform keys which makes debugging impossible with Android Studio.
I've searched around and cannot find any setup for an SEPOLICY to allow GPIO file access. I did find a driver that would allow access but it requires you to build your app with the platform keys which makes debugging impossible with Android Studio.
Donal Morrissey
May 27, 2020, 11:06:19 AM5/27/20
to android-platform
Hi Dave,
Then run the gpio commands as non-root and finally run the first command above to list any extra policies you need to add.
Have you checked if sepolicy has recorded any attempted violations? You can use this command from the android_build directory to do so:
adb shell dmesg | grep denied | audit2allow -p out/target/product/ucm_imx8m_mini/recovery/root/sepolicy
You can also temporarily disabled sepolicy with this command:
adb shell setenforce 0Then run the gpio commands as non-root and finally run the first command above to list any extra policies you need to add.
Building an app with platform keys in Android Studio is possible. The following is a very rough set of instructions which I've gathered together for this purpose (I've been meaning to create a blog post to cover it in detail):
// Step 1. Make sure the 'sharedUserId' is in place in the app manifest file:
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.example.developer.mysystemapp" android:sharedUserId="android.uid.system">
//Step 2. Generate the platform keystore
// Using this tool: https://github.com/getfatday/keytool-importkeypair
// In build/target/product/security
keytool-imp -k my.keystore -p password -pk8 platform.pk8 -cert platform.x509.pem -alias platform
// Step 3. Then in android studio, add keystore to release and debug builds.Hope these help,
Donal
kiran mardi
May 27, 2020, 11:06:19 AM5/27/20
to android-...@googlegroups.com
Hi Dave/Jeranio,
Can you guys share the avc denials here, can try to get some insight into the problem.
--
You received this message because you are subscribed to the Google Groups "android-platform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-platfo...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-platform/0c67824a-bc05-4d6d-9518-87f75520c8ce%40googlegroups.com.
regards,
Kiran Mardi
Kiran Mardi
Dave McLaughlin
May 29, 2020, 2:32:13 PM5/29/20
to android-platform
I was able to sort this out from the init.rc file by changing the permission from 0660 to 0666 for the GPIO. It also worked for the SPI and I2C buses too so I now have user-space access to them all. :)
I am running in debug build so the permissive mode is enabled so what I was seeing was just notifications. Good for when I switch to full SELINUX permissions.
Thanks for the bit about creating the platform keys. If you don't mind, I'd like to add that to my blog too and credit you with the information?
I am running in debug build so the permissive mode is enabled so what I was seeing was just notifications. Good for when I switch to full SELINUX permissions.
Rohin Malhotra
Jul 31, 2020, 2:11:34 PM7/31/20
to android-platform
Hi Dave,
Can you post the exact line you added to init.rc for getting 0666 access to GPIO?
Dave McLaughlin
Aug 4, 2020, 10:49:15 AM8/4/20
to android-...@googlegroups.com
I use the following in init.rc on the on boot section to set the i2c, spi, gpio etc so that they can be access in user space. Would not recommend this for a user device such as a phone but for my industrial use it works fine.
chmod 0666 /dev/i2c-0
chmod 0666 /dev/i2c-1
chmod 0666 /dev/i2c-2
chmod 0666 /dev/i2c-3
chown system system /dev/i2c-0
chown system system /dev/i2c-1
chown system system /dev/i2c-2
chown system system /dev/i2c-3
chmod 0666 /dev/adc
chown system system /dev/adc
chmod 0666 /dev/pwm
chown system system /dev/pwm
# chmod 0666 /dev/watchdog
# chown system system /dev/watchdog
chown system system /sys/class/gpio/export
chown system system /sys/class/gpio/unexport
chmod 0666 /sys/class/gpio/export
chmod 0666 /sys/class/gpio/unexport
chmod 0666 /dev/spidev0.0
chown system system /dev/spidev0.0
chmod 0666 /dev/i2c-1
chmod 0666 /dev/i2c-2
chmod 0666 /dev/i2c-3
chown system system /dev/i2c-0
chown system system /dev/i2c-1
chown system system /dev/i2c-2
chown system system /dev/i2c-3
chmod 0666 /dev/adc
chown system system /dev/adc
chmod 0666 /dev/pwm
chown system system /dev/pwm
# chmod 0666 /dev/watchdog
# chown system system /dev/watchdog
chown system system /sys/class/gpio/export
chown system system /sys/class/gpio/unexport
chmod 0666 /sys/class/gpio/export
chmod 0666 /sys/class/gpio/unexport
chmod 0666 /dev/spidev0.0
chown system system /dev/spidev0.0
You can also do things like this for setting GPIO pins to know states. Here I use this to power the modem up at boot up.
# Modem power - GPIO B26 - Default ON
write /sys/class/gpio/export 58
write /sys/class/gpio/gpio58/direction out
write /sys/class/gpio/gpio58/value 1
chmod 0777 /sys/class/gpio/gpio58
write /sys/class/gpio/export 58
write /sys/class/gpio/gpio58/direction out
write /sys/class/gpio/gpio58/value 1
chmod 0777 /sys/class/gpio/gpio58
Hope this helps?
--
You received this message because you are subscribed to a topic in the Google Groups "android-platform" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/android-platform/EuewrPpr8TI/unsubscribe.
To unsubscribe from this group and all its topics, send an email to android-platfo...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-platform/8e5fd3f7-406c-40fd-83e6-50537ea98645o%40googlegroups.com.
Rohin Malhotra
Aug 10, 2020, 4:06:13 PM8/10/20
to android-platform
Thanks Dave!
Definitely helps a lot.
Definitely helps a lot.
To unsubscribe from this group and all its topics, send an email to android-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-platform/8e5fd3f7-406c-40fd-83e6-50537ea98645o%40googlegroups.com.
rohinma...@gmail.com
Sep 9, 2020, 12:15:41 PM9/9/20
to android-platform
Hi Dave,
I tried your code. In my code, I also use:
chown system system /sys/class/gpio/export
chown system system /sys/class/gpio/unexport
chown system system /sys/class/gpio/unexport
write /sys/class/gpio/export 32
chmod 0666 /sys/class/gpio/gpio32
chmod 0666 /sys/class/gpio/gpio32/direction
chmod 0666 /sys/class/gpio/gpio32/value
chmod 0666 /sys/class/gpio/gpio32/value
After my Android device boots, I can see /sys/class/gpio/gpio32, but permissions for the direction and value are not assigned according to chmod 0666. Below is the output I get:
nanopc-t4:/sys/class/gpio/gpio32 $ ls -la
total 0
drwxr-xr-x 3 root root 0 2020-09-09 13:49 .
drwxr-xr-x 21 root root 0 2020-09-09 13:49 ..
-rw-rw---- 1 system system 4096 2020-09-09 13:49 active_low
lrwxrwxrwx 1 root root 0 2020-09-09 13:52 device -> ../../../pinctrl
-rw-rw---- 1 system system 4096 2020-09-09 13:49 direction
-rw-rw---- 1 system system 4096 2020-09-09 13:49 edge
drwxr-xr-x 2 root root 0 2020-09-09 13:52 power
lrwxrwxrwx 1 root root 0 2020-09-09 13:52 subsystem -> ../../../../../class/gpio
-rw-r--r-- 1 root root 4096 2020-09-09 13:52 uevent
-rw-rw---- 1 system system 4096 2020-09-09 13:49 value
total 0
drwxr-xr-x 3 root root 0 2020-09-09 13:49 .
drwxr-xr-x 21 root root 0 2020-09-09 13:49 ..
-rw-rw---- 1 system system 4096 2020-09-09 13:49 active_low
lrwxrwxrwx 1 root root 0 2020-09-09 13:52 device -> ../../../pinctrl
-rw-rw---- 1 system system 4096 2020-09-09 13:49 direction
-rw-rw---- 1 system system 4096 2020-09-09 13:49 edge
drwxr-xr-x 2 root root 0 2020-09-09 13:52 power
lrwxrwxrwx 1 root root 0 2020-09-09 13:52 subsystem -> ../../../../../class/gpio
-rw-r--r-- 1 root root 4096 2020-09-09 13:52 uevent
-rw-rw---- 1 system system 4096 2020-09-09 13:49 value
Any idea how can I resolve these permission issues?
Notur Business
Mar 20, 2021, 1:12:43 PM3/20/21
to android-platform
"-rw-rw---- " is 660 not 0666, and those files are created by the kernel run-time so after reboot all bets are off ? :)
You can't set permissions on -> symbolic links. You set permissions on the file the symbolic link refers to. Try realpath(1) use find(1) to determine the full actual filename.
https://www.kernel.org/doc/html/latest/admin-guide/gpio/sysfs.html this one has been depreciated already
Reply all
Reply to author
Forward
0 new messages