SerialChat avc permission error on Android
700 views
Skip to first unread message
Sathya
Jun 22, 2018, 10:39:50 AM6/22/18
to android-platform
Hi,
I am trying to use SerialChat application located at frameworks/base/tests/SerialChat for accessing serial port (/dev/ttyHSL1) from Android Java application layer. But when I launch application, it throws exception related to permission. I have verified whether the serial_service is included in the selinux policy.
I have verified in the service_context at out directory of android build.
In file_contexts at out directory of android build.
In /obj/ETC/sepolicy_intermediates/policy.conf at out directory of android build.
Logcat when I keep SELinux in enforce mode, following is the log.
01-01 00:03:15.509 799 972 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10000000 pkg=com.android.serialchat cmp=com.android.serialchat/.SerialChat} from uid 10011 on display 0
01-01 00:03:15.570 799 1346 I ActivityManager: Start proc 1960:com.android.serialchat/u0a54 for activity com.android.serialchat/.SerialChat
[ 193.544684] type=1400 audit(195.699:301): avc: denied { read write } for pid=1308 comm="Binder_5" path="/dev/ttyHSL1" dev="tmpfs" ino=8663 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:serial_device:s0 tclass=chr_file permissive=0 xb853c5f8
01-01 00:03:15.649 1960 1960 W System : ClassLoader referenced unknown path: /data/app/com.android.serialchat-1/lib/arm
01-01 00:03:15.709 1960 1960 E SerialManager: SerialManager.openSerialPort name is /dev/ttyHSL1 speed is 115200
01-01 00:03:15.717 1960 1960 E JavaBinder: !!! FAILED BINDER TRANSACTION !!! (parcel size = 104)
01-01 00:03:15.719 1960 1960 E SerialManager: exception in SerialManager.openSerialPort
01-01 00:03:15.719 1960 1960 E SerialManager: android.os.DeadObjectException: Transaction failed on small parcel; remote process probably died
01-01 00:03:15.719 1960 1960 E SerialManager: at android.os.BinderProxy.transactNative(Native Method)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.os.BinderProxy.transact(Binder.java:503)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.hardware.ISerialManager$Stub$Proxy.openSerialPort(ISerialManager.java:115)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.hardware.SerialManager.openSerialPort(SerialManager.java:69)
01-01 00:03:15.719 1960 1960 E SerialManager: at com.android.serialchat.SerialChat.onResume(SerialChat.java:81)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.Instrumentation.callActivityOnResume(Instrumentation.java:1259)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.Activity.performResume(Activity.java:6361)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.performResumeActivity(ActivityThread.java:3092)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.handleResumeActivity(ActivityThread.java:3134)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2481)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.access$900(ActivityThread.java:150)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1344)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.os.Handler.dispatchMessage(Handler.java:102)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.os.Looper.loop(Looper.java:148)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.main(ActivityThread.java:5417)
01-01 00:03:15.719 1960 1960 E SerialManager: at java.lang.reflect.Method.invoke(Native Method)
01-01 00:03:15.719 1960 1960 E SerialManager: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
01-01 00:03:15.719 1960 1960 E SerialManager: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
01-01 00:03:15.727 1960 1973 D OpenGLRenderer: Use EGL_SWAP_BEHAVIOR_PRESERVED: true
01-01 00:03:18.833 1308 1308 W Binder_5: type=1400 audit(0.0:301): avc: denied { read write } for path="/dev/ttyHSL1" dev="tmpfs" ino=8663 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:serial_device:s0 tclass=chr_file permissive=0
01-01 00:03:16.005 799 843 I ActivityManager: Displayed com.android.serialchat/.SerialChat: +452ms
Logcat when I keep SELinux in permissive mode using setenforce 0, following is the log.
01-01 00:03:37.582 799 1346 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=com.android.serialchat/.SerialChat (has extras)} from uid 10016 on display 0
01-01 00:03:37.668 1960 1960 E SerialManager: SerialManager.openSerialPort name is /dev/ttyHSL1 speed is 115200
01-01 00:03:40.793 985 985 I Binder_4: type=1400 audit(0.0:303): avc: denied { read write } for path="/dev/ttyHSL1" dev="tmpfs" ino=8663 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:serial_device:s0 tclass=chr_file permissive=1
01-01 00:03:40.793 1960 1960 I roid.serialchat: type=1400 audit(0.0:304): avc: denied { ioctl } for path="/dev/ttyHSL1" dev="tmpfs" ino=8663 ioctlcmd=5401 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:serial_device:s0 tclass=chr_file permissive=1
01-01 00:03:37.671 1960 1960 E SerialManager: SerialManager.openSerialPort pfd is not null
01-01 00:03:37.675 1960 2028 D SerialChat: run
01-01 00:03:37.675 1960 2028 D SerialChat: calling read
01-01 00:03:37.754 799 843 I ActivityManager: Displayed com.android.serialchat/.SerialChat: +134ms
Apart from those sepolicy, is there anything else to be added? Or do I miss anything else?
Regards,
Sathya
I am trying to use SerialChat application located at frameworks/base/tests/SerialChat for accessing serial port (/dev/ttyHSL1) from Android Java application layer. But when I launch application, it throws exception related to permission. I have verified whether the serial_service is included in the selinux policy.
I have verified in the service_context at out directory of android build.
serial u:object_r:serial_service:s0
In file_contexts at out directory of android build.
/dev/ttyHSL1 u:object_r:serial_device:s0
In /obj/ETC/sepolicy_intermediates/policy.conf at out directory of android build.
type serial_device, dev_type;
type serial_service, system_api_service, system_server_service, service_manager_type;
allow system_app serial_service: service_manager find;
allow system_server serial_device:chr_file { { getattr open read ioctl lock } { open append write } };
allow untrusted_app serial_service: service_manager find;
type serial_service, system_api_service, system_server_service, service_manager_type;
allow system_app serial_service: service_manager find;
allow system_server serial_device:chr_file { { getattr open read ioctl lock } { open append write } };
allow untrusted_app serial_service: service_manager find;
Logcat when I keep SELinux in enforce mode, following is the log.
01-01 00:03:15.509 799 972 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10000000 pkg=com.android.serialchat cmp=com.android.serialchat/.SerialChat} from uid 10011 on display 0
01-01 00:03:15.570 799 1346 I ActivityManager: Start proc 1960:com.android.serialchat/u0a54 for activity com.android.serialchat/.SerialChat
[ 193.544684] type=1400 audit(195.699:301): avc: denied { read write } for pid=1308 comm="Binder_5" path="/dev/ttyHSL1" dev="tmpfs" ino=8663 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:serial_device:s0 tclass=chr_file permissive=0 xb853c5f8
01-01 00:03:15.649 1960 1960 W System : ClassLoader referenced unknown path: /data/app/com.android.serialchat-1/lib/arm
01-01 00:03:15.709 1960 1960 E SerialManager: SerialManager.openSerialPort name is /dev/ttyHSL1 speed is 115200
01-01 00:03:15.717 1960 1960 E JavaBinder: !!! FAILED BINDER TRANSACTION !!! (parcel size = 104)
01-01 00:03:15.719 1960 1960 E SerialManager: exception in SerialManager.openSerialPort
01-01 00:03:15.719 1960 1960 E SerialManager: android.os.DeadObjectException: Transaction failed on small parcel; remote process probably died
01-01 00:03:15.719 1960 1960 E SerialManager: at android.os.BinderProxy.transactNative(Native Method)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.os.BinderProxy.transact(Binder.java:503)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.hardware.ISerialManager$Stub$Proxy.openSerialPort(ISerialManager.java:115)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.hardware.SerialManager.openSerialPort(SerialManager.java:69)
01-01 00:03:15.719 1960 1960 E SerialManager: at com.android.serialchat.SerialChat.onResume(SerialChat.java:81)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.Instrumentation.callActivityOnResume(Instrumentation.java:1259)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.Activity.performResume(Activity.java:6361)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.performResumeActivity(ActivityThread.java:3092)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.handleResumeActivity(ActivityThread.java:3134)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2481)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.access$900(ActivityThread.java:150)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1344)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.os.Handler.dispatchMessage(Handler.java:102)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.os.Looper.loop(Looper.java:148)
01-01 00:03:15.719 1960 1960 E SerialManager: at android.app.ActivityThread.main(ActivityThread.java:5417)
01-01 00:03:15.719 1960 1960 E SerialManager: at java.lang.reflect.Method.invoke(Native Method)
01-01 00:03:15.719 1960 1960 E SerialManager: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
01-01 00:03:15.719 1960 1960 E SerialManager: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)
01-01 00:03:15.727 1960 1973 D OpenGLRenderer: Use EGL_SWAP_BEHAVIOR_PRESERVED: true
01-01 00:03:18.833 1308 1308 W Binder_5: type=1400 audit(0.0:301): avc: denied { read write } for path="/dev/ttyHSL1" dev="tmpfs" ino=8663 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:serial_device:s0 tclass=chr_file permissive=0
01-01 00:03:16.005 799 843 I ActivityManager: Displayed com.android.serialchat/.SerialChat: +452ms
Logcat when I keep SELinux in permissive mode using setenforce 0, following is the log.
01-01 00:03:37.582 799 1346 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=com.android.serialchat/.SerialChat (has extras)} from uid 10016 on display 0
01-01 00:03:37.668 1960 1960 E SerialManager: SerialManager.openSerialPort name is /dev/ttyHSL1 speed is 115200
01-01 00:03:40.793 985 985 I Binder_4: type=1400 audit(0.0:303): avc: denied { read write } for path="/dev/ttyHSL1" dev="tmpfs" ino=8663 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:serial_device:s0 tclass=chr_file permissive=1
01-01 00:03:40.793 1960 1960 I roid.serialchat: type=1400 audit(0.0:304): avc: denied { ioctl } for path="/dev/ttyHSL1" dev="tmpfs" ino=8663 ioctlcmd=5401 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:serial_device:s0 tclass=chr_file permissive=1
01-01 00:03:37.671 1960 1960 E SerialManager: SerialManager.openSerialPort pfd is not null
01-01 00:03:37.675 1960 2028 D SerialChat: run
01-01 00:03:37.675 1960 2028 D SerialChat: calling read
01-01 00:03:37.754 799 843 I ActivityManager: Displayed com.android.serialchat/.SerialChat: +134ms
Apart from those sepolicy, is there anything else to be added? Or do I miss anything else?
Regards,
Sathya
David Escalona
Nov 6, 2018, 9:33:17 AM11/6/18
to android-platform
Hello,
I am having exactly the same issue but with an SPI interface. I think I have set all the SE Policy permissions and rules correctly, but I keep getting the denied message followed by the binder transaction failed crash.
Were you able to fix this issue? If so, what was the correct fix?
Thanks in advance!
Reply all
Reply to author
Forward
0 new messages