SE Linux Android 9 AOSP: Adding a permission in system/sepolicy/private/untrusted_app.te file leading to a build failure

Question

SE Linux Android 9 AOSP: Adding a permission in system/sepolicy/private/untrusted_app.te file leading to a build failure

3.1k views Asked by Palak At 20 September 2024 at 06:33

I am working on Android9 AOSP, when I add a permission in my untrusted_app.te (located in system/sepolicy/private/untrusted_app.te), my build fails.

Error:

system/sepolicy/private/untrusted_app.te:27:ERROR 'unknown type xyz_block_device' at token ';' on line....

The permission that am adding is allow untrusted_app xyz_block_device:blk_file { read write }; in file system/sepolicy/private/untrusted_app.te

Can anyone please guide me where to define xyz_block_device , thanks!

Original Q&A

There are 1 answers

**Nima Mohammadi** · Answer 1 · 2020-10-10 09:59:48

The reason that you see the error is that the xyz_block_device is not defined. for this you need to go the file_contexts and define your xyz_block_device like this:

/dev/yourblockdevice  u:object_r:block_device:s0

and then you can add your rule to untrusted_app.te.

Note: I have to mention that changing the system SEPolicy is not recommended nor safe, it is better to add file named untrusted_app.te to your target tree. (/device/vendor/model).

TechQA.

SE Linux Android 9 AOSP: Adding a permission in system/sepolicy/private/untrusted_app.te file leading to a build failure

There are 1 answers

Related Questions in BUILD

Related Questions in ANDROID-SOURCE

Related Questions in ANDROID-9.0-PIE

Related Questions in SELINUX

Popular Questions

Popular Tags

Trending Questions