updating partitions from recovery - Android Q&A, Help & Troubleshooting

Hi,
I am writing an application which will mount pendrive and update partitions like system, vendor, boot and recovery with the contents available in pendrive. I am trying to define sepolicy for this application.
For testing purpose, i have written one basic .te file with the below content.
type test_updater, domain;
type test_updater_exec, exec_type, file_type;
init_daemon_domain(test_updater)
I am getting the below build error while compiling,
neverallow check failed at out/target/product/mt2712/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_sepolicy.cil:3126
(neverallow base_typeattr_56_27_0 base_typeattr_57_27_0 (file (execute execute_no_trans entrypoint)))
<root>
allow at out/target/product/mt2712/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_sepolicy.cil:6758
(allow failsafe_updater failsafe_updater_exec (file (read getattr map execute entrypoint open)))
neverallow check failed at out/target/product/mt2712/obj/ETC/plat_sepolicy.cil_intermediates/plat_sepolicy.cil:4641 from system/sepolicy/public/domain.te:668
(neverallow base_typeattr_56 base_typeattr_57 (file (execute execute_no_trans entrypoint)))
<root>
allow at out/target/product/mt2712/obj/ETC/nonplat_sepolicy.cil_intermediates/nonplat_sepolicy.cil:6758
(allow failsafe_updater failsafe_updater_exec (file (read getattr map execute entrypoint open)))
Failed to generate binary
Failed to build policydb
Can someone kindly help me to resolve this issue?
android: 8.1
Regards,
Abdul

I am also facing the same scenario, appreciating any suggestions in advance .

I'm facing the same problem, any update?

Related

[Solved] [Q] .bash_profile issues in OS X

EDIT: I finally got this working. Google made a typo in their documentation.
I am following the instructions on This Page to set up a build environment in OS X. I have created a journaled, case-sensitive, disk image in my home directory. Now, I am trying to set up my .bash_profile file to make it easy to mount. The guide says:
For a disk image named "android.dmg" stored in your home directory, you can add the following to your ~/.bash_profile to mount the image when you execute "mountAndroid":
Code:
# mount the android file image
function mountAndroid{ hdiutil attach ~/android.dmg-mountpoint /Volumes/android; }
Click to expand...
Click to collapse
When I follow those directions, the terminal returns the following errors:
Code:
-bash: /Users/username/.bash_profile: line 8: syntax error near unexpected token `hdiutil'
-bash: /Users/username/.bash_profile: line 8: `function mountAndroid{ hdiutil attach Users/username/android.dmg-mountpoint /Volumes/android; }'
I can manually mount the image with:
Code:
hdiutil attach android.dmg -mountpoint /Volumes/android
...but I can't seem to tie it to a command or mount it at all from .bash_profile.
Does anyone know how to get this to work?
Im not 100% sure, as I have never done it, but it looks for sure that you are missing a space between the ".dmg" and the "-mountpoint". Command line utilities require a format of command space filename space options space otheroptions etc.
So,
Code:
function mountAndroid{ hdiutil attach ~/android.dmg -mountpoint /Volumes/android; }
Try that instead.
doogald said:
Im not 100% sure, as I have never done it, but it looks for sure that you are missing a space between the ".dmg" and the "-mountpoint". Command line utilities require a format of command space filename space options space otheroptions etc.
So,
Code:
function mountAndroid{ hdiutil attach ~/android.dmg -mountpoint /Volumes/android; }
Try that instead.
Click to expand...
Click to collapse
Yeah, I got it working. The documentation on the source.android.com site was missing the space. I thought I had tried putting the space in, but later I tried again and it worked. Thanks.

android app: network access for external programs

Dear All,
I am trying to develop an app which calls a external program (written in C) using Runtime.getRuntime().exec method. This program is basically an gstreamer based rtsp server and it works good if I run from the android command prompt. However, when I run the program from the app, I am getting the following error.
Failed to bind socket (Permission denied)
I had given the network access in my AndroidManifest.xml file.
<uses-permission android:name="android.permission.INTERNET"></uses-permission>
I also tried this
String cmd = "ping localhost";
Runtime.getRuntime().exec(cmd);
for which I got
ping: icmp open socket: Operation not permitted
I also tried to run an another program from an app (which shows an image on the android screen - surfaceflinger sink). So, I included android.permission.ACCESS_SURFACE_FLINGER in the manifest file. However, it wasn't able to display on surfaceflinger sink.
So, I have a feeling that these permissions are not passed on to these external programs. Is there a way to achieve this? I don't want to convert these 'C' based programs to Java. Can anyone please help me out.
Thanks,
Krishnan

[Q] Can not run eclipes apps

Greetings-
I am trying to run a sample app on my new Note 3. I see the device with adb. I have enclosed a copy of log cat. I get the following three errors in the eclipse console:
[2013-12-18 13:02:55 - NFCMediaShare] Dx
trouble writing output: already prepared
[2013-12-18 13:02:56 - Dex Loader] Unable to execute dex: java.nio.BufferOverflowException. Check the Eclipse log for stack trace.
[2013-12-18 13:02:56 - NFCMediaShare] Conversion to Dalvik format failed: Unable to execute dex: java.nio.BufferOverflowException. Check the Eclipse log for stack trace.
Sean

[Q] Problem using systrace

Hi,
I'm using systrace for tracing cpu but i have a problem when i visualize the output. I have used this command:
"python systrace.py --time=50 -o trace.html sched" .
I tried to open trace.html using google chrome, however the page is blank without any infomation, but in chrome's javascript console i found this issue: Uncaught TypeError: Cannot set property 'focusElement' of undefined.
I have also tried to use atrace in this little script:
"while [ true ]; do
atrace -t 10 sched >> atrace.txt
done"
but the above script creates the following error: "error dumping trace: Invalid argument (22)" and atrace.txt contains only this infomation:
"capturing trace... done
TRACE:
capturing trace...
trace aborted."
I have already updated my sdk and sdk tools but the problem persists, i use a nexus 4 with a custom kernel and android 4.4.
How can i solve this issue?

Selinux contexts on unlabeled target in cm-12.1

Hi all I am working on a port of cyanogenmod 12.1 for the Huawei y6 and would like some advice.
It seems that when /mnt/shell/emulated is created it is not labeled with any selinux context and it then switches to fuse context after being mounted.
When booting in permissive mode this poses no problems however when booting in enforcing mode I was getting avc denied for the sdcardd domain trying to unmount and mounton for an unlabeled context which then results in an infinte boot because zygote refuses to start without emulated storage.
I worked around this by adding a seunion in my boardconfig with the following.
Code:
allow sdcardd unlabeled:dir mounton;
allow sdcardd unlabeled:filesystem { mount unmount };
My concern is if this would result in any security flaws or issues, the worst I can think of is if a process runs as sdcardd and mounts a filesystem containing malicous code that it can then execute. However this would appear to be only able to happen with root access in the first place which would negate the need to exploit it in the first place.
Can I please have some thoughts on if it is a potential risk and also if so how can I safely resolve the mount on boot issue.
Thanks in advance guys.

Categories

Resources