[MTK] Selinux : 如何配置 /proc , /sys 目录下的selinux label ,file context
文摘 Android MediaTek 2020-09-2 阅读:12136[DESCRIPTION]
如何配置 /proc /sys 目录下的selinux label ,file context
[SOLUTION]
/proc /sys 等虚拟文件系统
与一般文件系统配置file_contexts不同 , 如
/device/mediatek/sepolicy/.../.../file_contexts
/dev/ttyC5 u:object_r:nwkopt_device:s0
..
等方法不适用
需要在 genfs_contexts底下配置
如:
/device/mediatek/sepolicy/.../.../genfs_contexts
genfscon proc /cpu_loading/onoff u:object_r:proc_cpu_loading:s0
genfscon proc /cpu_loading/uevent_enable u:object_r:proc_cpu_loading:s0
...
genfscon sysfs /devices/platform/CONNAC/net/wlan0/mtu u:object_r:sysfs_net:s0
genfscon sysfs /devices/platform/CONNAC/net/wlan1/mtu u:object_r:sysfs_net:s0
...
注意 sys/class/..下有些节点为link , 需要找到对应实体节点配置
ex:
kxx_bsp:/ # ls -Zl /sys/class/leds
total 0
lrwxrwxrwx 1 root root u:object_r:sysfs:s0 0 2020-04-06 07:42 lcd-backlight -> .
./../devices/platform/leds-mt65xx/leds/lcd-backlight
添加genfscon sysfs /devices/platform/leds-mt65xx/leds u:object_r:sysfs_leds:s0
lrwxrwxrwx 1 root root u:object_r:sysfs:s0 0 2020-04-06 07:42 vibrator -> ../../
devices/platform/odm/odm:vibrator@0/leds/vibrator
添加genfscon sysfs /devices/platform/odm/odm:vibrator@0/leds/vibrator u:object_r:sysfs_vibrator:s0
共0条评论
