SE Policy prevents access of serial ports by android application (by default).
I added "allow" to untrusted_app.te
allow untrusted_app tty_device:chr_file rw_file_perms;
However, still the avc denial message comes up that untrusted_app not permitted to write to tty_device.
How can this be resolved ?
I have struggled this issue for 2 days with the same symptom as yours...and finally, I solved this issue with SELINUX on.
============================= My Solution =========================================
type tty_device, dev_type;
type tty_device, dev_type, mlstrustedobject;
All the above solution is coming from the ideas of the link: SELinux 添加一个权限 - 大大世界 - 简书
However, I am not really uncertain why this action solved this issue...
I have the same issue , too. Did anybody have solution?
Probably I will need an apk that could work in the sabresd6q and make all the features that you need. It would be helpful if you can pass me an apk to test the problem.
Best Regards,
Diego.
Hi Diego,
I'm new to android,
How to test imx6q sabre-sdb serial port with android apk?
i want to send some data to serial
if any sample apk is available please suggest me
thanks
Hello Arindam,
Do you have any script regarding, or an App regarding to this issue?
I have successfully built the image, but I need to reproduce your error.
Best Regards,
Diego.
Hi Diego,
I am trying to access serial port (ttymxc1) from my app. A simple open followed by a read.
I do not have a separate test app. I believe a simple app which just opens and reads ttymxc1 or ttymxc2 will be sufficient to reproduce the issue.
If required, I can create one.
Regards,
Arindam
Hello Arindam,
You can try to set this boot targets during the boot process.
setenv bootargs 'console=ttymxc2,115200 init=/init video=mxcfb0:dev=ldb,1024x768M@60,bpp=32 video=mxcfb1:off video=mxcfb2:off video=mxcfb3:off vmalloc=400M androidboot.console=ttymxc2 consoleblank=0 androidboot.hardware=freescale cma=384M androidboot.selinux=disabled androidboot.dm_verity=disabled no_console_suspend'
I haven't tested this configuration with an app. But I can write to the serial ports thought shell commands.
I hope this can solve your problem.
Best Regards,
Diego.
Hi Diego,
I do not want to disable SELINUX.
Regards,
Arindam Ghosh Roy
Principal Firmware Engineer | Renal Care Solutions
India Medtronic Pvt. Ltd.
Prestige Shantiniketan, Tower B, 11th Floor | Whitefield, Bangalore – 560048 | INDIA
Office +91 80 6715 7351 | Mobile + 91 70220 24759| Fax +91 80 6715 7498
arindam.g.roy@medtronic.com<mailto:arindam.g.roy@medtronic.com>
medtronic.com<http://www.medtronic.com/> | Facebook<https://www.facebook.com/Medtronic> | LinkedIn<https://www.linkedin.com/company/medtronic?trk=biz-companies-cym> | Twitter<https://twitter.com/Medtronic> | YouTube <https://www.youtube.com/user/MedtronicCorp>
LET’S TAKE HEALTHCARE
FURTHER, TOGETHER
Hello Arindam,
I am trying to build the image with the new configurations. But I am getting some errors that I am trying to solve on the go.
I will notify you, If I can successfully build the image.
Best Regards,
Diego.
Hello Arindam,
I found this web-page that can help you with your problem. I haven't tested the solution, but you can try it and see if it works.
Android* Security Customization with SEAndroid - CodeProject
Best Regards,
Diego.
Hi Diego,
Thank you for the reply.
I did use the rule ( as specified in the link also ):
allow untrusted_app tty_device:chr_file rw_file_perms;
and ttymxc1 and ttymxc2 falls under the category tty_device.
I am using Sabre SDP and Android Marshmallow.
Could you reproduce in to the board ?
Regards,
Arindam
Hello Arindam,
Thank you for writing.
I will try to reproduce this error, probably this process can take some time.
Best regards,
Diego.