AnsweredAssumed Answered

5.0 SELinux And GPIO

Question asked by li fusong on Oct 19, 2015
Latest reply on Nov 8, 2015 by li fusong

Dear sir.

  we want access gpio pin from android app.

Android 5.0 has a function SELinux. and default is enable

we use function gpio_export To generate gpio device file

in the os the file patch look like as

/sys/devices/soc0/soc.1/2000000.aips-bus/20a0000.gpio/gpio/gpio35/value

/sys/devices/soc0/soc.1/2000000.aips-bus/20a0000.gpio/gpio/gpio35/direction

 

and have symlink file

/sys/class/gpio/gpio35/value

/sys/class/gpio/gpio35/direction

 

our android app will read and write /sys/class/gpio/gpio35/value

but The android app only can read the file,can't wirte ,it refuse  by SELinux policy

 

so we want change this policy.

file_contexts add

/sys/devices/soc0/soc.1/2000000.aips-bus/20a0000.gpio/gpio/gpio35/value u:object_r:gpio_control:s0

/sys/devices/soc0/soc.1/2000000.aips-bus/20a0000.gpio/gpio/gpio35/direction u:object_r:gpio_control:s0

 

file.te add

type gpio_control, fs_type, sysfs_type;

build image and boot .

 

question one.

the mainboard haven't plug into USB disk \sdcard\sata _hdd

the system will normal boot into os , and check the /sys/class/gpio/gpio35/value attributes

it display the selinux attributes changed from default sysfs to gpio_control

root@sabresd_6dq:/sys/class/gpio/gpio35 # ls -Z

-rw-r--r-- root     root              u:object_r:sysfs:s0 active_low

lrwxrwxrwx root     root              u:object_r:sysfs:s0 device -> ../../../20a0000.gpio

-rw-rw-rw- root     system            u:object_r:gpio_control:s0 direction

-rw-r--r-- root     root              u:object_r:sysfs:s0 edge

drwxr-xr-x root     root              u:object_r:sysfs:s0 power

lrwxrwxrwx root     root              u:object_r:sysfs:s0 subsystem -> ../../../../../../../class/gpio

-rw-r--r-- root     root              u:object_r:sysfs:s0 uevent

-rw-rw-rw- root     system            u:object_r:gpio_control:s0 value

root@sabresd_6dq:/sys/class/gpio/gpio35 #

 

but the file_contexts File content format as a regular expression,the character "." must be escape,

look like as

/sys/devices/soc0/soc\.1/2000000\.aips-bus/20a0000\.gpio/gpio/gpio35/value u:object_r:gpio_control:s0

build and boot ,the kernel can't boot into os,please see append file escape_file.txt

why can't use escape character "."?

 

question tow.

plug usb disk \sdcard \sata_hdd into mainboard

file_contexts file add below code

/sys/devices/soc0/soc.1/2000000.aips-bus/20a0000.gpio/gpio/gpio35/value u:object_r:gpio_control:s0

the kernel can't boot into os .the error log look like as append escape_file.txt

 

file_contexts file add below code

/sys/devices/soc0/soc\.1/2000000\.aips-bus/20a0000\.gpio/gpio/gpio35/value u:object_r:gpio_control:s0

the kernel can boot into os ,but the gpio device file can't change anything.The SELinux attributes still is sysfs ,not gpio_control

 

help please.

Original Attachment has been moved to: Escape_file.txt.zip

Outcomes