AnsweredAssumed Answered

GPS Service was kickout while selinux is enabled

Question asked by Benson Wu on Jan 7, 2019
Latest reply on Jan 18, 2019 by lu winbo

I am developing Android platform (Oreo) with imx6dl and imx6Q

Recently, I just add ublox GNSS driver (v3.5) from ublox on my platform and met a problem related to Selinux.

  • If OS was built with Selinux is enabled(enforced) , ublox driver tried to bind but failed continuously(kicked repeatedly) and the message is as below:

 

/****************************************************************************/

init: starting service 'ubx-gnss'...
init: property_set("init.svc.ubx-gnss", "running") OK!
init: property_set("ro.boottime.ubx-gnss", "964917483781") failed: property already set
init: Service 'ubx-gnss' (pid 1515) killed by signal 6
init: Sending signal 9 to service 'ubx-gnss' (pid 1515) process group...
init: Successfully killed process cgroup uid 0 pid 1515 in 0ms
init: property_set("init.svc.ubx-gnss", "restarting") OK!
init: Untracked pid 1518 exited with status 0
130|sabresd_6dq:/ # starinit: starting service 'ubx-gnss'...
init: property_set("init.svc.ubx-gnss", "running") OK!
init: property_set("ro.boottime.ubx-gnss", "969921627782") failed: property already set
init: Service 'ubx-gnss' (pid 1523) killed by signal 6
init: Sending signal 9 to service 'ubx-gnss' (pid 1523) process group...
init: Successfully killed process cgroup uid 0 pid 1523 in 0ms
init: property_set("init.svc.ubx-gnss", "restarting") OK!
init: Untracked pid 1526 killed by signal 13

................

/***************************************************************/

  • the result of getprop is as below:

[init.svc.ubx-gnss]: [restarting]

[ro.boottime.ubx-gnss]: [10671214334]

 

However, if I built OS with disable Selinux( add androidboot.selinux=permissive in bootarg ) then ublox driver can be attached successfully. and NMEA message can come out 

Logs:

/**************************************************************************/

init: starting service 'ubx-gnss'...
init: property_set("init.svc.ubx-gnss", "running") OK!
init: property_set("ro.boottime.ubx-gnss", "2643702243981") failed: property already set

/*************************************************************************/

getprop:

[init.svc.ubx-gnss]: [running]
[ro.boottime.ubx-gnss]: [10671214334]

 

There is no related AVC message . My GPS port is i2c-0 .

/*********************************************************/

# dmesg | grep avc
[ 11.278137] type=1400 audit(15.880:4): avc: granted { read } for pid=1 comm="init" name="ttymxc0" dev="tmpfs" ino=9581 scontext=u:r:init:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file
[ 15.640669] type=1400 audit(15.880:4): avc: granted { read } for pid=1 comm="init" name="ttymxc0" dev="tmpfs" ino=9581 scontext=u:r:init:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file
[ 15.679859] type=1400 audit(15.880:5): avc: granted { read open } for pid=1 comm="init" path="/dev/ttymxc0" dev="tmpfs" ino=9581 scontext=u:r:init:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file
[ 15.696924] type=1400 audit(15.880:5): avc: granted { read open } for pid=1 comm="init" path="/dev/ttymxc0" dev="tmpfs" ino=9581 scontext=u:r:init:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file
[ 15.714734] type=1400 audit(16.000:6): avc: granted { read } for pid=277 comm="init" name="ttymxc0" dev="tmpfs" ino=9581 scontext=u:r:init:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file
[ 15.732394] type=1400 audit(16.000:6): avc: granted { read } for pid=277 comm="init" name="ttymxc0" dev="tmpfs" ino=9581 scontext=u:r:init:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file
[ 15.748371] type=1400 audit(16.000:7): avc: granted { read open } for pid=277 comm="init" path="/dev/ttymxc0" dev="tmpfs" ino=9581 scontext=u:r:init:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file
[ 1020.549032] type=1400 audit(16.000:7): avc: granted { read open } for pid=277 comm="init" path="/dev/ttymxc0" dev="tmpfs" ino=9581 scontext=u:r:init:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file

/**************************************************************/

 

 

 

Further information in later experiment:

I try to build OS image with disable Selinux but I purposely enter the incorrect path for library , then I got the SAME error messages as the OS image with enabled Selinux.

/****************************************************************************/

init: starting service 'ubx-gnss'...
init: property_set("init.svc.ubx-gnss", "running") OK!
init: property_set("ro.boottime.ubx-gnss", "964917483781") failed: property already set
init: Service 'ubx-gnss' (pid 1515) killed by signal 6
init: Sending signal 9 to service 'ubx-gnss' (pid 1515) process group...
init: Successfully killed process cgroup uid 0 pid 1515 in 0ms
init: property_set("init.svc.ubx-gnss", "restarting") OK!
init: Untracked pid 1518 exited with status 0
130|sabresd_6dq:/ # starinit: starting service 'ubx-gnss'... 
init: property_set("init.svc.ubx-gnss", "running") OK!
init: property_set("ro.boottime.ubx-gnss", "969921627782") failed: property already set
init: Service 'ubx-gnss' (pid 1523) killed by signal 6
init: Sending signal 9 to service 'ubx-gnss' (pid 1523) process group...
init: Successfully killed process cgroup uid 0 pid 1523 in 0ms
init: property_set("init.svc.ubx-gnss", "restarting") OK!
init: Untracked pid 1526 killed by signal 13

................

/***************************************************************/

It seemed that I have permission issue to access shared library when Selinux is enabled. 

 

 Please give me some help if possible. Thank you!

Outcomes