From: Joshua Brindle <method@manicmethod.com>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Bryan Hinton <bryan@bryanhinton.com>, SELinux@tycho.nsa.gov
Subject: Re: SEAndroid Build for Galaxy Nexus
Date: Wed, 25 Jan 2012 10:01:40 -0500 [thread overview]
Message-ID: <4F201954.8080004@manicmethod.com> (raw)
In-Reply-To: <1327495215.9607.2.camel@moss-pluto>
Stephen Smalley wrote:
> On Tue, 2012-01-24 at 12:44 -0600, Bryan Hinton wrote:
>> I just completed a 4.0.3 SEAndroid build for the Galaxy Nexus. The
>> build was clean and it is successfully running on the device.
>> A few general notes:
>> -I ran the following fastboot commands (in this order) after building
>> AOSP w/ SELinux patches and repacking the boot image: fastboot erase
>> cache, fastboot flash boot boot.img, fastboot flash system system.img,
>> fastboot flash userdata userdata.img.
>> -I had to mount /system rw after boot and fix the missing, userland
>> ril client library in order to get the cdma/lte radios working.
>> device/samsung/tuna is missing the extract script in AOSP.
>> -permissive and enforced modes are functioning properly according to
>> dmesg output. phone calls and sms are successful. I am in the
>> process of relabeling some of the device nodes in the policy to allow
>> access to the radio.
>
> Glad to hear that you were able to get it up and running. I don't
> presently have that device, so I'd be interested in hearing more about
> your experience, changes you have to make, etc.
>
I also have it running on the Galaxy Nexus. One thing I had to do was /factory
was unlabeled after the initial boot. The files in there are all owned by radio
so I labeled them u:r:radio_device:s0. Since the default policy only allows
chr_file access for radio_device I had to add regular files and directory access
to the policy. I'll send up a patch when I've gotten other issues resolved.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2012-01-25 15:01 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-24 18:44 SEAndroid Build for Galaxy Nexus Bryan Hinton
2012-01-25 12:40 ` Stephen Smalley
2012-01-25 15:01 ` Joshua Brindle [this message]
2012-01-25 20:46 ` Stephen Smalley
2012-01-25 21:07 ` Bryan Hinton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F201954.8080004@manicmethod.com \
--to=method@manicmethod.com \
--cc=SELinux@tycho.nsa.gov \
--cc=bryan@bryanhinton.com \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.