From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <4F201954.8080004@manicmethod.com> Date: Wed, 25 Jan 2012 10:01:40 -0500 From: Joshua Brindle MIME-Version: 1.0 To: Stephen Smalley CC: Bryan Hinton , SELinux@tycho.nsa.gov Subject: Re: SEAndroid Build for Galaxy Nexus References: <1327495215.9607.2.camel@moss-pluto> In-Reply-To: <1327495215.9607.2.camel@moss-pluto> Content-Type: text/plain; charset=UTF-8; format=flowed Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov Stephen Smalley wrote: > On Tue, 2012-01-24 at 12:44 -0600, Bryan Hinton wrote: >> I just completed a 4.0.3 SEAndroid build for the Galaxy Nexus. The >> build was clean and it is successfully running on the device. >> A few general notes: >> -I ran the following fastboot commands (in this order) after building >> AOSP w/ SELinux patches and repacking the boot image: fastboot erase >> cache, fastboot flash boot boot.img, fastboot flash system system.img, >> fastboot flash userdata userdata.img. >> -I had to mount /system rw after boot and fix the missing, userland >> ril client library in order to get the cdma/lte radios working. >> device/samsung/tuna is missing the extract script in AOSP. >> -permissive and enforced modes are functioning properly according to >> dmesg output. phone calls and sms are successful. I am in the >> process of relabeling some of the device nodes in the policy to allow >> access to the radio. > > Glad to hear that you were able to get it up and running. I don't > presently have that device, so I'd be interested in hearing more about > your experience, changes you have to make, etc. > I also have it running on the Galaxy Nexus. One thing I had to do was /factory was unlabeled after the initial boot. The files in there are all owned by radio so I labeled them u:r:radio_device:s0. Since the default policy only allows chr_file access for radio_device I had to add regular files and directory access to the policy. I'll send up a patch when I've gotten other issues resolved. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.