38a261a82b
/dev/qemu_trace is used by memcheck on qemu to get memory allocation events
from all processes on the system. Allow all domains to access this device, and
other qemu-specific devices.
Addresses the following denials:
type=1400 audit(1402674828.500:3): avc: denied { read write } for pid=44 comm="servicemanager" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:servicemanager:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674828.500:4): avc: denied { open } for pid=44 comm="servicemanager" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:servicemanager:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674828.520:5): avc: denied { read write } for pid=42 comm="logd" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:logd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674828.520:6): avc: denied { open } for pid=42 comm="logd" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:logd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674828.610:7): avc: denied { read write } for pid=48 comm="debuggerd" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:debuggerd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674828.610:8): avc: denied { open } for pid=48 comm="debuggerd" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:debuggerd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674829.000:9): avc: denied { read write } for pid=47 comm="netd" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:netd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674829.000:10): avc: denied { open } for pid=47 comm="netd" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:netd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674829.180:11): avc: denied { read write } for pid=53 comm="installd" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:installd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674829.200:12): avc: denied { read write } for pid=45 comm="vold" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:vold:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674829.200:13): avc: denied { open } for pid=53 comm="installd" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:installd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674829.200:14): avc: denied { open } for pid=45 comm="vold" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:vold:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674829.280:15): avc: denied { read write } for pid=54 comm="keystore" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:keystore:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674829.280:16): avc: denied { open } for pid=54 comm="keystore" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:keystore:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674830.580:17): avc: denied { read write } for pid=51 comm="drmserver" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:drmserver:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674830.580:18): avc: denied { open } for pid=51 comm="drmserver" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:drmserver:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674930.860:22): avc: denied { read write } for pid=655 comm="iptables" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:netd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
type=1400 audit(1402674930.870:23): avc: denied { open } for pid=655 comm="iptables" name="qemu_trace" dev="tmpfs" ino=1494 scontext=u:r:netd:s0 tcontext=u:object_r:qemu_device:s0 tclass=chr_file
Bug: 15570479
Change-Id: I87d0976800557d73064e2da038315b0d019d7a60
72 lines
2.1 KiB
Makefile
72 lines
2.1 KiB
Makefile
#
|
|
# Copyright (C) 2011 The Android Open Source Project
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
# BoardConfig.mk
|
|
#
|
|
# Product-specific compile-time definitions.
|
|
#
|
|
|
|
# The generic product target doesn't have any hardware-specific pieces.
|
|
TARGET_NO_BOOTLOADER := true
|
|
TARGET_NO_KERNEL := true
|
|
|
|
TARGET_ARCH := mips
|
|
ifeq (,$(TARGET_ARCH_VARIANT))
|
|
TARGET_ARCH_VARIANT := mips32r2-fp
|
|
endif
|
|
TARGET_CPU_ABI := mips
|
|
|
|
HAVE_HTC_AUDIO_DRIVER := true
|
|
BOARD_USES_GENERIC_AUDIO := true
|
|
|
|
# no hardware camera
|
|
USE_CAMERA_STUB := true
|
|
|
|
# Enable dex-preoptimization to speed up the first boot sequence
|
|
# of an SDK AVD. Note that this operation only works on Linux for now
|
|
ifeq ($(HOST_OS),linux)
|
|
ifeq ($(WITH_DEXPREOPT),)
|
|
WITH_DEXPREOPT := true
|
|
endif
|
|
endif
|
|
|
|
# Build OpenGLES emulation guest and host libraries
|
|
BUILD_EMULATOR_OPENGL := true
|
|
|
|
# Build and enable the OpenGL ES View renderer. When running on the emulator,
|
|
# the GLES renderer disables itself if host GL acceleration isn't available.
|
|
USE_OPENGL_RENDERER := true
|
|
|
|
TARGET_USERIMAGES_USE_EXT4 := true
|
|
BOARD_SYSTEMIMAGE_PARTITION_SIZE := 786432000
|
|
BOARD_USERDATAIMAGE_PARTITION_SIZE := 576716800
|
|
BOARD_CACHEIMAGE_PARTITION_SIZE := 69206016
|
|
BOARD_CACHEIMAGE_FILE_SYSTEM_TYPE := ext4
|
|
BOARD_FLASH_BLOCK_SIZE := 512
|
|
TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
|
|
|
|
BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
|
|
BOARD_SEPOLICY_UNION += \
|
|
bootanim.te \
|
|
device.te \
|
|
domain.te \
|
|
file.te \
|
|
file_contexts \
|
|
qemud.te \
|
|
rild.te \
|
|
shell.te \
|
|
surfaceflinger.te \
|
|
system_server.te
|