selinux – Getting avc: denied error in AOSP 6.0.1

Getting avc: denied error(SEpolicy while copying from sdcard directory to cache/SH_DIR.

Error :

type=1400 audit(1623259119.150:7): avc: denied { search } for pid=2780 comm=”xyz” name=”default” dev=”tmpfs” ino=7420 scontext=u:r:aaa_bbb:s0

Code logic :

    FILE *sourceFile; 
    FILE *destFile;
    char sourcePath(100)= "/storage/emulated/0/test.txt";
    char destPath(100)="/cache/SH_DIR/";
    char ch;


    printf("Enter source file path: %s",sourcePath);

    printf("Enter destination file path:%s ",destPath);


    sourceFile  = fopen(sourcePath, "r");
    destFile    = fopen(destPath,   "w");
 
    if (sourceFile == NULL || destFile == NULL)
        {
    
    printf("nUnable to open file.n");
    printf("Please check if file exists and you have read/write privilege.n");


    exit(EXIT_FAILURE);
        }
ch = fgetc(sourceFile);
while (ch != EOF)
{
    /* Write to destination file */
    fputc(ch, destFile);

    /* Read next character from source file */
    ch = fgetc(sourceFile);
}


printf("nFiles copied successfully.n");



/* Finally close files to release resources */
fclose(sourceFile);
fclose(destFile);

Registation file in SEPOLICY :

AOSP/vendor/…/sepolicy/file_contexts :

 /cache/SH_DIR(/.*)? u:object_r:ccc_downloaded_sw_file:s0

filename.te:

allow filename ccc_downloaded_sw_file:dir { open search read write getattr add_name remove_name };
allow filename ccc_downloaded_sw_file:file { open read create write unlink append getattr setattr };

Can you please help me, why I am unable to copy file from source to destination.

aosp – How to update a self built LineageOS without redownloading/rebuilding all the sources?

I have been able to successfully build LineageOS 17.1 for my (unsupported officially) smartphone and I have self signed the build one month ago.
I would like to rebuild it with this month’s new updates, without having to redownload/rebuild everything that had not been changed.
To build it I did:

repo init -u git://github.com/LineageOS/android.git -b lineage-17.1
created .repo/local_manifests/roomservice.xml with all the device specific code
repo sync
Extracted the proprietary blobs
launched lunch to set up my device
make -j8 bacon
mka target-files-package otatools
signed the zip

What should I do to avoid fully redownloading and rebuilding everything? Is it enough running repo sync, mka target-files-package otatools and signing the new zip? Is there something I should do to clean up from the previous build?

vanilla android – AOSP Build with Landscape Mode Default

vanilla android – AOSP Build with Landscape Mode Default – Android Enthusiasts Stack Exchange

7.1 nougat – AOSP 7.1.2 – Firefox (Fennec and IceCat) result with just a white screen

I have installed a Custom ROM (AOSP 7.1.2) on a Samsung tablet. It is rooted, and also has gapps (pico).

Most everything works – except, when I installed both versions of Firefox for mobile – Fennec and IceCat (both via F-Droid), and the installation was successful (though neither of them asked for any permissions).

However, when I start either of them, they simply start as a white screen, and … nothing happens (Fennec occasionally crashes after a few seconds of white screen, I have not seen IceCat crash so far, it just keeps at the white screen).

I captured a bit of logcat – first fennec is started, then icecat – it has been pasted here:

https://pastebin.com/ijGSr8X0

Would anyone have any idea as to why specifically these two Firefox apps start with nothing else but a white screen; and how to fix that?

(BTW, I use the same IceCat on an Android 4.x device; it works fine there.)

security – AOSP x86 adb secure

I’m trying to build a custom ROM with secure access via adb. My goal is to secure the android image so that it can only be accessed with a certain adb RSA key pair.

When I build AOSP with ‘user’ variant, adb doesn’t work, cannot connect to it in x86, always get ‘connection refused by host’, but when I build it with another variant (userdebug or eng), adb connect with no restrictions.

How can I secure adb in order to allow connections only from clients that uses certain RSA pairs?

How to open AOSP default launcher app Launcher3 in Android Studio?

I cloned Launcher3, which is the default launcher for AOSP: https://android.googlesource.com/platform/packages/apps/Launcher3/+/refs/tags/android-11.0.0_r28

I opened it on Android Studio and got

01:04   Gradle sync failed: com.android.tools.idea.gradle.project.sync.idea.issues.SdkPlatformNotFoundException: Module: 'Launcher3' platform 'android-R' not found. (1 m 34 s 191 ms)

What is wrong? I made sure Android 11 SDK is downloaded

fastboot – How are AOSP compiled .img stores in phone flash?

There are the contents of a Xiaomi image for some phone that I downloaded. It is a fastboot image. I think that it means that it can be flashed by fastboot.

├── AP
│   ├── APDB_MT6768_S01__W2006
│   └── APDB_MT6768_S01__W2006_ENUM
├── BP
│   ├── DbgInfo_LR12A.R3.MP_HUAQIN_Q0MP1_MT6769_SP_MOLY_LR12A_R3_MP_V98_P75_2020_12_11_16_34_1_ulwctg_n
│   ├── MDDB_InfoCustomAppSrcP_MT6768_S00_MOLY_LR12A_R3_MP_V98_P75_1_ulwctg_n.EDB
│   ├── MDDB.META_MT6768_S00_MOLY_LR12A_R3_MP_V98_P75_1_ulwctg_n.EDB
│   └── MDDB.META.ODB_MT6768_S00_MOLY_LR12A_R3_MP_V98_P75_1_ulwctg_n.XML.GZ
├── BP_IN
├── CheckSum_Gen
├── check_sum.sh
├── flash_all.bat
├── flash_all_except_data_storage.bat
├── flash_all_except_data_storage.sh
├── flash_all_lock.bat
├── flash_all_lock.sh
├── flash_all.sh
├── flash_gen_crc_list.py
├── flash_gen_md5_list.py
├── flash_gen_resparsecount
├── hat_extract.py
├── hat_flash.sh
├── images
│   ├── boot.img
│   ├── cache.img
│   ├── Checksum.ini
│   ├── crclist.txt
│   ├── cust.img
│   ├── dtbo.img
│   ├── exaid.img
│   ├── gsort.img
│   ├── lk.img
│   ├── logo.bin
│   ├── md1img.img
│   ├── MT6768_Android_scatter.txt
│   ├── oem_misc1.img
│   ├── preloader_merlin.bin
│   ├── recovery.img
│   ├── scp.img
│   ├── sparsecrclist.txt
│   ├── spmfw.img
│   ├── sspm.img
│   ├── super.img
│   ├── tee.img
│   ├── userdata.img
│   ├── vbmeta.img
│   ├── vbmeta_system.img
│   └── vbmeta_vendor.img
├── libflashtoolEx.so
├── libflashtool.so
├── libflashtool.v1.so
├── Log
│   └── ADPT_20201218-033445_0.log
├── md5sum.xml
└── misc.txt

I never compiled Android. I’m gonna buy an SSD just for that, but meanwhile I’m trying to understand the output of the AOSP project when I build everything.

I found this: https://stackoverflow.com/questions/65450678/how-is-the-aosp-project-built/65527251#65527251 which explains how some .img are built. For example, this is how system.img is built: system.img

Looking at the structure of the ROM above, I guess the only things produced by AOSP are the .img. I guess the flash_all.sh is an script that flashes all the images to the flash memory.

How are those images stored in the flash memory? How does fastboot knows where to place each .img?

If we look at the flash_all.sh:

fastboot $* flash cache `dirname $0`/images/cache.img
if [ $? -ne 0 ] ; then echo "Flash cache error"; exit 1; fi
fastboot $* flash recovery `dirname $0`/images/recovery.img
if [ $? -ne 0 ] ; then echo "Flash recovery error"; exit 1; fi
fastboot $* flash boot `dirname $0`/images/boot.img
if [ $? -ne 0 ] ; then echo "Flash boot error"; exit 1; fi

it passes a different name for each .img. Maybe there’s a ‘fastboot server’ on the phone that knows where to place each image?

applications – Adding system app in aosp not working while same app works as user app

I am trying to add a VPN app as system app in AOSP

AOSP is masterbranch downloaded in 05-2020 release

The Vpn app I am trying to add is opensource available here. I have tested the same app on my AOSP build after flashing it in device.
This app works fine as user app on AOSP build. But when I am trying to add it as system app it gets added as system app but is unable to connect to vpn server.

It shows below errors in logs

12-17 14:10:45.620  3694  3694 D OpenVpnApi: startVpnInternal: ==============de.blinkt.openvpn.core.ConfigParser@e11ca6e
12-17 14:10:45.620  3694  3694 D OpenVpnApi: converted Profile
12-17 14:10:45.636  1314  1365 W ShortcutService: reportShortcutUsed: package com.lazycoder.cakevpn doesn't have shortcut 7c72459b-4444-41bc-bc6d-7858532f6d2f
12-17 14:10:45.644  3694  4639 I OpenVPN : Starting openvpn
12-17 14:10:45.647  3694  4639 E OpenVPN : OpenVPNThread Got java.lang.NullPointerException: Attempt to invoke virtual method 'void java.lang.Process.destroy()' on a null object reference
12-17 14:10:45.663  3694  4639 I OpenVPN : Exiting
12-17 14:10:45.740  2089  2089 D InterruptionStateProvider: No heads up: unimportant notification: 0|com.lazycoder.cakevpn|1623130911|null|10107
12-17 14:10:45.744  2089  2089 D InterruptionStateProvider: No heads up: unimportant notification: 0|com.lazycoder.cakevpn|1623130911|null|10107
12-17 14:10:45.755  1314  1365 I system_server: oneway function results will be dropped but finished with status OK and parcel size 4
12-17 14:10:45.760  2089  2089 D InterruptionStateProvider: No heads up: unimportant notification: 0|com.lazycoder.cakevpn|1623130911|null|10107

And here is makefile to add vpn as system app in AOSP

LOCAL_PATH := $(call my-dir)

my_archs := arm x86 arm64
my_src_arch := $(call get-prebuilt-src-arch, $(my_archs))

include $(CLEAR_VARS)
LOCAL_MODULE := CakeVPN
LOCAL_MODULE_CLASS := APPS
LOCAL_MODULE_TAGS := optional
LOCAL_BUILT_MODULE_STEM := package.apk
LOCAL_MODULE_SUFFIX := $(COMMON_ANDROID_PACKAGE_SUFFIX)
LOCAL_CERTIFICATE := PRESIGNED
LOCAL_SRC_FILES := app-release.apk

LOCAL_PREBUILT_JNI_LIBS := 
  @lib/arm64/libjbcrypto.so 
  @lib/arm64/libopenvpn.so 
  @lib/arm64/libopvpnutil.so 
  @lib/arm64/libovpnexec.so

LOCAL_MODULE_TARGET_ARCH := $(my_src_arch)

include $(BUILD_PREBUILT)

aosp – Init service not starting in user build

I have an init service that is not starting in user build. When running a userdebug build it works fine but not in user build. Can’t seem to figure out why it’s not running. I don’t see any errors about it in logcat either.

on property:myprop=1
    start mysvc

service mysvc /system/bin/mybinary myargs
    user system
    group system
    oneshot

My app sets this property when I want the service to start.

Any help here is appreciated.

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123