Hello all,
I have a very simple test program to help with debugging my Android
dual booting project. It reads the current policy from
/sys/fs/selinux/policy,
changes a single type to be permissive, and then loads the new policy
by writing it to /sys/fs/selinux/load. The problem is, after editing the
policy with sepol, it fails to load and the kernel prints the following
message in dmesg: "SELinux: ebitmap: truncated map".
The program reads and writes the policy file using the standard fopen
and policydb_read/policydb_write calls. I then set a few types to be
permissive using the following loop:
...
char *name;
int is_permissive;
char **types = (null terminated char* array)
char **type;
...
for (unsigned int i = 0; i < pdb->p_types.nprim - 1; i++) {
name = pdb->p_type_val_to_name[i];
is_permissive = ebitmap_get_bit(&pdb->permissive_map, i + 1);
if (!is_permissive) {
for (type = types; *type; type++) {
if (strcmp(*type, name) == 0) {
ebitmap_set_bit(&pdb->permissive_map, i + 1, 1);
break;
}
}
}
}
...
I've been trying to debug this for many hours, but I can't seem to figure
out why this is happening. Is there a simple mistake I'm overlooking or
am I approaching this in a completely wrong way?
Thanks in advance! Any help is greatly appreciated!
Andrew Gunnerson
PS: This is running on Android 5.0 with libsepol 2.4-rc4 and kernel
3.4.0-g88fbc66.
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
