diff options
| author | Jeff Vander Stoep <jeffv@google.com> | 2016-01-31 18:16:50 -0800 |
|---|---|---|
| committer | Jeffrey Vander Stoep <jeffv@google.com> | 2016-02-01 02:35:09 +0000 |
| commit | 9a591fb9ffbe4fc59a0992c19ef830dc118527b4 (patch) | |
| tree | e26f50f681a562b927b06ca6b1047dc61bcc6e17 | |
| parent | 7770981554ead4f1c246df510bd299dec112d7f3 (diff) | |
| download | hikey-linaro-9a591fb9ffbe4fc59a0992c19ef830dc118527b4.tar.gz | |
hikey_defconfig: disable devtmpfs
Selinux file labeling of /dev is done by ueventd. Devtmpfs may also create
files in /dev without properly labeling - leading to a race condition
where files are accessed before labeling or created after labeling.
Disabling devtmpfs such that all file creation in /dev is done by ueventd
resolves these issues.
Addresses:
avc: denied { write } for name="/" dev="devtmpfs" ino=1025 scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=dir
avc: denied { mknod } for capability=27 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability
avc: denied { add_name } for name="usb_accessory" scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=dir
avc: denied { create } for name="usb_accessory" scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
avc: denied { setattr } for name="usb_accessory" dev="devtmpfs" ino=2082 scontext=u:r:kernel:s0 tcontext=u:object_r:device:s0 tclass=chr_file
Change-Id: Iccc06afb035339ba82a9bdd323b14a17d6ee864f
| -rw-r--r-- | arch/arm64/configs/hikey_defconfig | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/arch/arm64/configs/hikey_defconfig b/arch/arm64/configs/hikey_defconfig index 4ad18f050816..1ad6d2f89878 100644 --- a/arch/arm64/configs/hikey_defconfig +++ b/arch/arm64/configs/hikey_defconfig @@ -190,8 +190,6 @@ CONFIG_RFKILL_GPIO=y CONFIG_NET_9P=y CONFIG_NET_9P_VIRTIO=y CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" -CONFIG_DEVTMPFS=y -CONFIG_DEVTMPFS_MOUNT=y CONFIG_FW_LOADER_USER_HELPER_FALLBACK=y CONFIG_DMA_CMA=y CONFIG_CMA_SIZE_MBYTES=64 |