* File-system is not mounting when I am enabling selinux
@ 2014-07-21 23:03 Avijit Das
2014-07-22 4:51 ` dE
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Avijit Das @ 2014-07-21 23:03 UTC (permalink / raw)
To: selinux
[-- Attachment #1: Type: text/plain, Size: 2661 bytes --]
Hi,
I am trying to enable SELinux in Android platform. I am getting the following error message:
[ 16.331402] init: invalid uid 'fm_radio'[ 17.759590] EXT4-fs (mmcblk0p24): mounted filesystem with ordered data mode. Opts: barrier=1[ 17.767028] SELinux: (dev mmcblk0p24, type ext4) has no security xattr handler[ 17.775651] fs_mgr: __mount(source=/dev/block/bootdevice/by-name/system,target=/system,type=ext4)=-1[ 17.783817] fs_mgr: Failed to mount an un-encryptable or wiped partition on/dev/block/bootdevice/by-name/system at /system options: barrier=1 error: Operation not supported on transport endpoint[ 17.802215] EXT4-fs (mmcblk0p29): Ignoring removed nomblk_io_submit option[ 17.821190] EXT4-fs (mmcblk0p29): mounted filesystem with ordered data mode. Opts: nomblk_io_submit,errors=remount-ro[ 17.830819] SELinux: (dev mmcblk0p29, type ext4) has no security xattr handler[ 17.840383] fs_mgr: check_fs(): mount(/dev/block/bootdevice/by-name/userdata,/data,ext4)=-1[ 17.847781] fs_mgr: Not running /system/bin/e2fsck on /dev/block/bootdevice/by-name/userdata (executable not in system image)[ 17.865028] EXT4-fs (mmcblk0p29): mounted filesystem with ordered data mode. Opts: barrier=1,noauto_da_alloc[ 17.873877] SELinux: (dev mmcblk0p29, type ext4) has no security xattr handler[ 17.883072] fs_mgr: __mount(source=/dev/block/bootdevice/by-name/userdata,target=/data,type=ext4)=-1[ 17.892845] fs_mgr: fs_mgr_mount_all(): possibly an encryptable blkdev /dev/block/bootdevice/by-name/userdata for mount /data type ext4 )[ 17.904640] init: fs_mgr_mount_all returned an error[ 17.909559] init (273) used greatest stack depth: 12824 bytes left[ 17.915496] init: fs_mgr_mount_all returned unexpected error 255[ 17.926673] EXT4-fs (mmcblk0p25): mounted filesystem with ordered data mode. Opts: barrier=1[ 17.934144] SELinux: (dev mmcblk0p25, type ext4) has no security xattr handler[ 17.948220] EXT4-fs (mmcblk0p26): mounted filesystem with ordered data mode. Opts: barrier=1[ 17.955632] SELinux: (dev mmcblk0p26, type ext4) has no security xattr handler[ 17.964734] SELinux: Could not set context for /persist: Operation not supported on transport endpoint[ 17.983614] SELinux: Could not set context for /cache: Read-only file system
The device is booting fine to home screen, But executable files inside system/bin is not accessible. It seems system image is not getting mounted properly. And because of that we are not able to do adb shell. Is this a known issue?
I found this fix: http://permalink.gmane.org/gmane.comp.security.selinux/18999
Is this relevant?
Thanks,Avijit
[-- Attachment #2: Type: text/html, Size: 3672 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: File-system is not mounting when I am enabling selinux
2014-07-21 23:03 File-system is not mounting when I am enabling selinux Avijit Das
@ 2014-07-22 4:51 ` dE
2014-07-22 12:12 ` Christopher J. PeBenito
2014-07-22 12:26 ` Stephen Smalley
2 siblings, 0 replies; 5+ messages in thread
From: dE @ 2014-07-22 4:51 UTC (permalink / raw)
To: selinux
[-- Attachment #1: Type: text/plain, Size: 2994 bytes --]
On 07/22/14 04:33, Avijit Das wrote:
> Hi,
>
> I am trying to enable SELinux in Android platform. I am getting the
> following error message:
>
> [ 16.331402] init: invalid uid 'fm_radio'
> [ 17.759590] EXT4-fs (mmcblk0p24): mounted filesystem with ordered
> data mode. Opts: barrier=1
> [ 17.767028] SELinux: (dev mmcblk0p24, type ext4) has no security
> xattr handler
> [ 17.775651] fs_mgr:
> __mount(source=/dev/block/bootdevice/by-name/system,target=/system,type=ext4)=-1
> [ 17.783817] fs_mgr: Failed to mount an un-encryptable or wiped
> partition on/dev/block/bootdevice/by-name/system at /system options:
> barrier=1 error: Operation not supported on transport endpoint
> [ 17.802215] EXT4-fs (mmcblk0p29): Ignoring removed nomblk_io_submit
> option
> [ 17.821190] EXT4-fs (mmcblk0p29): mounted filesystem with ordered
> data mode. Opts: nomblk_io_submit,errors=remount-ro
> [ 17.830819] SELinux: (dev mmcblk0p29, type ext4) has no security
> xattr handler
> [ 17.840383] fs_mgr: check_fs():
> mount(/dev/block/bootdevice/by-name/userdata,/data,ext4)=-1
> [ 17.847781] fs_mgr: Not running /system/bin/e2fsck on
> /dev/block/bootdevice/by-name/userdata (executable not in system image)
> [ 17.865028] EXT4-fs (mmcblk0p29): mounted filesystem with ordered
> data mode. Opts: barrier=1,noauto_da_alloc
> [ 17.873877] SELinux: (dev mmcblk0p29, type ext4) has no security
> xattr handler
> [ 17.883072] fs_mgr:
> __mount(source=/dev/block/bootdevice/by-name/userdata,target=/data,type=ext4)=-1
> [ 17.892845] fs_mgr: fs_mgr_mount_all(): possibly an encryptable
> blkdev /dev/block/bootdevice/by-name/userdata for mount /data type ext4 )
> [ 17.904640] init: fs_mgr_mount_all returned an error
> [ 17.909559] init (273) used greatest stack depth: 12824 bytes left
> [ 17.915496] init: fs_mgr_mount_all returned unexpected error 255
> [ 17.926673] EXT4-fs (mmcblk0p25): mounted filesystem with ordered
> data mode. Opts: barrier=1
> [ 17.934144] SELinux: (dev mmcblk0p25, type ext4) has no security
> xattr handler
> [ 17.948220] EXT4-fs (mmcblk0p26): mounted filesystem with ordered
> data mode. Opts: barrier=1
> [ 17.955632] SELinux: (dev mmcblk0p26, type ext4) has no security
> xattr handler
> [ 17.964734] SELinux: Could not set context for /persist: Operation
> not supported on transport endpoint
> [ 17.983614] SELinux: Could not set context for /cache: Read-only
> file system
>
>
> The device is booting fine to home screen, But executable files inside
> system/bin is not accessible. It seems system image is not getting
> mounted properly. And because of that we are not able to do adb shell.
> Is this a known issue?
>
> I found this fix:
> http://permalink.gmane.org/gmane.comp.security.selinux/18999
>
> Is this relevant?
>
> Thanks,
> Avijit
>
No. ext4 is not implemented as FUSE.
You need to mount th FS with xattr option to get SELinux support, after
that you should do a relabel of the entire FS.
[-- Attachment #2: Type: text/html, Size: 4914 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: File-system is not mounting when I am enabling selinux
2014-07-21 23:03 File-system is not mounting when I am enabling selinux Avijit Das
2014-07-22 4:51 ` dE
@ 2014-07-22 12:12 ` Christopher J. PeBenito
2014-07-23 1:40 ` Avijit Das
2014-07-22 12:26 ` Stephen Smalley
2 siblings, 1 reply; 5+ messages in thread
From: Christopher J. PeBenito @ 2014-07-22 12:12 UTC (permalink / raw)
To: Avijit Das, selinux
On 7/21/2014 7:03 PM, Avijit Das wrote:
> Hi,
>
> I am trying to enable SELinux in Android platform. I am getting the
> following error message:
> [ 17.767028] SELinux: (dev mmcblk0p24, type ext4) has no security
> xattr handler
> [ 17.830819] SELinux: (dev mmcblk0p29, type ext4) has no security
> xattr handler
> [ 17.865028] EXT4-fs (mmcblk0p29): mounted filesystem with ordered
> data mode. Opts: barrier=1,noauto_da_alloc
> [ 17.873877] SELinux: (dev mmcblk0p29, type ext4) has no security
> xattr handler
> [ 17.934144] SELinux: (dev mmcblk0p25, type ext4) has no security
> xattr handler
> [ 17.955632] SELinux: (dev mmcblk0p26, type ext4) has no security
> xattr handler
Your ext4 is missing security labels (note no security xattr handler
error), you need to turn on CONFIG_EXT4_FS_SECURITY.
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: File-system is not mounting when I am enabling selinux
2014-07-21 23:03 File-system is not mounting when I am enabling selinux Avijit Das
2014-07-22 4:51 ` dE
2014-07-22 12:12 ` Christopher J. PeBenito
@ 2014-07-22 12:26 ` Stephen Smalley
2 siblings, 0 replies; 5+ messages in thread
From: Stephen Smalley @ 2014-07-22 12:26 UTC (permalink / raw)
To: Avijit Das, selinux
On 07/21/2014 07:03 PM, Avijit Das wrote:
> Hi,
>
> I am trying to enable SELinux in Android platform. I am getting the
> following error message:
>
> [ 16.331402] init: invalid uid 'fm_radio'
> [ 17.759590] EXT4-fs (mmcblk0p24): mounted filesystem with ordered
> data mode. Opts: barrier=1
> [ 17.767028] SELinux: (dev mmcblk0p24, type ext4) has no security
> xattr handler
As Chris said, this indicates that your kernel configuration is missing
an option required for SELinux, CONFIG_EXT4_FS_SECURITY=y, and therefore
does not include the security xattr handlers.
Also, questions regarding the Android SELinux support are best directed
to the seandroid-list, subscribe by sending email to
seandroid-list-join@tycho.nsa.gov.
^ permalink raw reply [flat|nested] 5+ messages in thread
* RE: File-system is not mounting when I am enabling selinux
2014-07-22 12:12 ` Christopher J. PeBenito
@ 2014-07-23 1:40 ` Avijit Das
0 siblings, 0 replies; 5+ messages in thread
From: Avijit Das @ 2014-07-23 1:40 UTC (permalink / raw)
To: Christopher J. PeBenito, selinux
[-- Attachment #1: Type: text/plain, Size: 1240 bytes --]
Thanks a lot !!
It resolved my purpose.
Thanks,Avijit
> Date: Tue, 22 Jul 2014 08:12:33 -0400
> From: cpebenito@tresys.com
> To: avijitnsec@live.com; selinux@tycho.nsa.gov
> Subject: Re: File-system is not mounting when I am enabling selinux
>
> On 7/21/2014 7:03 PM, Avijit Das wrote:
> > Hi,
> >
> > I am trying to enable SELinux in Android platform. I am getting the
> > following error message:
>
> > [ 17.767028] SELinux: (dev mmcblk0p24, type ext4) has no security
> > xattr handler
> > [ 17.830819] SELinux: (dev mmcblk0p29, type ext4) has no security
> > xattr handler
> > [ 17.865028] EXT4-fs (mmcblk0p29): mounted filesystem with ordered
> > data mode. Opts: barrier=1,noauto_da_alloc
> > [ 17.873877] SELinux: (dev mmcblk0p29, type ext4) has no security
> > xattr handler
> > [ 17.934144] SELinux: (dev mmcblk0p25, type ext4) has no security
> > xattr handler
> > [ 17.955632] SELinux: (dev mmcblk0p26, type ext4) has no security
> > xattr handler
>
> Your ext4 is missing security labels (note no security xattr handler
> error), you need to turn on CONFIG_EXT4_FS_SECURITY.
>
>
> --
> Chris PeBenito
> Tresys Technology, LLC
> www.tresys.com | oss.tresys.com
[-- Attachment #2: Type: text/html, Size: 1739 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-07-23 1:40 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-07-21 23:03 File-system is not mounting when I am enabling selinux Avijit Das
2014-07-22 4:51 ` dE
2014-07-22 12:12 ` Christopher J. PeBenito
2014-07-23 1:40 ` Avijit Das
2014-07-22 12:26 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.