| voidanix[m] | looks like selinux engaged drugs mode: https://paste.opensuse.org/27956332 | 08:59 |
|---|---|---|
| voidanix[m] | says it's permissive everywhere yet seems to enforce | 08:59 |
| Sopy | I am unsure of this so I decided to join and ask... if I go on and port sailfish to my phone, is there any way to get android apps? I am kind of relying on some and it seems that is a SailfishOS X feature | 09:03 |
| Thaodan | voidanix[m]: I did build edo with -user for sfos which doesn't bootloop it but on aosp it does since it enables enforcing then | 09:03 |
| Thaodan | Sopy: Porting a phone isn't an easy tasks, Android kernels are often buggy, same for vendor drivers and so on. | 09:04 |
| voidanix[m] | Sopy: well yes there is waydroid which is a nested android instance inside sfos pretty much | 09:04 |
| Thaodan | If you want to get a good sfos experience either get an Sailfish X supported device | 09:04 |
| voidanix[m] | Thaodan: yea but why does it work with -user on AOSP 10 | 09:05 |
| Thaodan | voidanix[m]: SELinux policies are maybe not finished for A11. | 09:06 |
| voidanix[m] | don't think so, i used AOSP11/LOS 18.1 with enforcing this whole time and everything "just werked" | 09:07 |
| Thaodan | For Kumano? | 09:07 |
| voidanix[m] | yup | 09:07 |
| Thaodan | ok | 09:07 |
| Thaodan | https://github.com/sonyxperiadev/kernel/commit/f9bafc3ad64e2edd417daa2ff2c638f78e83c040 How does that affect SELinux? I don't see any line there. | 09:07 |
| Thaodan | Same for 4.19: https://github.com/sonyxperiadev/kernel/commit/28cfbbcf6e9b4346b6608f41d57c92883cb4c75f | 09:09 |
| voidanix[m] | about PFK? i saw some logs saying that CONFIG_PFK did something to sepolicy and needed to be disabled | 09:09 |
| voidanix[m] | https://irclogs.sailfishos.org/logs/%23sailfishos-porters/%23sailfishos-porters.2019-04-23.log.html | 09:09 |
| voidanix[m] | btw with selinux disabled i do get a hwc i think (screen gets dim) so it gets pretty far | 09:11 |
| Thaodan | Can you get kmsg logs when CONFIG_PFK is there? | 09:13 |
| voidanix[m] | well kinda, see the paste above | 09:14 |
| voidanix[m] | i just slap `dmesg > /dmesg.log` in droid-hal-early-init.sh | 09:15 |
| voidanix[m] | journal is blocked by selinux, logcat is unobtainable because of dhi not starting | 09:15 |
| Thaodan | What happens if you disable pfk? | 09:18 |
| voidanix[m] | kernel does not build | 09:18 |
| voidanix[m] | want a log? | 09:18 |
| Thaodan | sure | 09:18 |
| voidanix[m] | Thaodan: https://paste.opensuse.org/57322065 | 09:27 |
| Thaodan | Disable CONFIG_SECURITY_SMACK too | 09:28 |
| Thaodan | I don't think it is used. | 09:29 |
| Thaodan | No reason to fix it there. | 09:29 |
| voidanix[m] | wdym? smack seems unrelated, or is it not? | 09:32 |
| Thaodan | Hm yeah. BTW that pfk and fscrypt_ice have multiple cves | 09:34 |
| Thaodan | https://nvd.nist.gov/vuln/detail/CVE-2020-0407 | 09:34 |
| voidanix[m] | i recall ICE also being deprecated in AOSP | 09:35 |
| Thaodan | https://github.com/sonyxperiadev/kernel-defconfig/commit/b89e6b411ad7d682de92de5b2365e52cd6af98a4 yes | 09:38 |
| Thaodan | this was enabled but reverted | 09:38 |
| Thaodan | You would disable both | 09:38 |
| Thaodan | SFOS uses luks anyway | 09:38 |
| voidanix[m] | lemme try that | 09:39 |
| Thaodan | Btw I wonder why this only not boots on A11 but on A10 is fine. | 09:40 |
| Thaodan | If the defconfig is the same | 09:41 |
| Thaodan | My xperia 1 also has config pfk | 09:42 |
| voidanix[m] | it does not want to load the policy at boot either | 09:46 |
| voidanix[m] | do you also get `SELinux: Context unconfined_u:object_r:unlabeled_t:s0 is not valid (left unmapped).` on A10? | 09:47 |
| voidanix[m] | the CONFIG_FS_ENCRYPTION commit you linked still does not work without PFK | 09:50 |
| Thaodan | I mean disable the two mentioned to be removed in the commit above | 09:52 |
| voidanix[m] | already done, nothing changed | 09:53 |
| Thaodan | Where did you got 'SELinux: Context unconfined_u:object_r:unlabeled_t:s0 is not valid (left unmapped).' ? | 09:53 |
| Thaodan | logcat or dmesg? | 09:53 |
| voidanix[m] | dmesg | 09:53 |
| Thaodan | I suspect that pfk is not the issue since it doesn't break A10. | 09:53 |
| Thaodan | What type was the build of droid-system? | 09:54 |
| voidanix[m] | -user like it said in the 10 III build guide | 09:54 |
| Thaodan | Ok was just asking to be sure since I had issues in the past booting up with -userdebug. | 09:57 |
| Thaodan | This what dmesg says but selinux, no such error there: https://paste.opensuse.org/21902211 | 09:58 |
| voidanix[m] | huh i do have some of your missing files | 10:01 |
| voidanix[m] | plat_sepolicy_vers.txt and vendor_property_contexts | 10:01 |
| voidanix[m] | oh Thaodan just noticed you command is wrong | 10:08 |
| voidanix[m] | you should have done `grep -i selinux` | 10:08 |
| Thaodan | https://paste.opensuse.org/42698792 | 10:13 |
| piggz | so, the onscreen keyboard isnt appearing here ... spiiroin .. how can i check if mce thinks a hw keyboard is attached ? | 11:03 |
| piggz | tried variations on: | 11:17 |
| piggz | [SW_KEYPAD_SLIDE] | 11:18 |
| piggz | Fxtec Pro1=gpio-keys | 11:18 |
| piggz | [EVDEV] | 11:18 |
| piggz | SW_LID=KEY_KEYPAD_SLIDE | 11:18 |
| piggz | ah, got it, i had a typo in my config, spot it above! | 11:31 |
| voidanix[m] | there is a good and a bad news: | 13:31 |
| voidanix[m] | the good news is that selinux has been fixed with permissive | 13:31 |
| voidanix[m] | it liked `policy` but not `policy.30`, why? dunno but will check some day with a sestatus | 13:31 |
| voidanix[m] | the bad news is that servicemanager is having an existential crisis: https://paste.opensuse.org/63839296 | 13:32 |
| voidanix[m] | error comes from here: https://cs.android.com/android/_/android/platform/frameworks/native/+/refs/tags/android-11.0.0_r48:cmds/servicemanager/main.cpp;l=46;drc=46f380b947d272466ced788b9fa6ab4fd8aa8300;bpv=0;bpt=0 but no idea how to debug it | 13:33 |
| T42 | <edp_17> Thanks for sharing. How did you found this out? (re @SailfishFreenodeIRCBridgeBot: <voidanix[m]>it like...) | 13:47 |
| voidanix[m] | see the messages above with thaodan, i also looked around my own fedora system and did `man selinux_config` | 13:49 |
| Thaodan | voidanix[m]:hm is keymaster there? | 13:53 |
| Thaodan | I wonder what is different compared to edo and lena. | 13:54 |
| T42 | <edp_17> voidanix[m]: Thanks. | 13:57 |
| voidanix[m] | Thaodan: yes it is | 13:58 |
| Thaodan | voidanix[m]: Does keymaster crash maybe? | 15:20 |
| Thaodan | There's this on tama: https://github.com/sailfishos-sony-tama/main/issues/104 | 15:21 |
| voidanix[m] | Thaodan: nope, check the above logcat | 16:42 |
| voidanix[m] | it is wait_for_keymaster that crashes because it does not see servicemanager | 16:42 |
| voidanix[m] | `Abort message: 'Check failed: serviceManager Could not retrieve ServiceManager'` should come from `E servicemanager: Could not self register servicemanager` | 16:47 |
| T42 | <leha155> Hellow, I decided to check everything from the very beginning. I have several questions. Which branch should I use when cloning mer-hybris/android? 18.1 or 18.1-update? As well as mer-hybris/libhybris.git? Master or android 11? | 21:01 |
| Thaodan | Master for libhybris | 21:29 |
| Thaodan | Are you porting from aosp or los? | 21:31 |
Generated by irclog2html.py 2.17.1 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!