Thursday, 2022-04-14

voidanix[m]looks like selinux engaged drugs mode:
voidanix[m]says it's permissive everywhere yet seems to enforce08:59
SopyI am unsure of this so I decided to join and ask... if I go on and port sailfish to my phone, is there any way to get android apps? I am kind of relying on some and it seems that is a SailfishOS X feature09:03
Thaodanvoidanix[m]: I did build edo with -user for sfos which doesn't bootloop it but on aosp it does since it enables enforcing then09:03
ThaodanSopy: Porting a phone isn't an easy tasks, Android kernels are often buggy, same for vendor drivers and so on.09:04
voidanix[m]Sopy: well yes there is waydroid which is a nested android instance inside sfos pretty much09:04
ThaodanIf you want to get a good sfos experience either get an Sailfish X supported device09:04
voidanix[m]Thaodan: yea but why does it work with -user on AOSP 1009:05
Thaodanvoidanix[m]: SELinux policies are maybe not finished for A11.09:06
voidanix[m]don't think so, i used AOSP11/LOS 18.1 with enforcing this whole time and everything "just werked"09:07
ThaodanFor Kumano?09:07
Thaodan How does that affect SELinux? I don't see any line there.09:07
ThaodanSame for 4.19:
voidanix[m]about PFK? i saw some logs saying that CONFIG_PFK did something to sepolicy and needed to be disabled09:09
voidanix[m]btw with selinux disabled i do get a hwc i think (screen gets dim) so it gets pretty far09:11
ThaodanCan you get kmsg logs when CONFIG_PFK is there?09:13
voidanix[m]well kinda, see the paste above09:14
voidanix[m]i just slap `dmesg > /dmesg.log` in droid-hal-early-init.sh09:15
voidanix[m]journal is blocked by selinux, logcat is unobtainable because of dhi not starting09:15
ThaodanWhat happens if you disable pfk?09:18
voidanix[m]kernel does not build09:18
voidanix[m]want a log?09:18
ThaodanDisable CONFIG_SECURITY_SMACK too09:28
ThaodanI don't think it is used.09:29
ThaodanNo reason to fix it there.09:29
voidanix[m]wdym? smack seems unrelated, or is it not?09:32
ThaodanHm yeah. BTW that pfk and fscrypt_ice have multiple cves09:34
voidanix[m]i recall ICE also being deprecated in AOSP09:35
Thaodan yes09:38
Thaodanthis was enabled but reverted09:38
ThaodanYou would disable both09:38
ThaodanSFOS uses luks anyway09:38
voidanix[m]lemme try that09:39
ThaodanBtw I wonder why this only not boots on A11 but on A10 is fine.09:40
ThaodanIf the defconfig is the same09:41
ThaodanMy xperia 1 also has config pfk09:42
voidanix[m]it does not want to load the policy at boot either09:46
voidanix[m]do you also get `SELinux:  Context unconfined_u:object_r:unlabeled_t:s0 is not valid (left unmapped).` on A10?09:47
voidanix[m]the CONFIG_FS_ENCRYPTION commit you linked still does not work without PFK09:50
ThaodanI mean disable the two mentioned to be removed in the commit above09:52
voidanix[m]already done, nothing changed09:53
ThaodanWhere did you got 'SELinux:  Context unconfined_u:object_r:unlabeled_t:s0 is not valid (left unmapped).' ?09:53
Thaodanlogcat or dmesg?09:53
ThaodanI suspect that pfk is not the issue since it doesn't break A10.09:53
ThaodanWhat type was the build of droid-system?09:54
voidanix[m]-user like it said in the 10 III build guide09:54
ThaodanOk was just asking to be sure since I had issues in the past booting up with -userdebug.09:57
ThaodanThis what dmesg says but selinux, no such error there:
voidanix[m]huh i do have some of your missing files10:01
voidanix[m]plat_sepolicy_vers.txt and vendor_property_contexts10:01
voidanix[m]oh Thaodan just noticed you command is wrong10:08
voidanix[m]you should have done `grep -i selinux`10:08
piggzso, the onscreen keyboard isnt appearing here ... spiiroin .. how can i check if mce thinks a hw keyboard is attached ?11:03
piggztried variations on:11:17
piggzFxtec Pro1=gpio-keys11:18
piggzah, got it, i had a typo in my config, spot it above!11:31
voidanix[m]there is a good and a bad news:13:31
voidanix[m]the good news is that selinux has been fixed with permissive13:31
voidanix[m]it liked `policy` but not `policy.30`, why? dunno but will check some day with a sestatus13:31
voidanix[m]the bad news is that servicemanager is having an existential crisis:
voidanix[m]error comes from here:;l=46;drc=46f380b947d272466ced788b9fa6ab4fd8aa8300;bpv=0;bpt=0 but no idea how to debug it13:33
T42<edp_17> Thanks for sharing. How did you found this out? (re @SailfishFreenodeIRCBridgeBot: <voidanix[m]>it like...)13:47
voidanix[m]see the messages above with thaodan, i also looked around my own fedora system and did `man selinux_config`13:49
Thaodanvoidanix[m]:hm is keymaster there?13:53
ThaodanI wonder what is different compared to edo and lena.13:54
T42<edp_17> voidanix[m]: Thanks.13:57
voidanix[m]Thaodan: yes it is13:58
Thaodanvoidanix[m]: Does keymaster crash maybe?15:20
ThaodanThere's this on tama:
voidanix[m]Thaodan: nope, check the above logcat16:42
voidanix[m]it is wait_for_keymaster that crashes because it does not see servicemanager16:42
voidanix[m]`Abort message: 'Check failed: serviceManager Could not retrieve ServiceManager'` should come from `E servicemanager: Could not self register servicemanager`16:47
T42<leha155> Hellow, I decided to check everything from the very beginning. I have several questions. Which branch should I use when cloning mer-hybris/android? 18.1 or 18.1-update? As well as mer-hybris/libhybris.git? Master or android 11?21:01
ThaodanMaster for libhybris21:29
ThaodanAre you porting from aosp or los?21:31

Generated by 2.17.1 by Marius Gedminas - find it at!