[ohos] selinux

savior_xzh

已于 2024-01-15 20:14:47 修改

阅读量96

点赞数

分类专栏： OHOS 文章标签： ohos

于 2023-11-17 17:04:10 首次发布

本文链接：https://blog.csdn.net/weixin_44506866/article/details/134466973

版权

OHOS 专栏收录该内容

1 篇文章 0 订阅

订阅专栏

通过串口实时抓selinux规则

1、装串口驱动，网上搜一下就有
2、连接串口线，反三角
3、moba连接一下

在这里插入图片描述

repo sync -c --no-tags
bash build/prebuilts_download.sh
repo forall -c ‘git lfs pull’
./build.sh --product-name rk3568 --ccache --no-prebuilt-sdk --build-variant user
全编user版本，从out取出版本，刷机

cd out/rk3568
快速验证selinux，编译及打包system镜像

/usr/bin/env ../../base/security/selinux_adapter/scripts/build_policy.py --dst-file /mnt/data/x30044351/ohos/master/out/rk3568/packages/phone/system/etc/selinux/targeted/policy/policy.31 --tool-path /mnt/data/x30044351/ohos/master/out/rk3568/clang_x64/thirdparty/selinux/ --source-root-dir /mnt/data/x30044351/ohos/master/ --policy_dir_list default --debug-version disable --updater-version disable --developer-version false --components default;/usr/bin/env ../../build/ohos/images/build_image.py --depfile gen/build/ohos/images/phone_system_image.d --image-name system --input-path packages/phone/system --image-config-file ../../build/ohos/images/mkimage/system_image_conf.txt --device-image-config-file packages/imagesconf/system_image_conf.txt --output-image packages/phone/images/system.img --target-cpu arm --build-variant user --build-image-tools-path clang_x64/thirdparty/e2fsprogs clang_x64/thirdparty/f2fs-tools ../../third_party/e2fsprogs/prebuilt/host/bin ../../build/ohos/images/mkimage

单刷 /home/q00599926/workspace/rk3568/out/rk3568/packages/phone/images/system.img

执行aa命令同时打印aa的进程号
hdc shell “aa start -a EntryAbility -b com.example.myapplication6 & ps -efZ”

取消内核日志限流

=========>>>>>>>>>临时解除限流方法
1.改变内核日志打印速度
echo 1 > /proc/sys/kernel/printk_ratelimit
echo 1000 > /proc/sys/kernel/printk_ratelimit_burst

2.取消avc缓存
echo 1 > /sys/fs/selinux/avc/cache_threshold

永久取消限流方法
https://gitee.com/openharmony/kernel_linux_5.10/pulls/516
解压上面下载下来的镜像包，进入fastboot刷里面的boot_linux.img镜像
hdc shell reboot bootloader
fastboot flash boot boot_linux.img
fastboot reboot

成功了内核日志就不会有如下打印
hdc shell “dmesg | grep ‘callbacks suppressed’”

============>>>>>

编译selinux文件
./build.sh --product-name rk3568 --build-target selinux_adapter

./build.sh --product-name rk3568 --build-target selinux_adapter --fast-rebuild

替换文件
重新执行

触发告警
run -l ActsAACommandPrintOneTest;ActsAACommandPrintSyncTest;ActsAACommandTest;

处理日志
https://gitee.com/savior-xzh/selinux_guide

触发aa命令告警
hdc shell aa test -b com.example.myapplication -m entry_test -s unittest /ets/testrunner/OpenHarmonyTestRunner -s class ActsAbilityTest#assertContain -s notClass ActsAbilityTest#assertContain002 -s breakOnError true -s random true -s testType function -s size small -s level 1 -s stress 5 -s timeout 15000 -s coverage true -w 2000

savior_xzh

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
[ohos] selinux

单刷 /home/q00599926/workspace/rk3568/out/rk3568/packages/phone/images/system.img。快速验证selinux，编译及打包system镜像。全编user版本，从out取出版本，刷机。1、装串口驱动，网上搜一下就有。2、连接串口线，反三角。3、moba连接一下。
复制链接

扫一扫