recoveryアップグレード'@/cache/recovery/block.map'failedエラー問題
Androidバージョンのアップグレードに伴い、アップグレードパッケージはますます大きくなり、アップグレードパッケージがcacheパーティションに格納できない場合、アップグレードパッケージをdataパーティションにダウンロードし、dataパーティションからアップグレードします.最近、dataパーティションからアップグレードパッケージをロードしたとき、次のエラーが発生しました.
E:Failed to read/cache/recovery/block.map: No such file or directory
ヒント情報に基づいてcacheパーティション、このblockを検索します.mapファイルが存在するかどうか.
busybox mount-t ext 4/dev/block/cache/cache(マウントできない場合はselinux権限をpermissiveに設定)
/cache/recovery/block.mapファイルがないなんて、blockを生成するに違いない.mapで問題が発生し、recoveryに入る前のlog情報を再起動します.
mmcblk 0 p 17に対応するのはcacheとdataパーティション)
アップグレードされたアプリケーションに対応するselinux権限を付与する必要があるかもしれませんが、上でselinux権限に遭遇すると続行されません.必要なすべてのselinux権限を知る必要があります.では、selinuxをpermissive状態に設定し、もう一度アップグレードしてlog状態を観察します.
[ 1.945982] Supported API: 3
[ 1.957270] charge_status 1, charged 1, status -2, capacity -9223372036854775808
[ 1.973917] E:Failed to find CPU thermal info in /sys/class/thermal/
[ 1.990514] I:current maximum temperature: -1
[ 2.007184] Finding update package...
[ 2.057199] I:Update location: @/cache/recovery/block.map
[ 2.057251] Opening update package...
[ 2.092148] E:Failed to read /cache/recovery/block.map: No such file or directory
[ 2.107257] E:Map of '@/cache/recovery/block.map' failed
[ 2.140532] E:failed to map file
[ 2.158867] I:current maximum temperature: -1
[ 2.159049] I:@/cache/recovery/block.map
[ 2.159060] I:0
[ 2.159072] I:time_total: 0
[ 2.159079] I:retry: 0
[ 2.159085] I:uncrypt_time: 0
[ 2.159092] I:uncrypt_error: 1
[ 2.159099] I:
[ 2.159108] Installation aborted.
[ 2.223841] I:Saving locale "en-US"
の最も直接的なエラー情報は、次のとおりです.E:Failed to read/cache/recovery/block.map: No such file or directory
ヒント情報に基づいてcacheパーティション、このblockを検索します.mapファイルが存在するかどうか.
busybox mount-t ext 4/dev/block/cache/cache(マウントできない場合はselinux権限をpermissiveに設定)
# busybox ls -l /cache/recovery/
total 104
__bionic_open_tzdata: couldn't find any tzdata when looking for localtime!
__bionic_open_tzdata: couldn't find any tzdata when looking for GMT!
__bionic_open_tzdata: couldn't find any tzdata when looking for posixrules!
-rw-r--r-- 1 root root 85 Jan 1 00:01 last_install
-rw------- 1 system system 61634 Jan 1 00:01 last_kmsg
-rw------- 1 root root 5 Jan 1 00:00 last_locale
-rw-r----- 1 root root 12160 Jan 1 00:01 last_log
-rw------- 1 system system 12160 Jan 1 00:01 log
-rw------- 1 system system 24 Jan 1 1970 uncrypt_file
-rw------- 1 root root 33 Jan 1 1970 uncrypt_status
必要なものは/cache/recovery/block.mapファイルがないなんて、blockを生成するに違いない.mapで問題が発生し、recoveryに入る前のlog情報を再起動します.
[ 1212.869820@3] type=1400 audit(1209.144:3355): avc: denied { setattr } for pid=4433 comm="Thread-3" name="uncrypt_file" dev="mmcblk0p3" ino=13 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_recovery_file:s0 tclass=file permissive=0
[ 1212.885402@3] type=1400 audit(1212.820:3356): avc: denied { getattr } for pid=4501 comm="uncrypt" path="/data/cache" dev="mmcblk0p17" ino=19 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=0
[ 1212.906032@2] watchdogd: watchdogd started (interval 10, margin 20)!
[ 1212.906143@2] watchdogd: Failed to open /dev/watchdog: No such file or directory
は、/dataと/cacheパーティションの処理中にselinux権限の問題に遭遇したようです.(mmcblk0p3 mmcblk 0 p 17に対応するのはcacheとdataパーティション)
アップグレードされたアプリケーションに対応するselinux権限を付与する必要があるかもしれませんが、上でselinux権限に遭遇すると続行されません.必要なすべてのselinux権限を知る必要があります.では、selinuxをpermissive状態に設定し、もう一度アップグレードしてlog状態を観察します.
[ 98.295965@1] type=1400 audit(84.812:43): avc: denied { open } for pid=2890 comm="HwBinder:2890_1" path="/sys/module/tvin_hdmirx/parameters/en_4k_2_2k" dev="sysfs" ino=6874 scontext=u:r:system_control:s0 tcontext=u:object_r:sysfs_cec:s0 tclass=file permissive=1
[ 98.313718@1] type=1400 audit(98.244:44): avc: denied { remove_name } for pid=4076 comm="Thread-4" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=1
[ 98.333696@1] type=1400 audit(98.244:44): avc: denied { remove_name } for pid=4076 comm="Thread-4" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=1
[ 98.353378@1] type=1400 audit(98.244:45): avc: denied { unlink } for pid=4076 comm="Thread-4" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 98.373096@1] type=1400 audit(98.244:45): avc: denied { unlink } for pid=4076 comm="Thread-4" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 98.392458@1] type=1400 audit(98.304:46): avc: denied { read } for pid=4076 comm="Thread-4" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 98.618368@2] success set parent gpu_p1_composite rate to 500000000
[ 99.302385@1] success set parent gpu_p0_composite rate to 400000000
[ 100.074360@1] success set parent gpu_p1_composite rate to 285714285
[ 101.234329@3] success set parent gpu_p0_composite rate to 125000000
[ 101.344037@0] aml_snd_card_tv aml_snd_tv: I2S playback disable
[ 101.344244@0] aml_snd_card_tv aml_snd_tv: IEC958 playback disable
[ 120.075238@1] type=1400 audit(98.304:46): avc: denied { read } for pid=4076 comm="Thread-4" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 120.090346@1] type=1400 audit(120.024:47): avc: denied { setattr } for pid=4076 comm="Thread-4" name="uncrypt_file" dev="mmcblk0p3" ino=13 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_recovery_file:s0 tclass=file permissive=1
[ 121.326417@0] success set parent gpu_p1_composite rate to 666666666
[ 121.734307@0] success set parent gpu_p0_composite rate to 500000000
[ 121.897440@1] BT_RADIO going: off
[ 121.897470@1] BCM_BT: going OFF
[ 122.342361@2] success set parent gpu_p1_composite rate to 400000000
[ 123.438484@0] success set parent gpu_p0_composite rate to 285714285
[ 123.556904@1] type=1400 audit(120.024:47): avc: denied { setattr } for pid=4076 comm="Thread-4" name="uncrypt_file" dev="mmcblk0p3" ino=13 scontext=u:r:system_app:s0 tcontext=u:object_r:cache_recovery_file:s0 tclass=file permissive=1
[ 123.572107@1] type=1400 audit(123.508:48): avc: denied { getattr } for pid=4211 comm="uncrypt" path="/data/cache" dev="mmcblk0p17" ino=19 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=1
[ 123.591568@1] type=1400 audit(123.508:48): avc: denied { getattr } for pid=4211 comm="uncrypt" path="/data/cache" dev="mmcblk0p17" ino=19 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=1
[ 123.610598@1] type=1400 audit(123.508:49): avc: denied { getattr } for pid=4211 comm="uncrypt" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 123.631453@1] type=1400 audit(123.508:49): avc: denied { getattr } for pid=4211 comm="uncrypt" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 123.652217@1] type=1400 audit(123.512:50): avc: denied { read } for pid=4211 comm="uncrypt" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 123.672583@1] type=1400 audit(123.512:50): avc: denied { read } for pid=4211 comm="uncrypt" name="update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 123.689809@1] type=1400 audit(123.512:51): avc: denied { open } for pid=4211 comm="uncrypt" path="/data/cache/update.zip" dev="mmcblk0p17" ino=316 scontext=u:r:uncrypt:s0 tcontext=u:object_r:cache_file:s0 tclass=file permissive=1
[ 124.950389@3] success set parent gpu_p1_composite rate to 125000000
ヒント情報に基づいて、対応するselinux権限を追加します.diff --git a/common/sepolicy/system_app.te b/common/sepolicy/system_app.te
index 17e7f4e..3c77d47 100644
--- a/common/sepolicy/system_app.te
+++ b/common/sepolicy/system_app.te
@@ -23,8 +23,8 @@
#allow system_app unlabeled:file { lock open read write getattr };
#
## /cache_file for dvb app creat update.zip file at /cache dir
-allow system_app cache_file:dir { search add_name write };
-allow system_app cache_file:file { create getattr open write };
+allow system_app cache_file:dir { search add_name remove_name write };
+allow system_app cache_file:file { create getattr open write unlink read };
#
#allow system_app log_file:dir { search read open getattr };
#allow system_app log_file:file { read open getattr };
diff --git a/common/sepolicy/uncrypt.te b/common/sepolicy/uncrypt.te
new file mode 100644
index 0000000..578a6d7
--- /dev/null
+++ b/common/sepolicy/uncrypt.te
@@ -0,0 +1,2 @@
+allow uncrypt cache_file:dir getattr;
+allow uncrypt cache_file:file { open read getattr };
で正常にアップグレードできます.ヒントのavc:denied情報でselinux権限を追加する方法については、自分で学ぶことができます.