<clfbbn>
When I open some applications, my device tries to start android.hardware.drm@1.0::IDrmFactory/wfdhdcp, which does not exist even in stock ROM. Should I KANG it from other devices? (However, I didn't the kirin device tree has it, either)
<LuK1337>
you likely fucked up your manifest
<LuK1337>
or missed something
<LuK1337>
this *definitely* exists in stock if it's in stock manifest
<clfbbn>
Oh I did not think about the manifest issue. Thanks for that!
<clfbbn>
(I have spent more than 8 hrs on sepolicies and now my brain is a mess)
<LuK1337>
8 hours today?
<clfbbn>
Yes
<LuK1337>
did you already learn about audit2allow?
<clfbbn>
I spent most of the time finding how to label a service, etc.
<clfbbn>
I knew audit2allow, but many files / services are not labeled, I think I need to label them first
<LuK1337>
yes, you want to label everything
<LuK1337>
and then write rules
<LuK1337>
btw i can recommend using vintage audit2allow
<LuK1337>
i don't know why python one doesn't even work here
<clfbbn>
I used to use the python one to fix minor sepolicy denials, and it was not a good experience, either (the python3 version, misc stuff)
<LuK1337>
it's good experience when fixing denials on your own pc...
<LuK1337>
but for android, old perl script is better
<clfbbn>
I see, I didn't use selinux in my linux environment, so I have little knowledge on this...
<clfbbn>
I am also having trouble labeling / fixing some of my denials.
<clfbbn>
For example, some denials suggests: "allow vendor_qti_init_shell ctl_start_prop:property_service set;" which I cannot find in both stock's sepolicy, nor some reference device trees (kirin, oneplus_sm8250-common). And I am not sure if they are correct
<LuK1337>
because these come from macros
<LuK1337>
property_set()
<LuK1337>
in this case
<LuK1337>
you want to use as many macros as possible
<LuK1337>
look at system/sepolicy
<LuK1337>
there's a file with macros
<clfbbn>
OK, thanks, I will try that.
<clfbbn>
Going bed now, hopefully I can get sepolicy done tomorrow.