1.main log确认需要配置的权限,搜关键词avc
log格式:
avc: denied { 操作权限 } for pid=7201 comm=“进程名” scontext=u:r:源类型:s0 tcontext=u:r:目标类型:s0 tclass=访问类别 permissive=0
例如:
avc: denied { search } for name="mtk_battery_cmd" dev="proc" ino=4026533202 scontext=u:r:system_app:s0 tcontext=u:object_r:proc_battery_cmd:s0 tclass=dir permissive=0
说明我们需要读写的是mtk_battery_cmd是个文件夹下的节点文件,读写节点的进程是system_app类型,缺少 search权限
2.权限配置
/device/mediatek/sepolicy/basic/non_plat/genfs_contexts b/alps/device/mediatek/sepolicy/basic/non_plat/genfs_contexts
+genfscon proc /mtk_battery_cmd u:object_r:proc_battery_cmd:s0
/device/mediatek/sepolicy/basic/non_plat/file.te b/alps/device/mediatek/sepolicy/basic/non_plat/file.te
+type proc_mtk_battery_cmd, fs_type;
/device/mediatek/sepolicy/basic/non_plat/system_app.te b/alps/device/mediatek/sepolicy/basic/non_plat/system_app.te
+allow system_app proc_battery_cmd:dir { read write search };
3.如配置后,依旧有问题,adb shell 进入对应的目录
需要root权限才能访问
/device/mediatek/mt6739/init.mt6739.rc
+ chown system system /proc/mtk_battery_cmd/en_safety_timer
+ chmod 0666 /proc/mtk_battery_cmd/en_safety_timer