需求

节点：

/sys/devices/platform/motor0/motor_ctrl

上层 APP 使用 JNI 需要对该节点进行 echo 的操作，操作失败。

添加前的验证工作

adb 进去验证下，如下图所示：

发现权限不够。su 以后再操作是OK的，如下图：

添加前的修改

为防止报权限错误，直接给777，因为该节点是驱动生成的，所以在代码中修改

--- a/H713-v1.3/longan/kernel/linux-5.4/drivers/misc/gpio-motor/motor-control.c
+++ b/H713-v1.3/longan/kernel/linux-5.4/drivers/misc/gpio-motor/motor-control.c
@@ -268,7 +268,7 @@ static ssize_t motor_ctrl_store(struct device *dev, struct device_attribute *attstatic struct device_attribute motor_ctrl_attr = {.attr = {.name = "motor_ctrl",
-               .mode = 0664,
+               .mode = 0777,},.show = motor_ctrl_show,.store = motor_ctrl_store,

从之前的验证工作可以知道，adb shell 进去 su 以后才可以成功echo节点，所以把APP进行系统签名，这样便会有系统级别的权限，也就是su权限

LOCAL_CERTIFICATE := platform

完整文件如下：

LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS)
LOCAL_MODULE := FloatService
LOCAL_MODULE_CLASS := APPS
LOCAL_MODULE_TAGS := optional
LOCAL_BUILT_MODULE_STEM := package.apk
LOCAL_MODULE_SUFFIX := $(COMMON_ANDROID_PACKAGE_SUFFIX)
LOCAL_CERTIFICATE := platform
LOCAL_SRC_FILES := $(LOCAL_MODULE).apkLOCAL_PREBUILT_JNI_LIBS := \lib/libcptp_float_motor.soinclude $(BUILD_PREBUILT)

这样子结点有777权限，然后APP又具有系统权限，如果还发现APP无法echo成功，adb shell进去

setenforce 0

再用APP操作一次！发现成功了！所以就是 Selinux 权限 不够的问题。

抓AVC权限log

APP 进行操作前

adb logcat -c

清除多余的log，然后进行 APP 操作，发现抓到的log报：

 type=1400 audit(0.0:111): avc: denied { read write } for name="motor_ctrl" dev="sysfs" ino=27911 scontext=u:r:system_app:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

一般都是缺什么加什么，网上也有根据报的log，添加权限的办法，我这里就不具体述说，我直接在system.te里边加

allow system_app sysfs:file { read write };

报谷歌违反权限，如果不需要CTS直接修改neverallow，但是本人有强迫症，所以按照比较高阶的方法

--- a/H713-v1.3/device/softwinner/common/sepolicy/vendor/file.te
+++ b/H713-v1.3/device/softwinner/common/sepolicy/vendor/file.te
@@ -12,3 +12,4 @@ type sysfs_fan, fs_type, sysfs_type, mlstrustedobject;# Incremental file system drivertype vendor_incremental_module, vendor_file_type, file_type;
+type sysfs_motor_ctrl, sysfs_type, fs_type;--- a/H713-v1.3/device/softwinner/common/sepolicy/vendor/file_contexts
+++ b/H713-v1.3/device/softwinner/common/sepolicy/vendor/file_contexts/dev/motor0  u:object_r:motor:s0/dev/motor_limiter  u:object_r:motor:s0
+/sys/devices/platform/motor0/motor_ctrl  u:object_r:sysfs_motor_ctrl:s0--- a/H713-v1.3/device/softwinner/common/sepolicy/vendor/system_app.te
+++ b/H713-v1.3/device/softwinner/common/sepolicy/vendor/system_app.te
@@ -28,3 +28,4 @@ allow system_app selinuxfs:file read;allow system_app mnt_sdcard_file:lnk_file { read };allow system_app motor:chr_file { read write open ioctl };allow system_app sysfs_fan:file { open read write getattr };
+allow system_app sysfs_motor_ctrl:file { open read write };

以为成功的时候却还是不行！！！报的log依旧和之前一样，这非常不对！
因为我已经在file_contexts中

/sys/devices/platform/motor0/motor_ctrl  u:object_r:sysfs_motor_ctrl:s0

将 motor_ctrl 映射成了sysfs_motor_ctrl，就算报错的log应该是如图

所以肯定是file_contexts加的不对，这不应该啊，在MTK9.0就是这样弄的。

碰到的问题

就在我郁闷的时候，想到了个办法就是看system_app.te别的节点怎么弄的，打算照抄一下

这个sysfs_fan和我要加的权限很相似，也许可以仿照他。所以

fungo@fungo-PowerEdge-R730xd:/mnt/data2/fungo/H713_11/H713-v1.3$ grep sysfs_fan device/ -nir
device/softwinner/common/sepolicy/vendor/genfs_contexts:30:genfscon sysfs /devices/platform/fan0/hwmon/hwmon2/pwm1 u:object_r:sysfs_fan:s0
device/softwinner/common/sepolicy/vendor/genfs_contexts:31:genfscon sysfs /devices/platform/fan1/hwmon/hwmon3/pwm1 u:object_r:sysfs_fan:s0
device/softwinner/common/sepolicy/vendor/genfs_contexts:32:genfscon sysfs /devices/platform/fan0/hwmon/hwmon2/fan1_input u:object_r:sysfs_fan:s0
device/softwinner/common/sepolicy/vendor/genfs_contexts:33:genfscon sysfs /devices/platform/fan1/hwmon/hwmon3/fan1_input u:object_r:sysfs_fan:s0
device/softwinner/common/sepolicy/vendor/file.te:11:type sysfs_fan, fs_type, sysfs_type, mlstrustedobject;
device/softwinner/common/sepolicy/vendor/system_app.te:30:allow system_app sysfs_fan:file { open read write getattr };
fungo@fungo-PowerEdge-R730xd:/mnt/data2/fungo/H713_11/H713-v1.3$

看到他在genfs_contexts将结点进行映射，我也照抄它的在里边进行映射

genfscon sysfs /devices/platform/fan0/hwmon/hwmon2/fan1_input u:object_r:sysfs_fan:s0
genfscon sysfs /devices/platform/fan1/hwmon/hwmon3/fan1_input u:object_r:sysfs_fan:s0
+genfscon sysfs /sys/devices/platform/motor0/motor_ctrl                       u:object_r:sysfs_motor_ctrl:s0

结果还是不行啊！！log还是一样的，说明还是映射不对。
我就adb shell进去看下 fan1_input这个节点路径，如图所示
![在这里插入图片描述](https://i-blog.csdnimg.cn/direct/6db67ea884b648269ceade65c98493c6.png

这个时候我就知道了哪里出错了，映射路径多了个 /sys/

完整修改

diff --git a/H713-v1.3/device/softwinner/common/sepolicy/vendor/file.te b/H713-v1.3/device/softwinner/common/sepolicy/vendor/file.te
index 5f72c0fd9a..a2b8adabf8 100644
--- a/H713-v1.3/device/softwinner/common/sepolicy/vendor/file.te
+++ b/H713-v1.3/device/softwinner/common/sepolicy/vendor/file.te
@@ -12,3 +12,4 @@ type sysfs_fan, fs_type, sysfs_type, mlstrustedobject;# Incremental file system drivertype vendor_incremental_module, vendor_file_type, file_type;
+type sysfs_motor_ctrl, sysfs_type, fs_type;
diff --git a/H713-v1.3/device/softwinner/common/sepolicy/vendor/genfs_contexts b/H713-v1.3/device/softwinner/common/sepolicy/vendor/genfs_contexts
index 052c98f3d7..70fe5efe29 100644
--- a/H713-v1.3/device/softwinner/common/sepolicy/vendor/genfs_contexts
+++ b/H713-v1.3/device/softwinner/common/sepolicy/vendor/genfs_contexts
@@ -31,3 +31,4 @@ genfscon sysfs /devices/platform/fan0/hwmon/hwmon2/pwm1 u:object_r:sysfs_fan:s0genfscon sysfs /devices/platform/fan1/hwmon/hwmon3/pwm1 u:object_r:sysfs_fan:s0genfscon sysfs /devices/platform/fan0/hwmon/hwmon2/fan1_input u:object_r:sysfs_fan:s0genfscon sysfs /devices/platform/fan1/hwmon/hwmon3/fan1_input u:object_r:sysfs_fan:s0
+genfscon sysfs /devices/platform/motor0/motor_ctrl                       u:object_r:sysfs_motor_ctrl:s0
\ No newline at end of file
diff --git a/H713-v1.3/device/softwinner/common/sepolicy/vendor/system_app.te b/H713-v1.3/device/softwinner/common/sepolicy/vendor/system_app.te
index de408cdc2c..b78cc97f54 100644
--- a/H713-v1.3/device/softwinner/common/sepolicy/vendor/system_app.te
+++ b/H713-v1.3/device/softwinner/common/sepolicy/vendor/system_app.te
@@ -28,3 +28,4 @@ allow system_app selinuxfs:file read;allow system_app mnt_sdcard_file:lnk_file { read };allow system_app motor:chr_file { read write open ioctl };allow system_app sysfs_fan:file { open read write getattr };
+allow system_app sysfs_motor_ctrl:file { open read write };
diff --git a/H713-v1.3/longan/kernel/linux-5.4/drivers/misc/gpio-motor/motor-control.c b/H713-v1.3/longan/kernel/linux-5.4/drivers/misc/gpio-motor/motor-control.c
index 8d6846e8f7..e5cbe8d887 100644
--- a/H713-v1.3/longan/kernel/linux-5.4/drivers/misc/gpio-motor/motor-control.c
+++ b/H713-v1.3/longan/kernel/linux-5.4/drivers/misc/gpio-motor/motor-control.c
@@ -268,7 +268,7 @@ static ssize_t motor_ctrl_store(struct device *dev, struct device_attribute *attstatic struct device_attribute motor_ctrl_attr = {.attr = {.name = "motor_ctrl",
-               .mode = 0664,
+               .mode = 0777,},.show = motor_ctrl_show,.store = motor_ctrl_store,

将节点进行映射

 H713-v1.3/device/softwinner/common/sepolicy/vendor/genfs_contexts

+genfscon sysfs /devices/platform/motor0/motor_ctrl            u:object_r:sysfs_motor_ctrl:s0

声明该结点类型

H713-v1.3/device/softwinner/common/sepolicy/vendor/file.te

type sysfs_motor_ctrl, sysfs_type, fs_type;

最后授予权限

H713-v1.3/device/softwinner/common/sepolicy/vendor/system_app.te

allow system_app sysfs_motor_ctrl:file { read write };

验证OK

总结

之前在MTK9.0上加过，所以还是知道一些具体的流程，但是每个平台和版本不太一样，一些细节也不一样，比如这次的映射，之前是在mtk的file_context可以加的，但在全志是在genfs_contexts上，而且路径什么的还不能多 /sys/

所以以后遇到映射不成功的，可以仿照一个相似的节点，看看这个节点在哪个文件映射，然后声明，然后allow权限