Switch logcat_receiver from vsock to virtio-console
Remove "logcat_port" and replace it with "logcat_pipe_name". Alter the
logcat_receiver to read from a pipe instead of a vsocket. Update the
crosvm and qemu backends to create the hvc2 serial port and update the
init script to write to this new location.
In the guest, logcat can now run as logd, which fixes some long-standing
sepolicy bug_maps. Keep logcat in the root group, so it can access all
the logpersist classes. Remove extraneous sepolicy for writing to a
pipe.
Bug: 155217436
Bug: 160341724
Test: launch_cvd
Test: launch_cvd -vm_manager=qemu_cli
Change-Id: Ic1450da7977d90f7fa01b4c40a661ea60504c239
Merged-In: Ic1450da7977d90f7fa01b4c40a661ea60504c239
diff --git a/host/commands/assemble_cvd/flags.cc b/host/commands/assemble_cvd/flags.cc
index ae27b5b..8cfce70 100644
--- a/host/commands/assemble_cvd/flags.cc
+++ b/host/commands/assemble_cvd/flags.cc
@@ -524,7 +524,6 @@
instance.set_adb_ip_and_port("127.0.0.1:" + std::to_string(6520 + num - 1));
instance.set_tpm_port(2321 + (num * 2) - 2);
instance.set_tombstone_receiver_port(6600 + num - 1);
- instance.set_logcat_port(6700 + num - 1);
instance.set_config_server_port(6800 + num - 1);
if (FLAGS_gpu_mode != cuttlefish::kGpuModeDrmVirgl &&
diff --git a/host/commands/logcat_receiver/main.cpp b/host/commands/logcat_receiver/main.cpp
index 529ea74..b1c4d93 100644
--- a/host/commands/logcat_receiver/main.cpp
+++ b/host/commands/logcat_receiver/main.cpp
@@ -14,16 +14,20 @@
* limitations under the License.
*/
+#include <signal.h>
+
#include <gflags/gflags.h>
#include <android-base/logging.h>
+#include "common/libs/fs/shared_buf.h"
#include "common/libs/fs/shared_fd.h"
#include "host/libs/config/cuttlefish_config.h"
#include "host/libs/config/logging.h"
-DEFINE_int32(
- server_fd, -1,
- "File descriptor to an already created vsock server. Must be specified.");
+DEFINE_int32(log_pipe_fd, -1,
+ "A file descriptor representing a (UNIX) socket from which to "
+ "read the logs. If -1 is given the socket is created according to "
+ "the instance configuration");
int main(int argc, char** argv) {
cuttlefish::DefaultSubprocessLogging(argv);
@@ -31,38 +35,49 @@
auto config = cuttlefish::CuttlefishConfig::Get();
+ CHECK(config) << "Could not open cuttlefish config";
+
auto instance = config->ForDefaultInstance();
+
+ // Disable default handling of SIGPIPE
+ struct sigaction new_action {
+ }, old_action{};
+ new_action.sa_handler = SIG_IGN;
+ sigaction(SIGPIPE, &new_action, &old_action);
+
+ cuttlefish::SharedFD pipe;
+ if (FLAGS_log_pipe_fd < 0) {
+ auto log_name = instance.logcat_pipe_name();
+ pipe = cuttlefish::SharedFD::Open(log_name.c_str(), O_RDONLY);
+ } else {
+ pipe = cuttlefish::SharedFD::Dup(FLAGS_log_pipe_fd);
+ close(FLAGS_log_pipe_fd);
+ }
+
+ if (!pipe->IsOpen()) {
+ LOG(ERROR) << "Error opening log pipe: " << pipe->StrError();
+ return 2;
+ }
+
auto path = instance.logcat_path();
auto logcat_file =
cuttlefish::SharedFD::Open(path.c_str(), O_CREAT | O_APPEND | O_WRONLY, 0666);
- CHECK(logcat_file->IsOpen())
- << "Unable to open logcat file: " << logcat_file->StrError();
-
- cuttlefish::SharedFD server_fd = cuttlefish::SharedFD::Dup(FLAGS_server_fd);
- close(FLAGS_server_fd);
-
- CHECK(server_fd->IsOpen()) << "Error creating or inheriting logcat server: "
- << server_fd->StrError();
// Server loop
while (true) {
- auto conn = cuttlefish::SharedFD::Accept(*server_fd);
-
- while (true) {
- char buff[1024];
- auto read = conn->Read(buff, sizeof(buff));
- if (read <= 0) {
- // Close here to ensure the other side gets reset if it's still
- // connected
- conn->Close();
- LOG(WARNING) << "Detected close from the other side";
- break;
- }
- auto written = logcat_file->Write(buff, read);
- CHECK(written == read)
- << "Error writing to log file: " << logcat_file->StrError()
- << ". This is unrecoverable.";
+ char buff[1024];
+ auto read = pipe->Read(buff, sizeof(buff));
+ if (read < 0) {
+ LOG(ERROR) << "Could not read logcat: " << pipe->StrError();
+ break;
}
+ auto written = cuttlefish::WriteAll(logcat_file, buff, read);
+ CHECK(written == read)
+ << "Error writing to log file: " << logcat_file->StrError()
+ << ". This is unrecoverable.";
}
+
+ logcat_file->Close();
+ pipe->Close();
return 0;
}
diff --git a/host/commands/run_cvd/launch.cc b/host/commands/run_cvd/launch.cc
index 4cf9da4..ae22c23 100644
--- a/host/commands/run_cvd/launch.cc
+++ b/host/commands/run_cvd/launch.cc
@@ -175,16 +175,22 @@
void LaunchLogcatReceiver(const cuttlefish::CuttlefishConfig& config,
cuttlefish::ProcessMonitor* process_monitor) {
auto instance = config.ForDefaultInstance();
- auto port = instance.logcat_port();
- auto socket = cuttlefish::SharedFD::VsockServer(port, SOCK_STREAM);
- if (!socket->IsOpen()) {
- LOG(ERROR) << "Unable to create logcat server socket: "
- << socket->StrError();
- std::exit(RunnerExitCodes::kLogcatServerError);
+ auto log_name = instance.logcat_pipe_name();
+ if (mkfifo(log_name.c_str(), 0600) != 0) {
+ LOG(ERROR) << "Unable to create named pipe at " << log_name << ": "
+ << strerror(errno);
+ return;
}
- cuttlefish::Command cmd(config.logcat_receiver_binary());
- cmd.AddParameter("-server_fd=", socket);
- process_monitor->StartSubprocess(std::move(cmd),
+
+ cuttlefish::SharedFD pipe;
+ // Open the pipe here (from the launcher) to ensure the pipe is not deleted
+ // due to the usage counters in the kernel reaching zero. If this is not done
+ // and the logcat_receiver crashes for some reason the VMM may get SIGPIPE.
+ pipe = cuttlefish::SharedFD::Open(log_name.c_str(), O_RDWR);
+ cuttlefish::Command command(config.logcat_receiver_binary());
+ command.AddParameter("-log_pipe_fd=", pipe);
+
+ process_monitor->StartSubprocess(std::move(command),
GetOnSubprocessExitCallback(config));
return;
}
diff --git a/host/libs/config/cuttlefish_config.cpp b/host/libs/config/cuttlefish_config.cpp
index cc56f0d..2dfe881 100644
--- a/host/libs/config/cuttlefish_config.cpp
+++ b/host/libs/config/cuttlefish_config.cpp
@@ -143,7 +143,6 @@
const char* kBlankDataImageMb = "blank_data_image_mb";
const char* kBlankDataImageFmt = "blank_data_image_fmt";
-const char* kLogcatPort = "logcat_port";
const char* kLogcatReceiverBinary = "logcat_receiver_binary";
const char* kConfigServerPort = "config_server_port";
const char* kConfigServerBinary = "config_server_binary";
@@ -391,6 +390,10 @@
return cuttlefish::AbsolutePath(PerInstanceInternalPath("console-pipe"));
}
+std::string CuttlefishConfig::InstanceSpecific::logcat_pipe_name() const {
+ return cuttlefish::AbsolutePath(PerInstanceInternalPath("logcat-pipe"));
+}
+
bool CuttlefishConfig::deprecated_boot_completed() const {
return (*dictionary_)[kDeprecatedBootCompleted].asBool();
}
@@ -669,14 +672,6 @@
(*Dictionary())[kTombstoneReceiverPort] = tombstone_receiver_port;
}
-int CuttlefishConfig::InstanceSpecific::logcat_port() const {
- return (*Dictionary())[kLogcatPort].asInt();
-}
-
-void CuttlefishConfig::MutableInstanceSpecific::set_logcat_port(int logcat_port) {
- (*Dictionary())[kLogcatPort] = logcat_port;
-}
-
int CuttlefishConfig::InstanceSpecific::config_server_port() const {
return (*Dictionary())[kConfigServerPort].asInt();
}
diff --git a/host/libs/config/cuttlefish_config.h b/host/libs/config/cuttlefish_config.h
index a9ad304..509d893 100644
--- a/host/libs/config/cuttlefish_config.h
+++ b/host/libs/config/cuttlefish_config.h
@@ -345,8 +345,6 @@
int vnc_server_port() const;
// Port number to connect to the tombstone receiver on the host
int tombstone_receiver_port() const;
- // Port number to connect to the logcat receiver on the host
- int logcat_port() const;
// Port number to connect to the config server on the host
int config_server_port() const;
// Port number to connect to the keyboard server on the host. (Only
@@ -399,6 +397,8 @@
std::string console_pipe_name() const;
+ std::string logcat_pipe_name() const;
+
std::string launcher_log_path() const;
std::string launcher_monitor_socket_path() const;
@@ -430,7 +430,6 @@
void set_serial_number(const std::string& serial_number);
void set_vnc_server_port(int vnc_server_port);
void set_tombstone_receiver_port(int tombstone_receiver_port);
- void set_logcat_port(int logcat_port);
void set_config_server_port(int config_server_port);
void set_frames_server_port(int config_server_port);
void set_touch_server_port(int config_server_port);
diff --git a/host/libs/config/kernel_args.cpp b/host/libs/config/kernel_args.cpp
index 1de61d6..8853fd3 100644
--- a/host/libs/config/kernel_args.cpp
+++ b/host/libs/config/kernel_args.cpp
@@ -88,10 +88,6 @@
kernel_cmdline.push_back("androidboot.tombstone_transmit=0");
}
- if (instance.logcat_port()) {
- kernel_cmdline.push_back(concat("androidboot.vsock_logcat_port=", instance.logcat_port()));
- }
-
if (instance.config_server_port()) {
kernel_cmdline.push_back(concat("androidboot.cuttlefish_config_server_port=", instance.config_server_port()));
}
diff --git a/host/libs/vm_manager/crosvm_manager.cpp b/host/libs/vm_manager/crosvm_manager.cpp
index fe51872..a8c0891 100644
--- a/host/libs/vm_manager/crosvm_manager.cpp
+++ b/host/libs/vm_manager/crosvm_manager.cpp
@@ -131,10 +131,10 @@
}
std::vector<std::string> CrosvmManager::ConfigureBootDevices() {
- // PCI domain 0, bus 0, device 1, function 0
// TODO There is no way to control this assignment with crosvm (yet)
if (cuttlefish::HostArch() == "x86_64") {
- return { "androidboot.boot_devices=pci0000:00/0000:00:03.0" };
+ // PCI domain 0, bus 0, device 4, function 0
+ return { "androidboot.boot_devices=pci0000:00/0000:00:04.0" };
} else {
return { "androidboot.boot_devices=10000.pci" };
}
@@ -274,6 +274,10 @@
log_tee_cmd.AddParameter("--process_name=crosvm");
log_tee_cmd.AddParameter("--log_fd_in=", log_out_rd);
+ // Serial port for logcat, redirected to a pipe
+ crosvm_cmd.AddParameter("--serial=hardware=virtio-console,num=3,type=file,path=",
+ instance.logcat_pipe_name());
+
// This needs to be the last parameter
if (config_->use_bootloader()) {
crosvm_cmd.AddParameter("--bios=", config_->bootloader());
diff --git a/host/libs/vm_manager/qemu_manager.cpp b/host/libs/vm_manager/qemu_manager.cpp
index d337984..da02f53 100644
--- a/host/libs/vm_manager/qemu_manager.cpp
+++ b/host/libs/vm_manager/qemu_manager.cpp
@@ -104,8 +104,8 @@
}
std::vector<std::string> QemuManager::ConfigureBootDevices() {
- // PCI domain 0, bus 0, device 4, function 0
- return { "androidboot.boot_devices=pci0000:00/0000:00:04.0" };
+ // PCI domain 0, bus 0, device 5, function 0
+ return { "androidboot.boot_devices=pci0000:00/0000:00:05.0" };
}
QemuManager::QemuManager(const cuttlefish::CuttlefishConfig* config)
@@ -211,17 +211,15 @@
// If configured, this handles logcat forwarding to the host via serial
// (instead of vsocket) - /dev/hvc2
- if (0) {
- qemu_cmd.AddParameter("-chardev");
- qemu_cmd.AddParameter("file,id=hvc2,path=", instance.logcat_path(),
- ",append=on");
+ qemu_cmd.AddParameter("-chardev");
+ qemu_cmd.AddParameter("file,id=hvc2,path=",
+ instance.logcat_pipe_name(), ",append=on");
- qemu_cmd.AddParameter("-device");
- qemu_cmd.AddParameter("virtio-serial-pci,max_ports=1,id=virtio-serial2");
+ qemu_cmd.AddParameter("-device");
+ qemu_cmd.AddParameter("virtio-serial-pci,max_ports=1,id=virtio-serial2");
- qemu_cmd.AddParameter("-device");
- qemu_cmd.AddParameter("virtconsole,bus=virtio-serial2.0,chardev=hvc2");
- }
+ qemu_cmd.AddParameter("-device");
+ qemu_cmd.AddParameter("virtconsole,bus=virtio-serial2.0,chardev=hvc2");
for (size_t i = 0; i < instance.virtual_disk_paths().size(); i++) {
auto bootindex = i == 0 ? ",bootindex=1" : "";
diff --git a/shared/config/init.vendor.rc b/shared/config/init.vendor.rc
index fc4c04d..e69cf53 100644
--- a/shared/config/init.vendor.rc
+++ b/shared/config/init.vendor.rc
@@ -133,10 +133,10 @@
enable seriallogging
-service seriallogging /system/bin/logcat -b all -v threadtime -f /dev/cf-logcat *:V
+service seriallogging /system/bin/logcat -b all -v threadtime -f /dev/hvc2 *:V
class main
- user root
- disabled
+ user logd
+ group root logd
on property:ro.boot.tpm_vsock_port=*
diff --git a/shared/config/ueventd.rc b/shared/config/ueventd.rc
index b3f1f89..735f679 100644
--- a/shared/config/ueventd.rc
+++ b/shared/config/ueventd.rc
@@ -15,3 +15,6 @@
# vtpm
/dev/tpm0 0000 root root
/dev/tpmrm0 000 system system
+
+# seriallogging
+/dev/hvc2 0660 system logd
diff --git a/shared/sepolicy/vendor/bug_map b/shared/sepolicy/vendor/bug_map
index e8f546e..7f2825c 100644
--- a/shared/sepolicy/vendor/bug_map
+++ b/shared/sepolicy/vendor/bug_map
@@ -1,7 +1,5 @@
init system_lib_file dir b/133444385
init system_lib_file file b/133444385
-logpersist logpersist capability b/132911257
-logpersist device file b/143108875
migrate_legacy_obb_data dalvikcache_data_file file b/152338071
shell adbd vsock_socket b/131904985
system_server system_server process b/65201432
diff --git a/shared/sepolicy/vendor/file_contexts b/shared/sepolicy/vendor/file_contexts
index 0c96be3..a3da4f0 100644
--- a/shared/sepolicy/vendor/file_contexts
+++ b/shared/sepolicy/vendor/file_contexts
@@ -3,15 +3,15 @@
#
# crosvm (x86) block devices
-/dev/block/pci/pci0000:00/0000:00:03\.0/by-name/misc u:object_r:misc_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:03\.0/by-name/boot_[ab] u:object_r:boot_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:03\.0/by-name/vendor_boot_[ab] u:object_r:boot_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:03\.0/by-name/vbmeta_[ab] u:object_r:ab_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:03\.0/by-name/vbmeta_system_[ab] u:object_r:ab_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:03\.0/by-name/super u:object_r:super_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:03\.0/by-name/userdata u:object_r:userdata_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:03\.0/by-name/cache u:object_r:cache_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:03\.0/by-name/metadata u:object_r:metadata_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/misc u:object_r:misc_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/boot_[ab] u:object_r:boot_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/vendor_boot_[ab] u:object_r:boot_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/vbmeta_[ab] u:object_r:ab_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/vbmeta_system_[ab] u:object_r:ab_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/super u:object_r:super_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/userdata u:object_r:userdata_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/cache u:object_r:cache_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/metadata u:object_r:metadata_block_device:s0
# crosvm (arm64) block devices
/dev/block/platform/10000.pci/by-name/misc u:object_r:misc_block_device:s0
/dev/block/platform/10000.pci/by-name/boot_[ab] u:object_r:boot_block_device:s0
@@ -23,15 +23,15 @@
/dev/block/platform/10000.pci/by-name/cache u:object_r:cache_block_device:s0
/dev/block/platform/10000.pci/by-name/metadata u:object_r:metadata_block_device:s0
# qemu block devices
-/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/misc u:object_r:misc_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/boot_[ab] u:object_r:boot_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/vendor_boot_[ab] u:object_r:boot_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/vbmeta_[ab] u:object_r:ab_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/vbmeta_system_[ab] u:object_r:ab_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/super u:object_r:super_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/userdata u:object_r:userdata_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/cache u:object_r:cache_block_device:s0
-/dev/block/pci/pci0000:00/0000:00:04\.0/by-name/metadata u:object_r:metadata_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:05\.0/by-name/misc u:object_r:misc_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:05\.0/by-name/boot_[ab] u:object_r:boot_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:05\.0/by-name/vendor_boot_[ab] u:object_r:boot_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:05\.0/by-name/vbmeta_[ab] u:object_r:ab_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:05\.0/by-name/vbmeta_system_[ab] u:object_r:ab_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:05\.0/by-name/super u:object_r:super_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:05\.0/by-name/userdata u:object_r:userdata_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:05\.0/by-name/cache u:object_r:cache_block_device:s0
+/dev/block/pci/pci0000:00/0000:00:05\.0/by-name/metadata u:object_r:metadata_block_device:s0
/dev/block/pmem0 u:object_r:rebootescrow_device:s0
/dev/block/zram0 u:object_r:swap_block_device:s0
diff --git a/shared/sepolicy/vendor/genfs_contexts b/shared/sepolicy/vendor/genfs_contexts
index ae4275e..9b6498b 100644
--- a/shared/sepolicy/vendor/genfs_contexts
+++ b/shared/sepolicy/vendor/genfs_contexts
@@ -1,11 +1,11 @@
# crosvm (x86)
-genfscon sysfs /devices/pci0000:00/0000:00:0a.0/virtio9/net u:object_r:sysfs_net:s0 # buried_eth0 & wlan0
-genfscon sysfs /devices/pci0000:00/0000:00:0b.0/virtio10/net u:object_r:sysfs_net:s0 # rmnet0
-genfscon sysfs /devices/pci0000:00/0000:00:0d.0/device u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/pci0000:00/0000:00:0d.0/subsystem_device u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/pci0000:00/0000:00:0d.0/subsystem_vendor u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/pci0000:00/0000:00:0d.0/uevent u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/pci0000:00/0000:00:0d.0/vendor u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:0b.0/virtio10/net u:object_r:sysfs_net:s0 # buried_eth0 & wlan0
+genfscon sysfs /devices/pci0000:00/0000:00:0c.0/virtio11/net u:object_r:sysfs_net:s0 # rmnet0
+genfscon sysfs /devices/pci0000:00/0000:00:0e.0/device u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:0e.0/subsystem_device u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:0e.0/subsystem_vendor u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:0e.0/uevent u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:0e.0/vendor u:object_r:sysfs_gpu:s0
## find /sys/devices/platform/* -type d -name 'rtc[0-9]' | sed 's,/rtc[0-9],,'
## x86 rtc_cmos on crosvm does not currently expose rtcN/hctosys
## find /sys/devices/platform/* -type d -name 'wakeup[0-9]'
@@ -16,13 +16,13 @@
genfscon sysfs /devices/platform/rtc-test.2/wakeup/wakeup3 u:object_r:sysfs_wakeup:s0
# crosvm (arm64)
-genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0a.0/virtio9/net u:object_r:sysfs_net:s0 # buried_eth0 & wlan0
-genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0b.0/virtio10/net u:object_r:sysfs_net:s0 # rmnet0
-genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0d.0/device u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0d.0/subsystem_device u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0d.0/subsystem_vendor u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0d.0/uevent u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0d.0/vendor u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0b.0/virtio9/net u:object_r:sysfs_net:s0 # buried_eth0 & wlan0
+genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0c.0/virtio10/net u:object_r:sysfs_net:s0 # rmnet0
+genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0e.0/device u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0e.0/subsystem_device u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0e.0/subsystem_vendor u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0e.0/uevent u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/platform/10000.pci/pci0000:00/0000:00:0e.0/vendor u:object_r:sysfs_gpu:s0
## find /sys/devices/platform/* -type d -name 'rtc[0-9]' | sed 's,/rtc[0-9],,'
genfscon sysfs /devices/platform/2000.rtc/rtc u:object_r:sysfs_rtc:s0
## find /sys/devices/platform/* -type d -name 'wakeup[0-9]'
@@ -33,8 +33,8 @@
genfscon sysfs /devices/platform/rtc-test.2/wakeup/wakeup2 u:object_r:sysfs_wakeup:s0
# qemu (x86)
-genfscon sysfs /devices/pci0000:00/0000:00:06.0/virtio4/net u:object_r:sysfs_net:s0 # buried_eth0 & wlan0
-genfscon sysfs /devices/pci0000:00/0000:00:07.0/virtio5/net u:object_r:sysfs_net:s0 # rmnet0
+genfscon sysfs /devices/pci0000:00/0000:00:07.0/virtio5/net u:object_r:sysfs_net:s0 # buried_eth0 & wlan0
+genfscon sysfs /devices/pci0000:00/0000:00:08.0/virtio6/net u:object_r:sysfs_net:s0 # rmnet0
# FIXME: Add sysfs_gpu labels for qemu
## find /sys/devices/platform/* -type d -name 'rtc[0-9]' | sed 's,/rtc[0-9],,'
genfscon sysfs /devices/pnp0/00:00/rtc u:object_r:sysfs_rtc:s0
diff --git a/shared/sepolicy/vendor/logpersist.te b/shared/sepolicy/vendor/logpersist.te
index 20add55..226cb00 100644
--- a/shared/sepolicy/vendor/logpersist.te
+++ b/shared/sepolicy/vendor/logpersist.te
@@ -1,8 +1,4 @@
# Output to virtual serial console. Needed because seriallogging daemon
-# runs logcat and directs its output to hvcX or cf_logcat_pipe under
-# the /dev filesystem.
+# runs logcat and directs its output to hvcX the /dev filesystem.
allow logpersist device:dir r_dir_perms;
-allow logpersist device:fifo_file ra_file_perms;
allow logpersist serial_device:chr_file ra_file_perms;
-
-allowxperm logpersist device:fifo_file ioctl F2FS_IOC_SET_PIN_FILE;