RK android11违反了neverallow如何避开

报错信息

type=1400 audit(0.0:75): avc: denied { read } for name="u:object_r:serialno_prop:s0" dev="tmpfs" ino=10729 scontext=u:r:system_app:s0 tcontext=u:object_r:serialno_prop:s0 tclass=file permissive=0

添加allow system_app serialno_prop:file read 违反了neverallow

如何绕过

目录system/sepolicy

diff --git a/private/coredomain.te b/private/coredomain.te
index 86e800962..828a44e12 100644
--- a/private/coredomain.te
+++ b/private/coredomain.te
@@ -109,6 +109,7 @@ full_treble_only(`
     coredomain
     -init
     -ueventd
+    -system_app_sysfs
     -vold
   } sysfs:file no_rw_file_perms;
 
diff --git a/private/system_app.te b/private/system_app.te
index 0b77bb372..356afc561 100644
--- a/private/system_app.te
+++ b/private/system_app.te
@@ -4,7 +4,13 @@
 ### server.
 ###
 
-typeattribute system_app coredomain;
+#  ota
+allow sy

你可能感兴趣的:(java,前端,javascript)