Other Parts Discussed in Thread: AM62P
Tool/software:
Hi AM62P Android Champ !
This report details a problem encountered while trying to control a GPIO pin on a TI AM62P EVM board running Android 15.
The gpioset command, which works correctly from the console, fails to execute when called from the init.am62x.rc script.
It's suspected that this issue is due to a SELinux policy violation, as the hal_gpio_default domain is unable to access the GPIO device.
Problem Description
The libgiiod library is present in the Android 15 source for the TI AM62P, and standard GPIO commands like gpioinfo, gpioget, and gpioset function as expected from the command line.
Working Command:
gpioset gpiochip2 49=1
This command successfully controls an LED on the EVM board.
Failing Implementation:
A line was added to device/ti/init.am62x.rc to execute this command at boot:
exec u:r:hal_gpio_default:s0 -- /system/bin/gpioset gpiochip2 49=1
However, this command fails to control the LED, indicating a permission issue.
Analysis
The failure is likely due to an SELinux access control violation. The hal_gpio_default domain, which is the context under which the command is executed, does not have the necessary permissions to access and manipulate the /dev/gpiochip2 device.
Attempts to resolve this by adding an SELinux policy in /system/sepolicy/private have resulted in errors, suggesting that the policy rule is either incorrectly formatted or placed.
Request for Assistance
We require guidance on the correct method for creating an SELinux policy that allows the hal_gpio_default domain to execute the gpioset command and control GPIO pins.
Please provide the correct SELinux policy rule and the proper location for it to be integrated into the build system. Additionally, any insights into the specific permissions required for GPIO device access would be greatly appreciated.
Thanks.
Best Regards,
Jack
