Android 11 添加Service服务SELinux问题

 SELinux : avc:  denied  { add } for pid=1018 uid=1000 name=dmtseic scontext=u:r:system_server:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0
 System  : ******************************************
 System  : ************ Failure starting core service
 System  : ******************************************
 System  : ************ Failure starting system services
 System  : java.lang.SecurityException: 
 System  :  at android.os.Parcel.createExceptionOrNull(Parcel.java:2373)
 System  :  at android.os.Parcel.createException(Parcel.java:2357)
 System  :  at android.os.Parcel.readException(Parcel.java:2340)
 System  :  at android.os.Parcel.readException(Parcel.java:2282)
 System  :  at android.os.IServiceManager$Stub$Proxy.addService(IServiceManager.java:380)
 System  :  at android.os.ServiceManagerProxy.addService(ServiceManagerNative.java:72)
 System  :  at android.os.ServiceManager.addService(ServiceManager.java:197)
 System  :  at android.os.ServiceManager.addService(ServiceManager.java:166)
 System  :  at com.android.server.SystemServer.startOtherServices(SystemServer.java:1175)
 System  :  at com.android.server.SystemServer.run(SystemServer.java:623)
 System  :  at com.android.server.SystemServer.main(SystemServer.java:429)
 System  :  at java.lang.reflect.Method.invoke(Native Method)
 System  :  at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:612)
 System  :  at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:975)

问题1：
FAILED: build out/target/product/projectName/obj/FAKE/treble_sepolicy_tests_26.0_intermediates/treble_sepolicy_tests_26.0
Outputs: out/target/product/projectName/obj/FAKE/treble_sepolicy_tests_26.0_intermediates/treble_sepolicy_tests_26.0
Error: exited with code: 1
Command: /bin/bash -c "(out/host/linux-x86/bin/treble_sepolicy_tests -l     out/host/linux-x86/lib64/libsepolwrap.so  -f out/target/product/projectName/system/etc/selinux/plat_file_contexts  -f out/target/product/projectName/vendor/etc/selinux/vendor_file_contexts  -f out/target/product/projectName/system/system_ext/etc/selinux/system_ext_file_contexts    -b out/target/product/projectName/obj/ETC/built_plat_sepolicy_intermediates/built_plat_sepolicy -m out/target/product/projectName/obj/FAKE/treble_sepolicy_tests_26.0_intermediates/26.0_mapping.combined.cil     -o out/target/product/projectName/obj/FAKE/treble_sepolicy_tests_26.0_intermediates/built_26.0_plat_sepolicy -p out/target/product/projectName/obj/ETC/sepolicy_intermediates/sepolicy    -u out/target/product/projectName/obj/ETC/built_plat_sepolicy_intermediates/base_plat_pub_policy.cil ) && (touch out/target/product/projectName/obj/FAKE/treble_sepolicy_tests_26.0_intermediates/treble_sepolicy_tests_26.0 )"
Output:
SELinux: The following public types were found added to the policy without an entry into the compatibility mapping file(s) found in private/compat/V.v/V.v[.ignore].cil, where V.v is the latest API level.
external_dmtseic_service hal_dmtseic_service
 
问题2：
FAILED: build out/target/product/projectName/obj/FAKE/sepolicy_freeze_test_intermediates/sepolicy_freeze_test
Outputs: out/target/product/projectName/obj/FAKE/sepolicy_freeze_test_intermediates/sepolicy_freeze_test
Error: exited with code: 1
Command: /bin/bash -c "(diff -rq -x bug_map system/sepolicy/prebuilts/api/30.0/public system/sepolicy/public ) && (diff -rq -x bug_map system/sepolicy/prebuilts/api/30.0/private system/sepolicy/private ) && (touch out/target/product/projectName/obj/FAKE/sepolicy_freeze_test_intermediates/sepolicy_freeze_test )"
Output:
文件 system/sepolicy/prebuilts/api/30.0/public/service.te 和 system/sepolicy/public/service.te 不同
 
问题3：
FAILED: build out/target/product/projectName/obj/FAKE/treble_sepolicy_tests_26.0_intermediates/26.0_compat
Outputs: out/target/product/projectName/obj/FAKE/treble_sepolicy_tests_26.0_intermediates/26.0_compat
Error: exited with code: 1
Command: /bin/bash -c "out/host/linux-x86/bin/secilc -m -M true -G -N -c 30     out/target/product/projectName/obj/ETC/plat_sepolicy.cil_intermediates/plat_sepolicy.cil out/target/product/projectName/obj/ETC/plat_26.0.cil_intermediates/plat_26.0.cil system/sepolicy/prebuilts/api/26.0/nonplat_sepolicy.cil -o out/target/product/projectName/obj/FAKE/treble_sepolicy_tests_26.0_intermediates/26.0_compat -f /dev/null"
Output:
Failed to resolve typeattributeset statement at out/target/product/projectName/obj/ETC/plat_26.0.cil_intermediates/plat_26.0.cil:187
Failed to compile cildb: -2

  修改:         system/sepolicy/prebuilts/api/26.0/nonplat_sepolicy.cil
  修改:         system/sepolicy/prebuilts/api/26.0/private/service_contexts
  修改:         system/sepolicy/prebuilts/api/26.0/public/service.te
  修改:         system/sepolicy/prebuilts/api/27.0/nonplat_sepolicy.cil
  新文件:       system/sepolicy/prebuilts/api/27.0/private/.service_contexts.swp
  修改:         system/sepolicy/prebuilts/api/27.0/private/compat/26.0/26.0.cil
  修改:         system/sepolicy/prebuilts/api/27.0/private/service_contexts
  修改:         system/sepolicy/prebuilts/api/27.0/public/service.te
  修改:         system/sepolicy/prebuilts/api/28.0/plat_pub_versioned.cil
  修改:         system/sepolicy/prebuilts/api/28.0/private/compat/26.0/26.0.cil
  修改:         system/sepolicy/prebuilts/api/28.0/private/compat/27.0/27.0.cil
  修改:         system/sepolicy/prebuilts/api/28.0/private/service_contexts
  修改:         system/sepolicy/prebuilts/api/28.0/public/service.te
  修改:         system/sepolicy/prebuilts/api/29.0/plat_pub_versioned.cil
  修改:         system/sepolicy/prebuilts/api/29.0/private/compat/26.0/26.0.cil
  修改:         system/sepolicy/prebuilts/api/29.0/private/compat/27.0/27.0.cil
  修改:         system/sepolicy/prebuilts/api/29.0/private/compat/28.0/28.0.cil
  修改:         system/sepolicy/prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil
  修改:         system/sepolicy/prebuilts/api/29.0/private/service_contexts
  修改:         system/sepolicy/prebuilts/api/29.0/public/service.te
  修改:         system/sepolicy/prebuilts/api/30.0/private/compat/26.0/26.0.cil
  修改:         system/sepolicy/prebuilts/api/30.0/private/compat/27.0/27.0.cil
  修改:         system/sepolicy/prebuilts/api/30.0/private/compat/28.0/28.0.cil
  修改:         system/sepolicy/prebuilts/api/30.0/private/compat/28.0/28.0.ignore.cil
  修改:         system/sepolicy/prebuilts/api/30.0/private/compat/29.0/29.0.cil
  修改:         system/sepolicy/prebuilts/api/30.0/private/service_contexts
  修改:         system/sepolicy/prebuilts/api/30.0/public/service.te
  修改:         system/sepolicy/private/compat/26.0/26.0.cil
  修改:         system/sepolicy/private/compat/27.0/27.0.cil
  修改:         system/sepolicy/private/compat/28.0/28.0.cil
  修改:         system/sepolicy/private/compat/28.0/28.0.ignore.cil
  修改:         system/sepolicy/private/compat/29.0/29.0.cil
  修改:         system/sepolicy/private/service_contexts
  修改:         system/sepolicy/public/service.te