android property_get/property_set设置与avc权限添加

１．使用需要添加对应的头文件,同时需要在Android.mk文件中加入库libcutils.

#include <cutils/properties.h>

2.property_get/property_set 函数原型

/* property_get: returns the length of the value which will never be
** greater than PROPERTY_VALUE_MAX - 1 and will always be zero terminated.
** (the length does not include the terminating zero).
**       
** If the property read fails or returns an empty value, the default
** value is used (if nonnull).
*/       
  int property_get(const char* key, char* value, const char* default_value);

/* property_set: returns 0 on success, < 0 on failure
 */

int property_set(const char *key, const char *value);

３．使用简单实例

property_set("debug.xxx","ture");

property_set("debug.xxx","false");

    // 0--auto adjust,1--enable,2--disable

property_get("debug.xxx", prop, "0");
condition = static_cast<int>(atoi(prop));

４．debug问题，查看是否设置生效

adb shell

getprop | grep debug.xxx

5. avc 权限问题,手动关闭selinux确认是否生效

　ａ)属性值设置失败

W libc    : Unable to set property "debug.xxx" to "false": error code: 0x18

　b)关闭selinux测试

　adb root;adb shell setenforce 0

   getprop | grep debug.xxx

６．avc　权限修改

a)查看是否有对应的debug.xxx avc报错，没有需要先把debug.xxx 属性值加到系统里面去

android/device/xxx/xxx/system.prop

debug.xxx=false

 b) avc 报错

E selinux : avc:  denied  { set } for property=debug.xxx pid=862 uid=1047 gid=1005 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:debug_prop:s0 tclass=property_service permissive=0

c)首先将我们的报错avc日志拷出来做成一个avc.txt放在Ubuntu系统下面在终端中运行以下命令生成的avc.te文件就是我们的解决方法了．

audit2allow工具路径:　external/selinux/prebuilts/bin/audit2allow

lunch

 ./audit2allow –i avc.txt >avc.te

avc.txt

E selinux : avc:  denied  { set } for property=debug.xxx pid=862 uid=1047 gid=1005 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:debug_prop:s0 tclass=property_service permissive=0            
 E selinux : avc:  denied  { set } for property=debug.xxx pid=862 uid=1047 gid=1005 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:debug_prop:s0 tclass=property_service permissive=0
                                                                                                                                                                                                          

    得到的avc.te信息，     

                                           
  #============= hal_camera_default ==============         
  allow hal_camera_default debug_prop:property_service set; 

然后把allow hal_camera_default debug_prop:property_service set; 　这句加到对应的权限文件里面去．