SELinux prevents an android app from reading a serial device file

I use a Galaxy S5 (G900H) with rooted Android 5.0.
I am connecting a serial device to it via USB using cdc-acm driver (compiled in the kernel) and trying to read it from my android application, It works fine on other devices (older and newer).

When connecting the device, the device file /dev/ttyACM0 is created but when trying to read from it I receive an error Permission denied.
When running

Code:
setenforce 0

and setting SELinux to Permissive mode - everything works fine and the app reads the device file successfully.

After connecting the USB in Enforcing mode, the dmesg says:

Code:
cdc_acm 2-1:1.0: usb_probe_interface cdc_acm 2-1:1.0: usb_probe_interface cdc_acm 2-1:1.0: This device cannot do calls on its own. It is not a modem. cdc_acm 2-1:1.0: ttyACM0: USB ACM device

I tried making a new policy using audit2allow but couldn't find any "denied" message to use in order to create an "allow" rule.

Is there any way to use the device file via my app without setting SELinux to permissive? I can edit the kernel and make a new one if needed, but I really prefer not to.

Thanks!

Show Accepted Answer

Guest Quick Reply (No URL, BBcode or HTML)

Last post by camille.waters
32 minutes ago
Last post by athena.west
2 hours ago
Last post by trisha.fay
47 minutes ago
Last post by hyman85
2 hours ago
Last post by larkin.paige
4 hours ago
Last post by gerson07
1 hour ago