Xposed
Xposed copied to clipboard
rovo89
Suspicious "Unable to stat fd 3 : Permission denied" message with v87
Config: Nexus 5X bullhead OmniROM 6.0.1 20161123 (Security level November 5, 2016) Xposed v87 arm64 Xposed installer 3.1.1 SuperSU 2.78 SR4
I see a couple of "Unable to stat fd 3 : Permission denied" error messages at every boot, one for the 32 bit zygote and the other for the 64 bit one. In light of the your comments about what you had to do to make v87 work with the November security update, I thought this was relevant. Xposed seems to be working fine.
Here's the full xposed log. tmp_21334-xposed_error_20161127_1139391034937085.txt
Could you please use ps to find out the PID of the Zygote process (I think it might be named app_process32), and then do an ls -l /proc/<that PID>/fd? That would help to find out the name of the file in question. According to Google:
// This should never happen; the zygote should always have the right set
// of permissions required to stat all its open files.
The point is that the stat call is necessary to find out what kind of file descriptor we're dealing with, and therefore has to be done before trying to find out the file/socket name. That's why the error message is so generic...
This was not easy to find out as zygote/zygote64 cycles FDs quite quickly. Nevertheless, I dropped the following script in /system/etc/init.d/checkfds:
#!/system/bin/sh
PATH=/system/xbin:/system/bin
export PATH
(
exec > /dev/checkfds.log 2>&1
while :
do
zygote="$(pidof zygote)" || :
zygote64="$(pidof zygote64)" || :
echo "*** $(date)"
grep fd /data/data/de.robv*/log/error.log
if [ "$zygote" != "" ]
then
echo "ZYGOTE=$zygote"
ls -l /proc/"$zygote"/fd
fi
if [ "$zygote64" != "" ]
then
echo "ZYGOTE64=$zygote64"
ls -l /proc/"$zygote64"/fd
fi
sleep .5
done
)
And here's the output when the first error message appears:
*** Mon Nov 28 10:25:42 PST 2016
ZYGOTE=4181
lrwx------ 1 root root 64 Nov 28 10:25 0 -> /dev/null
lrwx------ 1 root root 64 Nov 28 10:25 1 -> /dev/null
lrwx------ 1 root root 64 Nov 28 10:25 11 -> socket:[30732]
lrwx------ 1 root root 64 Nov 28 10:25 2 -> /dev/null
lr-x------ 1 root root 64 Nov 28 10:25 9 -> /dev/__properties__
ZYGOTE64=4180
lrwx------ 1 root root 64 Nov 28 10:25 0 -> /dev/null
lrwx------ 1 root root 64 Nov 28 10:25 1 -> /dev/null
lr-x------ 1 root root 64 Nov 28 10:25 10 -> /data/app/com.thetonyp.batteryshutdownmanager-1/base.apk
lrwx------ 1 root root 64 Nov 28 10:25 11 -> socket:[30724]
lr-x------ 1 root root 64 Nov 28 10:25 12 -> /data/app/tw.fatminmin.xposed.minminguard-1/base.apk
lr-x------ 1 root root 64 Nov 28 10:25 13 -> /dev/urandom
lrwx------ 1 root root 64 Nov 28 10:25 2 -> /dev/null
l-wx------ 1 root root 64 Nov 28 10:25 3 -> /dev/pmsg0
lrwx------ 1 root root 64 Nov 28 10:25 4 -> socket:[30153]
l-wx------ 1 root root 64 Nov 28 10:25 5 -> /sys/kernel/debug/tracing/trace_marker
lr-x------ 1 root root 64 Nov 28 10:25 6 -> /system/framework/framework-res.apk
lr-x------ 1 root root 64 Nov 28 10:25 8 -> /system/framework/core-libart.jar
lr-x------ 1 root root 64 Nov 28 10:25 9 -> /dev/__properties__
*** Mon Nov 28 10:25:42 PST 2016
11-28 10:25:42.715 E/Xposed ( 4180): Unable to stat fd 3 : Permission denied
ZYGOTE=4181
lrwx------ 1 root root 64 Nov 28 10:25 0 -> /dev/null
lrwx------ 1 root root 64 Nov 28 10:25 1 -> /dev/null
lrwx------ 1 root root 64 Nov 28 10:25 11 -> socket:[30732]
lrwx------ 1 root root 64 Nov 28 10:25 2 -> /dev/null
lr-x------ 1 root root 64 Nov 28 10:25 9 -> /dev/__properties__
ZYGOTE64=4180
lrwx------ 1 root root 64 Nov 28 10:25 0 -> /dev/null
lrwx------ 1 root root 64 Nov 28 10:25 1 -> /dev/null
lr-x------ 1 root root 64 Nov 28 10:25 10 -> /data/app/com.thetonyp.batteryshutdownmanager-1/base.apk
lrwx------ 1 root root 64 Nov 28 10:25 11 -> socket:[30724]
lr-x------ 1 root root 64 Nov 28 10:25 12 -> /data/app/tw.fatminmin.xposed.minminguard-1/base.apk
lr-x------ 1 root root 64 Nov 28 10:25 13 -> /dev/urandom
lrwx------ 1 root root 64 Nov 28 10:25 2 -> /dev/null
l-wx------ 1 root root 64 Nov 28 10:25 3 -> /dev/pmsg0
lrwx------ 1 root root 64 Nov 28 10:25 4 -> socket:[45894]
l-wx------ 1 root root 64 Nov 28 10:25 5 -> /sys/kernel/debug/tracing/trace_marker
lr-x------ 1 root root 64 Nov 28 10:25 6 -> /system/framework/framework-res.apk
lr-x------ 1 root root 64 Nov 28 10:25 7 -> /dev/ion
lr-x------ 1 root root 64 Nov 28 10:25 8 -> /system/framework/core-libart.jar
lr-x------ 1 root root 64 Nov 28 10:25 9 -> /dev/__properties__
It seems that /dev/pmsg0 would be the culprit.
# ls -l /dev/pmsg0; ls -Z /dev/pmsg0
c-w--w--w- 1 root log 254, 0 Feb 17 1971 /dev/pmsg0
c-w--w--w- u:object_r:pmsg_device:s0 /dev/pmsg0
This seems to be related to logging. The check in AOSP actually closes the logging handles before doing the whitelist check, which is why I guess that Google didn't give stat permissions for this file type to Zygote (but left that entry as a comment): https://android.googlesource.com/platform/external/sepolicy/+/21658af93cc6f83902a6d883957a353ed4700b13%5E%21/#F0
There are a few options now:
- I could close the logging handles myself (using some kind of reflection, as that method doesn't exist on older ROMs)
- I could just not write the error message (but there would still be an SELinux denial in the logs)
- I could try to find out more about the file handle before attempting to stat it
Not sure what's the best option, I'll think about it.
@rovo89 same error appearing here in the log. Since I did not find any "app_process*", I sent the command with PIDs that contains "zygote"
xposed_error_20170114_161910.log.txt
@rovo89 hello,same error appearing here in the log, my version is Nougat.. xposed_error_20190129_114623.log PIDzygote.txt
@rovo89 hello,same error appearing here in the log, my version is Nougat.. xposed_error_20190129_114623.log PIDzygote.txt
There's still this log, but it doesn't affect usage