audit2allow 工具路径是 external/selinux/prebuilts/bin/audit2allow 

• 创建avc文件，把 avc 的 log 写入到 avc_log.txt
  vim avc_log.txt

  avc: denied { read write } for name="ttyS0" dev="tmpfs" ino=456 scontext=u:r:hal_rpc_default:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file permissive=1
  avc: denied { open } for path="/dev/ttyS0" dev="tmpfs" ino=456 scontext=u:r:hal_rpc_default:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file permissive=1
  avc: denied { ioctl } for path="/dev/ttyS0" dev="tmpfs" ino=456 ioctlcmd=0x5401 scontext=u:r:hal_rpc_default:s0 tcontext=u:object_r:tty_device:s0 tclass=chr_file permissive=1

  wq. 保存退出

• 导入evb2 android环境变量

. ./buildsystem/android12/external/selinux/prebuilts/bin/audit2allow -i avc_log.txt

执行结果：

sd@40ec5f51a18b:/host/evb2$ . ./buildsystem/android12/external/selinux/prebuilts/bin/audit2allow -i avc_log.txt


#============= hal_rpc_default ==============
allow hal_rpc_default tty_device:chr_file { ioctl open };