The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/platform2/+/ee55c9fe0aa70d446caea94c7c8fb38bcb57c3ce

commit ee55c9fe0aa70d446caea94c7c8fb38bcb57c3ce
Author: Mike Frysinger <vapier@chromium.org>
Date: Wed Oct 03 21:58:51 2018

crash: anomaly_collector: disable selinux violation collection

This is breaking logging_UserCrash due to selinux violations triggered
during the autotest, so disable the collector for now.

BUG= chromium:891772 
TEST=unittests pass

Change-Id: If6ebf322a70f291f81bc36f13ce54ce33de92b5f
Reviewed-on: https://chromium-review.googlesource.com/c/1259303
Trybot-Ready: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
Tested-by: Brian Norris <briannorris@chromium.org>

[modify] https://crrev.com/ee55c9fe0aa70d446caea94c7c8fb38bcb57c3ce/crash-reporter/anomaly_collector.l

The audit message is used to trace unreliazed transitions.


This unrealized transition was caused by crrev.com/c/1214636
since the ONLY two realized transitions for crash reporter are:
 (kernel, cros_anomaly_collector) -> execute cros_crash_reporter_exec -> cros_crash;


crrev.com/c/1214636 moves anomaly_collector into minijail, while cros_anomaly_collector can ONLY entered by init executing anomaly_collector directly. thus the anomaly_collector falls into an unknown domain.

This should already be gone after crrev.com/c/1256303 is landed. A test is being reviewed to examine domain of daemon processes.


But anyway,
I'll see if I can fix their tests first (since their tests should only test crashes related to their program only anomalies collected).

s/I'll see if I can fix their tests first (since their tests should only test crashes related to their program only anomalies collected)./I'll see if I can fix their tests first (since their tests should only test crashes related to their program, not anomalies collected)./

wait. this is not caused by crrev.com/c/1214636
This audit message is about bash executing crash_reporter.
Anomaly_collector should stay minijail domain if it's crrev.com/c/1214636, instead of falling into chromeos domain.

I guess some program in the test is triggering crash_reporter itself.

But if that's the case, why isn't this failing long ago? since this audit message should be there for a few weeks.
Anyway, i'll look into it later today. If I can't find a solution today, I'll workaround it by not auditing chromeos executing crash_reporter until I really needs this single audit path. usually I don't think I need source=chromeos, since more and more processes will move out from chromeos domain. It's just the current is source={domain -kernel -cros_anomaly_collector}

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/platform2/+/0804785562d264b77b365beaa48781f73566956c

commit 0804785562d264b77b365beaa48781f73566956c
Author: Qijiang Fan <fqj@google.com>
Date: Fri Oct 05 22:43:04 2018

Revert "crash: anomaly_collector: disable selinux violation collection"

This reverts commit ee55c9fe0aa70d446caea94c7c8fb38bcb57c3ce.

Reason for revert: selinux violation should be collected after working around violations.

CQ-DEPEND=CL:1261478

Original change's description:
> crash: anomaly_collector: disable selinux violation collection
>
> This is breaking logging_UserCrash due to selinux violations triggered
> during the autotest, so disable the collector for now.
>
> BUG= chromium:891772 
> TEST=unittests pass
>
> Change-Id: If6ebf322a70f291f81bc36f13ce54ce33de92b5f
> Reviewed-on: https://chromium-review.googlesource.com/c/1259303
> Trybot-Ready: Mike Frysinger <vapier@chromium.org>
> Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
> Tested-by: Brian Norris <briannorris@chromium.org>

Bug:  chromium:891772 
Change-Id: I3d723c79dec9c626ce38bc3acd353651cda5f1ec
Reviewed-on: https://chromium-review.googlesource.com/1260426
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Qijiang Fan <fqj@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Brian Norris <briannorris@chromium.org>

[modify] https://crrev.com/0804785562d264b77b365beaa48781f73566956c/crash-reporter/anomaly_collector.l

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/platform2/+/e6c72b06e10de978ed01f2855f876ef0239bfb54

commit e6c72b06e10de978ed01f2855f876ef0239bfb54
Author: Qijiang Fan <fqj@chromium.org>
Date: Fri Oct 05 22:43:04 2018

sepolicy: don't audit kernel and chromeos executing crash reporter.

BUG=b:80461815, chromium:891772 
TEST=dmesg

Change-Id: I67cf6dc0ef97c35c1386c95a73fed1efd8d74ce3
Reviewed-on: https://chromium-review.googlesource.com/1261478
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Qijiang Fan <fqj@google.com>
Reviewed-by: Qijiang Fan <fqj@google.com>
Reviewed-by: Kenny Root <kroot@google.com>

[modify] https://crrev.com/e6c72b06e10de978ed01f2855f876ef0239bfb54/sepolicy/policy/chromeos/cros_crash.te

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/autotest/+/aae17ea109eb73120f1e25611cee98a89f4d5feb

commit aae17ea109eb73120f1e25611cee98a89f4d5feb
Author: Qijiang Fan <fqj@chromium.org>
Date: Tue Oct 09 14:29:21 2018

crash_test: ignore non-crash anomalies collected.

When _parse_sender_output, the output from crash_sender may contain
non-crash anomalies, (most likely audit-purpose granted SELinux info).

These are not directly related to the crashes _call_sender_one_crash
which aims to upload one real crash, and returns the information about
this uploaded crash.

BUG= chromium:891772 
TEST=test_that DUT logging_UserCrash

Change-Id: I8667c46262677052656ee999259fed4a79756c14
Reviewed-on: https://chromium-review.googlesource.com/1261262
Commit-Ready: Qijiang Fan <fqj@google.com>
Tested-by: Qijiang Fan <fqj@google.com>
Reviewed-by: Mike Frysinger <vapier@chromium.org>

[modify] https://crrev.com/aae17ea109eb73120f1e25611cee98a89f4d5feb/client/cros/crash/crash_test.py