commit: 86a0e854927db91b4a978fe92a63e3edb5256927 Author: Chris PeBenito <chpebeni <AT> linux <DOT> microsoft <DOT> com> AuthorDate: Fri May 31 17:44:49 2019 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sat Jul 13 06:43:14 2019 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=86a0e854
devices: Add type for /dev/daxX.Y. Signed-off-by: Chris PeBenito <chpebeni <AT> linux.microsoft.com> Signed-off-by: Jason Zaman <jason <AT> perfinion.com> policy/modules/kernel/devices.fc | 1 + policy/modules/kernel/devices.te | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc index 3b9be43f..bdff6b1a 100644 --- a/policy/modules/kernel/devices.fc +++ b/policy/modules/kernel/devices.fc @@ -21,6 +21,7 @@ /dev/controlD64 -c gen_context(system_u:object_r:xserver_misc_device_t,s0) /dev/crash -c gen_context(system_u:object_r:crash_device_t,mls_systemhigh) /dev/dahdi/.* -c gen_context(system_u:object_r:sound_device_t,s0) +/dev/dax[0-9]\.[0-9] -c gen_context(system_u:object_r:dax_device_t,mls_systemhigh) /dev/dmfm -c gen_context(system_u:object_r:sound_device_t,s0) /dev/dmmidi.* -c gen_context(system_u:object_r:sound_device_t,s0) /dev/dsp.* -c gen_context(system_u:object_r:sound_device_t,s0) diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te index a0331212..88a4246e 100644 --- a/policy/modules/kernel/devices.te +++ b/policy/modules/kernel/devices.te @@ -82,6 +82,12 @@ dev_node(crash_device_t) type crypt_device_t; dev_node(crypt_device_t) +# +# Type for /dev/dax*.* +# +type dax_device_t; +dev_node(dax_device_t) + # # dlm_misc_device_t is the type of /dev/misc/dlm.* #
