commit: a1f8db5c896e3aef75922cf3ff53ccd53e00f79f Author: Christian Göttsche <cgzones <AT> googlemail <DOT> com> AuthorDate: Thu Feb 22 17:00:43 2024 +0000 Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org> CommitDate: Fri Mar 1 17:05:48 2024 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a1f8db5c
fs: mark memory pressure type as file Associate the type memory_pressure_t with the attribute file_type, so all attribute based rules apply, e.g. for unconfined_t. Signed-off-by: Christian Göttsche <cgzones <AT> googlemail.com> Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org> policy/modules/kernel/filesystem.te | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te index 7ffac9812..f21fc71e9 100644 --- a/policy/modules/kernel/filesystem.te +++ b/policy/modules/kernel/filesystem.te @@ -100,6 +100,7 @@ genfscon cgroup2 / gen_context(system_u:object_r:cgroup_t,s0) # the rest of the cgroup tree. type memory_pressure_t; typeattribute memory_pressure_t cgroup_types; +files_type(memory_pressure_t) dev_associate_sysfs(memory_pressure_t) type configfs_t;
