commit: f6e3b01a354b974ffc259994385d03909c4be93e Author: Christian Göttsche <cgzones <AT> googlemail <DOT> com> AuthorDate: Thu Feb 22 17:00:42 2024 +0000 Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org> CommitDate: Fri Mar 1 17:05:47 2024 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f6e3b01a
userdom: permit reading PSI as admin Signed-off-by: Christian Göttsche <cgzones <AT> googlemail.com> Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org> policy/modules/system/userdomain.if | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index aadbe34c3..b87f6d48e 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -1382,6 +1382,7 @@ template(`userdom_admin_user_template',` kernel_change_ring_buffer_level($1_t) kernel_clear_ring_buffer($1_t) kernel_read_ring_buffer($1_t) + kernel_read_psi($1_t) kernel_get_sysvipc_info($1_t) kernel_rw_all_sysctls($1_t) # signal unlabeled processes: