Move devtmpfs from filesystem module into devices module and remove the
previous work around.
Makes device_t a filesystem, and associates device nodes with it.
Provides interfaces for associate and mounton for device_t.
Early devtmpfs handling allows init_t and initrc_t read/write on generic
chr files (/dev/null and /dev/console), and dontaudits attempts from
readahead, hostname, and mount.
Fixes since last attempt include allowing kernel_t mounton on device_t
(to mount devtmpfs on /dev), and early devtmpfs handling (before udev
relabeling).
--
Jeremy J. Solt
Tresys Technology, LLC
410-290-1411 x122
On 08/18/10 11:35, Jeremy Solt wrote:
> Move devtmpfs from filesystem module into devices module and remove the
> previous work around.
> Makes device_t a filesystem, and associates device nodes with it.
> Provides interfaces for associate and mounton for device_t.
> Early devtmpfs handling allows init_t and initrc_t read/write on generic
> chr files (/dev/null and /dev/console), and dontaudits attempts from
> readahead, hostname, and mount.
>
> Fixes since last attempt include allowing kernel_t mounton on device_t
> (to mount devtmpfs on /dev), and early devtmpfs handling (before udev
> relabeling).
Merged.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com