LinuxLists.cc - [refpolicy] [PATCH] flask: add the attach_queue permission to the tun

2013-01-22 16:25:11

Subject: [refpolicy] [PATCH] flask: add the attach_queue permission to the tun_socket object class

New permission added to Linux 3.8 via the new multiqueue TUN device.

Signed-off-by: Paul Moore <[email protected]>
---
policy/flask/access_vectors | 3 +++
1 file changed, 3 insertions(+)

diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors
index 28802c5..a94b169 100644
--- a/policy/flask/access_vectors
+++ b/policy/flask/access_vectors
@@ -827,6 +827,9 @@ class kernel_service

class tun_socket
inherits socket
+{
+ attach_queue
+}

class x_pointer
inherits x_device

2013-01-22 17:56:39

by cpebenito

[permalink] [raw]

Subject: [refpolicy] [PATCH] flask: add the attach_queue permission to the tun_socket object class

On 01/22/13 11:25, Paul Moore wrote:
> New permission added to Linux 3.8 via the new multiqueue TUN device.
>
> Signed-off-by: Paul Moore <[email protected]>
> ---
> policy/flask/access_vectors | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors
> index 28802c5..a94b169 100644
> --- a/policy/flask/access_vectors
> +++ b/policy/flask/access_vectors
> @@ -827,6 +827,9 @@ class kernel_service
>
> class tun_socket
> inherits socket
> +{
> + attach_queue
> +}
>
> class x_pointer
> inherits x_device

Merged.

--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com