From: dwalsh@redhat.com (Daniel J Walsh)
Date: Tue, 23 Feb 2010 16:37:58 -0500
Subject: [refpolicy] kernel_kernel.patch
Message-ID: <4B844AB6.7050007@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

http://people.fedoraproject.org/~dwalsh/SELinux/F13/kernel_kernel.patch

+kernel_kill(rgmanager_t)
+kernel_mount_unlabeled(mount_t)
+kernel_relabelto_unlabeled(setfiles_mac_t)
+kernel_stream_connect(plymouth_t)
+kernel_stream_connect(initrc_t)

Add files context for infinibandeventfs_t

Allow unlabeled_t files to be put on disk in order to allow 
setfiles_mac_t (livecd_creater) to work.

Kernel needs access to all terms and ptmx
kernel_t does stuff in dracut which requires access to mountab

MLS access required for the kernel

kernel creating files in the homedir

And setting up files in xserver_xdm

Also create files with the right label in /