From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Wed, 5 Sep 2012 13:45:56 -0400 Subject: [refpolicy] [PATCH 1/2] Declare a loop control device node type and label /dev/loop-control accordingly In-Reply-To: <1346434702-30274-2-git-send-email-dominick.grift@gmail.com> References: <1346434702-30274-1-git-send-email-dominick.grift@gmail.com> <1346434702-30274-2-git-send-email-dominick.grift@gmail.com> Message-ID: <50478FD4.4030305@tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On 08/31/12 13:38, Dominick Grift wrote: > Signed-off-by: Dominick Grift > --- > policy/modules/kernel/devices.fc | 1 + > policy/modules/kernel/devices.te | 3 +++ > 2 files changed, 4 insertions(+) > > diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc > index 84e7337..5214c08 100644 > --- a/policy/modules/kernel/devices.fc > +++ b/policy/modules/kernel/devices.fc > @@ -57,6 +57,7 @@ > /dev/lirc[0-9]+ -c gen_context(system_u:object_r:lirc_device_t,s0) > /dev/lircm -c gen_context(system_u:object_r:mouse_device_t,s0) > /dev/logibm -c gen_context(system_u:object_r:mouse_device_t,s0) > +/dev/loop-control -c gen_context(system_u:object_r:loop_control_device_t,s0) > /dev/lp.* -c gen_context(system_u:object_r:printer_device_t,s0) > /dev/mcelog -c gen_context(system_u:object_r:kmsg_device_t,mls_systemhigh) > /dev/mei -c gen_context(system_u:object_r:mei_device_t,s0) > diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te > index 17e0915..99fe460 100644 > --- a/policy/modules/kernel/devices.te > +++ b/policy/modules/kernel/devices.te > @@ -115,6 +115,9 @@ dev_node(kvm_device_t) > type lirc_device_t; > dev_node(lirc_device_t) > > +type loop_control_device_t; > +dev_node(loop_control_device_t) > + > # > # Type for /dev/mapper/control > # > Merged. -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com