From: bigon@debian.org (Laurent Bigonville)
Date: Wed, 16 Apr 2014 19:33:52 +0200
Subject: [refpolicy] [PATCH] Allow hugetlbfs_t to be associated to /dev
Message-ID: <1397669632-5826-1-git-send-email-bigon@debian.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

From: Laurent Bigonville <bigon@bigon.be>

Even if there is not FHS provision for this, systemd is using
/dev/hugepages to mount the hugetlbfs fs by default.

The needed file contexts are already present
---
 policy/modules/kernel/filesystem.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index e7e34bf..c8b7e26 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -98,6 +98,7 @@ type hugetlbfs_t;
 fs_xattr_type(hugetlbfs_t)
 files_mountpoint(hugetlbfs_t)
 fs_use_trans hugetlbfs gen_context(system_u:object_r:hugetlbfs_t,s0);
+dev_associate(hugetlbfs_t)
 
 type ibmasmfs_t;
 fs_type(ibmasmfs_t)
-- 
1.9.2