From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Fri, 8 May 2015 08:20:39 -0400
Subject: [refpolicy] [PATCH] Add "binder" security class and access
	vectors
In-Reply-To: <1430929888-18375-1-git-send-email-bigon@debian.org>
References: <1430929888-18375-1-git-send-email-bigon@debian.org>
Message-ID: <554CAA17.8020605@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 5/6/2015 12:31 PM, Laurent Bigonville wrote:
> From: Laurent Bigonville <bigon@bigon.be>
> 
> ---
>  policy/flask/access_vectors   | 8 ++++++++
>  policy/flask/security_classes | 2 ++
>  2 files changed, 10 insertions(+)
> 
> diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors
> index bea72a0..97665b4 100644
> --- a/policy/flask/access_vectors
> +++ b/policy/flask/access_vectors
> @@ -844,6 +844,14 @@ inherits socket
>  	attach_queue
>  }
>  
> +class binder
> +{
> +	impersonate
> +	call
> +	set_context_mgr
> +	transfer
> +}
> +
>  class x_pointer
>  inherits x_device
>  
> diff --git a/policy/flask/security_classes b/policy/flask/security_classes
> index c9cf486..ca7eb41 100644
> --- a/policy/flask/security_classes
> +++ b/policy/flask/security_classes
> @@ -123,6 +123,8 @@ class kernel_service
>  
>  class tun_socket
>  
> +class binder
> +
>  # Still More SE-X Windows stuff
>  class x_pointer			# userspace
>  class x_keyboard		# userspace

Merged.


-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com