From: dac.override@gmail.com (Dominick Grift)
Date: Thu, 10 Dec 2015 17:08:27 +0100
Subject: [refpolicy] [PATCH] kernel: implement sysctl_vm_overcommit_t for
	/proc/sys/vm/overcommit_memory
Message-ID: <1449763707-7084-1-git-send-email-dac.override@gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Whoever requires this type first gets to create the interfaces to operate on this object

Signed-off-by: Dominick Grift <dac.override@gmail.com>
---
 policy/modules/kernel/kernel.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 309f3e0..28f84ff 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -153,6 +153,9 @@ genfscon proc /sys/net/unix gen_context(system_u:object_r:sysctl_net_unix_t,s0)
 type sysctl_vm_t, sysctl_type;
 genfscon proc /sys/vm gen_context(system_u:object_r:sysctl_vm_t,s0)
 
+type sysctl_vm_overcommit_t, sysctl_type;
+genfscon proc /sys/vm/overcommit_memory gen_context(system_u:object_r:sysctl_vm_overcommit_t,s0)
+
 # /proc/sys/dev directory and files
 type sysctl_dev_t, sysctl_type;
 genfscon proc /sys/dev gen_context(system_u:object_r:sysctl_dev_t,s0)
-- 
2.5.0