From: jason@perfinion.com (Jason Zaman)
Date: Sat, 16 Sep 2017 01:16:12 +0800
Subject: [refpolicy] [PATCH 1/3] udev: map module objects to load kernel
	modules
Message-ID: <20170915171614.26581-1-jason@perfinion.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

denied  { map } for  pid=7850 comm="systemd-udevd" path="/lib64/modules/4.13.0-gentoo/kernel/drivers/hid/hid-logitech-hidpp.ko" dev="zfs" ino=709934 scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:modules_object_t:s0 tclass=file permissive=0
---
 policy/modules/system/udev.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index 1e84e582..35368aa1 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -174,6 +174,7 @@ modutils_domtrans(udev_t)
 modutils_read_module_config(udev_t)
 # read modules.inputmap:
 modutils_read_module_deps(udev_t)
+modutils_read_module_objects(udev_t)
 
 seutil_read_config(udev_t)
 seutil_read_default_contexts(udev_t)
-- 
2.13.5