From: pebenito@ieee.org (Chris PeBenito)
Date: Wed, 13 Dec 2017 18:16:19 -0500
Subject: [refpolicy] [PATCH 2/2] storage: Add fcontexts for NVMe disks
In-Reply-To: <20171213181536.27030-2-jason@perfinion.com>
References: <20171213181536.27030-1-jason@perfinion.com>
	<20171213181536.27030-2-jason@perfinion.com>
Message-ID: <0e73ddaf-9f08-8b1d-d2c0-e929fe0f0e12@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 12/13/2017 01:15 PM, Jason Zaman wrote:
> NVMe has several dev nodes for each device:
> /dev/nvme0 is a char device for communicating with the controller
> /dev/nvme0n1 is the block device that stores the data.
> /dev/nvme0n1p1 is the first partition
> ---
>   policy/modules/kernel/storage.fc | 2 ++
>   1 file changed, 2 insertions(+)
> 
> diff --git a/policy/modules/kernel/storage.fc b/policy/modules/kernel/storage.fc
> index 375b10bc..c7e3ac0d 100644
> --- a/policy/modules/kernel/storage.fc
> +++ b/policy/modules/kernel/storage.fc
> @@ -33,6 +33,8 @@
>   /dev/mspblk.*		-b	gen_context(system_u:object_r:removable_device_t,s0)
>   /dev/mtd.*		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
>   /dev/nb[^/]+		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
> +/dev/nvme[0-9]+		-c	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
> +/dev/nvme[0-9]n[^/]+	-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
>   /dev/optcd		-b	gen_context(system_u:object_r:removable_device_t,s0)
>   /dev/p[fg][0-3]		-b	gen_context(system_u:object_r:removable_device_t,s0)
>   /dev/pcd[0-3]		-b	gen_context(system_u:object_r:removable_device_t,s0)

Merged.

-- 
Chris PeBenito