RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added bpf_t filesystem label

This commit is contained in:
bauen1 2019-11-24 15:07:58 +01:00
parent 17f06cf1fe
commit 09efc0087a
No known key found for this signature in database
GPG Key ID: FF0AAF5E0812BA9C
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
policy/modules/kernel/filesystem.fc
View File

@ -11,6 +11,8 @@
/usr/lib/udev/devices/shm -d gen_context(system_u:object_r:tmpfs_t,s0)
/usr/lib/udev/devices/shm/.* <<none>>
/sys/fs/bpf(/.*)? <<none>>
/sys/fs/cgroup -d gen_context(system_u:object_r:cgroup_t,s0)
/sys/fs/cgroup/.* <<none>>
/sys/fs/cgroup/[^/]+ -l gen_context(system_u:object_r:cgroup_t,s0)

6
policy/modules/kernel/filesystem.te
View File

@ -67,6 +67,12 @@ fs_type(binfmt_misc_fs_t)
files_mountpoint(binfmt_misc_fs_t)
genfscon binfmt_misc / gen_context(system_u:object_r:binfmt_misc_fs_t,s0)
type bpf_t;
fs_type(bpf_t)
files_mountpoint(bpf_t)
dev_associate_sysfs(bpf_t)
genfscon bpf / gen_context(system_u:object_r:bpf_t,s0)
type capifs_t;
fs_type(capifs_t)
files_mountpoint(capifs_t)