RepoMirrors/selinux-refpolicy
1
0
Fork 0
mirror of https://github.com/SELinuxProject/refpolicy synced 2025-03-11 07:40:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

tpm2: small fixes

Browse Source 
* Drop permissions implied by domtrans_pattern
* Use fifo_file permission macro for fifo_file class

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
This commit is contained in:
Christian Göttsche 2020-05-08 19:54:49 +02:00
parent d769c71848
commit 0ac9f4cb22
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
policy/modules/services/tpm2.if
View File

@ -35,9 +35,6 @@ interface(`tpm2_domtrans',`
type tpm2_t, tpm2_exec_t;
')
allow tpm2_t $1:fd use;
allow tpm2_t $1:fifo_file rw_file_perms;
corecmd_search_bin($1)
domtrans_pattern($1, tpm2_exec_t, tpm2_t)
')
@ -162,6 +159,6 @@ interface(`tpm2_rw_abrmd_pipes',`
')
allow $1 tpm2_abrmd_t:fd use;
allow $1 tpm2_abrmd_t:fifo_file rw_file_perms;
allow $1 tpm2_abrmd_t:fifo_file rw_fifo_file_perms;
')