selinux: Change generic Boolean type to boolean_t.

This will prevent other security_t writers from setting Boolean pending
values, which could be activated unwittingly by setbool processes.

Signed-off-by: Chris PeBenito <pebenito@ieee.org>

policy/modules/kernel/selinux.if

@@ -391,17 +391,17 @@ interface(`selinux_read_policy',`
 #
 interface(`selinux_set_generic_booleans',`
 	gen_require(`
-		type security_t;
+		type boolean_t, security_t;
 		bool secure_mode_setbool;
 	')
 
 	dev_search_sysfs($1)
 
 	allow $1 security_t:dir list_dir_perms;
-	allow $1 security_t:file read_file_perms;
+	allow $1 boolean_t:file read_file_perms;
 
 	if(!secure_mode_setbool) {
-		allow $1 security_t:file write_file_perms;
+		allow $1 { boolean_t security_t }:file write_file_perms;
 		allow $1 security_t:security setbool;
 	}
 ')
@@ -443,6 +443,7 @@ interface(`selinux_set_all_booleans',`
 
 	if (!secure_mode_setbool) {
 		allow $1 security_t:security setbool;
+		allow $1 security_t:file write_file_perms;
 		allow $1 { boolean_type -secure_mode_policyload_t }:file write_file_perms;
 	}
 

policy/modules/kernel/selinux.te

@@ -26,6 +26,9 @@ attribute can_setenforce;
 attribute can_setsecparam;
 attribute selinux_unconfined_type;
 
+type boolean_t, boolean_type;
+genfscon selinuxfs /booleans/ -- gen_context(system_u:object_r:boolean_t,s0)
+
 type secure_mode_policyload_t;
 selinux_labeled_boolean(secure_mode_policyload_t, secure_mode_policyload)
 
@@ -34,7 +37,7 @@ selinux_labeled_boolean(secure_mode_policyload_t, secure_mode_policyload)
 # the permissions in the security class.  It is also
 # applied to selinuxfs inodes.
 #
-type security_t, boolean_type;
+type security_t;
 files_mountpoint(security_t)
 fs_type(security_t)
 mls_trusted_object(security_t)