Introduce kernel_delete_unlabeled_blk_files

The kernel_delete_unlabeled_blk_files interface is called by the
(deprecated) files_delete_isid_type_blk_files in kernel/files.if.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
This commit is contained in:
Sven Vermeulen 2014-08-08 14:33:21 +02:00 committed by Chris PeBenito
parent 1b85e52057
commit f21915b7ca
1 changed files with 18 additions and 0 deletions

View File

@ -2666,6 +2666,24 @@ interface(`kernel_rw_unlabeled_blk_files',`
allow $1 unlabeled_t:blk_file rw_blk_file_perms; allow $1 unlabeled_t:blk_file rw_blk_file_perms;
') ')
########################################
## <summary>
## Delete unlabeled block device nodes.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`kernel_delete_unlabeled_blk_files',`
gen_require(`
type unlabeled_t;
')
delete_blk_files_pattern($1, unlabeled_t, unlabeled_t)
')
######################################## ########################################
## <summary> ## <summary>
## Create, read, write, and delete unlabeled block device nodes. ## Create, read, write, and delete unlabeled block device nodes.