selinux-refpolicy/policy/modules/services/tpm2.te

31 lines
591 B
Plaintext

policy_module(tpm2, 1.0.0)
########################################
#
# Declarations
#
type tpm2_abrmd_t;
type tpm2_abrmd_exec_t;
init_daemon_domain(tpm2_abrmd_t, tpm2_abrmd_exec_t)
type tpm2_abrmd_unit_t;
init_unit_file(tpm2_abrmd_unit_t)
########################################
#
# Local policy
#
allow tpm2_abrmd_t self:process signal;
allow tpm2_abrmd_t self:unix_stream_socket create_socket_perms;
dev_rw_tpm(tpm2_abrmd_t)
kernel_read_crypto_sysctls(tpm2_abrmd_t)
kernel_read_system_state(tpm2_abrmd_t)
optional_policy(`
dbus_system_domain(tpm2_abrmd_t, tpm2_abrmd_exec_t)
')