From 1cbe455a5e1c3ad5eab8ab8c7e16a1586062fcb4 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <pebenito@ieee.org>
Date: Wed, 5 Jun 2024 15:25:24 -0400
Subject: [PATCH] device: Move dev_rw_uhid definition.

Signed-off-by: Chris PeBenito <pebenito@ieee.org>
---
 policy/modules/kernel/devices.if | 37 ++++++++++++++++----------------
 1 file changed, 19 insertions(+), 18 deletions(-)

diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 6e0a9499e..e401bd77b 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4851,6 +4851,25 @@ interface(`dev_rw_tpm',`
 	rw_chr_files_pattern($1, device_t, tpm_device_t)
 ')
 
+#####################
+## <summary>
+##	Allow open/read/write uhid device
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed rw to uhid device
+##	to communicate with uhid input node
+##	</summary>
+## </param>
+#
+interface(`dev_rw_uhid',`
+        gen_require(`
+                type uhid_device_t;
+        ')
+
+        allow $1 uhid_device_t:chr_file rw_chr_file_perms;
+')
+
 ########################################
 ## <summary>
 ##	Read from pseudo random number generator devices (e.g., /dev/urandom).
@@ -5858,21 +5877,3 @@ interface(`dev_unconfined',`
 
 	typeattribute $1 devices_unconfined_type;
 ')
-
-#####################
-## <summary>
-## Allow open/read/write uhid device
-## </summary>
-## <param name="domain">
-##  <summary>
-##  Domain allowed rw to uhid device
-##  to communicate with uhid input node
-##  </summary>
-## </param>
-#
-interface(`dev_rw_uhid',`
-        gen_require(`
-                type uhid_device_t;
-        ')
-        allow $1 uhid_device_t:chr_file rw_chr_file_perms ;
-')