Add mounting interfaces for selinuxfs.

policy/modules/kernel/selinux.if

@@ -94,6 +94,61 @@ interface(`selinux_dontaudit_get_fs_mount',`
 	kernel_dontaudit_read_system_state($1)
 ')
 
+########################################
+## <summary>
+##	Mount the selinuxfs filesystem.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`selinux_mount_fs',`
+	gen_require(`
+		type security_t;
+	')
+
+	allow $1 security_t:filesystem mount;
+')
+
+########################################
+## <summary>
+##	Remount the selinuxfs filesystem.
+##	This allows some mount options to be changed.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`selinux_remount_fs',`
+	gen_require(`
+		type security_t;
+	')
+
+	allow $1 security_t:filesystem remount;
+')
+
+########################################
+## <summary>
+##	Unmount the selinuxfs filesystem.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`selinux_unmount_fs',`
+	gen_require(`
+		type security_t;
+	')
+
+	allow $1 security_t:filesystem unmount;
+')
+
 ########################################
 ## <summary>
 ##	Get the attributes of the selinuxfs filesystem

policy/modules/kernel/selinux.te

@@ -1,4 +1,4 @@
-policy_module(selinux, 1.8.0)
+policy_module(selinux, 1.8.1)
 
 ########################################
 #