nnd
/
selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #782 from pebenito/quic_amisjain-bt-uhid 

Sepolicy changes for bluez to access uhid
This commit is contained in:
Chris PeBenito 2024-06-05 19:42:16 -04:00 committed by GitHub
parent d53aa53110 2102055d4d
commit c963ddfae0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
policy/modules/kernel/devices.if
View File

@ -4851,6 +4851,25 @@ interface(`dev_rw_tpm',`
rw_chr_files_pattern($1, device_t, tpm_device_t)
')
#####################
## <summary>
## Allow open/read/write uhid device
## </summary>
## <param name="domain">
## <summary>
## Domain allowed rw to uhid device
## to communicate with uhid input node
## </summary>
## </param>
#
interface(`dev_rw_uhid',`
gen_require(`
type device_t, uhid_device_t;
')
rw_chr_files_pattern($1, device_t, uhid_device_t)
')
########################################
## <summary>
## Read from pseudo random number generator devices (e.g., /dev/urandom).

1
policy/modules/services/bluetooth.te
View File

@ -104,6 +104,7 @@ dev_rw_generic_usb_dev(bluetooth_t)
dev_read_urand(bluetooth_t)
dev_rw_input_dev(bluetooth_t)
dev_rw_wireless(bluetooth_t)
dev_rw_uhid(bluetooth_t)
domain_use_interactive_fds(bluetooth_t)
domain_dontaudit_search_all_domains_state(bluetooth_t)