selinux-refpolicy/support
Daniel Jurgens 25a5b24274 refpolicy: Infiniband pkeys and endports
Every Infiniband network will have a default pkey, so that is labeled.
The rest of the pkey configuration is network specific. The policy allows
access to the default and unlabeled pkeys for sysadm and staff users.
kernel_t is allowed access to all pkeys, which it needs to process and
route management datagrams.

Endports are all unlabeled by default, sysadm users are allowed to
manage the subnet on unlabeled endports. kernel_t is allowed to manage
the subnet on all ibendports, which is required for configuring the HCA.

This patch requires selinux series: "SELinux user space support for
Infiniband RDMA", due to the new ipkeycon labeling mechanism.

Signed-off-by: Daniel Jurgens <danielj@mellanox.com>
2017-05-24 19:23:18 -04:00
..
Makefile.devel remove trailing whitespaces 2016-12-06 13:45:13 +01:00
comment_move_decl.sed refpolicy: Infiniband pkeys and endports 2017-05-24 19:23:18 -04:00
divert.m4
fatal_error.m4 m4 errprint: add __program__ info 2017-03-08 17:16:27 +01:00
fc_sort.c fc_sort: cleanup warnings caught by clang tidy / static analyzer. 2016-10-19 13:29:20 -07:00
genclassperms.py convert build scripts to python3 2017-03-15 02:09:20 +01:00
genhomedircon.py fix travis and genhomedircon 2017-03-18 18:38:20 +01:00
gennetfilter.py convert build scripts to python3 2017-03-15 02:09:20 +01:00
get_type_attr_decl.sed Move role declarations to the top of base.conf 2012-02-29 12:08:22 -05:00
iferror.m4
policyvers.py fix travis and genhomedircon 2017-03-18 18:38:20 +01:00
pyplate.py Use raw strings in regular expressions 2017-04-08 12:29:07 +02:00
sedoctool.py convert build scripts to python3 2017-03-15 02:09:20 +01:00
segenxml.py Use raw strings in regular expressions 2017-04-08 12:29:07 +02:00
selinux-policy-refpolicy.spec remove trailing whitespaces 2016-12-06 13:45:13 +01:00
selinux-refpolicy-sources.spec.skel remove trailing whitespaces 2016-12-06 13:45:13 +01:00
set_bools_tuns.awk remove trailing whitespaces 2016-12-06 13:45:13 +01:00
undivert.m4