1 files changed, 33 insertions, 0 deletions
diff --git a/recipes-security/refpolicy/refpolicy-2.20190201/0029-policy-module-selinuxutil-fix-setfiles-statvfs-to-ge.patch b/recipes-security/refpolicy/refpolicy-2.20190201/0029-policy-module-selinuxutil-fix-setfiles-statvfs-to-ge.patch
new file mode 100644
index 0000000..e62c81e
--- /dev/null
+++ b/recipes-security/refpolicy/refpolicy-2.20190201/0029-policy-module-selinuxutil-fix-setfiles-statvfs-to-ge.patch
@@ -0,0 +1,33 @@
+From 524f823bb07e0eb763683b72f18999ef29ae43c9 Mon Sep 17 00:00:00 2001
+From: Joe MacDonald <joe_macdonald@mentor.com>
+Date: Fri, 29 Mar 2019 11:30:27 -0400
+Subject: [PATCH 29/34] policy/module/selinuxutil: fix setfiles statvfs to get
+ file count
+New setfiles will read /proc/mounts and use statvfs in
+file_system_count() to get file count of filesystems.
+Upstream-Status: Pending
+Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
+Signed-off-by: Shrikant Bobade <Shrikant_Bobade@mentor.com>
+Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
+---
+ policy/modules/system/selinuxutil.te | 1 +
+ 1 file changed, 1 insertion(+)
+diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
+index db6bb368..98fed2d0 100644
+--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
+@@ -607,6 +607,7 @@ files_relabel_all_files(setfiles_t)
+ files_read_usr_symlinks(setfiles_t)
+ files_dontaudit_read_all_symlinks(setfiles_t)
+ 
+fs_getattr_all_fs(setfiles_t)
+ fs_getattr_all_xattr_fs(setfiles_t)
+ fs_getattr_cgroup(setfiles_t)
+ fs_getattr_nfs(setfiles_t)
+-- 
+2.19.1

diff --git a/recipes-security/refpolicy/refpolicy-2.20190201/0029-policy-module-selinuxutil-fix-setfiles-statvfs-to-ge.patch b/recipes-security/refpolicy/refpolicy-2.20190201/0029-policy-module-selinuxutil-fix-setfiles-statvfs-to-ge.patch new file mode 100644 index 0000000..e62c81e --- /dev/null +++ b/recipes-security/refpolicy/refpolicy-2.20190201/0029-policy-module-selinuxutil-fix-setfiles-statvfs-to-ge.patch
@@ -0,0 +1,33 @@
	1	From 524f823bb07e0eb763683b72f18999ef29ae43c9 Mon Sep 17 00:00:00 2001
	2	From: Joe MacDonald <joe_macdonald@mentor.com>
	3	Date: Fri, 29 Mar 2019 11:30:27 -0400
	4	Subject: [PATCH 29/34] policy/module/selinuxutil: fix setfiles statvfs to get
	5	file count
	6
	7	New setfiles will read /proc/mounts and use statvfs in
	8	file_system_count() to get file count of filesystems.
	9
	10	Upstream-Status: Pending
	11
	12	Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
	13	Signed-off-by: Shrikant Bobade <Shrikant_Bobade@mentor.com>
	14	Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
	15	---
	16	policy/modules/system/selinuxutil.te \| 1 +
	17	1 file changed, 1 insertion(+)
	18
	19	diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
	20	index db6bb368..98fed2d0 100644
	21	--- a/policy/modules/system/selinuxutil.te
	22	+++ b/policy/modules/system/selinuxutil.te
	23	@@ -607,6 +607,7 @@ files_relabel_all_files(setfiles_t)
	24	files_read_usr_symlinks(setfiles_t)
	25	files_dontaudit_read_all_symlinks(setfiles_t)
	26
	27	+fs_getattr_all_fs(setfiles_t)
	28	fs_getattr_all_xattr_fs(setfiles_t)
	29	fs_getattr_cgroup(setfiles_t)
	30	fs_getattr_nfs(setfiles_t)
	31	--
	32	2.19.1
	33