diff options
Diffstat (limited to 'recipes-security/refpolicy/refpolicy/0083-policy-modules-services-acpi-make-acpid_t-domain-MLS.patch')
-rw-r--r-- | recipes-security/refpolicy/refpolicy/0083-policy-modules-services-acpi-make-acpid_t-domain-MLS.patch | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/recipes-security/refpolicy/refpolicy/0083-policy-modules-services-acpi-make-acpid_t-domain-MLS.patch b/recipes-security/refpolicy/refpolicy/0083-policy-modules-services-acpi-make-acpid_t-domain-MLS.patch deleted file mode 100644 index cc2d5dd..0000000 --- a/recipes-security/refpolicy/refpolicy/0083-policy-modules-services-acpi-make-acpid_t-domain-MLS.patch +++ /dev/null | |||
@@ -1,35 +0,0 @@ | |||
1 | From 15c99854aa21564a6eb1121f58f55a9626ba6297 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yi Zhao <yi.zhao@windriver.com> | ||
3 | Date: Fri, 10 Jul 2020 09:07:00 +0800 | ||
4 | Subject: [PATCH] policy/modules/services/acpi: make acpid_t domain MLS trusted | ||
5 | for reading from files up to its clearance | ||
6 | |||
7 | Fixes: | ||
8 | avc: denied { search } for pid=265 comm="acpid" name="journal" | ||
9 | dev="tmpfs" ino=14165 scontext=system_u:system_r:acpid_t:s0-s15:c0.c1023 | ||
10 | tcontext=system_u:object_r:syslogd_runtime_t:s15:c0.c1023 tclass=dir | ||
11 | permissive=0 | ||
12 | |||
13 | Upstream-Status: Inappropriate [embedded specific] | ||
14 | |||
15 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | ||
16 | --- | ||
17 | policy/modules/services/acpi.te | 2 ++ | ||
18 | 1 file changed, 2 insertions(+) | ||
19 | |||
20 | diff --git a/policy/modules/services/acpi.te b/policy/modules/services/acpi.te | ||
21 | index 5c22adecd..bd442ff8a 100644 | ||
22 | --- a/policy/modules/services/acpi.te | ||
23 | +++ b/policy/modules/services/acpi.te | ||
24 | @@ -157,6 +157,8 @@ userdom_dontaudit_use_unpriv_user_fds(acpid_t) | ||
25 | userdom_dontaudit_search_user_home_dirs(acpid_t) | ||
26 | userdom_dontaudit_search_user_home_content(acpid_t) | ||
27 | |||
28 | +mls_file_read_to_clearance(acpid_t) | ||
29 | + | ||
30 | optional_policy(` | ||
31 | automount_domtrans(acpid_t) | ||
32 | ') | ||
33 | -- | ||
34 | 2.17.1 | ||
35 | |||