287 files changed, 177798 insertions, 0 deletions
diff --git a/sepolicy/kernel.te b/sepolicy/kernel.te new file mode 100644 index 0000000..b4118d6 --- a/dev/null +++ b/sepolicy/kernel.te @@ -0,0 +1,6 @@ +allow kernel self:capability mknod; +allow kernel device:blk_file { ioctl read write create getattr setattr unlink }; +allow kernel device:dir {rw_file_perms rw_dir_perms write create rmdir }; +allow kernel device:chr_file { getattr setattr create unlink }; + +allow kernel vendor_file:file { getattr read open execute }; |