From mboxrd@z Thu Jan  1 00:00:00 1970
From: dominick.grift@gmail.com (Dominick Grift)
Date: Fri, 31 Aug 2012 19:38:22 +0200
Subject: [refpolicy] [PATCH 2/2] Declare a virtio port device type and label
	/dev/vport.* accordingly
In-Reply-To: <1346434702-30274-1-git-send-email-dominick.grift@gmail.com>
References: <1346434702-30274-1-git-send-email-dominick.grift@gmail.com>
Message-ID: <1346434702-30274-3-git-send-email-dominick.grift@gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
---
 policy/modules/kernel/devices.fc | 1 +
 policy/modules/kernel/devices.te | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 5214c08..94505c4 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -124,6 +124,7 @@ ifdef(`distro_suse', `
 /dev/vmmon		-c	gen_context(system_u:object_r:vmware_device_t,s0)
 /dev/vmnet.*		-c	gen_context(system_u:object_r:vmware_device_t,s0)
 /dev/video.*		-c	gen_context(system_u:object_r:v4l_device_t,s0)
+/dev/vport.*		-c	gen_context(system_u:object_r:virtio_device_t,s0)
 /dev/vrtpanel		-c	gen_context(system_u:object_r:mouse_device_t,s0)
 /dev/vttuner		-c	gen_context(system_u:object_r:v4l_device_t,s0)
 /dev/vtx.*		-c	gen_context(system_u:object_r:v4l_device_t,s0)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 99fe460..52c535d 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -272,6 +272,9 @@ dev_node(v4l_device_t)
 type vhost_device_t;
 dev_node(vhost_device_t)
 
+type virtio_device_t;
+dev_node(virtio_device_t)
+
 # Type for vmware devices.
 type vmware_device_t;
 dev_node(vmware_device_t)
-- 
1.7.11.4