Blame targeted/domains/program/cpucontrol.te
|
Chris PeBenito |
ab58ad |
#DESC cpucontrol - domain for microcode_ctl and other programs to control CPU
|
|
Chris PeBenito |
ab58ad |
#
|
|
Chris PeBenito |
ab58ad |
# Author: Russell Coker <russell@coker.com.au>
|
|
Chris PeBenito |
ab58ad |
#
|
|
Chris PeBenito |
ab58ad |
|
|
Chris PeBenito |
ab58ad |
type cpucontrol_conf_t, file_type, sysadmfile;
|
|
Chris PeBenito |
ab58ad |
|
|
Chris PeBenito |
ab58ad |
daemon_base_domain(cpucontrol)
|
|
Chris PeBenito |
ab58ad |
|
|
Chris PeBenito |
ab58ad |
# Access cpu devices.
|
|
Chris PeBenito |
ab58ad |
allow cpucontrol_t cpu_device_t:chr_file rw_file_perms;
|
|
Chris PeBenito |
ab58ad |
allow cpucontrol_t device_t:lnk_file { getattr read };
|
|
Chris PeBenito |
ab58ad |
allow initrc_t cpu_device_t:chr_file getattr;
|
|
Chris PeBenito |
ab58ad |
|
|
Chris PeBenito |
ab58ad |
allow cpucontrol_t self:capability sys_rawio;
|
|
Chris PeBenito |
ab58ad |
|
|
Chris PeBenito |
ab58ad |
r_dir_file(cpucontrol_t, cpucontrol_conf_t)
|