aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-security/refpolicy/refpolicy-2.20170204/poky-policy-fix-dmesg-to-use-dev-kmsg.patch
blob: 8443e31334fe5e5983feae1d03f5701f9c36d162 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

From 2f5981f2244289a1cc79748e9ffdaaea168b1df2 Mon Sep 17 00:00:00 2001
From: Xin Ouyang <Xin.Ouyang@windriver.com>
Date: Fri, 23 Aug 2013 16:36:09 +0800
Subject: [PATCH] fix dmesg to use /dev/kmsg as default input

Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
---
 policy/modules/admin/dmesg.if |    1 +
 policy/modules/admin/dmesg.te |    2 ++
 2 files changed, 3 insertions(+)

--- a/policy/modules/admin/dmesg.if
+++ b/policy/modules/admin/dmesg.if
@@ -35,6 +35,7 @@ interface(`dmesg_exec',`
 		type dmesg_exec_t;
 	')
 
 	corecmd_search_bin($1)
 	can_exec($1, dmesg_exec_t)
+	dev_read_kmsg($1)
 ')
--- a/policy/modules/admin/dmesg.te
+++ b/policy/modules/admin/dmesg.te
@@ -28,10 +28,12 @@ kernel_read_proc_symlinks(dmesg_t)
 # for when /usr is not mounted:
 kernel_dontaudit_search_unlabeled(dmesg_t)
 
 dev_read_sysfs(dmesg_t)
 
+dev_read_kmsg(dmesg_t)
+
 fs_search_auto_mountpoints(dmesg_t)
 
 term_dontaudit_use_console(dmesg_t)
 
 domain_use_interactive_fds(dmesg_t)
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-11 21:13:42 +0000