ASR_BASE
Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1
diff --git a/marvell/services/selinux-policy/src/file/miscfile/functionsmiscfile.cil b/marvell/services/selinux-policy/src/file/miscfile/functionsmiscfile.cil
new file mode 100644
index 0000000..dd9a8a4
--- /dev/null
+++ b/marvell/services/selinux-policy/src/file/miscfile/functionsmiscfile.cil
@@ -0,0 +1,54 @@
+;; -*- mode: CIL; fill-column: 79; indent-tabs-mode: nil; -*-
+;; SPDX-FileCopyrightText: © 2021 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(in .file
+ (call .functions.libfile_obj_type_transition_miscfile
+ (unconfined.subj_typeattr)))
+
+(block functions
+
+ ;;
+ ;; Contexts
+ ;;
+
+ (filecon
+ "/usr/lib/config"
+ dir
+ miscfile_file_context)
+ (filecon
+ "/usr/lib/config/.*"
+ any
+ miscfile_file_context)
+ (filecon
+ "/usr/lib/functions"
+ dir
+ miscfile_file_context)
+ (filecon
+ "/usr/lib/functions/.*"
+ any
+ miscfile_file_context)
+ (filecon
+ "/usr/lib/functions\.sh"
+ file
+ miscfile_file_context)
+
+ ;;
+ ;; Macros
+ ;;
+
+ (macro libfile_obj_type_transition_miscfile ((type ARG1))
+ (call .file.libfile_obj_type_transition
+ (ARG1 miscfile dir "config"))
+ (call .file.libfile_obj_type_transition
+ (ARG1 miscfile dir "functions"))
+ (call .file.libfile_obj_type_transition
+ (ARG1 miscfile file "functions.sh")))
+
+ ;;
+ ;; Policy
+ ;;
+
+ (blockinherit file.misc.obj_template)
+
+ (call .xattr.associate_filesystems (miscfile)))