ASR_BASE Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1

commit: e958203796650e3959a43708d67534bf36f4c83b [log] [tgz]
author: b.liu <b.liu@mobiletek.cn> Thu Apr 17 19:18:16 2025 +0800
committer: b.liu <b.liu@mobiletek.cn> Thu Apr 17 19:18:16 2025 +0800
tree: b2d43b7c77053224287779c12b5e890cadc3d327
parent: f51a5559b56d8fd47d9623531065443befb43e5b [diff] [blame]
diff --git a/marvell/services/selinux-policy/src/tmpfile/conftmpfile/sslconftmpfile.cil b/marvell/services/selinux-policy/src/tmpfile/conftmpfile/sslconftmpfile.cil
new file mode 100644
index 0000000..33ded50
--- /dev/null
+++ b/marvell/services/selinux-policy/src/tmpfile/conftmpfile/sslconftmpfile.cil

@@ -0,0 +1,40 @@
+;; -*- mode: CIL; fill-column: 79; indent-tabs-mode: nil; -*-
+;; SPDX-FileCopyrightText: © 2021 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(in .file
+    (call .ssl.obj_type_transition_conftmpfile (unconfined.subj_typeattr)))
+
+(in .ssl
+
+    ;;
+    ;; Contexts
+    ;;
+
+    (filecon
+     "/tmp/etc/ssl"
+     dir
+     conftmpfile_file_context)
+    (filecon
+     "/tmp/etc/ssl/.*"
+     any
+     conftmpfile_file_context)
+
+    ;;
+    ;; Macros
+    ;;
+
+    (macro obj_type_transition_conftmpfile ((type ARG1))
+           (call .tmpfile.conftmpfile_obj_type_transition
+                 (ARG1 conftmpfile dir "ssl")))
+
+    ;;
+    ;; Policy
+    ;;
+
+    (blockinherit .tmpfile.conf.obj_template))
+
+(in .ssl.read
+
+    (call .ssl.read_conftmpfile_files (subj_typeattr))
+    (call .ssl.search_conftmpfile_dirs (subj_typeattr)))
commit	e958203796650e3959a43708d67534bf36f4c83b	[log] [tgz]
author	b.liu <b.liu@mobiletek.cn>	Thu Apr 17 19:18:16 2025 +0800
committer	b.liu <b.liu@mobiletek.cn>	Thu Apr 17 19:18:16 2025 +0800
tree	b2d43b7c77053224287779c12b5e890cadc3d327
parent	f51a5559b56d8fd47d9623531065443befb43e5b [diff] [blame]