marvell/services/selinux-policy/src/dev/nodedev/zeronodedev.cil - T108 - Gitiles

 ;; -*- mode: CIL; fill-column: 79; indent-tabs-mode: nil; -*-
 ;; SPDX-FileCopyrightText: © 2021 Dominick Grift <dominick.grift@defensec.nl>
 ;; SPDX-License-Identifier: Unlicense

 (in .dev
     (call .zero.obj_type_transition_nodedev (unconfined.subj_typeattr)))

 (block zero

        ;;
        ;; Contexts
        ;;

        (filecon
         "/dev/zero"
         char
         nodedev_file_context)

        ;;
        ;; Macros
        ;;

        (macro map_nodedev_chr_files ((type ARG1))
               (allow ARG1 nodedev (chr_file (map))))

        (macro obj_type_transition_nodedev ((type ARG1))
               (call .tmp.fs_obj_type_transition
                     (ARG1 nodedev chr_file "zero")))

        ;;
        ;; Policy
        ;;

        (blockinherit .dev.node.obj_template))
	;; -- mode: CIL; fill-column: 79; indent-tabs-mode: nil; --
	;; SPDX-FileCopyrightText: © 2021 Dominick Grift <dominick.grift@defensec.nl>
	;; SPDX-License-Identifier: Unlicense

	(in .dev
	(call .zero.obj_type_transition_nodedev (unconfined.subj_typeattr)))

	(block zero

	;;
	;; Contexts
	;;

	(filecon
	"/dev/zero"
	char
	nodedev_file_context)

	;;
	;; Macros
	;;

	(macro map_nodedev_chr_files ((type ARG1))
	(allow ARG1 nodedev (chr_file (map))))

	(macro obj_type_transition_nodedev ((type ARG1))
	(call .tmp.fs_obj_type_transition
	(ARG1 nodedev chr_file "zero")))

	;;
	;; Policy
	;;

	(blockinherit .dev.node.obj_template))