adds bcachefs, resctlnoseclabelfs and mkosi.conf changes

4 files changed, 23 insertions, 1 deletions

diff --git a/mkosi.conf b/mkosi.conf
index 6d1f266..f288410 100644
--- a/mkosi.conf
+++ b/mkosi.conf
@@ -16,6 +16,7 @@ Repositories=
 @CacheDirectory=mkosi.cache
 @BuildDirectory=mkosi.builddir
 @OutputDirectory=mkosi.output
+@WorkspaceDirectory=/tmp
 Format=disk
 Output=dssp5
 
@@ -32,9 +33,9 @@ InitrdPackages=
 	kmod
 	wireless-regdb
 KernelCommandLine=
-	security=selinux
 	fbcon=font:TER16x32
 	quiet
+	security=selinux
 Packages=
 	acl
 	apt
diff --git a/src/fs/noseclabelfs/resctrlnoseclabelfs.cil b/src/fs/noseclabelfs/resctrlnoseclabelfs.cil
new file mode 100644
index 0000000..a3f22a5
--- /dev/null
+++ b/src/fs/noseclabelfs/resctrlnoseclabelfs.cil
@@ -0,0 +1,11 @@
+;; SPDX-FileCopyrightText: © 2024 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block resctrl
+
+  (filecon "/sys/fs/resctrl" dir ())
+  (filecon "/sys/fs/resctrl/.*" any ())
+
+  (genfscon "resctrl" "/" fs_context)
+
+  (blockinherit .noseclabelfs.template))
diff --git a/src/fs/seclabelfs/xattrseclabelfs.cil b/src/fs/seclabelfs/xattrseclabelfs.cil
index bb78b76..a16bae9 100644
--- a/src/fs/seclabelfs/xattrseclabelfs.cil
+++ b/src/fs/seclabelfs/xattrseclabelfs.cil
@@ -3,6 +3,7 @@
 
 (block xattr
 
+  (fsuse xattr "bcachefs" fs_context)
   (fsuse xattr "btrfs" fs_context)
   (fsuse xattr "ceph" fs_context)
   (fsuse xattr "encfs" fs_context)
diff --git a/src/sys/sysfile/fssysfile/bcachefssysfile.cil b/src/sys/sysfile/fssysfile/bcachefssysfile.cil
new file mode 100644
index 0000000..3b61867
--- /dev/null
+++ b/src/sys/sysfile/fssysfile/bcachefssysfile.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2024 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block bcachefs
+
+  (genfscon "sysfs" "/fs/bcachefs" sysfile_context)
+
+  (blockinherit .sysfile.fs.template)
+  (blockinherit .sysfile.macro_template_dirs))