allow all subj.common to read sysfs

author: John Turner <jturner.usa@gmail.com> 2025-08-18 18:29:45 -0400
committer: John Turner <jturner.usa@gmail.com> 2025-08-18 18:29:45 -0400
commit: fa890b083027105673a8196db02ac8db16aafd6b (patch)
tree: b9cd3c504644f506775f75b9cba1d0ee0cc6f48a /src/subj
parent: 03d66161667eb0c844f55447cc5605f63e2f5cbb (diff)
download: selinux-policy-fa890b083027105673a8196db02ac8db16aafd6b.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/subj/common.cil b/src/subj/common.cil
index d9a1287..4780a91 100644
--- a/src/subj/common.cil
+++ b/src/subj/common.cil
@@ -36,6 +36,10 @@
         (call .proc.read_fs_lnk_files (typeattr))
         (call .proc.search_fs_dirs (typeattr))
 
+        ;; sysfs
+        (call .sys.search_fs_dirs (typeattr))
+        (call .sys.read_fs_files (typeattr))
+
         ;; loader
         (call .file.loader.conf.read_file_files (typeattr))
         (call .file.loader.exec.mapexecute_file_files (typeattr))
author	John Turner <jturner.usa@gmail.com>	2025-08-18 18:29:45 -0400
committer	John Turner <jturner.usa@gmail.com>	2025-08-18 18:29:45 -0400
commit	fa890b083027105673a8196db02ac8db16aafd6b (patch)
tree	b9cd3c504644f506775f75b9cba1d0ee0cc6f48a /src/subj
parent	03d66161667eb0c844f55447cc5605f63e2f5cbb (diff)
download	selinux-policy-fa890b083027105673a8196db02ac8db16aafd6b.tar.gz