move "dos" out of misc.cil

2 files changed, 18 insertions, 22 deletions

diff --git a/src/fs/noseclabelfs/dosnoseclabelfs.cil b/src/fs/noseclabelfs/dosnoseclabelfs.cil
index dc1412a..b591804 100644
--- a/src/fs/noseclabelfs/dosnoseclabelfs.cil
+++ b/src/fs/noseclabelfs/dosnoseclabelfs.cil
@@ -2,6 +2,16 @@
 ;; SPDX-License-Identifier: Unlicense
 
 (block dos
+    (macro map_fs_files ((type ARG1))
+	(allow ARG1 fs (file (map))))
+    
+    (macro boot_file_type_transition_fs ((type ARG1))
+	(call .boot.file_type_transition
+	    (ARG1 fs dir "efi")))
+
+    (macro root_file_type_transition_fs ((type ARG1))
+	(call .root.file_type_transition
+	    (ARG1 fs dir "efi")))    
 
     (genfscon "fat" "/" fs_context)
     (genfscon "hfs" "/" fs_context)
@@ -13,9 +23,13 @@
     (genfscon "vfat" "/" fs_context)
     (genfscon "exfat" "/" fs_context)
 
-    (macro map_fs_files ((type ARG1))
-	(allow ARG1 fs (file (map))))
-
     (blockinherit .noseclabelfs.template)
+    
+    (call .rbacsep.exempt.obj.type (fs))
+    (call .xattr.associate_fs (fs))
+    
+    (filecon "/boot/efi" dir fs_context)
+    (filecon "/boot/efi/.*" any ())
 
-    (call .rbacsep.exempt.obj.type (fs)))
+    (filecon "/efi" dir fs_context)
+    (filecon "/efi/.*" any ()))
diff --git a/src/misc.cil b/src/misc.cil
index fc8301f..a805d24 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -3,24 +3,6 @@
 
 (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context
 
-(in dos
-
-    (filecon "/boot/efi" dir fs_context)
-    (filecon "/boot/efi/.*" any ())
-
-    (filecon "/efi" dir fs_context)
-    (filecon "/efi/.*" any ())
-
-    (macro boot_file_type_transition_fs ((type ARG1))
-	(call .boot.file_type_transition
-	    (ARG1 fs dir "efi")))
-
-    (macro root_file_type_transition_fs ((type ARG1))
-	(call .root.file_type_transition
-	    (ARG1 fs dir "efi")))
-
-    (call .xattr.associate_fs (fs)))
-
 (in efivar
 
     (filecon "/sys/firmware/efi/efivars" dir ())