summaryrefslogtreecommitdiff
path: root/src/dev/stordev
diff options
context:
space:
mode:
Diffstat (limited to 'src/dev/stordev')
-rw-r--r--src/dev/stordev/dmstordev.cil9
-rw-r--r--src/dev/stordev/fusestordev.cil11
-rw-r--r--src/dev/stordev/hdstordev.cil9
-rw-r--r--src/dev/stordev/loopstordev.cil9
-rw-r--r--src/dev/stordev/mdstordev.cil9
-rw-r--r--src/dev/stordev/mtdstordev.cil14
-rw-r--r--src/dev/stordev/nvmestordev.cil10
-rw-r--r--src/dev/stordev/rawstordev.cil9
-rw-r--r--src/dev/stordev/removablestordev.cil17
-rw-r--r--src/dev/stordev/sdstordev.cil9
-rw-r--r--src/dev/stordev/sgstordev.cil10
-rw-r--r--src/dev/stordev/vdstordev.cil9
-rw-r--r--src/dev/stordev/xdstordev.cil9
-rw-r--r--src/dev/stordev/zramstordev.cil9
14 files changed, 143 insertions, 0 deletions
diff --git a/src/dev/stordev/dmstordev.cil b/src/dev/stordev/dmstordev.cil
new file mode 100644
index 0000000..4a0d4d9
--- /dev/null
+++ b/src/dev/stordev/dmstordev.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block dm
+
+ (filecon "/dev/dm-[0-9]+" block stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_blk_files))
diff --git a/src/dev/stordev/fusestordev.cil b/src/dev/stordev/fusestordev.cil
new file mode 100644
index 0000000..da05a57
--- /dev/null
+++ b/src/dev/stordev/fusestordev.cil
@@ -0,0 +1,11 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block fuse
+
+ (filecon "/dev/fuse" char stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_chr_files)
+
+ (call .rbacsep.exempt.obj.type (stordev)))
diff --git a/src/dev/stordev/hdstordev.cil b/src/dev/stordev/hdstordev.cil
new file mode 100644
index 0000000..c912513
--- /dev/null
+++ b/src/dev/stordev/hdstordev.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block hd
+
+ (filecon "/dev/hd[^/]+" block stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_blk_files))
diff --git a/src/dev/stordev/loopstordev.cil b/src/dev/stordev/loopstordev.cil
new file mode 100644
index 0000000..d683738
--- /dev/null
+++ b/src/dev/stordev/loopstordev.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block loop
+
+ (filecon "/dev/loop.+" block stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_blk_files))
diff --git a/src/dev/stordev/mdstordev.cil b/src/dev/stordev/mdstordev.cil
new file mode 100644
index 0000000..1aa7d84
--- /dev/null
+++ b/src/dev/stordev/mdstordev.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block md
+
+ (filecon "/dev/md[^/]+" block stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_blk_files))
diff --git a/src/dev/stordev/mtdstordev.cil b/src/dev/stordev/mtdstordev.cil
new file mode 100644
index 0000000..f8338b8
--- /dev/null
+++ b/src/dev/stordev/mtdstordev.cil
@@ -0,0 +1,14 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block mtd
+
+ (filecon "/dev/mtd[0-9]+" char stordev_context)
+ (filecon "/dev/mtd[0-9]+ro" char stordev_context)
+ (filecon "/dev/mtdblock[0-9]+" block stordev_context)
+
+ (filecon "/dev/ubi[0-9]+_[0-9]+" char stordev_context)
+ (filecon "/dev/ubi_ctrl" char stordev_context)
+ (filecon "/dev/ubiblock[0-9]+_[0-9]+" block stordev_context)
+
+ (blockinherit .stordev.template))
diff --git a/src/dev/stordev/nvmestordev.cil b/src/dev/stordev/nvmestordev.cil
new file mode 100644
index 0000000..ce30812
--- /dev/null
+++ b/src/dev/stordev/nvmestordev.cil
@@ -0,0 +1,10 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block nvme
+
+ (filecon "/dev/ng[0-9]n[^/]+" char stordev_context)
+ (filecon "/dev/nvme[0-9]+" char stordev_context)
+ (filecon "/dev/nvme[0-9]n[^/]+" block stordev_context)
+
+ (blockinherit .stordev.template))
diff --git a/src/dev/stordev/rawstordev.cil b/src/dev/stordev/rawstordev.cil
new file mode 100644
index 0000000..f04b019
--- /dev/null
+++ b/src/dev/stordev/rawstordev.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block raw
+
+ (filecon "/dev/raw/.+" char stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_chr_files))
diff --git a/src/dev/stordev/removablestordev.cil b/src/dev/stordev/removablestordev.cil
new file mode 100644
index 0000000..36e8a93
--- /dev/null
+++ b/src/dev/stordev/removablestordev.cil
@@ -0,0 +1,17 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block removable
+
+ (filecon "/dev/fd[^/]+" block stordev_context)
+ (filecon "/dev/mmcblk[0-9]+" block stordev_context)
+ (filecon "/dev/mmcblk[0-9]boot[^/]+" block stordev_context)
+ (filecon "/dev/mmcblk[0-9]p[^/]+" block stordev_context)
+ (filecon "/dev/mmcblk[0-9]rpmb" char stordev_context)
+ (filecon "/dev/mspblk[0-9]+" block stordev_context)
+ (filecon "/dev/mspblk[0-9]boot[^/]+" block stordev_context)
+ (filecon "/dev/mspblk[0-9]p[^/]+" block stordev_context)
+ (filecon "/dev/mspblk[0-9]rpmb" char stordev_context)
+ (filecon "/dev/sr[0-9]+" block stordev_context)
+
+ (blockinherit .stordev.template))
diff --git a/src/dev/stordev/sdstordev.cil b/src/dev/stordev/sdstordev.cil
new file mode 100644
index 0000000..822d45e
--- /dev/null
+++ b/src/dev/stordev/sdstordev.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block sd
+
+ (filecon "/dev/sd[^/]+" block stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_blk_files))
diff --git a/src/dev/stordev/sgstordev.cil b/src/dev/stordev/sgstordev.cil
new file mode 100644
index 0000000..3592bc3
--- /dev/null
+++ b/src/dev/stordev/sgstordev.cil
@@ -0,0 +1,10 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block sg
+
+ (filecon "/dev/bsg/.+" char stordev_context)
+ (filecon "/dev/sg[0-9]+" char stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_chr_files))
diff --git a/src/dev/stordev/vdstordev.cil b/src/dev/stordev/vdstordev.cil
new file mode 100644
index 0000000..6dd0904
--- /dev/null
+++ b/src/dev/stordev/vdstordev.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block vd
+
+ (filecon "/dev/vd[^/]+" block stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_blk_files))
diff --git a/src/dev/stordev/xdstordev.cil b/src/dev/stordev/xdstordev.cil
new file mode 100644
index 0000000..43edd14
--- /dev/null
+++ b/src/dev/stordev/xdstordev.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block xd
+
+ (filecon "/dev/xd[^/]+" block stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_blk_files))
diff --git a/src/dev/stordev/zramstordev.cil b/src/dev/stordev/zramstordev.cil
new file mode 100644
index 0000000..6478289
--- /dev/null
+++ b/src/dev/stordev/zramstordev.cil
@@ -0,0 +1,9 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block zram
+
+ (filecon "/dev/zram[0-9]+" block stordev_context)
+
+ (blockinherit .stordev.base_template)
+ (blockinherit .stordev.macro_template_blk_files))
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-21 09:52:33 +0000