summaryrefslogtreecommitdiff
path: root/src/dev/termdev
diff options
context:
space:
mode:
Diffstat (limited to 'src/dev/termdev')
-rw-r--r--src/dev/termdev/ptytermdev.cil125
-rw-r--r--src/dev/termdev/ptytermdev/loginptytermdev.cil55
-rw-r--r--src/dev/termdev/ptytermdev/loginptytermdev/sysloginptytermdev.cil29
-rw-r--r--src/dev/termdev/serialtermdev.cil124
-rw-r--r--src/dev/termdev/serialtermdev/acmserialtermdev.cil8
-rw-r--r--src/dev/termdev/serialtermdev/consoleserialtermdev.cil8
-rw-r--r--src/dev/termdev/serialtermdev/loginserialtermdev.cil55
-rw-r--r--src/dev/termdev/serialtermdev/loginserialtermdev/ttyloginserialtermdev.cil8
-rw-r--r--src/dev/termdev/serialtermdev/msmserialtermdev.cil8
-rw-r--r--src/dev/termdev/serialtermdev/sysserialtermdev.cil22
-rw-r--r--src/dev/termdev/serialtermdev/usbserialtermdev.cil8
-rw-r--r--src/dev/termdev/serialtermdev/vcsserialtermdev.cil8
-rw-r--r--src/dev/termdev/serialtermdev/vportserialtermdev.cil8
13 files changed, 466 insertions, 0 deletions
diff --git a/src/dev/termdev/ptytermdev.cil b/src/dev/termdev/ptytermdev.cil
new file mode 100644
index 0000000..4349a93
--- /dev/null
+++ b/src/dev/termdev/ptytermdev.cil
@@ -0,0 +1,125 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block ptytermdev
+
+ (macro appendinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr appendinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (macro readwriteinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr readwriteinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
+
+ (macro writeinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr writeinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (typeattribute typeattr)
+
+ (blockinherit .file.all_macro_template_chr_files)
+
+ (call .devpts.associate_fs (typeattr))
+
+ (call .termdev.type (typeattr))
+
+ (block base_template
+
+ (blockabstract base_template)
+
+ (context ptytermdev_context (.sys.id .sys.role ptytermdev lowlevelrange))
+
+ (type ptytermdev)
+ (call .ptytermdev.type (ptytermdev)))
+
+ (block macro_template_chr_files
+
+ (blockabstract macro_template_chr_files)
+
+ (macro append_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev append_chr_file))
+
+ (macro appendinherited_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev appendinherited_chr_file)
+ (allowx ARG1 ptytermdev FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 ptytermdev IOCTLCONSOLE)
+ (allowx ARG1 ptytermdev IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 ptytermdev IOCTLVT))
+
+ (macro create_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev create_chr_file))
+
+ (macro delete_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev delete_chr_file))
+
+ (macro manage_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev manage_chr_file))
+
+ (macro mapexecute_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev mapexecute_chr_file))
+
+ (macro read_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev read_chr_file))
+
+ (macro readinherited_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev readinherited_chr_file))
+
+ (macro readwrite_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev readwrite_chr_file))
+
+ (macro readwriteinherited_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev readwriteinherited_chr_file)
+ (allowx ARG1 ptytermdev FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 ptytermdev IOCTLCONSOLE)
+ (allowx ARG1 ptytermdev IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 ptytermdev IOCTLVT))
+
+ (macro relabel_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev relabel_chr_file))
+
+ (macro relabelfrom_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev relabelfrom_chr_file))
+
+ (macro relabelto_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev relabelto_chr_file))
+
+ (macro rename_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev rename_chr_file))
+
+ (macro write_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev write_chr_file))
+
+ (macro writeinherited_ptytermdev_chr_files ((type ARG1))
+ (allow ARG1 ptytermdev writeinherited_chr_file)
+ (allowx ARG1 ptytermdev FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 ptytermdev IOCTLCONSOLE)
+ (allowx ARG1 ptytermdev IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 ptytermdev IOCTLVT)))
+
+ (block template
+
+ (blockabstract template)
+
+ (blockinherit .ptytermdev.base_template)
+ (blockinherit .ptytermdev.macro_template_chr_files))
+
+ (block unconfined
+
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
+
+ (typeattribute typeattr)
+
+ (allow typeattr ptytermdev.typeattr (chr_file (not (execmod mounton))))))
diff --git a/src/dev/termdev/ptytermdev/loginptytermdev.cil b/src/dev/termdev/ptytermdev/loginptytermdev.cil
new file mode 100644
index 0000000..b9019d4
--- /dev/null
+++ b/src/dev/termdev/ptytermdev/loginptytermdev.cil
@@ -0,0 +1,55 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block loginptytermdev
+
+ (macro all_type_change ((type ARG1)(type ARG2))
+ (typechange ARG1 typeattr chr_file ARG2))
+
+ (macro appendinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr appendinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (macro readwriteinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr readwriteinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
+
+ (macro writeinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr writeinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (typeattribute typeattr)
+
+ (blockinherit .file.all_macro_template_chr_files)
+
+ (call .ptytermdev.type (typeattr))
+
+ (block base_template
+
+ (blockabstract base_template)
+
+ (blockinherit .ptytermdev.base_template)
+
+ (call .loginptytermdev.type (ptytermdev)))
+
+ (block template
+
+ (blockabstract template)
+
+ (macro ptytermdev_type_change ((type ARG1)(type ARG2))
+ (typechange ARG1 ptytermdev chr_file ARG2))
+
+ (blockinherit .loginptytermdev.base_template)
+ (blockinherit .ptytermdev.macro_template_chr_files)))
diff --git a/src/dev/termdev/ptytermdev/loginptytermdev/sysloginptytermdev.cil b/src/dev/termdev/ptytermdev/loginptytermdev/sysloginptytermdev.cil
new file mode 100644
index 0000000..598a925
--- /dev/null
+++ b/src/dev/termdev/ptytermdev/loginptytermdev/sysloginptytermdev.cil
@@ -0,0 +1,29 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(in dev.unconfined
+
+ (call .sys.loginptytermdev_all_type_change_ptytermdev (typeattr)))
+
+(in ptytermdev.unconfined
+
+ (call .sys.loginptytermdev_all_type_change_ptytermdev (typeattr)))
+
+(in sys
+
+ (macro devpts_fs_type_transition_ptytermdev ((type ARG1))
+ (call .devpts.fs_type_transition
+ (ARG1 ptytermdev chr_file "*")))
+
+ (macro loginptytermdev_all_type_change_ptytermdev ((type ARG1))
+ (call .loginptytermdev.all_type_change
+ (ARG1 ptytermdev)))
+
+ ;; support for unknown login services
+ (blockinherit .loginptytermdev.template)
+
+ (call devpts_fs_type_transition_ptytermdev (subj)))
+
+(in termdev.unconfined
+
+ (call .sys.loginptytermdev_all_type_change_ptytermdev (typeattr)))
diff --git a/src/dev/termdev/serialtermdev.cil b/src/dev/termdev/serialtermdev.cil
new file mode 100644
index 0000000..7400737
--- /dev/null
+++ b/src/dev/termdev/serialtermdev.cil
@@ -0,0 +1,124 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block serialtermdev
+
+ (macro appendinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr appendinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (macro readwriteinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr readwriteinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
+
+ (macro writeinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr writeinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (typeattribute typeattr)
+
+ (blockinherit .file.all_macro_template_chr_files)
+
+ (call .termdev.type (typeattr))
+
+ (block base_template
+
+ (blockabstract base_template)
+
+ (context serialtermdev_context
+ (.sys.id .sys.role serialtermdev lowlevelrange))
+
+ (type serialtermdev)
+ (call .serialtermdev.type (serialtermdev)))
+
+ (block macro_template_chr_files
+
+ (blockabstract macro_template_chr_files)
+
+ (macro append_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev append_chr_file))
+
+ (macro appendinherited_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev appendinherited_chr_file)
+ (allowx ARG1 serialtermdev FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 serialtermdev IOCTLCONSOLE)
+ (allowx ARG1 serialtermdev IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 serialtermdev IOCTLVT))
+
+ (macro create_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev create_chr_file))
+
+ (macro delete_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev delete_chr_file))
+
+ (macro manage_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev manage_chr_file))
+
+ (macro mapexecute_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev mapexecute_chr_file))
+
+ (macro read_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev read_chr_file))
+
+ (macro readinherited_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev readinherited_chr_file))
+
+ (macro readwrite_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev readwrite_chr_file))
+
+ (macro readwriteinherited_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev readwriteinherited_chr_file)
+ (allowx ARG1 serialtermdev FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 serialtermdev IOCTLCONSOLE)
+ (allowx ARG1 serialtermdev IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 serialtermdev IOCTLVT))
+
+ (macro relabel_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev relabel_chr_file))
+
+ (macro relabelfrom_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev relabelfrom_chr_file))
+
+ (macro relabelto_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev relabelto_chr_file))
+
+ (macro rename_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev rename_chr_file))
+
+ (macro write_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev write_chr_file))
+
+ (macro writeinherited_serialtermdev_chr_files ((type ARG1))
+ (allow ARG1 serialtermdev writeinherited_chr_file)
+ (allowx ARG1 serialtermdev FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 serialtermdev IOCTLCONSOLE)
+ (allowx ARG1 serialtermdev IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 serialtermdev IOCTLVT)))
+
+ (block template
+
+ (blockabstract template)
+
+ (blockinherit .serialtermdev.base_template)
+ (blockinherit .serialtermdev.macro_template_chr_files))
+
+ (block unconfined
+
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
+
+ (typeattribute typeattr)
+
+ (allow typeattr serialtermdev.typeattr (chr_file (not (execmod mounton))))))
diff --git a/src/dev/termdev/serialtermdev/acmserialtermdev.cil b/src/dev/termdev/serialtermdev/acmserialtermdev.cil
new file mode 100644
index 0000000..ca8a1cb
--- /dev/null
+++ b/src/dev/termdev/serialtermdev/acmserialtermdev.cil
@@ -0,0 +1,8 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block acm
+
+ (filecon "/dev/ttyACM[0-9]+" char serialtermdev_context)
+
+ (blockinherit .serialtermdev.template))
diff --git a/src/dev/termdev/serialtermdev/consoleserialtermdev.cil b/src/dev/termdev/serialtermdev/consoleserialtermdev.cil
new file mode 100644
index 0000000..08b2736
--- /dev/null
+++ b/src/dev/termdev/serialtermdev/consoleserialtermdev.cil
@@ -0,0 +1,8 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block console
+
+ (filecon "/dev/console" char serialtermdev_context)
+
+ (blockinherit .serialtermdev.template))
diff --git a/src/dev/termdev/serialtermdev/loginserialtermdev.cil b/src/dev/termdev/serialtermdev/loginserialtermdev.cil
new file mode 100644
index 0000000..2580dbe
--- /dev/null
+++ b/src/dev/termdev/serialtermdev/loginserialtermdev.cil
@@ -0,0 +1,55 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block loginserialtermdev
+
+ (macro all_type_change ((type ARG1)(type ARG2))
+ (typechange ARG1 typeattr chr_file ARG2))
+
+ (macro appendinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr appendinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (macro readwriteinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr readwriteinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
+
+ (macro writeinherited_all_chr_files ((type ARG1))
+ (allow ARG1 typeattr writeinherited_chr_file)
+ (allowx ARG1 typeattr FIOCLEX_FIONCLEX_CHRFILE)
+ (allowx ARG1 typeattr IOCTLCONSOLE)
+ (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
+ (allowx ARG1 typeattr IOCTLVT))
+
+ (typeattribute typeattr)
+
+ (blockinherit .file.all_macro_template_chr_files)
+
+ (call .serialtermdev.type (typeattr))
+
+ (block base_template
+
+ (blockabstract base_template)
+
+ (blockinherit .serialtermdev.base_template)
+
+ (call .loginserialtermdev.type (serialtermdev)))
+
+ (block template
+
+ (blockabstract template)
+
+ (macro serialtermdev_type_change ((type ARG1)(type ARG2))
+ (typechange ARG1 serialtermdev chr_file ARG2))
+
+ (blockinherit .loginserialtermdev.base_template)
+ (blockinherit .serialtermdev.macro_template_chr_files)))
diff --git a/src/dev/termdev/serialtermdev/loginserialtermdev/ttyloginserialtermdev.cil b/src/dev/termdev/serialtermdev/loginserialtermdev/ttyloginserialtermdev.cil
new file mode 100644
index 0000000..5919dbe
--- /dev/null
+++ b/src/dev/termdev/serialtermdev/loginserialtermdev/ttyloginserialtermdev.cil
@@ -0,0 +1,8 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(in tty
+
+ (filecon "/dev/tty.+" char serialtermdev_context)
+
+ (blockinherit .loginserialtermdev.template))
diff --git a/src/dev/termdev/serialtermdev/msmserialtermdev.cil b/src/dev/termdev/serialtermdev/msmserialtermdev.cil
new file mode 100644
index 0000000..1f97fbf
--- /dev/null
+++ b/src/dev/termdev/serialtermdev/msmserialtermdev.cil
@@ -0,0 +1,8 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block msm
+
+ (filecon "/dev/ttyMSM[0-9]+" char serialtermdev_context)
+
+ (blockinherit .serialtermdev.template))
diff --git a/src/dev/termdev/serialtermdev/sysserialtermdev.cil b/src/dev/termdev/serialtermdev/sysserialtermdev.cil
new file mode 100644
index 0000000..751f057
--- /dev/null
+++ b/src/dev/termdev/serialtermdev/sysserialtermdev.cil
@@ -0,0 +1,22 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(in dev.unconfined
+
+ (call .sys.loginserialtermdev_all_type_change_serialtermdev (typeattr)))
+
+(in serialtermdev.unconfined
+
+ (call .sys.loginserialtermdev_all_type_change_serialtermdev (typeattr)))
+
+(in sys
+
+ (macro loginserialtermdev_all_type_change_serialtermdev ((type ARG1))
+ (call .loginserialtermdev.all_type_change
+ (ARG1 serialtermdev)))
+
+ (blockinherit .serialtermdev.template))
+
+(in termdev.unconfined
+
+ (call .sys.loginserialtermdev_all_type_change_serialtermdev (typeattr)))
diff --git a/src/dev/termdev/serialtermdev/usbserialtermdev.cil b/src/dev/termdev/serialtermdev/usbserialtermdev.cil
new file mode 100644
index 0000000..e11591e
--- /dev/null
+++ b/src/dev/termdev/serialtermdev/usbserialtermdev.cil
@@ -0,0 +1,8 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(in usb
+
+ (filecon "/dev/ttyUSB[0-9]+" char serialtermdev_context)
+
+ (blockinherit .serialtermdev.template))
diff --git a/src/dev/termdev/serialtermdev/vcsserialtermdev.cil b/src/dev/termdev/serialtermdev/vcsserialtermdev.cil
new file mode 100644
index 0000000..5534907
--- /dev/null
+++ b/src/dev/termdev/serialtermdev/vcsserialtermdev.cil
@@ -0,0 +1,8 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block vcs
+
+ (filecon "/dev/vcs[^/]*" char serialtermdev_context)
+
+ (blockinherit .serialtermdev.template))
diff --git a/src/dev/termdev/serialtermdev/vportserialtermdev.cil b/src/dev/termdev/serialtermdev/vportserialtermdev.cil
new file mode 100644
index 0000000..c998b56
--- /dev/null
+++ b/src/dev/termdev/serialtermdev/vportserialtermdev.cil
@@ -0,0 +1,8 @@
+;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-License-Identifier: Unlicense
+
+(block vport
+
+ (filecon "/dev/vport[0-9]p[0-9]+" char serialtermdev_context)
+
+ (blockinherit .serialtermdev.template))
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-21 19:58:41 +0000