From 9da725c52e6a743a1c30257a85a9cf6ccc95042e Mon Sep 17 00:00:00 2001
From: Dominick Grift <dominick.grift@defensec.nl>
Date: Thu, 25 Apr 2024 15:52:48 +0200
Subject: adds a ttynodedev and TIOCLINUX filtering support

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
---
 src/dev/termdev.cil | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'src/dev/termdev.cil')

diff --git a/src/dev/termdev.cil b/src/dev/termdev.cil
index 273eebb..702f138 100644
--- a/src/dev/termdev.cil
+++ b/src/dev/termdev.cil
@@ -22,16 +22,16 @@
     (allow typeattr termdev.typeattr (chr_file (not (audit_access execmod))))))
 
 (in after termdev.appendinherited_all_chr_files
-    (allowx ARG1 typeattr IOCTLCONSOLE)
+    (allowx ARG1 typeattr IOCTLCONSOLE_NOT_TIOCLINUX)
     (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
     (allowx ARG1 typeattr IOCTLVT))
 
 (in after termdev.readwriteinherited_all_chr_files
-    (allowx ARG1 typeattr IOCTLCONSOLE)
+    (allowx ARG1 typeattr IOCTLCONSOLE_NOT_TIOCLINUX)
     (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
     (allowx ARG1 typeattr IOCTLVT))
 
 (in after termdev.writeinherited_all_chr_files
-    (allowx ARG1 typeattr IOCTLCONSOLE)
+    (allowx ARG1 typeattr IOCTLCONSOLE_NOT_TIOCLINUX)
     (allowx ARG1 typeattr IOCTLTTY_NOT_TIOCSTI)
     (allowx ARG1 typeattr IOCTLVT))
-- 
cgit v1.2.3