From 43917f18a8d29961f9500fd406a776b6fac33e1b Mon Sep 17 00:00:00 2001
From: John Turner <jturner.usa@gmail.com>
Date: Sat, 23 Aug 2025 20:19:00 -0400
Subject: move "dos" out of misc.cil

---
 src/fs/noseclabelfs/dosnoseclabelfs.cil | 22 ++++++++++++++++++----
 src/misc.cil                            | 18 ------------------
 2 files changed, 18 insertions(+), 22 deletions(-)

(limited to 'src')

diff --git a/src/fs/noseclabelfs/dosnoseclabelfs.cil b/src/fs/noseclabelfs/dosnoseclabelfs.cil
index dc1412a..b591804 100644
--- a/src/fs/noseclabelfs/dosnoseclabelfs.cil
+++ b/src/fs/noseclabelfs/dosnoseclabelfs.cil
@@ -2,6 +2,16 @@
 ;; SPDX-License-Identifier: Unlicense
 
 (block dos
+    (macro map_fs_files ((type ARG1))
+	(allow ARG1 fs (file (map))))
+    
+    (macro boot_file_type_transition_fs ((type ARG1))
+	(call .boot.file_type_transition
+	    (ARG1 fs dir "efi")))
+
+    (macro root_file_type_transition_fs ((type ARG1))
+	(call .root.file_type_transition
+	    (ARG1 fs dir "efi")))    
 
     (genfscon "fat" "/" fs_context)
     (genfscon "hfs" "/" fs_context)
@@ -13,9 +23,13 @@
     (genfscon "vfat" "/" fs_context)
     (genfscon "exfat" "/" fs_context)
 
-    (macro map_fs_files ((type ARG1))
-	(allow ARG1 fs (file (map))))
-
     (blockinherit .noseclabelfs.template)
+    
+    (call .rbacsep.exempt.obj.type (fs))
+    (call .xattr.associate_fs (fs))
+    
+    (filecon "/boot/efi" dir fs_context)
+    (filecon "/boot/efi/.*" any ())
 
-    (call .rbacsep.exempt.obj.type (fs)))
+    (filecon "/efi" dir fs_context)
+    (filecon "/efi/.*" any ()))
diff --git a/src/misc.cil b/src/misc.cil
index fc8301f..a805d24 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -3,24 +3,6 @@
 
 (sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context
 
-(in dos
-
-    (filecon "/boot/efi" dir fs_context)
-    (filecon "/boot/efi/.*" any ())
-
-    (filecon "/efi" dir fs_context)
-    (filecon "/efi/.*" any ())
-
-    (macro boot_file_type_transition_fs ((type ARG1))
-	(call .boot.file_type_transition
-	    (ARG1 fs dir "efi")))
-
-    (macro root_file_type_transition_fs ((type ARG1))
-	(call .root.file_type_transition
-	    (ARG1 fs dir "efi")))
-
-    (call .xattr.associate_fs (fs)))
-
 (in efivar
 
     (filecon "/sys/firmware/efi/efivars" dir ())
-- 
cgit v1.2.3