diff mbox series

[v4,testsuite,03/15] test_ibendport.te: use dev_rw_infiniband_mgmt_dev()

Message ID 20200508154138.24217-4-stephen.smalley.work@gmail.com (mailing list archive)
State Accepted
Delegated to: Ondrej Mosnáček
Headers show
Series Update to work on Debian | expand

Commit Message

Stephen Smalley May 8, 2020, 3:41 p.m. UTC
Switch the Infiniband test policy to use the appropriate policy
interface if defined rather than hardcoding a reference to the
type, neither of which exist in Debian policy.  Drop the dead
hardcoded reference on bin_t since it is no longer used anywhere
outside of an interface.

Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
---
 policy/test_ibendport.te | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)
diff mbox series

Patch

diff --git a/policy/test_ibendport.te b/policy/test_ibendport.te
index 2a02c57..b909b4f 100644
--- a/policy/test_ibendport.te
+++ b/policy/test_ibendport.te
@@ -3,11 +3,6 @@ 
 # Policy for testing Infiniband Pkey access.
 #
 
-gen_require(`
-	type bin_t;
-	type infiniband_mgmt_device_t;
-')
-
 attribute ibendportdomain;
 
 # Domain for process.
@@ -27,7 +22,9 @@  dev_rw_sysfs(test_ibendport_manage_subnet_t)
 
 corecmd_bin_entry_type(test_ibendport_manage_subnet_t)
 
-allow test_ibendport_manage_subnet_t infiniband_mgmt_device_t:chr_file { read write open ioctl};
+ifdef(`dev_rw_infiniband_mgmt_dev', `
+dev_rw_infiniband_mgmt_dev(test_ibendport_manage_subnet_t)
+')
 
 ifdef(`corenet_ib_access_unlabeled_pkeys',`
 corenet_ib_access_unlabeled_pkeys(test_ibendport_manage_subnet_t)