Kdump reads the kernel core.

This commit is contained in:
Chris PeBenito 2009-11-25 10:04:40 -05:00
parent 837163cfe7
commit e21162e471
3 changed files with 4 additions and 2 deletions

View File

@ -974,6 +974,7 @@ interface(`kernel_read_core_if',`
attribute can_dump_kernel; attribute can_dump_kernel;
') ')
allow $1 self:capability sys_rawio;
read_files_pattern($1, proc_t, proc_kcore_t) read_files_pattern($1, proc_t, proc_kcore_t)
list_dirs_pattern($1, proc_t, proc_t) list_dirs_pattern($1, proc_t, proc_t)

View File

@ -1,5 +1,5 @@
policy_module(kernel, 1.11.1) policy_module(kernel, 1.11.2)
######################################## ########################################
# #

View File

@ -1,5 +1,5 @@
policy_module(kdump, 1.0.0) policy_module(kdump, 1.0.1)
####################################### #######################################
# #
@ -29,6 +29,7 @@ files_read_etc_runtime_files(kdump_t)
files_read_kernel_img(kdump_t) files_read_kernel_img(kdump_t)
kernel_read_system_state(kdump_t) kernel_read_system_state(kdump_t)
kernel_read_core_if(kdump_t)
dev_read_framebuffer(kdump_t) dev_read_framebuffer(kdump_t)
dev_read_sysfs(kdump_t) dev_read_sysfs(kdump_t)