Layer: kernel

Module: bootloader

Description:

Policy for the kernel modules, kernel image, and bootloader.

Interfaces:

bootloader_create_kernel( domain )
Description:

Install a kernel into the /boot directory.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_create_kernel_symbol_table( domain )
Description:

Install a system.map into the /boot directory.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_create_runtime_file( domain )
Description:

Read and write the bootloader temporary data in /tmp.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_delete_kernel( domain )
Description:

Delete a kernel from /boot.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_delete_kernel_symbol_table( domain )
Description:

Delete a system.map in the /boot directory.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_domtrans( domain )
Description:

Execute bootloader in the bootloader domain.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_dontaudit_search_boot( domain )
Description:

Do not audit attempts to search the /boot directory.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_list_kernel_modules( domain )
Description:

List the contents of the kernel module directories.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_manage_kernel_modules( domain )
Description:

Create, read, write, and delete kernel module files.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_read_config( domain )
Description:

Read the bootloader configuration file.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_read_kernel_modules( domain )
Description:

Read kernel module files.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_read_kernel_symbol_table( domain )
Description:

Read system.map in the /boot directory.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_run( domain , role , terminal )
Description:

Execute bootloader interactively and do a domain transition to the bootloader domain.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
role The role to be allowed the bootloader domain. No
terminal The type of the terminal allow the bootloader domain to use. No
bootloader_rw_boot_symlinks( domain )
Description:

Read and write symbolic links in the /boot directory.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_rw_config( domain )
Description:

Read and write the bootloader configuration file.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_rw_tmp_file( domain )
Description:

Read and write the bootloader temporary data in /tmp.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_search_boot_dir( domain )
Description:

Search the /boot directory.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No
bootloader_write_kernel_modules( domain )
Description:

Write kernel module files.


Parameters:
Parameter:Description:Optional:
domain The type of the process performing this action. No