| Message ID | IA3PR02MB11199A73D31A8C41023F0CC25F151A@IA3PR02MB11199.namprd02.prod.outlook.com |
|---|---|
| State | New |
| Headers | show
Return-Path: <gmisra@qti.qualcomm.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
(localhost.localdomain [127.0.0.1])
by smtp.lore.kernel.org (Postfix) with ESMTP id 54C41CC6B03
for <webhook@archiver.kernel.org>; Thu, 2 Apr 2026 07:03:56 +0000 (UTC)
Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com
[205.220.180.131])
by mx.groups.io with SMTP id smtpd.msgproc02-g2.10315.1775113428681450847
for <yocto-patches@lists.yoctoproject.org>;
Thu, 02 Apr 2026 00:03:49 -0700
Authentication-Results: mx.groups.io;
dkim=pass header.i=@qualcomm.com header.s=qcppdkim1 header.b=GWOU5L4E;
spf=permerror,
err=parse error for token &{10 18 %{ir}.%{v}.%{d}.spf.has.pphosted.com}:
invalid domain name (domain: qti.qualcomm.com, ip: 205.220.180.131,
mailfrom: gmisra@qti.qualcomm.com)
Received: from pps.filterd (m0279873.ppops.net [127.0.0.1])
by mx0a-0031df01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id
6326mD6c2798761
for <yocto-patches@lists.yoctoproject.org>; Thu, 2 Apr 2026 07:03:47 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h=
content-type:date:from:message-id:mime-version:subject:to; s=
qcppdkim1; bh=nMV2hbsq8iQ8S9qto9alPtDOp36f6AYDGEdL0rnL25E=; b=GW
OU5L4EBuFL5TjA3fX4yNZsgidXb+lGPpzfRAAC5DvCTBBavAaWs9YNQM1tbcuT7d
dmpftUUU1I+c42t8RQ99W5yXkZP0L/Sr9jKSoBOazg43U3CvbSfdiKKV6lkKoQou
cCg0s8hTLF68mXCbkTyggQbj886CHMOKiOrTCj7iaqSAtpVNeftT+z2l0vyFSK9v
jCtrPTi4O8z1mAt9M8jXp/nFCxJNBtqa77eJJVpS/77CdaYWDlw5+76HtrR8mAQy
i9G+32qvg4WwlA6qIYAPDlsK3zuXUSwMNQ95CtG9G+VvL4LcBOR7GFrcRuvRUnnk
6zQrZeCP6rEDl25IizTQ==
Received: from dm2pr04cu003.outbound.protection.outlook.com
(mail-dm2pr04cu00301.outbound.protection.outlook.com [40.93.13.57])
by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 4d96hk2sgh-1
(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT)
for <yocto-patches@lists.yoctoproject.org>;
Thu, 02 Apr 2026 07:03:47 +0000 (GMT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
b=Xz/GNuwlQZXMFGzAvgOIXhu5Yl7+PzJeIhT11z1iGVJn7/2Z25lyVPc53xarBHsHBo2/AA7I35tANl1qmftwOkvcWFw8aM157P4nnCkF1T9d4YfdPDAyfEryr+QEKTreD8m6FdGZZLanyt9tRKIJaieND19omxwmODnUvjmT82A/g5C8tqjvIj5OlNkNKxJQw+JXsiAUL7t1J09F4f/7bKT/507UjxWth2GoPf4atMRIFEx3gvo+tApfpcTs1b0Mn6uOC4ItvYOBZ/mBS5widBaoouvZMeuHd7/Vd6hVMPCITEj8FHnqw+TxoaYAtEDrDYMjxt6oL5F8+jmjaLlPUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector10001;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=nMV2hbsq8iQ8S9qto9alPtDOp36f6AYDGEdL0rnL25E=;
b=tI0oWOj0dSnkPZKdJ5KDXBecM5Rz6jPmsDa4ZSidm/Jq4FIbMzYyAcNfH9lwq+W6gQugd5tn607Reas/tdFlSeQk2s9TW7QPfDDsBjIpRxMVzyClRWdZz2Cth+agZON3JwXSTHmsigZKiNfuylvwZAOaKlTQ4PRFrs+f1GMDbhS0qqKLizj13beFLBhYBI8h0xzC1gEyaLsHoRtTcR7D2DqkWc3k8M7w46XsEPyK5gAPjcZGmHT7FTOmZzhmk9du/fAg225AGOvKME78XHRdVn55MFhj7qrBM9iiW9hsi7KiV99jKPxumLdKzmISr8EYw8Ts/HNjqEehklKyceTfHg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=qti.qualcomm.com; dmarc=pass action=none
header.from=qti.qualcomm.com; dkim=pass header.d=qti.qualcomm.com; arc=none
Received: from IA3PR02MB11199.namprd02.prod.outlook.com
(2603:10b6:208:542::12) by PH0PR02MB11318.namprd02.prod.outlook.com
(2603:10b6:510:38f::8) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9769.17; Thu, 2 Apr
2026 07:03:44 +0000
Received: from IA3PR02MB11199.namprd02.prod.outlook.com
([fe80::d20f:d3d6:cceb:337d]) by IA3PR02MB11199.namprd02.prod.outlook.com
([fe80::d20f:d3d6:cceb:337d%6]) with mapi id 15.20.9769.014; Thu, 2 Apr 2026
07:03:44 +0000
From: Gargi Misra <gmisra@qti.qualcomm.com>
To: "yocto-patches@lists.yoctoproject.org"
<yocto-patches@lists.yoctoproject.org>
Subject: [meta-selinux][PATCH 4/5] refpolicy: Added policy for modprob to read
blacklist-video.conf lnk_file
Thread-Topic: [meta-selinux][PATCH 4/5] refpolicy: Added policy for modprob to
read blacklist-video.conf lnk_file
Thread-Index: AdzCbsJH+/vXbT5JQdyjwFlA1F8gxg==
Date: Thu, 2 Apr 2026 07:03:44 +0000
Message-ID:
<IA3PR02MB11199A73D31A8C41023F0CC25F151A@IA3PR02MB11199.namprd02.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: IA3PR02MB11199:EE_|PH0PR02MB11318:EE_
x-ms-office365-filtering-correlation-id: 9df6d9fa-9cfc-41c5-3176-08de9085fab8
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam:
BCL:0;ARA:13230040|1800799024|366016|376014|38070700021|8096899003|56012099003|18002099003;
x-microsoft-antispam-message-info:
O560LODjPY3EaHGcF4Tm1FB/hK+VZq/HGJy9LD9ueQJLLeId8pGByHNhVzEwfnET/FVukDAVAB3l9eexTvpS6iaglRFbV1grAXLfMsTUAj1U/Ctn31uFt7SNGfT7e+Ef0BsraQtFPgg7gPdpISC2Lt0HybcueaOMIs85u1glM1t+t0MoShVGZvKd97IJ7srNOqW3nJQLEVic6dWiCxMcH6uFV1BP+C+7OJgPmFuvRp+6UG43cismoSnFUcaOa9wsqdWdYIEc3kAXvTXBY47JiEsmhQx8Ou9JrxGTr4OkQFtXoUVpAiQVubE1tKoS5Di9m86FOI/amEc7RmZvU6Nn+BJXNRLcWcHOTvxjdc6BiQ2cAL051H9QPT6LpaYzoTDEZ/esr2fRNLJOT6AiUYcatZhgNDfe3qt4JdBfdtPpsHnDhisB21Kr1UCYeFtIhxB3HKxVpHde7sdh56keOKWEISOLPa9BjFCWTGs+gurX21aGL0cEnlOM++SEdWIIHXuiWII0bJ6i2hePkzirLcGrRebDoBHPUpRQHH82kN8opLS5gKmuuzlIBjlBFCAARtMctFp+tnGkQ2eZJ2rj1qqrG/0D3jtJccaaRvY7sevUHhlTEclPFhGJ3XvY7VaHnDySBAwuBGh7NjgkInCXjEZemVEo4IdXsugEoLUIuDNzZfUNTvP84nZiXdBtL5weWjVlRRNdBTG9NmKa35aEPQXYHZprKXgsGrIGHNhE2n9Wdr+hUitcAaGN/HE2V6XKtXjC
x-forefront-antispam-report:
CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:IA3PR02MB11199.namprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700021)(8096899003)(56012099003)(18002099003);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0:
AnTUbfYn6HFc2wB3Qbr32RPsapwKrNrsFYATaF+JbAZYBWY0T1f5GaDfWBT+IoYW9emVAQR0Fpm7e3vAZhsrBH2EtC/SDZ29FiyBX4/Q/L4F7KDnGIYzBcx1Rgur7hdAekWpbwvhwuPCSvBHGOlkSW8kCYg36JAyfL26f27bzY1edRBT90DqkQGuudaXMwkMP0JlRN9EAEsjs/mxTeOGe1Q4tik3CshjiVY/LcOuCU7rHNsQ0xP/arcSgvmg4dFPrp0+wiV9pJCSzI5x+52pXst6IyUuCIfZ3hRNF0EXrlOLOJ/pLZyo+hbZ+39ioWqnVBdCvV7XUHOLxEPE1gZkT4/lBQ3/WQaZXmAFovvJfruAVirEJa8wp+TUc/Bjpje6pozneoEI4aBUZyptuhgTiA918jPMDQIbD+cDHDSj56xlpXBfgFw+mtWmPpfq2yJshoeTb4T9eTG+NtTDu2kpCNOCDMWFDX4nDblYJ7STaxetaX/j046sFpieONuvM4bYgcIpMbYjbYTimpuwYD/U63rX+6xcmdsxMznEw37PjAwmZEcIAq8ymWHOlEJGCoJT+KaysRjwzS+awAEBMhkS8MZDWHfuPw/2LKOfiA+10Pd6w9ADdIEsrH0V+XK9DvhMTP3ApbM4qc3XkDOmLIzofSANzyQTOMGT9EuQ2n3ktzYvdol0MqrvgHWVqAddwVZVKsvgHSgvQTveXs4IbcrxwMSa+9M6c3EjsK/VUVarICmR03YW9MRP1Z8/rWGplWLw+ZPMnt+4F6oxDYq+trQ+LQQTbjjyUdEW8sOdtNPqHmTkI2LOsOgo72MXEIV9jC+23eSjnlIMMwMP65hf2kKLxfJipOkxqZ6V+3YmKevh9NK+9ak4OmtlavUTum0ZBGNVXgzuj+elte1q1c+Z8nQ3H9ZS0TVjFxGlA0qzqEjZJJiwCh+JT4hZ2LQilIphnlm+yVelQ+aQ99hTb2pV/PHlAA2s8B3u2jEpJr4c9TV1ZcA3jPxHskxzXFjRZyZsNLsQnf9FpCpOzGPxEXLwH6zfEsrJqTR9MtLQPZnGHypnrzd2/rdIq1A15k3obdLBmbGllaXQUCwIlr7wIRphS6t1RD0NdpQ6GRRrt06pS6eWbR8c3bj1wCXM/qhJJoQ3pds8rGAvAYh5jvHm6iP+X+u4S43dq5TyOwC9TvroafmXhB7VjPQgh+28UhjujwoZe3A9v0E/5nFb9N/PCPgguMKzIn9U+45JPmZhjbjeO/2lLO0Klzhtdd2fWG7QEyvN5HkRlPfUUw4I8aSIMaON/u7SyZIffpRBC2iYzTZONqWv3PNtjxXXCi+QLoAvGYoQbcq+3V+zCtU7/mM0x684yAKkEMaHiVEYZncWAazZx/Lc7ve//uLptmUDDRf5tcZhrbXVgzGenhICz1j25IV6nzwvnWlIxjoi+KmZUMH8IjsjS1X4ykIu+43nEvDbovRFigClct3iqq4FsLeBtB1TuEdKO6Lh0CMbXoXvQScUNKQvhB7cI1+zCAx7XjB95mb2lrSwkw0tl+pZxrYJm32mGGvmelvgnipS8GgVsYGsoDPnsEjDXkUvD8lwyQGoTStmJhl3YE/F6dVU8O67zcehfWonSfkbwuftRTtgSmHCeiLguBoVc2TQx3GgVIYuOEinEZn6oCAdUNE8wkO8YRIRJqvSS0juJKOWNjmzezJOFwzjc5gPX3/lzHpag2bzkAiQusFS4iwnsITLgjb4+MYJSC/Hpw==
Content-Type: multipart/alternative;
boundary="_000_IA3PR02MB11199A73D31A8C41023F0CC25F151AIA3PR02MB11199na_"
MIME-Version: 1.0
X-Exchange-RoutingPolicyChecked:
Pb1qWk/KkF7qGUUnx5I6joJ2VY1yi4eVHo5w67u3tphLuIwa0K5+ScD6O0DBx9ZKAIQ8mqcipvjXLHQ8lnKdR3V6cX/RhLZhLZAOTqzVCSBVS3ximFGt1eLqHJSQ8urEMNb6iqKnOCUM76Suufqd9x5dqv4ywOv8EPdpS8Cvpb57Jloiym3pXq6ELx6iuBdVKxHy6KeWgKyhnKqbfINIKgnoqhHcUGxY6HWb2Fv2pi1/a0Ka3ULDZyCDiUzLtI9zDt/AqbefENIp+7LnalhWI5gVU32kJB1cyPrjSMFQi4LpeIDS2siFeCTsD2iIcsXBseIcL6NZCYIcphopYYcaKA==
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0:
Vd/HyDBl+FBLr7FqJGE9SMruRPJtp0iHw+MSEPpfBYcj1BLLw8OOsTOgFILEHl61tmGy68+puR6bthn+TKthIPI+c/y4Sx8AHcly6F95NWTWsrX8apcAGS7o9zcudJeOZrd+CMIBujLBJp25vifF0mbN7BhCWyD7AgbAGjWCA0ZclAkP7rOJdJXWeu2yg3uPyixZQoEQEkCGhuys7SSzi9vkbMQJaejdWMzwCFdDKwWURNh5f/RSvUsDNi/DA9bbfXPZ8aOUfGEX0tGCcC0NS8qIPUk2/z3UFnhKmhjdinUldSEEwQGRpTaBFt6yfMqTKTd0a0RK6lhefflgtMSjQ9RRFz2yI5xO4rKN2Jz+ipjBgdHssPpRpIL9FIK6C9FybCuyeR0wrOV9pOdbE6bV2tUK60c33kY6SUJUzK4BJUHzRNiP1OfrhzfzAsxlYjeXx3wUfgsRk1iNw7v4gjgMO6KAJJV4AtrtSa6G9KqCvdWyRa2gt5uFjh1QrXx8uDjMQe0z/ekDCzdAvigH7TSGMfLalDBS5c8+oN/GqX4eHY6NuOWoypx3W1B9lYxF6wTe2e98t/PXehInYhnW3j1sIi1bgsMHWYxiPuAHEIxrtjeqxlkDKVGsrBVeSJ2E0YJU
X-OriginatorOrg: qti.qualcomm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: IA3PR02MB11199.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id:
9df6d9fa-9cfc-41c5-3176-08de9085fab8
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Apr 2026 07:03:44.4166
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 98e9ba89-e1a1-4e38-9007-8bdabc25de1d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname:
AeITOQ/hZbHpUqevttiySIwYpz6RxwJo8pSy0R0jFt5DtZWN7EvdTCxsO3WXAF+r3cMwy+r6K3SPH85qBifcZw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR02MB11318
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNDAyMDA2MSBTYWx0ZWRfX8kx6CsDcuqqg
DX0IsiLL/4k7/5DW8NIIsHwKYQNUglgSBd+AQTs9vm5mbgCYP5beFvJRiR+4K7qPhmnZkm8ycWt
3lUn/iPhPgD2ky1AR7+whmYcamnC046HXHan5HSnY5MU3+qGGPlQLspMnPCaZi6XIKZ/3mWxLkr
ETpyks2cr4gjUxM8c5UWIanZLvLDRbeZA7osjZ53vy9Sxy8c9UdgPmOVXcEHauebzWm1wZKLmK1
nv1z78ToXB3NrsU8V3ppD9xjqCC98kra++V8GRChw7OF2hjKsh7mRsAJLllBLHIV1QGB9E+LJrG
0OtP9IY+j8f3u+nArwfoWDEW8skSo4VwzBPQaEzIOGBUSEFYPRX+PigErDAD35bCvgWp+b1lUao
Qka4WAsNFvWEvwQWPdqnrhHYqN58URT/cVuNDpKHsVjJ9PmeY1KNYW7P4YkEHSps46gTEGJxtN8
R/mJWY2sc+GiM11Oogg==
X-Proofpoint-GUID: 0Un5oISU79c0TIaIfy4wMvdkUD303-4X
X-Proofpoint-ORIG-GUID: 0Un5oISU79c0TIaIfy4wMvdkUD303-4X
X-Authority-Analysis: v=2.4 cv=e9ULiKp/ c=1 sm=1 tr=0 ts=69ce14d3 cx=c_pps
a=y3Q9mg33rxtftU4vhVNh8Q==:117 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19
a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=A5OVakUREuEA:10
a=VkNPw1HP01LnGYTKEx00:22 a=u7WPNUs3qKkmUXheDGA7:22 a=rJkE3RaqiGZ5pbrm-msn:22
a=NEAV23lmAAAA:8 a=EUspDBNiAAAA:8 a=oK2_imTTR0HNk6CiXMEA:9 a=CjuIK1q_8ugA:10
a=yMhMjlubAAAA:8 a=SSmOFEACAAAA:8 a=n6xKDSJxxDTCZPJOP1AA:9
a=JkReuXt4R72UMrVb:21 a=gKO2Hq4RSVkA:10 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K0A:10
a=frz4AuCg-hUA:10
X-Proofpoint-Virus-Version: vendor=baseguard
engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49
definitions=2026-04-02_01,2026-04-01_02,2025-10-01_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
impostorscore=0 priorityscore=1501 phishscore=0 bulkscore=0 malwarescore=0
clxscore=1015 suspectscore=0 adultscore=0 spamscore=0 lowpriorityscore=0
classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0
reason=mlx scancount=1 engine=8.22.0-2603050001 definitions=main-2604020061
List-Id: <yocto-patches.lists.yoctoproject.org>
X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com
[45.33.107.173] by
aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
<yocto-patches@lists.yoctoproject.org>; Thu, 02 Apr 2026 07:03:56 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/3608
|
| Series |
[meta-selinux,1/5] refpolicy: Added dontaudit on docker_t to manage /usr directory
|
expand
|
diff --git a/policy/modules/system/modutils.te b/policy/modules/system/modutils.te index 7355255e0d..fa06e9ec37 100644 --- a/policy/modules/system/modutils.te +++ b/policy/modules/system/modutils.te @@ -45,6 +45,7 @@ allow kmod_t self:key write; # Read module config and dependency information list_dirs_pattern(kmod_t, modules_conf_t, modules_conf_t) read_files_pattern(kmod_t, modules_conf_t, modules_conf_t) +read_lnk_files_pattern(kmod_t, modules_conf_t, modules_conf_t) allow kmod_t modules_dep_t:file map; list_dirs_pattern(kmod_t, modules_dep_t, modules_dep_t) manage_files_pattern(kmod_t, modules_dep_t, modules_dep_t)
refpolicy: Added policy for modprob to read blacklist-video.conf lnk_file avc: denied { read } for pid=774 comm="modprobe" name="blacklist-video.conf" dev="sda2" ino=342 scontext=system_u:system_r:kmod_t:s0 tcontext=system_u:object_r:modules_conf_t:s0 tclass=lnk_file permissive=1 Upstream-Status: Backport [refpolicy: Added policy for modprob to read blacklist-video.conf lnk_... * SELinuxProject/refpolicy@aa35084<https://github.com/SELinuxProject/refpolicy/commit/aa350841e9dcaa525c0f8716c2854ca9dd728961>] Signed-off-by: Gargi Misra <gmisra@qti.qualcomm.com> --- policy/modules/system/modutils.te | 1 + 1 file changed, 1 insertion(+)