Bug 741240

Summary: Ericsson mobile broadband minicard device management and pc sc port device nodes unknown to SELinux
Product: [Fedora] Fedora Reporter: Dominick Grift <dominick.grift>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: dominick.grift, dwalsh, mgrepl
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-09-26 14:21:09 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Dominick Grift 2011-09-26 11:13:11 UTC 
Description of problem:
/dev/cdc-wdm[0-1] are currently labeled device_t

Version-Release number of selected component (if applicable):
all

From 8d61b9b105eb24e36d929ef5c6eb4c097530498f Mon, 26 Sep 2011 13:10:49 +0200
From: Dominick Grift <dominick.grift>
Date: Mon, 26 Sep 2011 13:01:28 +0200
Subject: [PATCH] cdc-wdm0 : Ericsson F3507g Mobile Broadband Minicard Device Management cdc-wdm1 : Ericsson F3507g Mobile Broadband Minicard PC SC Port

Signed-off-by: Dominick Grift <dominick.grift>

diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index def5425..ff9dad6 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -129,6 +129,7 @@
 /dev/vttuner		-c	gen_context(system_u:object_r:v4l_device_t,s0)
 /dev/vtx.*		-c	gen_context(system_u:object_r:v4l_device_t,s0)
 /dev/watchdog		-c	gen_context(system_u:object_r:watchdog_device_t,s0)
+/dev/cdc-wdm[0-1]	-c	gen_context(system_u:object_r:wireless_device_t,s0)
 /dev/winradio.		-c	gen_context(system_u:object_r:v4l_device_t,s0)
 /dev/z90crypt		-c	gen_context(system_u:object_r:crypt_device_t,s0)
 /dev/zero		-c	gen_context(system_u:object_r:zero_device_t,s0)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 0d5528a..6bc04ca 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -5599,6 +5599,8 @@
 	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13947")
 	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13948")
 	filetrans_pattern($1, device_t, v4l_device_t, chr_file, "raw13949")
+	filetrans_pattern($1, device_t, wireless_device_t, chr_file, "cdc-wdm0")
+	filetrans_pattern($1, device_t, wireless_device_t, chr_file, "cdc-wdm1")
 	filetrans_pattern($1, device_t, wireless_device_t, chr_file, "rfkill")
 	filetrans_pattern($1, device_t, sound_device_t, chr_file, "sequencer")
 	filetrans_pattern($1, device_t, sound_device_t, chr_file, "sequencer2")
Comment 1 Miroslav Grepl 2011-09-26 13:46:15 UTC 
Could you also push this patch.
Comment 2 Dominick Grift 2011-09-26 14:21:09 UTC 
http://git.fedorahosted.org/git/?p=selinux-policy.git;a=commitdiff;h=8d61b9b105eb24e36d929ef5c6eb4c097530498f