Description of problem: * SELinux policy does not define a more specific label for the /dev/userfaultfd Version-Release number of selected component (if applicable): selinux-policy-38.1.8-1.el9.noarch selinux-policy-targeted-38.1.8-1.el9.noarch selinux-policy-devel-38.1.8-1.el9.noarch How reproducible: * always Steps to Reproduce: # matchpathcon /dev/userfaultfd /dev/userfaultfd system_u:object_r:device_t:s0 # ls -lZ /dev/userfaultfd crw-------. 1 root root system_u:object_r:device_t:s0 10, 126 Mar 3 12:39 /dev/userfaultfd #
Commit to backport: 8f7ccc6e2 (HEAD -> rawhide, upstream/rawhide) Label /dev/userfaultfd with userfaultfd_t