From 87cba6e8837febceb9e56b5b0a9300f235c5d4ed Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Wed, 1 Nov 2017 10:22:58 -0700
Subject: [PATCH] te_macros: add map to tpmfs_domain

domain based tmpfs file access has getattr, read and write.

However newer kernels support map. Add this map permission so they
can use mmap based access.

Test: build test.

Change-Id: I2e128967e10a1332b3c1c908550360a52fbceaf8
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
 public/te_macros | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/te_macros b/public/te_macros
index 5a8ea5add..f3aa583a5 100644
--- a/public/te_macros
+++ b/public/te_macros
@@ -77,7 +77,7 @@ allow $1 $2:{ file lnk_file } r_file_perms;
 define(`tmpfs_domain', `
 type $1_tmpfs, file_type;
 type_transition $1 tmpfs:file $1_tmpfs;
-allow $1 $1_tmpfs:file { read write getattr };
+allow $1 $1_tmpfs:file { read write getattr map };
 allow $1 tmpfs:dir { getattr search };
 ')
 
-- 
GitLab