Switch the Infiniband test policy to use the appropriate policy
interface if defined rather than hardcoding a reference to the
type, neither of which exist in Debian policy. Drop the dead
hardcoded reference on bin_t since it is no longer used anywhere
outside of an interface.
Signed-off-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
---
policy/test_ibendport.te | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/policy/test_ibendport.te b/policy/test_ibendport.te
index 2a02c57..b909b4f 100644
--- a/policy/test_ibendport.te
+++ b/policy/test_ibendport.te
@@ -3,11 +3,6 @@
# Policy for testing Infiniband Pkey access.
#
-gen_require(`
- type bin_t;
- type infiniband_mgmt_device_t;
-')
-
attribute ibendportdomain;
# Domain for process.
@@ -27,7 +22,9 @@ dev_rw_sysfs(test_ibendport_manage_subnet_t)
corecmd_bin_entry_type(test_ibendport_manage_subnet_t)
-allow test_ibendport_manage_subnet_t infiniband_mgmt_device_t:chr_file { read write open ioctl};
+ifdef(`dev_rw_infiniband_mgmt_dev', `
+dev_rw_infiniband_mgmt_dev(test_ibendport_manage_subnet_t)
+')
ifdef(`corenet_ib_access_unlabeled_pkeys',`
corenet_ib_access_unlabeled_pkeys(test_ibendport_manage_subnet_t)
--
2.23.1
