games

policy/modules/apps/games.te

@@ -92,7 +92,9 @@ optional_policy(`
 allow games_t self:fifo_file rw_fifo_file_perms;
 allow games_t self:sem create_sem_perms;
 allow games_t self:tcp_socket { accept listen };
+allow games_t self:process getsched;
 
+manage_dirs_pattern(games_t, games_data_t, games_data_t)
 manage_files_pattern(games_t, games_data_t, games_data_t)
 manage_lnk_files_pattern(games_t, games_data_t, games_data_t)
 
@@ -101,6 +103,8 @@ term_create_pty(games_t, games_devpts_t)
 
 manage_dirs_pattern(games_t, games_tmp_t, games_tmp_t)
 manage_files_pattern(games_t, games_tmp_t, games_tmp_t)
+allow games_t games_tmp_t:file map;
+
 files_tmp_filetrans(games_t, games_tmp_t, { file dir })
 
 manage_files_pattern(games_t, games_tmpfs_t, games_tmpfs_t)
@@ -128,6 +132,8 @@ corenet_tcp_bind_generic_port(games_t)
 corenet_sendrecv_generic_client_packets(games_t)
 corenet_tcp_connect_generic_port(games_t)
 
+corenet_udp_bind_generic_node(games_t)
+
 dev_read_sound(games_t)
 dev_read_input(games_t)
 dev_read_mouse(games_t)
@@ -136,13 +142,16 @@ dev_rw_dri(games_t)
 dev_write_sound(games_t)
 
 files_list_var(games_t)
+files_search_mnt(games_t)
 files_search_var_lib(games_t)
 files_dontaudit_search_var(games_t)
+files_map_usr_files(games_t)
 files_read_etc_files(games_t)
 files_read_usr_files(games_t)
 files_read_var_files(games_t)
 
 fs_dontaudit_getattr_xattr_fs(games_t)
+fs_search_nfs(games_t)
 
 init_dontaudit_rw_utmp(games_t)
 
@@ -158,6 +167,7 @@ userdom_manage_user_tmp_dirs(games_t)
 userdom_manage_user_tmp_files(games_t)
 userdom_manage_user_tmp_symlinks(games_t)
 userdom_manage_user_tmp_sockets(games_t)
+userdom_use_user_ptys(games_t)
 userdom_dontaudit_read_user_home_content_files(games_t)
 
 tunable_policy(`allow_execmem',`
@@ -166,6 +176,7 @@ tunable_policy(`allow_execmem',`
 
 optional_policy(`
 	alsa_read_config(games_t)
+	alsa_read_home_files(games_t)
 ')
 
 optional_policy(`