From a7697467e082ffd4f68a9e03539db3578b5f34d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Wed, 27 Oct 2021 21:18:27 +0200
Subject: [PATCH] filesystem: add fs_use_trans for ramfs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Reference: https://gitbub.com/fedora-selinux/selinux-policy/commit/a7697467e082ffd4f68a9e03539db3578b5f34d5
Conflict: NA

Enable extended attributes for inodes on ramfs filesystems, similar to
tmpfs filesystems.

For example systemd uses ramfs for service credentials[1], and xattr
support is needed for per service based labeling[2].

[1]: https://www.freedesktop.org/software/systemd/man/systemd-creds.html
[2]: https://github.com/systemd/systemd/pull/21158

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: lujie54 <lujie54@huawei.com>
---
 policy/modules/kernel/filesystem.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 1941da1..6a2ad8c 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -178,7 +178,7 @@ genfscon pstore / gen_context(system_u:object_r:pstore_t,s0)
 type ramfs_t;
 fs_type(ramfs_t)
 files_mountpoint(ramfs_t)
-genfscon ramfs / gen_context(system_u:object_r:ramfs_t,s0)
+fs_use_trans ramfs gen_context(system_u:object_r:ramfs_t,s0);
 
 type romfs_t;
 fs_type(romfs_t)
-- 
1.8.3.1