SELinux: Add new interfaces for communication with keylime

tpm2-software / tpm2-abrmd

TPM2 Access Broker & Resource Management Daemon implementing the TCG spec.

https://github.com/tpm2-software/tpm2-abrmd

BSD 2-Clause "Simplified" License

116 stars 100 forks source link

Closed Koncpa closed 2 years ago

Koncpa commented 2 years ago

Policy need rules to communicate with keylime.

AVC: allow keylime_agent_t tabrmd_t:dbus send_msg; allow keylime_agent_t tabrmd_t:unix_stream_socket { getattr getopt read write };

Create new interfaces to allow keylime communicate with keylime.