## Dump topology and locality information from hardware tables. ######################################## ## ## Execute hwloc dhwd in the hwloc dhwd domain. ## ## ## ## Domain allowed to transition. ## ## # interface(`hwloc_domtrans_dhwd',` gen_require(` type hwloc_dhwd_t, hwloc_dhwd_exec_t; ') domtrans_pattern($1, hwloc_dhwd_exec_t, hwloc_dhwd_t) ') ######################################## ## ## Execute hwloc dhwd in the hwloc dhwd domain, and ## allow the specified role the hwloc dhwd domain, ## ## ## ## Domain allowed to transition. ## ## ## ## ## Role allowed access. ## ## ## # interface(`hwloc_run_dhwd',` gen_require(` attribute_role hwloc_dhwd_roles; ') hwloc_domtrans_dhwd($1) roleattribute $2 hwloc_dhwd_roles; ') ######################################## ## ## Execute hwloc dhwd in the caller domain. ## ## ## ## Domain allowed access. ## ## # interface(`hwloc_exec_dhwd',` gen_require(` type hwloc_dhwd_exec_t; ') can_exec($1, hwloc_dhwd_exec_t) ') ######################################## ## ## Read hwloc runtime files. ## ## ## ## Domain allowed access. ## ## # interface(`hwloc_read_runtime_files',` gen_require(` type hwloc_var_run_t; ') files_search_pids($1) read_files_pattern($1, hwloc_var_run_t, hwloc_var_run_t) ') ######################################## ## ## All of the rules required to ## administrate an hwloc environment. ## ## ## ## Domain allowed access. ## ## ## # interface(`hwloc_admin',` gen_require(` type hwloc_dhwd_t, hwloc_var_run_t; ') allow $1 hwloc_dhwd_t:process { signal_perms }; ps_process_pattern($1, hwloc_dhwd_t) tunable_policy(`deny_ptrace',`',` allow $1 hwloc_dhwd_t:process ptrace; ') admin_pattern($1, hwloc_var_run_t) files_pid_filetrans($1, hwloc_var_run_t, dir, "hwloc") ')