From f022ca3299cfddb7f000b45ff5254ef3cd47e18b Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Mon, 2 May 2022 17:25:40 +0100
Subject: [PATCH] feat: move sys revision into the mesa abstraction.

---
 apparmor.d/abstractions/mesa.d/complete                     | 3 +++
 apparmor.d/groups/desktop/xwayland                          | 1 -
 apparmor.d/groups/gnome/gjs-console                         | 2 --
 apparmor.d/groups/gnome/gnome-control-center                | 1 -
 apparmor.d/groups/gnome/gnome-control-center-print-renderer | 2 --
 apparmor.d/groups/gnome/gnome-session-binary                | 1 -
 apparmor.d/groups/gnome/gnome-shell                         | 1 -
 7 files changed, 3 insertions(+), 8 deletions(-)

diff --git a/apparmor.d/abstractions/mesa.d/complete b/apparmor.d/abstractions/mesa.d/complete
index 57004a65..4bef4f55 100644
--- a/apparmor.d/abstractions/mesa.d/complete
+++ b/apparmor.d/abstractions/mesa.d/complete
@@ -9,3 +9,6 @@
   /var/lib/gdm/.cache/mesa_shader_cache/[a-f0-9][a-f0-9]/ rw,
   /var/lib/gdm/.cache/mesa_shader_cache/[a-f0-9][a-f0-9]/[0-9a-f]* rw,
   /var/lib/gdm/.cache/mesa_shader_cache/[a-f0-9][a-f0-9]/[0-9a-f]*.tmp rwk,
+
+  @{sys}/devices/pci[0-9]*/**/revision r,
+  @{sys}/devices/pci[0-9]*/**/config r,
diff --git a/apparmor.d/groups/desktop/xwayland b/apparmor.d/groups/desktop/xwayland
index df3c81ec..8cec4f89 100644
--- a/apparmor.d/groups/desktop/xwayland
+++ b/apparmor.d/groups/desktop/xwayland
@@ -31,7 +31,6 @@ profile xwayland @{exec_path} flags=(attach_disconnected) {
   owner @{run}/user/@{uid}/.mutter-Xwaylandauth.[a-zA-z0-9]* rw,
 
   @{sys}/bus/pci/devices/ r,
-  @{sys}/devices/pci[0-9]*/**/revision r,
 
         @{PROC}/@{pids}/cmdline r,
   owner @{PROC}/@{pids}/comm r,
diff --git a/apparmor.d/groups/gnome/gjs-console b/apparmor.d/groups/gnome/gjs-console
index f6ff3f02..515e1acb 100644
--- a/apparmor.d/groups/gnome/gjs-console
+++ b/apparmor.d/groups/gnome/gjs-console
@@ -49,8 +49,6 @@ profile gjs-console @{exec_path} flags=(attach_disconnected) {
   owner @{run}/user/@{uid}/gdm/Xauthority r,
         @{run}/user/@{uid}/wayland-cursor-shared-* rw,
 
-  @{sys}/devices/pci[0-9]*/**/revision r,
-
   owner @{PROC}/@{pid}/fd/ r,
   owner @{PROC}/@{pid}/task/ r,
   owner @{PROC}/@{pid}/task/@{tid}/stat r,
diff --git a/apparmor.d/groups/gnome/gnome-control-center b/apparmor.d/groups/gnome/gnome-control-center
index 0321848a..186b7dbc 100644
--- a/apparmor.d/groups/gnome/gnome-control-center
+++ b/apparmor.d/groups/gnome/gnome-control-center
@@ -98,7 +98,6 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
   @{sys}/class/ r,
   @{sys}/class/input/ r,
   @{sys}/devices/**/{name,vendor,product,uevent} r,
-  @{sys}/devices/pci[0-9]*/**/revision r,
   @{sys}/devices/platform/**/uevent r,
   @{sys}/devices/virtual/**/uevent r,
   @{sys}/devices/virtual/dmi/id/chassis_type r,
diff --git a/apparmor.d/groups/gnome/gnome-control-center-print-renderer b/apparmor.d/groups/gnome/gnome-control-center-print-renderer
index 05523460..8e90dc83 100644
--- a/apparmor.d/groups/gnome/gnome-control-center-print-renderer
+++ b/apparmor.d/groups/gnome/gnome-control-center-print-renderer
@@ -36,8 +36,6 @@ profile gnome-control-center-print-renderer @{exec_path} {
   owner @{run}/user/@{uid}/dconf/user rw,
   owner @{run}/user/@{uid}/gdm/Xauthority r,
 
-  @{sys}/devices/pci[0-9]*/**/revision r,
-
   owner @{PROC}/@{pid}/cmdline r,
   owner @{PROC}/@{pid}/comm r,
 
diff --git a/apparmor.d/groups/gnome/gnome-session-binary b/apparmor.d/groups/gnome/gnome-session-binary
index df61111c..66da01a5 100644
--- a/apparmor.d/groups/gnome/gnome-session-binary
+++ b/apparmor.d/groups/gnome/gnome-session-binary
@@ -98,7 +98,6 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
   /tmp/.ICE-unix/[0-9]* rw,
 
   @{sys}/devices/**/{vendor,device} r,
-  @{sys}/devices/pci[0-9]*/**/revision r,
 
   owner @{PROC}/@{pid}/loginuid r,
   owner @{PROC}/@{pid}/cmdline r,
diff --git a/apparmor.d/groups/gnome/gnome-shell b/apparmor.d/groups/gnome/gnome-shell
index a7de2557..426f7389 100644
--- a/apparmor.d/groups/gnome/gnome-shell
+++ b/apparmor.d/groups/gnome/gnome-shell
@@ -158,7 +158,6 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
   @{sys}/devices/pci[0-9]*/**/boot_vga r,
   @{sys}/devices/pci[0-9]*/**/input[0-9]*/{properties,name} r,
   @{sys}/devices/pci[0-9]*/**/net/*/statistics/{rx_bytes,tx_bytes} r,
-  @{sys}/devices/pci[0-9]*/**/revision r,
 
   owner @{PROC}/@{pid}/comm r,
   owner @{PROC}/@{pid}/fd/ r,