mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-06 09:21:00 +01:00
2438179b76
Commit aa06528790 made @{sys} tunable
available by default.
Update profiles and abstractions to actually use @{sys} tunable for
better confinement in the future (when @{sys} becomes kernel var).
Closes LP#1728551
10 lines
404 B
Text
10 lines
404 B
Text
# vim:syntax=apparmor
|
|
# implementation-independent OpenCL access requirements
|
|
|
|
# System files
|
|
|
|
/etc/OpenCL/** r,
|
|
@{sys}/bus/pci/devices/ r, # libpocl.so -> libhwlock.so, libnvidia-opencl.so, beignet/libcl.so -> libdrm_intel.so
|
|
@{sys}/devices/system/node/ r, # for clGetPlatformIDs() from libOpenCL.so
|
|
@{sys}/devices/system/node/node[0-9]*/meminfo r, # for clGetPlatformIDs() from libOpenCL.so
|
|
|