Written by: Martin Orr

Allow tmpfs_t on device_t (devtmpfs): /dev/shm is created by
/etc/init.d/mountdevsubfs.sh and relabelled before being mounted.

Index: policy/modules/kernel/filesystem.te
===================================================================
--- policy/modules/kernel/filesystem.te.orig
+++ policy/modules/kernel/filesystem.te
@@ -175,6 +175,7 @@
 files_type(tmpfs_t)
 files_mountpoint(tmpfs_t)
 files_poly_parent(tmpfs_t)
+dev_associate(tmpfs_t)
 
 # Use a transition SID based on the allocating task SID and the
 # filesystem SID to label inodes in the following filesystem types,