--- nsaserefpolicy/policy/modules/kernel/filesystem.if	2007-02-19 11:32:51.000000000 -0500
+++ serefpolicy-2.5.8/policy/modules/kernel/filesystem.if	2007-03-08 08:42:37.000000000 -0500
@@ -1110,11 +1110,31 @@
 		type dosfs_t;
 	')
 
+	manage_dirs_pattern($1,dosfs_t,dosfs_t)
 	manage_files_pattern($1,dosfs_t,dosfs_t)
 ')
 
 ########################################
 ## <summary>
+##	read files
+##	on a DOS filesystem.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`fs_read_dos_files',`
+	gen_require(`
+		type dosfs_t;
+	')
+
+	read_files_pattern($1,dosfs_t,dosfs_t)
+')
+
+########################################
+## <summary>
 ##	Read eventpollfs files.
 ## </summary>
 ## <desc>
--- nsaserefpolicy/policy/modules/system/xen.te	2007-01-02 12:57:49.000000000 -0500
+++ serefpolicy-2.5.8/policy/modules/system/xen.te	2007-03-08 08:42:37.000000000 -0500
@@ -357,3 +373,11 @@
 xen_append_log(xm_t)
 xen_stream_connect(xm_t)
 xen_stream_connect_xenstore(xm_t)
+
+#Should have a boolean wrapping these
+fs_list_auto_mountpoints(xend_t)
+files_search_mnt(xend_t)
+fs_write_nfs_files(xend_t)
+fs_read_nfs_files(xend_t)
+fs_getattr_all_fs(xend_t)
+fs_read_dos_files(xend_t)