Allow gpsd use /dev/gnss devices

With the 1e668a5 ("Label /dev/gnss[0-9] with gnss_device_t") commit,
a specific label was assigned to the device nodes, but no domain was
allowed to actually use it.

Resolves: RHEL-16676

policy/modules/contrib/gpsd.te

@@ -65,6 +65,8 @@ corenet_tcp_sendrecv_gpsd_port(gpsd_t)
 
 dev_read_sysfs(gpsd_t)
 dev_rw_realtime_clock(gpsd_t)
+dev_rw_gnss(gpsd_t)
+dev_setattr_gnss(gpsd_t)
 
 domain_dontaudit_read_all_domains_state(gpsd_t)
 

policy/modules/kernel/devices.if

@@ -6643,7 +6643,40 @@ interface(`dev_read_vsock',`
 		type device_t, vsock_device_t;
 	')
 
-	read_chr_files_pattern($1, device_t, vsock_device_t)
+########################################
+## <summary>
+##	Allow read/write the gnss device
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`dev_rw_gnss',`
+	gen_require(`
+		type device_t, gnss_device_t;
+	')
+
+	rw_chr_files_pattern($1, device_t, gnss_device_t)
+')
+
+########################################
+## <summary>
+##	Allow setattr the gnss device
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`dev_setattr_gnss',`
+	gen_require(`
+		type device_t, gnss_device_t;
+	')
+
+	setattr_chr_files_pattern($1, device_t, gnss_device_t)
 ')
 
 ########################################