diff --git a/policy-F13.patch b/policy-F13.patch
index 979192d..969029f 100644
--- a/policy-F13.patch
+++ b/policy-F13.patch
@@ -13175,9 +13175,28 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/storag
  ##	Allow the caller to set the attributes of removable
  ##	devices device nodes.
  ## </summary>
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.fc serefpolicy-3.7.19/policy/modules/kernel/terminal.fc
+--- nsaserefpolicy/policy/modules/kernel/terminal.fc	2010-04-13 18:44:37.000000000 +0000
++++ serefpolicy-3.7.19/policy/modules/kernel/terminal.fc	2011-03-09 15:21:05.843980000 +0000
+@@ -6,6 +6,7 @@
+ /dev/console		-c	gen_context(system_u:object_r:console_device_t,s0)
+ /dev/cu.*		-c	gen_context(system_u:object_r:tty_device_t,s0)
+ /dev/dcbri[0-9]+	-c	gen_context(system_u:object_r:tty_device_t,s0)
++/dev/hpilo/[^/]*      -c  gen_context(system_u:object_r:tty_device_t,s0)
+ /dev/hvc.*		-c	gen_context(system_u:object_r:tty_device_t,s0)
+ /dev/hvsi.*		-c	gen_context(system_u:object_r:tty_device_t,s0)
+ /dev/i2c[^/]*		-c	gen_context(system_u:object_r:tty_device_t,s0)
+@@ -18,6 +19,7 @@
+ /dev/slamr[0-9]+	-c	gen_context(system_u:object_r:tty_device_t,s0)
+ /dev/tty		-c	gen_context(system_u:object_r:devtty_t,s0)
+ /dev/ttySG.*		-c	gen_context(system_u:object_r:tty_device_t,s0)
++/dev/vport[0-9]p[0-9]+  -c  gen_context(system_u:object_r:virtio_device_t,s0)
+ /dev/xvc[^/]*		-c	gen_context(system_u:object_r:tty_device_t,s0)
+ 
+ /dev/pty/.*		-c	gen_context(system_u:object_r:bsdpty_device_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.if serefpolicy-3.7.19/policy/modules/kernel/terminal.if
 --- nsaserefpolicy/policy/modules/kernel/terminal.if	2010-04-13 18:44:37.000000000 +0000
-+++ serefpolicy-3.7.19/policy/modules/kernel/terminal.if	2010-09-16 13:33:56.000000000 +0000
++++ serefpolicy-3.7.19/policy/modules/kernel/terminal.if	2011-03-09 15:11:53.340980002 +0000
 @@ -292,9 +292,11 @@
  interface(`term_dontaudit_use_console',`
  	gen_require(`
@@ -13284,6 +13303,42 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/termin
  ')
  
  ########################################
+@@ -1449,3 +1472,22 @@
+ 	refpolicywarn(`$0() is deprecated, use term_dontaudit_use_all_ttys() instead.')
+ 	term_dontaudit_use_all_ttys($1)
+ ')
++
++###################################
++## <summary>
++##      Read from and write to the virtio console.
++## </summary>
++## <param name="domain">
++##      <summary>
++##      Domain allowed access.
++##      </summary>
++## </param>
++#
++interface(`term_use_virtio_console',`
++        gen_require(`
++                type virtio_device_t;
++        ')
++
++        dev_list_all_dev_nodes($1)
++        allow $1 virtio_device_t:chr_file rw_chr_file_perms;
++')
+diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/kernel/terminal.te serefpolicy-3.7.19/policy/modules/kernel/terminal.te
+--- nsaserefpolicy/policy/modules/kernel/terminal.te	2010-04-13 18:44:37.000000000 +0000
++++ serefpolicy-3.7.19/policy/modules/kernel/terminal.te	2011-03-09 15:10:03.595980002 +0000
+@@ -57,3 +57,9 @@
+ #
+ type usbtty_device_t, serial_device;
+ dev_node(usbtty_device_t)
++
++#
++# virtio_device_t is the type of /dev/vport[0-9]p[0-9]
++#
++type virtio_device_t, serial_device;
++dev_node(virtio_device_t)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/roles/auditadm.te serefpolicy-3.7.19/policy/modules/roles/auditadm.te
 --- nsaserefpolicy/policy/modules/roles/auditadm.te	2010-04-13 18:44:37.000000000 +0000
 +++ serefpolicy-3.7.19/policy/modules/roles/auditadm.te	2011-02-07 16:38:06.752796002 +0000
@@ -39533,12 +39588,18 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/varn
  allow varnishd_t self:tcp_socket create_stream_socket_perms;
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/vdagent.fc serefpolicy-3.7.19/policy/modules/services/vdagent.fc
 --- nsaserefpolicy/policy/modules/services/vdagent.fc	1970-01-01 00:00:00.000000000 +0000
-+++ serefpolicy-3.7.19/policy/modules/services/vdagent.fc	2011-03-08 12:55:29.677413000 +0000
-@@ -0,0 +1,4 @@
++++ serefpolicy-3.7.19/policy/modules/services/vdagent.fc	2011-03-09 15:09:09.873980002 +0000
+@@ -0,0 +1,10 @@
 +
 +/sbin/vdagent		--	gen_context(system_u:object_r:vdagent_exec_t,s0)
 +
++/usr/sbin/spice-vdagentd        --  gen_context(system_u:object_r:vdagent_exec_t,s0)
++
 +/var/run/spice-vdagentd(/.*)?	gen_context(system_u:object_r:vdagent_var_run_t,s0)
++/var/run/spice-vdagentd.\pid    --  gen_context(system_u:object_r:vdagent_var_run_t,s0)
++
++/var/log/spice-vdagentd(/.*)?           gen_context(system_u:object_r:vdagent_log_t,s0)
++/var/log/spice-vdagentd\.log    --  gen_context(system_u:object_r:vdagent_log_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/vdagent.if serefpolicy-3.7.19/policy/modules/services/vdagent.if
 --- nsaserefpolicy/policy/modules/services/vdagent.if	1970-01-01 00:00:00.000000000 +0000
 +++ serefpolicy-3.7.19/policy/modules/services/vdagent.if	2011-03-08 12:55:29.684413000 +0000
@@ -39584,8 +39645,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/vdag
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/vdagent.te serefpolicy-3.7.19/policy/modules/services/vdagent.te
 --- nsaserefpolicy/policy/modules/services/vdagent.te	1970-01-01 00:00:00.000000000 +0000
-+++ serefpolicy-3.7.19/policy/modules/services/vdagent.te	2011-03-08 13:05:40.170413001 +0000
-@@ -0,0 +1,38 @@
++++ serefpolicy-3.7.19/policy/modules/services/vdagent.te	2011-03-09 15:08:02.121980002 +0000
+@@ -0,0 +1,57 @@
 +policy_module(vdagent,1.0.0)
 +
 +########################################
@@ -39600,6 +39661,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/vdag
 +type vdagent_var_run_t;
 +files_pid_file(vdagent_var_run_t)
 +
++type vdagent_log_t;
++logging_log_file(vdagent_log_t)
++
 +permissive vdagent_t;
 +
 +########################################
@@ -39617,13 +39681,29 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/vdag
 +manage_lnk_files_pattern(vdagent_t, vdagent_var_run_t, vdagent_var_run_t)
 +files_pid_filetrans(vdagent_t, vdagent_var_run_t, { file dir sock_file })
 +
++manage_dirs_pattern(vdagent_t, vdagent_log_t, vdagent_log_t)
++manage_files_pattern(vdagent_t, vdagent_log_t, vdagent_log_t)
++logging_log_filetrans(vdagent_t, vdagent_log_t, { file })
++
 +domain_use_interactive_fds(vdagent_t)
 +
++dev_rw_input_dev(vdagent_t)
++
++term_use_virtio_console(vdagent_t)
++
 +files_read_etc_files(vdagent_t)
 +
 +miscfiles_read_localization(vdagent_t)
 +
 +userdom_use_user_ptys(vdagent_t)
++
++optional_policy(`
++    consolekit_dbus_chat(vdagent_t)
++')
++
++optional_policy(`
++    dbus_system_bus_client(vdagent_t)
++')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/vhostmd.fc serefpolicy-3.7.19/policy/modules/services/vhostmd.fc
 --- nsaserefpolicy/policy/modules/services/vhostmd.fc	2010-04-13 18:44:37.000000000 +0000
 +++ serefpolicy-3.7.19/policy/modules/services/vhostmd.fc	2010-07-21 08:49:49.000000000 +0000
diff --git a/selinux-policy.spec b/selinux-policy.spec
index eac9f6a..0e66624 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.7.19
-Release: 99%{?dist}
+Release: 100%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -471,6 +471,10 @@ exit 0
 %endif
 
 %changelog
+* Wed Mar 9 2011 Miroslav Grepl <mgrepl@redhat.com> 3.7.19-100
+- Add other fixes for spice
+- Add label for dev/hpilo/*
+
 * Tue Mar 8 2011 Miroslav Grepl <mgrepl@redhat.com> 3.7.19-99
 - Fixes for ssh_keygen policy
 - Allow sysadm_t to run ssh-keygen in ssh_keygen_t domain