From 6c1cbd045070eff8b81a715ca865e5d8622a057a Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Wed, 4 Oct 2023 13:00:34 +0200
Subject: [PATCH] selinux: Allow pcp-pmproxy use the io_uring api

With the 65b9e0bdceb ("Implement proper anon_inode support")
selinux-policy commit, individual SELinux types are used for
each anon_inode type, so domains using any of the types need
corresponding allow rules.
---
 src/selinux/pcp.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/selinux/pcp.te b/src/selinux/pcp.te
index c51df6844e..bb35de4ab1 100644
--- a/src/selinux/pcp.te
+++ b/src/selinux/pcp.te
@@ -225,6 +225,9 @@ optional_policy(`
     allow pcp_pmproxy_t self:io_uring { sqpoll };
 ')
 
+ifdef(`kernel_io_uring_use',`
+	kernel_io_uring_use(pcp_pmproxy_t)
+')
 kernel_search_network_sysctl(pcp_pmproxy_t)
 
 logging_send_syslog_msg(pcp_pmproxy_t)