From d932d7349dae269c33d45cd4bd58585815a825c5 Mon Sep 17 00:00:00 2001
From: Guido Trentalancia <guido@trentalancia.net>
Date: Sun, 7 Aug 2016 23:07:52 +0200
Subject: [PATCH] Add module_load permission to class system

The "module_load" permission has been recently added to the "system"
class (kernel 4.7).

The following patch updates the Reference Policy so that the new
permission can be used to create SELinux policies.

Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
---
 policy/flask/access_vectors | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors
index 1d045b46e..77cbf1f74 100644
--- a/policy/flask/access_vectors
+++ b/policy/flask/access_vectors
@@ -448,6 +448,7 @@ class system
 	syslog_mod
 	syslog_console
 	module_request
+	module_load
 
 	# these are overloaded userspace
 	# permissions from systemd