From a16b05892a9e9ed949c2cf22147e206e5c0b296e Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Thu, 7 Apr 2016 11:06:05 -0700
Subject: [PATCH] Add module_load permission to system class

Enforce restrictions on kernel module origin when kernel has commit:
61d612ea selinux: restrict kernel module loading

Bug: 27824855
Change-Id: Icf2fefec4231f3df8f0f3d914123c22084d87b0b
---
 access_vectors | 1 +
 1 file changed, 1 insertion(+)

diff --git a/access_vectors b/access_vectors
index c38aa7b5f..26286b238 100644
--- a/access_vectors
+++ b/access_vectors
@@ -352,6 +352,7 @@ class system
 	syslog_mod
 	syslog_console
 	module_request
+	module_load
 }
 
 #
-- 
GitLab