Description of problem:
Support for labeling and controlling access to files attached to anonymous inodes has been added to kernel v5.12. Adding the anon_inode class and relevant access vectors to the policy is required, too.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. # dmesg|grep anon_inode

Actual results:

[    5.618745] SELinux:  Class anon_inode not defined in policy.

Expected results:
<no output>

Additional info:
Added to rawhide with the following commits:
commit 8a1746df03519636f179cc7bcc58029118822a8f (HEAD -> rawhide, upstream/rawhide, upstream-rw/rawhide, origin/rawhide, origin/HEAD)
Author: Zdenek Pytela <zpytela>
Date:   Wed Apr 21 13:08:31 2021 +0200

    Allow domain create anonymous inodes

    Types in the domain attribute are allowed to create anonymous inodes
    in their own type.

commit 86327cca3c025dcd3f7b2a4fbe8c2d94c7780e88
Author: Zdenek Pytela <zpytela>
Date:   Wed Apr 21 12:58:36 2021 +0200

    Add anon_inode class to the policy

    Support for labeling and controlling access to files attached
    to anonymous inodes has been added to kernel v5.12.
    https://lwn.net/Articles/816133/

    This commit adds the support of the anon_inode class and
    relevant access vectors to the policy.
    The userfaultfd_anon_inode_perms objects permissions set was created.