Index: refpolicy-2.20240114/policy/modules/system/udev.te
===================================================================
--- refpolicy-2.20240114.orig/policy/modules/system/udev.te
+++ refpolicy-2.20240114/policy/modules/system/udev.te
@@ -40,7 +40,7 @@ optional_policy(`
 
 allow udev_t self:capability { chown dac_override dac_read_search fowner fsetid mknod net_admin net_raw setgid setuid sys_admin sys_nice sys_ptrace sys_rawio sys_resource };
 allow udev_t self:capability2 { wake_alarm block_suspend };
-allow udev_t self:process { transition signal_perms ptrace getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh rlimitinh dyntransition execmem setkeycreate setsockcreate getrlimit };
+allow udev_t self:process { transition signal_perms ptrace getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh rlimitinh dyntransition execmem setkeycreate setsockcreate getrlimit setrlimit };
 allow udev_t self:fd use;
 allow udev_t self:fifo_file rw_fifo_file_perms;
 allow udev_t self:sock_file read_sock_file_perms;
@@ -88,6 +88,7 @@ manage_sock_files_pattern(udev_t, udev_r
 files_runtime_filetrans(udev_t, udev_runtime_t, dir, "udev")
 
 kernel_load_module(udev_t)
+kernel_read_fs_sysctls(udev_t)
 kernel_read_system_state(udev_t)
 kernel_request_load_module(udev_t)
 kernel_getattr_core_if(udev_t)
@@ -327,6 +328,7 @@ optional_policy(`
 
 optional_policy(`
 	fstools_domtrans(udev_t)
+	fstools_getattr_swap_files(udev_t)
 ')
 
 optional_policy(`
