Allow named and ndc read and write to the io_uring api

The commit addresses the following AVC denial example:
type=PROCTITLE msg=audit(10/04/2023 04:16:04.679:782) : proctitle=/usr/sbin/named -u named -c /etc/named.conf
type=SYSCALL msg=audit(10/04/2023 04:16:04.679:782) : arch=x86_64 syscall=io_uring_setup success=no exit=EACCES(Permission denied) a0=0x40 a1=0x7ffd3bdefe90 a2=0x0 a3=0x55a930c09bc0 items=0 ppid=1 4266 pid=14268 auid=unset uid=named gid=named euid=named suid=named fsuid=named egid=named sgid=named fsgid=named tty=(none) ses=unset comm=named exe=/usr/sbin/named subj=system_u:system_r:named_t:s0 key=(null)
type=AVC msg=audit(10/04/2023 04:16:04.679:782) : avc:  denied  { create } for  pid=14268 comm=named anonclass=[io_uring] scontext=system_u:system_r:named_t:s0 tcontext=system_u:object_r:io_uring_t:s0 tclass=anon_inode permissive=0

policy/modules/contrib/bind.te

@@ -116,6 +116,7 @@ read_files_pattern(named_t, named_zone_t, named_zone_t)
 read_lnk_files_pattern(named_t, named_zone_t, named_zone_t)
 allow named_t named_zone_t:file map;
 
+kernel_io_uring_rw(named_t)
 kernel_read_kernel_sysctls(named_t)
 kernel_read_system_state(named_t)
 kernel_read_network_state(named_t)
@@ -280,6 +281,7 @@ allow ndc_t named_conf_t:lnk_file read_lnk_file_perms;
 
 allow ndc_t named_zone_t:dir search_dir_perms;
 
+kernel_io_uring_rw(ndc_t)
 kernel_read_system_state(ndc_t)
 kernel_read_kernel_sysctls(ndc_t)
 

policy/modules/kernel/kernel.if

@@ -4619,3 +4619,20 @@ interface(`kernel_io_uring_use',`
 	kernel_io_uring_use_inherited($1)
 	allow $1 io_uring_t:anon_inode create;
 ')
+
+########################################
+## <summary>
+##	Allow the domain to read and write to the io_uring API.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`kernel_io_uring_rw',`
+	gen_require(`
+		type io_uring_t;
+	')
+	allow $1 io_uring_t:anon_inode common_anon_inode_perms;
+')