diff --git a/libselinux/ChangeLog b/libselinux/ChangeLog
index db95038d..75d63178 100644
--- a/libselinux/ChangeLog
+++ b/libselinux/ChangeLog
@@ -1,3 +1,6 @@
+2.2.2 2013-12-30
+	* Fix userspace AVC handling of per-domain permissive mode.
+
 2.2.1 2013-11-06
 	* Remove -lpthread from pkg-config file; it is not required.
 
diff --git a/libselinux/VERSION b/libselinux/VERSION
index c043eea7..b1b25a5f 100644
--- a/libselinux/VERSION
+++ b/libselinux/VERSION
@@ -1 +1 @@
-2.2.1
+2.2.2
diff --git a/libselinux/src/avc.c b/libselinux/src/avc.c
index f14eeb7a..1f7aca9f 100644
--- a/libselinux/src/avc.c
+++ b/libselinux/src/avc.c
@@ -336,11 +336,7 @@ static inline struct avc_node *avc_reclaim_node(void)
 
 static inline void avc_clear_avc_entry(struct avc_entry *ae)
 {
-	ae->ssid = ae->tsid = ae->create_sid = NULL;
-	ae->tclass = 0;
-	ae->avd.allowed = ae->avd.decided = 0;
-	ae->avd.auditallow = ae->avd.auditdeny = 0;
-	ae->used = 0;
+	memset(ae, 0, sizeof(*ae));
 }
 
 static inline struct avc_node *avc_claim_node(security_id_t ssid,
@@ -488,11 +484,7 @@ static int avc_insert(security_id_t ssid, security_id_t tsid,
 		goto out;
 	}
 
-	node->ae.avd.allowed = ae->avd.allowed;
-	node->ae.avd.decided = ae->avd.decided;
-	node->ae.avd.auditallow = ae->avd.auditallow;
-	node->ae.avd.auditdeny = ae->avd.auditdeny;
-	node->ae.avd.seqno = ae->avd.seqno;
+	memcpy(&node->ae.avd, &ae->avd, sizeof(ae->avd));
 	aeref->ae = &node->ae;
       out:
 	return rc;