SELinux changes for Treble Loadable Kernel Module This change extends the recovery mode modprobe sepolicy to support loadable kernel module in normal mode by using statement below in init.rc: exec u:r:modprobe:s0 -- /system/bin/modprobe \ -d /vendor/lib/modules mod Bug: b/35653245 Test: sailfish with local built kernel and LKM enabled Change-Id: I827e2ce387c899db3e0e179da92e79c75d61f5ae (cherry picked from commit b638d9493f9fe8fca8fe61d40f9bbe762684a15c)

commit: f69311300f0179d259e9eeca4a282d5bbe78e569 [log] [tgz]
author: Howard Chen <howardsoc@google.com> Mon Mar 27 14:47:10 2017 +0800
committer: Jaesoo Lee <jaesoo@google.com> Mon Apr 10 20:15:51 2017 +0900
tree: 612fc88da95cfaa21bf49e1d96422c09725b81ba
parent: d0e9cb055392dfc4597c5dccf1d8ab507f43da26 [diff]
diff --git a/private/init.te b/private/init.te
index fb4335a..f84d87e 100644
--- a/private/init.te
+++ b/private/init.te

@@ -14,6 +14,7 @@
 domain_trans(init, init_exec, ueventd)
 domain_trans(init, init_exec, watchdogd)
 domain_trans(init, rootfs, modprobe)
+domain_trans(init, toolbox_exec, modprobe)
 # case where logpersistd is actually logcat -f in logd context (nee: logcatd)
 userdebug_or_eng(`
   domain_auto_trans(init, logcat_exec, logpersist)
commit	f69311300f0179d259e9eeca4a282d5bbe78e569	[log] [tgz]
author	Howard Chen <howardsoc@google.com>	Mon Mar 27 14:47:10 2017 +0800
committer	Jaesoo Lee <jaesoo@google.com>	Mon Apr 10 20:15:51 2017 +0900
tree	612fc88da95cfaa21bf49e1d96422c09725b81ba
parent	d0e9cb055392dfc4597c5dccf1d8ab507f43da26 [diff]