android_device_google_gs-co.../insmod/sepolicy/insmod-sh.te

type insmod-sh, domain;
type insmod-sh_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(insmod-sh)

allow insmod-sh self:capability sys_module;
allow insmod-sh vendor_kernel_modules:system module_load;
allow insmod-sh vendor_toolbox_exec:file execute_no_trans;

set_prop(insmod-sh, vendor_device_prop)

dontaudit insmod-sh proc_cmdline:file r_file_perms;
move insert module script sepolicy to gs-common Bug: 243763292 Test: boot to home with no relevant SELinux error Change-Id: I6646fa4433fc1ccb94ac05f9cc8d7076a6a2d8cf 2022-09-06 10:36:43 +08:00			`type insmod-sh, domain;`
			`type insmod-sh_exec, vendor_file_type, exec_type, file_type;`
			`init_daemon_domain(insmod-sh)`

			`allow insmod-sh self:capability sys_module;`
			`allow insmod-sh vendor_kernel_modules:system module_load;`
			`allow insmod-sh vendor_toolbox_exec:file execute_no_trans;`

			`set_prop(insmod-sh, vendor_device_prop)`

			`dontaudit insmod-sh proc_cmdline:file r_file_perms;`