seploicy: don't audit module_request address denials such as: avc: denied { module_request } for pid=1 comm="init" kmod="crypto-cts(cbc(aes-ce))-all" scontext=u:r:init:s0 tcontext=u:r:kernel:s0 tclass=system permissive=0 which caused by b/35930111 Bug: 36056446 Test: no denials Change-Id: I2a1fd14a0225a79526f77228bddd299434f075f3

commit: 7a0b234eecead8e584db5e14b306b669b7427d71 [log] [tgz]
author: Wei Wang <wvw@google.com> Wed Mar 08 13:20:33 2017 -0800
committer: Wei Wang <wvw@google.com> Wed Mar 08 14:33:18 2017 -0800
tree: 943f2046d1f999093d5a93da5270f16276c84b54
parent: e109f8c6468389754f7db9175b5e04bc87a877cc [diff]
diff --git a/sepolicy/domain.te b/sepolicy/domain.te
index 6652378..f176bca 100644
--- a/sepolicy/domain.te
+++ b/sepolicy/domain.te

@@ -1,6 +1,7 @@
 get_prop(domain, camera_prop)
 
 dontaudit domain self:capability sys_module;
+dontaudit domain kernel:system module_request;
 
 # b/29072816
 # Triggered by kernel code which calls request_firmware(), which
commit	7a0b234eecead8e584db5e14b306b669b7427d71	[log] [tgz]
author	Wei Wang <wvw@google.com>	Wed Mar 08 13:20:33 2017 -0800
committer	Wei Wang <wvw@google.com>	Wed Mar 08 14:33:18 2017 -0800
tree	943f2046d1f999093d5a93da5270f16276c84b54
parent	e109f8c6468389754f7db9175b5e04bc87a877cc [diff]