public/modprobe.te - LeafOS-Project/android_system_sepolicy - Gitiles

 type modprobe, domain;

 allow modprobe proc_modules:file r_file_perms;
 allow modprobe self:global_capability_class_set sys_module;
 allow modprobe kernel:key search;
 recovery_only(`
   allow modprobe rootfs:system module_load;
   allow modprobe rootfs:file r_file_perms;
 ')
 allow modprobe { system_file }:system module_load;
 r_dir_file(modprobe, { system_file })
	type modprobe, domain;

	allow modprobe proc_modules:file r_file_perms;
	allow modprobe self:global_capability_class_set sys_module;
	allow modprobe kernel:key search;
	recovery_only(`
	allow modprobe rootfs:system module_load;
	allow modprobe rootfs:file r_file_perms;
	')
	allow modprobe { system_file }:system module_load;
	r_dir_file(modprobe, { system_file })