Make mount_t able to request loading kernel module.

Make the mount domain able to request kernel to load a kernel module.
Otherwise the binfmt_misc kernel module won't be properly loaded
during system booting up.

type=1400 audit(1292850971.104:4): avc:  denied  { module_request } for  pid=87 comm="mount" kmod="devtmpfs" scontext=system_u:system_r:mount_t:s0-s15:c0.c1023 tcontext=system_u:system_r:kernel_t:s15:c0.c1023 tclass=system

type=1400 audit(1292851024.844:13): avc:  denied  { module_request } for  pid=409 comm="mount" kmod="binfmt_misc" scontext=system_u:system_r:mount_t:s0-s15:c0.c1023 tcontext=system_u:system_r:kernel_t:s15:c0.c1023 tclass=system

Signed-off-by: Harry Ciao <qingtao.cao@windriver.com>

policy/modules/system/mount.te

@@ -48,6 +48,8 @@ files_tmp_filetrans(mount_t, mount_tmp_t, { file dir })
 
 kernel_read_system_state(mount_t)
 kernel_read_kernel_sysctls(mount_t)
+# To load binfmt_misc kernel module
+kernel_request_load_module(mount_t)
 kernel_dontaudit_getattr_core_if(mount_t)
 kernel_dontaudit_write_debugfs_dirs(mount_t)
 kernel_dontaudit_write_proc_dirs(mount_t)