HiKey/HiKey960: sepolicy: Add some kernel sepolicy rules to allow firmware loading

Previously we were seeing issues w/ firmware loading due to sepolicy
blocking the in-kernel loader from accessing /vendor/firmware files

This patch adds some sepolicy additions suggested by audit2allow
that let it work.

Change-Id: If3370c956f60ee2478c85140b5ab5404734608da
Signed-off-by: John Stultz <john.stultz@linaro.org>
diff --git a/sepolicy/kernel.te b/sepolicy/kernel.te
new file mode 100644
index 0000000..27b8978
--- /dev/null
+++ b/sepolicy/kernel.te
@@ -0,0 +1,5 @@
+#============= kernel ==============
+allow kernel vendor_file:file open;
+allow kernel vendor_file:file read;
+allow kernel self:system module_request;
+allow vendor_init kernel:system module_request;