From Debian package 0.2.20091117-2
0084-insmod-policy-adjustments-Allow-insmod_t-the-capabil.patch (part of)
0085-mount-policy-adjustments-Allow-mount_t-to-read-sysfs.patch (part of)

* Allow iptables_t, insmod_t and mount_t to do module_request
* Allow ifconfig to load modules.

iptables_t done upstream 7491a9ed (2009-12-01), removed here 0.2.20110726-10
ifconfig_t done upstream 1fa92b8a (2010-03-18), removed here 0.2.20100524-2
mount_t done upstream 4d8e9ffc (2010-12-21)
insmod_t done upstream 9fda512c (2011-02-06)

Index: policy/modules/system/modutils.te
===================================================================
--- policy/modules/system/modutils.te.orig
+++ policy/modules/system/modutils.te
@@ -18,6 +18,8 @@
 mls_file_write_all_levels(insmod_t)
 role system_r types insmod_t;
 
+kernel_request_load_module(insmod_t)
+
 # module loading config
 type modules_conf_t;
 files_type(modules_conf_t)
Index: policy/modules/system/mount.te
===================================================================
--- policy/modules/system/mount.te.orig
+++ policy/modules/system/mount.te
@@ -35,6 +35,7 @@
 type unconfined_mount_t;
 application_domain(unconfined_mount_t, mount_exec_t)
 
+kernel_request_load_module(mount_t)
 ########################################
 #
 # mount local policy