sepolicy: allow gatekeeperd to access firmware_files (ex. kmota)

The proprietary Qualcomm library /vendor/lib/hw/gatekeeper.<soc>.so and
its 64-bit counterpart attempt to open firmware images such as kmota.mdt
and keymaste.mdt. Although we don't have visibility in the details of
exactly why these images are being opened (perhaps only checking for their
presence?), the Qualcomm gatekeeper library is trusted to be responsible,
and so we comply with it's demands for access to the (normally read-only)
/firmware filesystem.

Change-Id: I2c88cc8884cf78f5bdcc9af2bce5f2dfa80f3fe0
1 file changed