How to apply SELinux file_contexts change on device without a full image flash?

[Kushtrim Pacaj]

I am modifying SELinux policies for a hardware device running Android 9.  

Currently my process is like this:  

 

 0. Run the device as userdebug but with SELinux set to enforcing

 1. Make changes to `.te` files and/or `file_contexts`

 2. Build the policies using `mmm system/sepolicy`

 3. Push the policies on the device using the following script:  

    adb root
    adb wait-for-device
    adb remount
    adb wait-for-device
   
    adb push out/target/product/<PRODUCT_NAME>/vendor/etc/selinux /vendor/etc/
    adb push out/target/product/<PRODUCT_NAME>/system/etc/selinux /system/etc/
    adb shell sync; sync; sync;
   
    adb reboot

 4. Test and go back to step 1 if needed.

This process seems to work fine when modifications involve `.te` files. But when I modify the `file_contexts`, this doesn't work, and labels I changed are not applied on the device.  

For now, I have to do a full make and flash when I modify `file_contexts`, which is very time consuming...   

So is there a way to apply `file_contexts` changes without a full make/flash ?