Add policy for /system/bin/auditctl /system/bin/auditctl is executed by init to set the kernel audit throttling rate limit. Grant the rules necessary for this to happen. Test: compiles and boots Test: Perform an operation which generates lots of SELinux denials, and count how many occur before and after the time period. Bug: 118815957 (cherry picked from commit 622ab8a2ba498679175750694c997c6e350848ae) Change-Id: Ie5b4852fa217462557fce192c764305893968454

commit: c7a31403982f6eacb7bfb41b106c4e5b66218848 [log] [tgz]
author: Nick Kralevich <nnk@google.com> Tue Apr 09 10:57:13 2019 -0700
committer: Nick Kralevich <nnk@google.com> Tue Apr 09 20:55:30 2019 -0700
tree: 27d4f23da7c6262b70292cc9b5456e30f34835e8
parent: 61cbd0a362bd7eff74747110c4cdcf8e98717927 [diff] [blame]
diff --git a/private/file_contexts b/private/file_contexts
index f4aefe3..a42041a 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -182,6 +182,7 @@
 /system/lib(64)?(/.*)?		u:object_r:system_lib_file:s0
 /system/bin/atrace	u:object_r:atrace_exec:s0
 /system/bin/ashmemd	u:object_r:ashmemd_exec:s0
+/system/bin/auditctl	u:object_r:auditctl_exec:s0
 /system/bin/bcc                 u:object_r:rs_exec:s0
 /system/bin/blank_screen	u:object_r:blank_screen_exec:s0
 /system/bin/charger		u:object_r:charger_exec:s0
commit	c7a31403982f6eacb7bfb41b106c4e5b66218848	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Tue Apr 09 10:57:13 2019 -0700
committer	Nick Kralevich <nnk@google.com>	Tue Apr 09 20:55:30 2019 -0700
tree	27d4f23da7c6262b70292cc9b5456e30f34835e8
parent	61cbd0a362bd7eff74747110c4cdcf8e98717927 [diff] [blame]