Hide bpfloader sys_admin denials. Bug: 79524845 Test: Boot device and see no denials. Change-Id: I9316bfd0e3718818a7613a421aedff7da8c87108

commit: d65f26f1b05bb03aab7e1065bc684637568e4f92 [log] [tgz]
author: Joel Galenson <jgalenson@google.com> Wed May 23 08:36:40 2018 -0700
committer: Joel Galenson <jgalenson@google.com> Wed May 23 08:36:40 2018 -0700
tree: 06e0476f7b77a7b571e8312a5edb856a243077c0
parent: 7af4a1f110e1ba1e33e6d61da10416ca242bbcfd [diff]
diff --git a/private/bpfloader.te b/private/bpfloader.te
index e690231..4e8ec2b 100644
--- a/private/bpfloader.te
+++ b/private/bpfloader.te

@@ -26,3 +26,5 @@
 neverallow bpfloader domain:{ tcp_socket udp_socket rawip_socket } *;
 # only system_server, netd and bpfloader can read/write the bpf maps
 neverallow { domain -system_server -netd -bpfloader} netd:bpf { map_read map_write };
+
+dontaudit bpfloader self:capability sys_admin;
commit	d65f26f1b05bb03aab7e1065bc684637568e4f92	[log] [tgz]
author	Joel Galenson <jgalenson@google.com>	Wed May 23 08:36:40 2018 -0700
committer	Joel Galenson <jgalenson@google.com>	Wed May 23 08:36:40 2018 -0700
tree	06e0476f7b77a7b571e8312a5edb856a243077c0
parent	7af4a1f110e1ba1e33e6d61da10416ca242bbcfd [diff]