refpolicy: Define getrlimit permission for class process

This permission was added to the kernel in commit 791ec491c372
("prlimit,security,selinux: add a security hook for prlimit")
circa Linux 4.12 in order to control the ability to get the resource
limits of another process.  It is only checked when acting on another
process, so getrlimit permission is not required for use of getrlimit(2).

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

policy/flask/access_vectors

@@ -383,6 +383,7 @@ class process
 	execheap
 	setkeycreate
 	setsockcreate
+	getrlimit
 }