Add new snapuserd socket and property rules. This adds a new property prefix owned by snapuserd, for communicating when the service is ready to accept connections (snapuserd.ready and snapuserd.proxy_ready). This also adds a new socket context. This is a seqpacket socket used to communicate with a special instance of snapuserd that bridges to the first-stage daemon. Bug: 193833730 Test: no denials after OTA applies and boots Change-Id: Ibad03659eba5c25e205ba00f27d0b4f98585a84b

commit: bf5b6ce422e3b5ba4868b5ecacb0fed1ecbff864 [log] [tgz]
author: David Anderson <dvander@google.com> Mon Jul 26 15:03:11 2021 -0700
committer: David Anderson <dvander@google.com> Tue Jul 27 10:50:59 2021 -0700
tree: f815867631dd5459d17209277a5447c0d02faf20
parent: 2179e112e16f09162175dab2c8f9373df8fb340b [diff] [blame]
diff --git a/private/property_contexts b/private/property_contexts
index fa5389d..198a50f 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -278,10 +278,12 @@
 sys.boot_from_charger_mode  u:object_r:charger_status_prop:s0 exact int
 ro.enable_boot_charger_mode u:object_r:charger_config_prop:s0 exact bool
 
-# Virtual A/B properties
+# Virtual A/B and snapuserd properties
 ro.virtual_ab.enabled   u:object_r:virtual_ab_prop:s0 exact bool
 ro.virtual_ab.retrofit  u:object_r:virtual_ab_prop:s0 exact bool
 ro.virtual_ab.compression.enabled  u:object_r:virtual_ab_prop:s0 exact bool
+snapuserd.ready         u:object_r:snapuserd_prop:s0 exact bool
+snapuserd.proxy_ready   u:object_r:snapuserd_prop:s0 exact bool
 
 ro.product.ab_ota_partitions u:object_r:ota_prop:s0 exact string
 # Property to set/clear the warm reset flag after an OTA update.
commit	bf5b6ce422e3b5ba4868b5ecacb0fed1ecbff864	[log] [tgz]
author	David Anderson <dvander@google.com>	Mon Jul 26 15:03:11 2021 -0700
committer	David Anderson <dvander@google.com>	Tue Jul 27 10:50:59 2021 -0700
tree	f815867631dd5459d17209277a5447c0d02faf20
parent	2179e112e16f09162175dab2c8f9373df8fb340b [diff] [blame]