Use a property instead of file to communicate cold boot done

Ueventd can't set properties currently, but this is an artificial
limitation, since ueventd communicates to init that it has finished
cold boot via a file, and init polls this file instead of returning to
the epoll loop, where properties are handled.

A related change replaces that file with a property and thus frees
ueventd to be able to set properties.  This change creates the
cold_boot_done property type for this property and gives only ueventd
permissions to set it.

Bug: 62301678
Test: boot, check that properties are set
Change-Id: I40843b423b192ea841db6a82f648e5bab9738e0e

private/compat/29.0/29.0.ignore.cil

@@ -5,6 +5,7 @@
 (typeattribute new_objects)
 (typeattributeset new_objects
   ( new_objects
+    cold_boot_done_prop
     ctl_apexd_prop
     device_config_sys_traced_prop
     runtime_apex_dir

private/property_contexts

@@ -203,3 +203,6 @@ ro.gsid.                u:object_r:gsid_prop:s0
 # Property for disabling NNAPI vendor extensions on product image (used on GSI /product image,
 # which can't use NNAPI vendor extensions).
 ro.nnapi.extensions.deny_on_product                u:object_r:nnapi_ext_deny_product_prop:s0
+
+# Property that is set once ueventd finishes cold boot.
+ro.cold_boot_done       u:object_r:cold_boot_done_prop:s0

public/property.te

@@ -6,6 +6,7 @@ type bluetooth_audio_hal_prop, property_type;
 type bluetooth_prop, property_type;
 type bpf_progs_loaded_prop, property_type;
 type bootloader_boot_reason_prop, property_type;
+type cold_boot_done_prop, property_type;
 type config_prop, property_type, core_property_type;
 type cppreopt_prop, property_type, core_property_type;
 type cpu_variant_prop, property_type;
@@ -363,6 +364,7 @@ compatible_property_only(`
     -bootloader_boot_reason_prop
     -boottime_prop
     -bpf_progs_loaded_prop
+    -cold_boot_done_prop
     -config_prop
     -cppreopt_prop
     -ctl_adbd_prop

public/ueventd.te

@@ -59,17 +59,14 @@ allow ueventd kernel:key search;
 allow ueventd system_bootstrap_lib_file:dir r_dir_perms;
 allow ueventd system_bootstrap_lib_file:file { execute read open getattr map };
 
+# ueventd can set properties, particularly it sets ro.cold_boot_done to signal
+# to init that cold boot has completed.
+set_prop(ueventd, cold_boot_done_prop)
+
 #####
 ##### neverallow rules
 #####
 
-# ueventd must never set properties, otherwise deadlocks may occur.
-# https://android-review.googlesource.com/#/c/133120/6/init/devices.cpp@941
-# No writing to the property socket, connecting to init, or setting properties.
-neverallow ueventd property_socket:sock_file write;
-neverallow ueventd init:unix_stream_socket connectto;
-neverallow ueventd property_type:property_service set;
-
 # Restrict ueventd access on block devices to maintenence operations.
 neverallow ueventd dev_type:blk_file ~{ getattr relabelfrom relabelto create setattr unlink };