Add permissions for bpf.progs_loaded property

Change-Id: If4e550e4186415c5a1088bb53b0755b69f92560a
Signed-off-by: Joel Fernandes <joelaf@google.com>

private/bpfloader.te

@@ -26,3 +26,5 @@ neverallow { domain -system_server -netd -bpfloader} *:bpf { map_read map_write
 
 # No domain should be allowed to ptrace bpfloader
 neverallow { domain userdebug_or_eng(`-llkd') } bpfloader:process ptrace;
+
+set_prop(bpfloader, bpf_progs_loaded_prop)

private/compat/28.0/28.0.ignore.cil

@@ -18,6 +18,7 @@
     apexd_prop
     apexd_tmpfs
     biometric_service
+    bpf_progs_loaded_prop
     content_capture_service
     content_suggestions_service
     cpu_variant_prop

private/netd.te

@@ -11,3 +11,5 @@ domain_auto_trans(netd, clatd_exec, clatd)
 # give netd permission to setup iptables rule with xt_bpf, attach program to cgroup, and read/write
 # the map created by bpfloader
 allow netd bpfloader:bpf { prog_run map_read map_write };
+
+get_prop(netd, bpf_progs_loaded_prop)

private/property_contexts

@@ -173,3 +173,5 @@ persist.device_config.global_settings.native_flags_health_check_enabled u:object
 
 apexd.                  u:object_r:apexd_prop:s0
 persist.apexd.          u:object_r:apexd_prop:s0
+
+bpf.progs_loaded        u:object_r:bpf_progs_loaded_prop:s0

public/property.te

@@ -3,6 +3,7 @@ type audio_prop, property_type, core_property_type;
 type boottime_prop, property_type;
 type bluetooth_a2dp_offload_prop, property_type;
 type bluetooth_prop, property_type;
+type bpf_progs_loaded_prop, property_type;
 type bootloader_boot_reason_prop, property_type;
 type config_prop, property_type, core_property_type;
 type cppreopt_prop, property_type, core_property_type;
@@ -342,6 +343,7 @@ compatible_property_only(`
     -bluetooth_prop
     -bootloader_boot_reason_prop
     -boottime_prop
+    -bpf_progs_loaded_prop
     -config_prop
     -cppreopt_prop
     -ctl_adbd_prop