Remove access to ro.runtime.firstboot from apps ro.runtime.firstboot system property is only used internally by system_server to distinguish between first start after boot from consecutive starts (for example, this happens when full-disk encryption is enabled). The value of the property is a millisecond-precise timestamp which can help track individual device. Thus apps should not have access to this property. Test: Device boots fine, reading ro.runtime.firstboot from an app results in an error and SELinux denial. Bug: 33700679 Change-Id: I4c3c26a35c5dd840bced3a3e53d071f45317f63c

commit: 062236a8c9c7467222b1780c2fb6ce014d5fe14b [log] [tgz]
author: Alex Klyubin <klyubin@google.com> Tue Dec 27 14:05:46 2016 -0800
committer: Alex Klyubin <klyubin@google.com> Tue Dec 27 14:18:47 2016 -0800
tree: fa9ab31fa9e0e0475c53a86c4407f54348b99d80
parent: b8bb1d4c6a4cd60ece45715c2482a991f8113b97 [diff]
diff --git a/private/property_contexts b/private/property_contexts
index a27b756..39e8a8d 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -18,6 +18,7 @@
 net.                    u:object_r:system_prop:s0
 dev.                    u:object_r:system_prop:s0
 ro.runtime.             u:object_r:system_prop:s0
+ro.runtime.firstboot    u:object_r:firstboot_prop:s0
 hw.                     u:object_r:system_prop:s0
 ro.hw.                  u:object_r:system_prop:s0
 sys.                    u:object_r:system_prop:s0
commit	062236a8c9c7467222b1780c2fb6ce014d5fe14b	[log] [tgz]
author	Alex Klyubin <klyubin@google.com>	Tue Dec 27 14:05:46 2016 -0800
committer	Alex Klyubin <klyubin@google.com>	Tue Dec 27 14:18:47 2016 -0800
tree	fa9ab31fa9e0e0475c53a86c4407f54348b99d80
parent	b8bb1d4c6a4cd60ece45715c2482a991f8113b97 [diff]