Add new type for system settings metadata

Add a new selinux type for a system property used to hold metadata about
the time zone setting system property. Although system settings are
world readable, the associated metadata only needs to be readable by the
system server (currently).

Bug: 236612872
Test: treehugger
Change-Id: Iac1bc3301a049534ea5f69edf27cd85443e6a92e
diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index c6c0c18..13f625c 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil
@@ -18,6 +18,7 @@
     permissive_mte_prop
     servicemanager_prop
     system_net_netd_service
+    timezone_metadata_prop
     tuner_config_prop
     tuner_server_ctl_prop
     virtual_face_hal_prop
diff --git a/private/property.te b/private/property.te
index 805b70d..25b2423 100644
--- a/private/property.te
+++ b/private/property.te
@@ -38,6 +38,7 @@
 system_internal_prop(setupwizard_prop)
 system_internal_prop(snapuserd_prop)
 system_internal_prop(system_adbd_prop)
+system_internal_prop(timezone_metadata_prop)
 system_internal_prop(traced_perf_enabled_prop)
 system_internal_prop(tuner_server_ctl_prop)
 system_internal_prop(userspace_reboot_log_prop)
diff --git a/private/property_contexts b/private/property_contexts
index 507e9c6..515c007 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -797,6 +797,11 @@
 persist.sys.locale       u:object_r:locale_prop:s0 exact string
 persist.sys.timezone     u:object_r:timezone_prop:s0 exact string
 
+# Time zone metadata system properties. Holds information associated with the
+# device's time zone and will therefore be written to at the same time.  Unlike
+# timezone_prop props, these do not need to be read by other processes.
+persist.sys.timezone_confidence u:object_r:timezone_metadata_prop:s0 exact uint
+
 persist.sys.mte.permissive u:object_r:permissive_mte_prop:s0 exact string
 persist.sys.test_harness u:object_r:test_harness_prop:s0 exact bool
 
diff --git a/private/system_server.te b/private/system_server.te
index c2c8147..eb1e46a 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -718,6 +718,7 @@
 set_prop(system_server, retaildemo_prop)
 set_prop(system_server, dmesgd_start_prop)
 set_prop(system_server, locale_prop)
+set_prop(system_server, timezone_metadata_prop)
 set_prop(system_server, timezone_prop)
 userdebug_or_eng(`set_prop(system_server, wifi_log_prop)')
 userdebug_or_eng(`set_prop(system_server, system_user_mode_emulation_prop)')