Add AID for PRNG seeder daemon.
Also adjust permissions on /dev/hw_random to allow prng_seeder group
read access.
Manual testing protocol:
* Verify prng_seeder daemon is running and has the
correct label and uid/gid.
* Verify prng_seeder socket present and has correct
label and permissions
* Verify no SELinux denials
* strace a libcrypto process and verify it reads seeding
data from prng_seeder (e.g. strace bssl rand -hex 1024)
* strace seeder daemon to observe incoming connections
(e.g. strace -f -p `pgrep prng_seeder`)
* Kill daemon, observe that init restarts it
* strace again and observe clients now seed from new instance
Bug: 243933553
Test: Manual - see above
Change-Id: I4d526844b232fc2a1fa5ffd701ca5bc5c09e7e96
Merged-In: I4d526844b232fc2a1fa5ffd701ca5bc5c09e7e96
(cherry picked from commit 6cb61610e619e31bd22c12895ec0ca623f793127)
(cherry picked from commit 046a809a90814bcea76aec1ec26d464db3b686dd)
Merged-In: I4d526844b232fc2a1fa5ffd701ca5bc5c09e7e96
2 files changed