init: Always create and restorecon /dev/dm-user.

Dynamically creating /dev/dm-user makes it difficult to set an inotify
watch for child devices to appear. It requires having an additional
watch on /dev, and more complicated sepolicy as a result.

Bug: 168554689
Test: full OTA with VABC enabled
Change-Id: I0cdef3d5a953a372446ff4e539a25a7b5314500d

init/devices.cpp

@@ -440,13 +440,6 @@ void DeviceHandler::HandleDevice(const std::string& action, const std::string& d
             }
         }
         unlink(devpath.c_str());
-
-        if (android::base::StartsWith(devpath, "/dev/dm-user/")) {
-            std::error_code ec;
-            if (std::filesystem::is_empty("/dev/dm-user/", ec)) {
-                rmdir("/dev/dm-user");
-            }
-        }
     }
 }
 

init/first_stage_init.cpp

@@ -221,6 +221,7 @@ int FirstStageMain(int argc, char** argv) {
     CHECKCALL(mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755"));
     CHECKCALL(mkdir("/dev/pts", 0755));
     CHECKCALL(mkdir("/dev/socket", 0755));
+    CHECKCALL(mkdir("/dev/dm-user", 0755));
     CHECKCALL(mount("devpts", "/dev/pts", "devpts", 0, NULL));
 #define MAKE_STR(x) __STRING(x)
     CHECKCALL(mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC)));

init/selinux.cpp

@@ -534,6 +534,7 @@ void SelinuxRestoreContext() {
     selinux_android_restorecon("/dev/__properties__", 0);
 
     selinux_android_restorecon("/dev/block", SELINUX_ANDROID_RESTORECON_RECURSE);
+    selinux_android_restorecon("/dev/dm-user", SELINUX_ANDROID_RESTORECON_RECURSE);
     selinux_android_restorecon("/dev/device-mapper", 0);
 
     selinux_android_restorecon("/apex", 0);