Note that snappy-debug would help slightly here, but since you said it is arm:
$ scmp_sys_resolver -a arm 281
socket
This sounds similar to Different seccomp behaviors on amd64 and pi2/armhf.
Unfortunately the kernel doesn’t give us the arguments used in the logged denial so the best we can do is: sudo snap run --strace="-e socket" -- <snap name>.<command> and look for the failed permission denied call. With that you should see the arguments to socket which will help you to better understand what is happening.
I have a hunch that you need NETLINK_KOBJECT_UEVENT and so you should add ‘hardware-observe’ to your plugs. If that works, I’ll look into adding this to raw-usb.