Allow apps to access PersistentDataBlockManager A new public API was added in Android 15, allowing any app to query the factory reset protection state. SELinux configuration prevents apps from using this API. Bug: 367750496 Test: atest CtsPersistentDataBlockManagerTestCases Change-Id: Id24ba37a4e1389a118011066180b7af8713fd3b2

commit: a15e9ce2d1c2096d2e872442b87382995a86d469 [log] [tgz]
author: Shawn Willden <swillden@google.com> Tue Sep 17 13:12:52 2024 -0600
committer: Shawn Willden <swillden@google.com> Tue Sep 17 13:12:52 2024 -0600
tree: 89eb044dd0a455ac33c19d25c681cd58682e018f
parent: de2d16fec95b846eebe100ba21bdbb6e217ff951 [diff]
diff --git a/private/app.te b/private/app.te
index c51ba8b..6362c7d 100644
--- a/private/app.te
+++ b/private/app.te

@@ -167,6 +167,8 @@
 
 use_credstore({ appdomain -isolated_app_all -ephemeral_app -sdk_sandbox_all })
 
+allow { appdomain -isolated_app_all -ephemeral_app -sdk_sandbox_all } persistent_data_block_service:service_manager find;
+
 # For app fuse.
 pdx_client({ appdomain -isolated_app_all -ephemeral_app -sdk_sandbox_all }, display_client)
 pdx_client({ appdomain -isolated_app_all -ephemeral_app -sdk_sandbox_all }, display_manager)
commit	a15e9ce2d1c2096d2e872442b87382995a86d469	[log] [tgz]
author	Shawn Willden <swillden@google.com>	Tue Sep 17 13:12:52 2024 -0600
committer	Shawn Willden <swillden@google.com>	Tue Sep 17 13:12:52 2024 -0600
tree	89eb044dd0a455ac33c19d25c681cd58682e018f
parent	de2d16fec95b846eebe100ba21bdbb6e217ff951 [diff]