Check original DeviceConfig flag in allowlist for overrides
Android 16 limits the DeviceConfig flags that can be written by the shell user to those that have been allowlisted. When a flag is modified through the DeviceConfig#setLocalOverride method, the requested flag is placed in the device_config_overrides namespace, and the flag in this new namespace is used during the allowlist check. Because of this new namespace, flags that were previously allowlisted would fail the check without a new entry in the allowlist using the device_config_overrides namespace. This commit checks for this override namespace, obtains the original flag, and uses that flag to verify whether the shell user can modify it.. Bug: 388608113 Flag: android.security.protect_device_config_flags Test: atest DeviceConfigApiTests Test: atest android.provider.SettingsProviderTest Change-Id: Ia5853fc1399bdb3b4767ae65badf0298acda31ea
Loading
Please register or sign in to comment