Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit a4da588e authored by Michael Groover's avatar Michael Groover
Browse files

Add support for module specified DeviceConfig namespace allowlists 

Android 16 restricts the DeviceConfig namespaces / flags that can
be written by the shell user to those that have been allowlisted.
However, mainline modules can introduce new namespaces that are
intended to be modified by end users through adb shell; since
the platform may not be aware of these new namespaces, and the
allowlisted namespaces in the ConfigInfrastructure may not update
at the same time as the declaring APEX, the user will not be able
to modify the flags under the new namespaces. This commit adds
support to query for the etc/writable_namespaces file under the
APEX directory; any entries in this file will be added to the
DeviceConfig namespace allowlist.

Bug: 364083026
Flag: android.security.protect_device_config_flags
Test: atest DeviceConfigApiTests
Test: Manually installed APEX with writable_namespaces file and
      verified namespaces in this file could be modified by adb
Change-Id: I62a0c2a080c7860ee3dcf0885d20ffca05f5959e
parent 0df592ef
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment