Check original DeviceConfig flag in allowlist for overrides - platform/frameworks/base

diff options

author	Michael Groover <mpgroover@google.com>	2025-01-09 23:11:33 -0600
committer	Michael Groover <mpgroover@google.com>	2025-01-13 19:14:21 -0800
commit	19e5acd4a4edebce95f56c2846fd9597cc94f548 (patch)
tree	4c53bfb33153eaccae771e06c64b9a837e0a3699 /libs/androidfw/AssetsProvider.cpp
parent	13280939250f4f9b15695166dcdc22f8d7f6e3ed (diff)

Check original DeviceConfig flag in allowlist for overrides

Android 16 limits the DeviceConfig flags that can be written by the shell user to those that have been allowlisted. When a flag is modified through the DeviceConfig#setLocalOverride method, the requested flag is placed in the device_config_overrides namespace, and the flag in this new namespace is used during the allowlist check. Because of this new namespace, flags that were previously allowlisted would fail the check without a new entry in the allowlist using the device_config_overrides namespace. This commit checks for this override namespace, obtains the original flag, and uses that flag to verify whether the shell user can modify it.. Bug: 388608113 Flag: android.security.protect_device_config_flags Test: atest DeviceConfigApiTests Test: atest android.provider.SettingsProviderTest Change-Id: Ia5853fc1399bdb3b4767ae65badf0298acda31ea

Diffstat (limited to 'libs/androidfw/AssetsProvider.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: