UpStream Where is the information stored (physically) on the device and what would need to be done to bypass that?
I have no idea where it's stored. But Google has some pretty sharp security people, and it would be straightforward for them to use the following approach would be quite infeasible to bypass. A small program in Google's OS could contact a Google server and ask for an unlock certificate, i.e., a statement of the form "Device with serial number ##### is OEM-unlockable", signed by a Google key pair. That program could feed the certificate into the trusted execution environment, which could verify the signature and then permanently store state in the trusted element.
If they are doing something like that, then subverting the program that fetches the certificate would be ineffective, and subverting the stored state would be no easier than breaking the trusted element in any other way.
Again, I have no idea whether they are using anything fancy like that for the OEM-unlock toggle. But why not? The devices already have an industry-leading trusted element and a solid trusted execution environment. If they are deploying those tools, then forcing a device to unlock isn't a matter of finding the place in the flash where a 0 needs to be flipped to a 1, any more than unlocking somebody's private data is a matter of finding the place in the flash where their unlock code is stored.
It may well be the case that a sophisticated nation-state actor, or a well-resourced criminal gang, could flip OEM-unlock toggles at will. But would they bother? And of course it might also be the case that Google went with a simplistic implementation, or with something that is easy to trick. But it's not clear that's the way to bet.