core/java/android/security/flags.aconfig


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

package: "android.security"
container: "system"

flag {
    name: "certificate_transparency_configuration"
    is_exported: true
    namespace: "network_security"
    description: "Enable certificate transparency setting in the network security config"
    bug: "28746284"
}

flag {
    name: "fsverity_api"
    namespace: "hardware_backed_security"
    description: "Feature flag for fs-verity API"
    bug: "285185747"
}

flag {
    name: "mgf1_digest_setter_v2"
    is_exported: true
    namespace: "hardware_backed_security"
    description: "Feature flag for mgf1 digest setter in key generation and import parameters."
    bug: "308378912"
    is_fixed_read_only: true
}

flag {
    name: "fix_unlocked_device_required_keys_v2"
    namespace: "hardware_backed_security"
    description: "Fix bugs in behavior of UnlockedDeviceRequired keystore keys"
    bug: "296464083"
    is_fixed_read_only: true
}

flag {
    name: "keyinfo_unlocked_device_required"
    is_exported: true
    namespace: "hardware_backed_security"
    description: "Add the API android.security.keystore.KeyInfo#isUnlockedDeviceRequired()"
    bug: "296475382"
}

flag {
    name: "unlocked_storage_api"
    namespace: "hardware_backed_security"
    description: "Feature flag for unlocked-only storage API"
    bug: "325129836"
}

flag {
    name: "deprecate_fsv_sig"
    namespace: "hardware_backed_security"
    description: "Feature flag for deprecating .fsv_sig"
    bug: "277916185"
}

flag {
    name: "extend_vb_chain_to_updated_apk"
    namespace: "hardware_backed_security"
    description: "Use v4 signature and fs-verity to chain verification of allowlisted APKs to Verified Boot"
    bug: "277916185"
    is_fixed_read_only: true
}

flag {
    name: "binary_transparency_sepolicy_hash"
    namespace: "hardware_backed_security"
    description: "Collect sepolicy hash from sysfs"
    bug: "308471499"
}

flag {
    name: "frp_enforcement"
    namespace: "hardware_backed_security"
    description: "This flag controls whether PDB enforces FRP"
    bug: "290312729"
    is_fixed_read_only: true
}

flag {
    name: "report_primary_auth_attempts"
    namespace: "biometrics"
    description: "Report primary auth attempts from LockSettingsService"
    bug: "285053096"
}

flag {
    name: "dump_attestation_verifications"
    namespace: "hardware_backed_security"
    description: "Add a dump capability for attestation_verification service"
    bug: "335498868"
}