1package: "android.security" 2container: "system" 3 4flag { 5 name: "certificate_transparency_configuration" 6 is_exported: true 7 namespace: "network_security" 8 description: "Enable certificate transparency setting in the network security config" 9 bug: "28746284" 10} 11 12flag { 13 name: "fsverity_api" 14 is_exported: true 15 namespace: "hardware_backed_security" 16 description: "Feature flag for fs-verity API" 17 bug: "285185747" 18} 19 20flag { 21 name: "mgf1_digest_setter_v2" 22 is_exported: true 23 namespace: "hardware_backed_security" 24 description: "Feature flag for mgf1 digest setter in key generation and import parameters." 25 bug: "308378912" 26 is_fixed_read_only: true 27} 28 29flag { 30 name: "keyinfo_unlocked_device_required" 31 is_exported: true 32 namespace: "hardware_backed_security" 33 description: "Add the API android.security.keystore.KeyInfo#isUnlockedDeviceRequired()" 34 bug: "296475382" 35} 36 37flag { 38 name: "unlocked_storage_api" 39 namespace: "hardware_backed_security" 40 description: "Feature flag for unlocked-only storage API" 41 bug: "325129836" 42} 43 44flag { 45 name: "deprecate_fsv_sig" 46 namespace: "hardware_backed_security" 47 description: "Feature flag for deprecating .fsv_sig" 48 bug: "277916185" 49} 50 51flag { 52 name: "extend_vb_chain_to_updated_apk" 53 namespace: "hardware_backed_security" 54 description: "Use v4 signature and fs-verity to chain verification of allowlisted APKs to Verified Boot" 55 bug: "277916185" 56 is_fixed_read_only: true 57} 58 59flag { 60 name: "binary_transparency_sepolicy_hash" 61 namespace: "hardware_backed_security" 62 description: "Collect sepolicy hash from sysfs" 63 bug: "308471499" 64} 65 66flag { 67 name: "frp_enforcement" 68 is_exported: true 69 namespace: "hardware_backed_security" 70 description: "This flag controls whether PDB enforces FRP" 71 bug: "290312729" 72 is_fixed_read_only: true 73} 74 75flag { 76 name: "significant_places" 77 namespace: "biometrics" 78 description: "Enabled significant place monitoring" 79 bug: "337870680" 80} 81 82flag { 83 name: "report_primary_auth_attempts" 84 namespace: "biometrics" 85 description: "Report primary auth attempts from LockSettingsService" 86 bug: "285053096" 87} 88 89flag { 90 name: "dump_attestation_verifications" 91 namespace: "hardware_backed_security" 92 description: "Add a dump capability for attestation_verification service" 93 bug: "335498868" 94} 95 96flag { 97 name: "should_trust_manager_listen_for_primary_auth" 98 namespace: "biometrics" 99 description: "Causes TrustManagerService to listen for credential attempts and ignore reports from upstream" 100 bug: "323086607" 101} 102 103flag { 104 name: "clear_strong_auth_on_add_primary_credential" 105 namespace: "biometrics" 106 description: "Clear StrongAuth on add credential" 107 bug: "320817991" 108} 109 110flag { 111 name: "afl_api" 112 namespace: "hardware_backed_security" 113 description: "AFL feature" 114 bug: "365994454" 115 is_exported: true 116} 117 118flag { 119 name: "protect_device_config_flags" 120 namespace: "psap_ai" 121 description: "Feature flag to limit adb shell to allowlisted flags" 122 bug: "364083026" 123 is_fixed_read_only: true 124} 125 126flag { 127 name: "keystore_grant_api" 128 namespace: "hardware_backed_security" 129 description: "Feature flag for exposing KeyStore grant APIs" 130 bug: "351158708" 131 is_exported: true 132} 133 134flag { 135 name: "secure_lockdown" 136 namespace: "biometrics" 137 description: "Feature flag for Secure Lockdown feature" 138 bug: "373422357" 139 is_exported: true 140}