1package: "android.security"
2container: "system"
3
4flag {
5    name: "certificate_transparency_configuration"
6    is_exported: true
7    namespace: "network_security"
8    description: "Enable certificate transparency setting in the network security config"
9    bug: "28746284"
10}
11
12flag {
13    name: "fsverity_api"
14    is_exported: true
15    namespace: "hardware_backed_security"
16    description: "Feature flag for fs-verity API"
17    bug: "285185747"
18}
19
20flag {
21    name: "mgf1_digest_setter_v2"
22    is_exported: true
23    namespace: "hardware_backed_security"
24    description: "Feature flag for mgf1 digest setter in key generation and import parameters."
25    bug: "308378912"
26    is_fixed_read_only: true
27}
28
29flag {
30    name: "fix_unlocked_device_required_keys_v2"
31    namespace: "hardware_backed_security"
32    description: "Fix bugs in behavior of UnlockedDeviceRequired keystore keys"
33    bug: "296464083"
34    is_fixed_read_only: true
35}
36
37flag {
38    name: "keyinfo_unlocked_device_required"
39    is_exported: true
40    namespace: "hardware_backed_security"
41    description: "Add the API android.security.keystore.KeyInfo#isUnlockedDeviceRequired()"
42    bug: "296475382"
43}
44
45flag {
46    name: "unlocked_storage_api"
47    namespace: "hardware_backed_security"
48    description: "Feature flag for unlocked-only storage API"
49    bug: "325129836"
50}
51
52flag {
53    name: "deprecate_fsv_sig"
54    namespace: "hardware_backed_security"
55    description: "Feature flag for deprecating .fsv_sig"
56    bug: "277916185"
57}
58
59flag {
60    name: "extend_vb_chain_to_updated_apk"
61    namespace: "hardware_backed_security"
62    description: "Use v4 signature and fs-verity to chain verification of allowlisted APKs to Verified Boot"
63    bug: "277916185"
64    is_fixed_read_only: true
65}
66
67flag {
68    name: "binary_transparency_sepolicy_hash"
69    namespace: "hardware_backed_security"
70    description: "Collect sepolicy hash from sysfs"
71    bug: "308471499"
72}
73
74flag {
75    name: "frp_enforcement"
76    is_exported: true
77    namespace: "hardware_backed_security"
78    description: "This flag controls whether PDB enforces FRP"
79    bug: "290312729"
80    is_fixed_read_only: true
81}
82
83flag {
84    name: "significant_places"
85    namespace: "biometrics"
86    description: "Enabled significant place monitoring"
87    bug: "337870680"
88}
89
90flag {
91    name: "report_primary_auth_attempts"
92    namespace: "biometrics"
93    description: "Report primary auth attempts from LockSettingsService"
94    bug: "285053096"
95}
96
97flag {
98    name: "dump_attestation_verifications"
99    namespace: "hardware_backed_security"
100    description: "Add a dump capability for attestation_verification service"
101    bug: "335498868"
102}
103