From c9a34c68d42a7e23606b143729f7dddf7e41cd4c Mon Sep 17 00:00:00 2001
From: Eran Messeri <eranm@google.com>
Date: Thu, 30 Jan 2025 23:00:17 +0000
Subject: [PATCH] [AAPM] Enable MTE support for DevicePolicyManager for zuma

Set the system property that lets the DevicePolicyManager know it can
control Memory Tagging Extension on the device.

With this property set, when the user turns on AAPM, it will turn on
MTE.

This has been enabled for zumapro, now enabling for zuma devices.

Bug: 352420507
Test: Manual
Flag: android.security.aapm_feature_memory_tagging_extension
Change-Id: I14bfdd461076a499457c5a81ed151bfaebbfb2bb
---
 device-common.mk | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/device-common.mk b/device-common.mk
index 41978abb..d8c431da 100644
--- a/device-common.mk
+++ b/device-common.mk
@@ -61,6 +61,9 @@ PRODUCT_PRODUCT_PROPERTIES += persist.arm64.memtag.app.com.android.se=off
 PRODUCT_PRODUCT_PROPERTIES += persist.arm64.memtag.app.com.google.android.bluetooth=off
 PRODUCT_PRODUCT_PROPERTIES += persist.arm64.memtag.app.com.android.nfc=off
 PRODUCT_PRODUCT_PROPERTIES += persist.arm64.memtag.system_server=off
+# Also enable the system property that would turn on MTE when Android Advanced
+# Protection Mode is turned on.
+PRODUCT_PRODUCT_PROPERTIES += ro.arm64.memtag.bootctl_device_policy_manager=true
 endif
 endif