Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
device_google_zuma/device-common.mk
Eran Messeri c9a34c68d4 [AAPM] Enable MTE support for DevicePolicyManager for zuma 
Set the system property that lets the DevicePolicyManager know it can
control Memory Tagging Extension on the device.

With this property set, when the user turns on AAPM, it will turn on
MTE.

This has been enabled for zumapro, now enabling for zuma devices.

Bug: 352420507
Test: Manual
Flag: android.security.aapm_feature_memory_tagging_extension
Change-Id: I14bfdd461076a499457c5a81ed151bfaebbfb2bb
2025-01-30 23:00:17 +00:00

75 lines
3.1 KiB
Makefile
Raw Blame History

#
# Copyright (C) 2020 The Android Open-Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
-include vendor/google_devices/zuma/proprietary/telephony/device-vendor.mk
include device/google/zuma/device.mk
# Telephony
PRODUCT_COPY_FILES += \
frameworks/native/data/etc/android.hardware.telephony.carrierlock.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.telephony.carrierlock.xml
# Android Verified Boot
PRODUCT_COPY_FILES += \
frameworks/native/data/etc/android.software.verified_boot.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.software.verified_boot.xml
# Set system properties identifying the chipset
PRODUCT_VENDOR_PROPERTIES += ro.soc.manufacturer=Google
TARGET_VENDOR_PROP += device/google/zuma/vendor.prop
PRODUCT_PRODUCT_PROPERTIES += \
persist.vendor.testing_battery_profile=2
# The default value of this variable is false and should only be set to true when
# the device allows users to retain eSIM profiles after factory reset of user data.
PRODUCT_PRODUCT_PROPERTIES += \
masterclear.allow_retain_esim_profiles_after_fdr=true
# ZramWriteback
-include hardware/google/pixel/mm/device_gki.mk
# Set thermal warm reset
PRODUCT_PRODUCT_PROPERTIES += \
ro.thermal_warmreset = true
# Trigger fsck on upgrade (305658663)
PRODUCT_PRODUCT_PROPERTIES += \
ro.preventative_fsck = 1
# Indicate that the bootloader supports the MTE developer option switch
# (MISC_MEMTAG_MODE_MEMTAG_ONCE), with the exception of _fullmte products and
# eng products that force enable MTE
ifeq (,$(filter %_fullmte,$(TARGET_PRODUCT)))
ifeq (,$(filter eng,$(TARGET_BUILD_VARIANT)))
PRODUCT_PRODUCT_PROPERTIES += ro.arm64.memtag.bootctl_supported=1
# N.B. persist properties in product Makefiles aren't actually persisted to the data
# partition, so they will actually go away if we remove them here, or if the user
# flashes from a normal build to a fullmte build.
PRODUCT_PRODUCT_PROPERTIES += persist.arm64.memtag.app.com.android.se=off
PRODUCT_PRODUCT_PROPERTIES += persist.arm64.memtag.app.com.google.android.bluetooth=off
PRODUCT_PRODUCT_PROPERTIES += persist.arm64.memtag.app.com.android.nfc=off
PRODUCT_PRODUCT_PROPERTIES += persist.arm64.memtag.system_server=off
# Also enable the system property that would turn on MTE when Android Advanced
# Protection Mode is turned on.
PRODUCT_PRODUCT_PROPERTIES += ro.arm64.memtag.bootctl_device_policy_manager=true
endif
endif
ifeq (,$(filter %_fullmte,$(TARGET_PRODUCT)))
ifneq (,$(filter eng,$(TARGET_BUILD_VARIANT)))
PRODUCT_COPY_FILES += \
device/google/zuma/conf/init.eng.memtag.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/init.eng.memtag.rc
endif
endif
Reference in a new issue View git blame Copy permalink