Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b7e6a5f9 authored by Florian Mayer's avatar Florian Mayer
Browse files

Add API to query MTE state of device 

Test: atest MemtagBootctlTest -- \
      --template:map preparers=template/preparers/feature-flags \
      --flag-value enterprise/android.app.admin.flags.is_mte_enabled=true
Bug: 322777918
Change-Id: I336ddda78f380de3bb4d38dffccaa20b1671f817
parent 463b66a1

core/api/current.txt

+1 −0
Original line number Diff line number Diff line
@@ -8109,6 +8109,7 @@ package android.app.admin { 
    method public boolean isLogoutEnabled();

    method public boolean isManagedProfile(@NonNull android.content.ComponentName);

    method public boolean isMasterVolumeMuted(@NonNull android.content.ComponentName);

    method @FlaggedApi("android.app.admin.flags.is_mte_policy_enforced") public static boolean isMtePolicyEnforced();

    method public boolean isNetworkLoggingEnabled(@Nullable android.content.ComponentName);

    method public boolean isOrganizationOwnedDeviceWithManagedProfile();

    method public boolean isOverrideApnEnabled(@NonNull android.content.ComponentName);

core/java/android/app/admin/DevicePolicyManager.java

+15 −0
Original line number Diff line number Diff line
@@ -53,6 +53,7 @@ import static android.Manifest.permission.SET_TIME; 
import static android.Manifest.permission.SET_TIME_ZONE;

import static android.app.admin.flags.Flags.FLAG_ESIM_MANAGEMENT_ENABLED;

import static android.app.admin.flags.Flags.onboardingBugreportV2Enabled;

import static android.app.admin.flags.Flags.FLAG_IS_MTE_POLICY_ENFORCED;

import static android.content.Intent.LOCAL_FLAG_FROM_SYSTEM;

import static android.net.NetworkCapabilities.NET_ENTERPRISE_ID_1;

import static android.os.Build.VERSION_CODES.UPSIDE_DOWN_CAKE;
@@ -151,6 +152,7 @@ import com.android.internal.os.BackgroundThread; 
import com.android.internal.util.ArrayUtils;

import com.android.internal.util.Preconditions;

import com.android.org.conscrypt.TrustedCertificateStore;

import com.android.internal.os.Zygote;















import java.io.ByteArrayInputStream;















import java.io.FileNotFoundException;










@@ -4115,6 +4117,19 @@ public class DevicePolicyManager {













        return MTE_NOT_CONTROLLED_BY_POLICY;















    }



























    /**













     * Get the current MTE state of the device.













     *













     * <a href="https://source.android.com/docs/security/test/memory-safety/arm-mte">













     * Learn more about MTE</a>













     *













     * @return whether MTE is currently enabled on the device.













     */













    @FlaggedApi(FLAG_IS_MTE_POLICY_ENFORCED)













    public static boolean isMtePolicyEnforced() {













        return Zygote.nativeSupportsMemoryTagging();













    }



























    /** Indicates that content protection is not controlled by policy, allowing user to choose. */















    @FlaggedApi(android.view.contentprotection.flags.Flags.FLAG_MANAGE_DEVICE_POLICY_ENABLED)















    public static final int CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY = 0;

































core/java/android/app/admin/flags/flags.aconfig



+7
−0




























Original line number
Diff line number
Diff line








@@ -132,3 +132,10 @@ flag {













  description: "Add Headless DO support."















  bug: "289515470"















}



























flag {













  name: "is_mte_policy_enforced"













  namespace: "enterprise"













  description: "Allow to query whether MTE is enabled or not to check for compliance for enterprise policy"













  bug: "322777918"













}