diff options
| author | Clay Murphy <claym@google.com> | 2017-06-01 17:47:16 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2017-06-01 17:47:19 +0000 |
| commit | 2bf528574d473cffad95b19a573a76afa4de0a93 (patch) | |
| tree | e63cceb49a20a567a2cf48ca2f4ca446768481b1 | |
| parent | 493114bd93d9bde315c7b2f55ee67a814ca53c70 (diff) | |
| parent | db839ff8e0b66ac9f10c895bd6385453c533d18a (diff) | |
| download | source.android.com-2bf528574d473cffad95b19a573a76afa4de0a93.tar.gz | |
Merge "Docs: Changes to source.android.com"android-o-preview-3
57 files changed, 30946 insertions, 6558 deletions
diff --git a/en/compatibility/android-cdd.html b/en/compatibility/android-cdd.html index e9e94f26..1306a449 100644 --- a/en/compatibility/android-cdd.html +++ b/en/compatibility/android-cdd.html @@ -1,6483 +1,6492 @@ -<html devsite> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html devsite="" xmlns="http://www.w3.org/1999/xhtml"> <head> - <title>Android 7.1 Compatibility Definition Document</title> + <title> + Android 7.1 Compatibility Definition + </title> <meta name="project_path" value="/_project.yaml" /> <meta name="book_path" value="/_book.yaml" /> </head> <body> -<!-- - Copyright 2017 The Android Open Source Project + <!-- + Copyright 2017 The Android Open Source Project - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> - <h2 id="1_introduction"> - 1. Introduction - </h2> - <p> - This document enumerates the requirements that must be met in order for devices to be compatible with Android 7.1. - </p> - <p> - The use of “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” is per the IETF standard defined in <a href="http://www.ietf.org/rfc/rfc2119.txt">RFC2119</a> . - </p> - <p> - As used in this document, a “device implementer” or “implementer” is a person or organization developing a hardware/software solution running Android 7.1. A “device implementation” or “implementation is the hardware/software solution so developed. - </p> - <p> - To be considered compatible with Android 7.1, device implementations MUST meet the requirements presented in this Compatibility Definition, including any documents incorporated via reference. - </p> - <p> - Where this definition or the software tests described in <a href="#10_software_compatibility_testing">section 10</a> is silent, ambiguous, or incomplete, it is the responsibility of the device implementer to ensure compatibility with existing implementations. - </p> - <p> - For this reason, the <a href="http://source.android.com/">Android Open Source Project</a> is both the reference and preferred implementation of Android. Device implementers are STRONGLY RECOMMENDED to base their implementations to the greatest extent possible on the “upstream” source code available from the Android Open Source Project. While some components can hypothetically be replaced with alternate implementations, it is STRONGLY RECOMMENDED to not follow this practice, as passing the software tests will become substantially more difficult. It is the implementer’s responsibility to ensure full behavioral compatibility with the standard Android implementation, including and beyond the Compatibility Test Suite. Finally, note that certain component substitutions and modifications are explicitly forbidden by this document. - </p> - <p> - Many of the resources linked to in this document are derived directly or indirectly from the Android SDK and will be functionally identical to the information in that SDK’s documentation. In any cases where this Compatibility Definition or the Compatibility Test Suite disagrees with the SDK documentation, the SDK documentation is considered authoritative. Any technical details provided in the linked resources throughout this document are considered by inclusion to be part of this Compatibility Definition. - </p> - <h2 id="2_device_types"> - 2. Device Types - </h2> - <p> - While the Android Open Source Project has been used in the implementation of a variety of device types and form factors, many aspects of the architecture and compatibility requirements were optimized for handheld devices. Starting from Android 5.0, the Android Open Source Project aims to embrace a wider variety of device types as described in this section. - </p> - <p> - <strong>Android Handheld device</strong> refers to an Android device implementation that is typically used by holding it in the hand, such as mp3 players, phones, and tablets. Android Handheld device implementations: - </p> - <ul> - <li>MUST have a touchscreen embedded in the device. - </li> - <li>MUST have a power source that provides mobility, such as a battery. - </li> - </ul> - <p> - <strong>Android Television device</strong> refers to an Android device implementation that is an entertainment interface for consuming digital media, movies, games, apps, and/or live TV for users sitting about ten feet away (a “lean back” or “10-foot user interface”). Android Television devices: - </p> - <ul> - <li>MUST have an embedded screen OR include a video output port, such as VGA, HDMI, or a wireless port for display. - </li> - <li>MUST declare the features <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_LEANBACK">android.software.leanback</a> and android.hardware.type.television. - </li> - </ul> - <p> - <strong>Android Watch device</strong> refers to an Android device implementation intended to be worn on the body, perhaps on the wrist, and: - </p> - <ul> - <li>MUST have a screen with the physical diagonal length in the range from 1.1 to 2.5 inches. - </li> - <li>MUST declare the feature android.hardware.type.watch. - </li> - <li>MUST support uiMode = <a href="http://developer.android.com/reference/android/content/res/Configuration.html#UI_MODE_TYPE_WATCH">UI_MODE_TYPE_WATCH</a> . - </li> - </ul> - <p> - <strong>Android Automotive implementation</strong> refers to a vehicle head unit running Android as an operating system for part or all of the system and/or infotainment functionality. Android Automotive implementations: - </p> - <ul> - <li>MUST have a screen with the physical diagonal length equal to or greater than 6 inches. - </li> - <li>MUST declare the feature android.hardware.type.automotive. - </li> - <li>MUST support uiMode = <a href="http://developer.android.com/reference/android/content/res/Configuration.html#UI_MODE_TYPE_CAR">UI_MODE_TYPE_CAR</a> . - </li> - <li>Android Automotive implementations MUST support all public APIs in the <code>android.car.*</code> namespace. - </li> - </ul> - <p> - All Android device implementations that do not fit into any of the above device types still MUST meet all requirements in this document to be Android 7.1 compatible, unless the requirement is explicitly described to be only applicable to a specific Android device type from above. - </p> - <h3 id="2_1_device_configurations"> - 2.1 Device Configurations - </h3> - <p> - This is a summary of major differences in hardware configuration by device type. (Empty cells denote a “MAY”). Not all configurations are covered in this table; see relevant hardware sections for more detail. - </p> - <table> - <tr> - <th> - Category - </th> - <th> - Feature - </th> - <th> - Section - </th> - <th> - Handheld - </th> - <th> - Television - </th> - <th> - Watch - </th> - <th> - Automotive - </th> - <th> - Other - </th> - </tr> - <tr> - <td rowspan="3"> - Input - </td> - <td> - D-pad - </td> - <td> - <a href="#7_2_2_non-touch-navigation">7.2.2. Non-touch Navigation</a> - </td> - <td></td> - <td> - MUST - </td> - <td></td> - <td></td> - <td></td> - </tr> - <tr> - <td> - Touchscreen - </td> - <td> - <a href="#7_2_4_touchscreen_input">7.2.4. Touchscreen input</a> - </td> - <td> - MUST - </td> - <td></td> - <td> - MUST - </td> - <td></td> - <td> - SHOULD - </td> - </tr> - <tr> - <td> - Microphone - </td> - <td> - <a href="#7_8_1_microphone">7.8.1. Microphone</a> - </td> - <td> - MUST - </td> - <td> - SHOULD - </td> - <td> - MUST - </td> - <td> - MUST - </td> - <td> - SHOULD - </td> - </tr> - <tr> - <td rowspan="2"> - Sensors - </td> - <td> - Accelerometer - </td> - <td> - <a href="#7_3_1_accelerometer">7.3.1 Accelerometer</a> - </td> - <td> - SHOULD - </td> - <td></td> - <td> - SHOULD - </td> - <td></td> - <td> - SHOULD - </td> - </tr> - <tr> - <td> - GPS - </td> - <td> - <a href="#7_3_3_gps">7.3.3. GPS</a> - </td> - <td> - SHOULD - </td> - <td></td> - <td></td> - <td> - SHOULD - </td> - <td></td> - </tr> - <tr> - <td rowspan="6"> - Connectivity - </td> - <td> - Wi-Fi - </td> - <td> - <a href="#7_4_2_ieee_802.11">7.4.2. IEEE 802.11</a> - </td> - <td> - SHOULD - </td> - <td> - SHOULD - </td> - <td></td> - <td> - SHOULD - </td> - <td> - SHOULD - </td> - </tr> - <tr> - <td> - Wi-Fi Direct - </td> - <td> - <a href="#7_4_2_1_wi-fi-direct">7.4.2.1. Wi-Fi Direct</a> - </td> - <td> - SHOULD - </td> - <td> - SHOULD - </td> - <td></td> - <td></td> - <td> - SHOULD - </td> - </tr> - <tr> - <td> - Bluetooth - </td> - <td> - <a href="#7_4_3_bluetooth">7.4.3. Bluetooth</a> - </td> - <td> - SHOULD - </td> - <td> - MUST - </td> - <td> - MUST - </td> - <td> - MUST - </td> - <td> - SHOULD - </td> - </tr> - <tr> - <td> - Bluetooth Low Energy - </td> - <td> - <a href="#7_4_3_bluetooth">7.4.3. Bluetooth</a> - </td> - <td> - SHOULD - </td> - <td> - MUST - </td> - <td> - SHOULD - </td> - <td> - SHOULD - </td> - <td> - SHOULD - </td> - </tr> - <tr> - <td> - Cellular radio - </td> - <td> - <a href="#7_4_5_minimum_network_capability">7.4.5. Minimum Network Capability</a> - </td> - <td></td> - <td></td> - <td></td> - <td> - SHOULD - </td> - <td></td> - </tr> - <tr> - <td> - USB peripheral/host mode - </td> - <td> - <a href="#7_7_usb">7.7. USB</a> - </td> - <td> - SHOULD - </td> - <td></td> - <td></td> - <td> - SHOULD - </td> - <td> - SHOULD - </td> - </tr> - <tr> - <td> - Output - </td> - <td> - Speaker and/or Audio output ports - </td> - <td> - <a href="#7_8_2_audio_output">7.8.2. Audio Output</a> - </td> - <td> - MUST - </td> - <td> - MUST - </td> - <td></td> - <td> - MUST - </td> - <td> - MUST - </td> - </tr> - </table> - <h2 id="3_software"> - 3. Software - </h2> - <h3 id="3_1_managed_api_compatibility"> - 3.1. Managed API Compatibility - </h3> - <p> - The managed Dalvik bytecode execution environment is the primary vehicle for Android applications. The Android application programming interface (API) is the set of Android platform interfaces exposed to applications running in the managed runtime environment. Device implementations MUST provide complete implementations, including all documented behaviors, of any documented API exposed by the <a href="http://developer.android.com/reference/packages.html">Android SDK</a> or any API decorated with the “@SystemApi” marker in the upstream Android source code. - </p> - <p> - Device implementations MUST support/preserve all classes, methods, and associated elements marked by the TestApi annotation (@TestApi). - </p> - <p> - Device implementations MUST NOT omit any managed APIs, alter API interfaces or signatures, deviate from the documented behavior, or include no-ops, except where specifically allowed by this Compatibility Definition. - </p> - <p> - This Compatibility Definition permits some types of hardware for which Android includes APIs to be omitted by device implementations. In such cases, the APIs MUST still be present and behave in a reasonable way. See <a href="#7_hardware_compatibility">section 7</a> for specific requirements for this scenario. - </p> - <h3 id="3_1_1_android_extensions"> - 3.1.1. Android Extensions - </h3> - <p> - Android includes the support of extending the managed APIs while keeping the same API level version. Android device implementations MUST preload the AOSP implementation of both the shared library <code>ExtShared</code> and services <code>ExtServices</code> with versions higher than or equal to the minimum versions allowed per each API level. For example, Android 7.0 device implementations, running API level 24 MUST include at least version 1. - </p> - <h3 id="3_2_soft_api_compatibility"> - 3.2. Soft API Compatibility - </h3> - <p> - In addition to the managed APIs from <a href="#3_1_managed_api_compatibility">section 3.1</a> , Android also includes a significant runtime-only “soft” API, in the form of such things as intents, permissions, and similar aspects of Android applications that cannot be enforced at application compile time. - </p> - <h4 id="3_2_1_permissions"> - 3.2.1. Permissions - </h4> - <p> - Device implementers MUST support and enforce all permission constants as documented by the <a href="http://developer.android.com/reference/android/Manifest.permission.html">Permission reference page</a> . Note that <a href="#9_security_model_compatibility">section 9</a> lists additional requirements related to the Android security model. - </p> - <h4 id="3_2_2_build_parameters"> - 3.2.2. Build Parameters - </h4> - <p> - The Android APIs include a number of constants on the <a href="http://developer.android.com/reference/android/os/Build.html">android.os.Build class</a> that are intended to describe the current device. To provide consistent, meaningful values across device implementations, the table below includes additional restrictions on the formats of these values to which device implementations MUST conform. - </p> - <table> - <tr> - <th> - Parameter - </th> - <th> - Details - </th> - </tr> - <tr> - <td> - VERSION.RELEASE - </td> - <td> - The version of the currently-executing Android system, in human-readable format. This field MUST have one of the string values defined in <a href="http://source.android.com/compatibility/7.1/versions.html">7.1</a> . - </td> - </tr> - <tr> - <td> - VERSION.SDK - </td> - <td> - The version of the currently-executing Android system, in a format accessible to third-party application code. For Android 7.1, this field MUST have the integer value 7.1_INT. - </td> - </tr> - <tr> - <td> - VERSION.SDK_INT - </td> - <td> - The version of the currently-executing Android system, in a format accessible to third-party application code. For Android 7.1, this field MUST have the integer value 7.1_INT. - </td> - </tr> - <tr> - <td> - VERSION.INCREMENTAL - </td> - <td> - A value chosen by the device implementer designating the specific build of the currently-executing Android system, in human-readable format. This value MUST NOT be reused for different builds made available to end users. A typical use of this field is to indicate which build number or source-control change identifier was used to generate the build. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). - </td> - </tr> - <tr> - <td> - BOARD - </td> - <td> - A value chosen by the device implementer identifying the specific internal hardware used by the device, in human-readable format. A possible use of this field is to indicate the specific revision of the board powering the device. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. - </td> - </tr> - <tr> - <td> - BRAND - </td> - <td> - A value reflecting the brand name associated with the device as known to the end users. MUST be in human-readable format and SHOULD represent the manufacturer of the device or the company brand under which the device is marketed. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. - </td> - </tr> - <tr> - <td> - SUPPORTED_ABIS - </td> - <td> - The name of the instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a> . - </td> - </tr> - <tr> - <td> - SUPPORTED_32_BIT_ABIS - </td> - <td> - The name of the instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a> . - </td> - </tr> - <tr> - <td> - SUPPORTED_64_BIT_ABIS - </td> - <td> - The name of the second instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a> . - </td> - </tr> - <tr> - <td> - CPU_ABI - </td> - <td> - The name of the instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a> . - </td> - </tr> - <tr> - <td> - CPU_ABI2 - </td> - <td> - The name of the second instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a> . - </td> - </tr> - <tr> - <td> - DEVICE - </td> - <td> - A value chosen by the device implementer containing the development name or code name identifying the configuration of the hardware features and industrial design of the device. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. This device name MUST NOT change during the lifetime of the product. - </td> - </tr> - <tr> - <td> - FINGERPRINT - </td> - <td> - A string that uniquely identifies this build. It SHOULD be reasonably human-readable. It MUST follow this template: - <p class="small"> - $(BRAND)/$(PRODUCT)/<br /> - $(DEVICE):$(VERSION.RELEASE)/$(ID)/$(VERSION.INCREMENTAL):$(TYPE)/$(TAGS) - </p> - <p> - For example: - </p> - <p class="small"> - acme/myproduct/<br /> - mydevice:7.1/LMYXX/3359:userdebug/test-keys - </p> - <p> - The fingerprint MUST NOT include whitespace characters. If other fields included in the template above have whitespace characters, they MUST be replaced in the build fingerprint with another character, such as the underscore ("_") character. The value of this field MUST be encodable as 7-bit ASCII. - </p> - </td> - </tr> - <tr> - <td> - HARDWARE - </td> - <td> - The name of the hardware (from the kernel command line or /proc). It SHOULD be reasonably human-readable. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. - </td> - </tr> - <tr> - <td> - HOST - </td> - <td> - A string that uniquely identifies the host the build was built on, in human-readable format. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). - </td> - </tr> - <tr> - <td> - ID - </td> - <td> - An identifier chosen by the device implementer to refer to a specific release, in human-readable format. This field can be the same as android.os.Build.VERSION.INCREMENTAL, but SHOULD be a value sufficiently meaningful for end users to distinguish between software builds. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9._-]+$”. - </td> - </tr> - <tr> - <td> - MANUFACTURER - </td> - <td> - The trade name of the Original Equipment Manufacturer (OEM) of the product. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). - </td> - </tr> - <tr> - <td> - MODEL - </td> - <td> - A value chosen by the device implementer containing the name of the device as known to the end user. This SHOULD be the same name under which the device is marketed and sold to end users. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). - </td> - </tr> - <tr> - <td> - PRODUCT - </td> - <td> - A value chosen by the device implementer containing the development name or code name of the specific product (SKU) that MUST be unique within the same brand. MUST be human-readable, but is not necessarily intended for view by end users. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. This product name MUST NOT change during the lifetime of the product. - </td> - </tr> - <tr> - <td> - SERIAL - </td> - <td> - A hardware serial number, which MUST be available and unique across devices with the same MODEL and MANUFACTURER. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^([a-zA-Z0-9]{6,20})$”. - </td> - </tr> - <tr> - <td> - TAGS - </td> - <td> - A comma-separated list of tags chosen by the device implementer that further distinguishes the build. This field MUST have one of the values corresponding to the three typical Android platform signing configurations: release-keys, dev-keys, test-keys. - </td> - </tr> - <tr> - <td> - TIME - </td> - <td> - A value representing the timestamp of when the build occurred. - </td> - </tr> - <tr> - <td> - TYPE - </td> - <td> - A value chosen by the device implementer specifying the runtime configuration of the build. This field MUST have one of the values corresponding to the three typical Android runtime configurations: user, userdebug, or eng. - </td> - </tr> - <tr> - <td> - USER - </td> - <td> - A name or user ID of the user (or automated user) that generated the build. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). - </td> - </tr> - <tr> - <td> - SECURITY_PATCH - </td> - <td> - A value indicating the security patch level of a build. It MUST signify that the build includes all security patches issued up through the designated Android Public Security Bulletin. It MUST be in the format [YYYY-MM-DD], matching one of the Android Security Patch Level strings of the <a href="source.android.com/security/bulletin">Public Security Bulletins</a> , for example "2015-11-01". - </td> - </tr> - <tr> - <td> - BASE_OS - </td> - <td> - A value representing the FINGERPRINT parameter of the build that is otherwise identical to this build except for the patches provided in the Android Public Security Bulletin. It MUST report the correct value and if such a build does not exist, report an empty string (""). - </td> - </tr> - </table> - <h4 id="3_2_3_intent_compatibility"> - 3.2.3. Intent Compatibility - </h4> - <h5 id="3_2_3_1_core_application_intents"> - 3.2.3.1. Core Application Intents - </h5> - <p> - Android intents allow application components to request functionality from other Android components. The Android upstream project includes a list of applications considered core Android applications, which implements several intent patterns to perform common actions. The core Android applications are: - </p> - <ul> - <li>Desk Clock - </li> - <li>Browser - </li> - <li>Calendar - </li> - <li>Contacts - </li> - <li>Gallery - </li> - <li>GlobalSearch - </li> - <li>Launcher - </li> - <li>Music - </li> - <li>Settings - </li> - </ul> - <p> - Device implementations MUST include the core Android applications as appropriate or a component implementing the same intent patterns defined by all the Activity or Service components of these core Android applications exposed to other applications, implicitly or explicitly, through the <code>android:exported</code> attribute. - </p> - <h5 id="3_2_3_2_intent_resolution"> - 3.2.3.2. Intent Resolution - </h5> - <p> - As Android is an extensible platform, device implementations MUST allow each intent pattern referenced in <a href="#3_2_3_1_core_application_intents">section 3.2.3.1</a> to be overridden by third-party applications. The upstream Android open source implementation allows this by default; device implementers MUST NOT attach special privileges to system applications' use of these intent patterns, or prevent third-party applications from binding to and assuming control of these patterns. This prohibition specifically includes but is not limited to disabling the “Chooser” user interface that allows the user to select between multiple applications that all handle the same intent pattern. - </p> - <p> - Device implementations MUST provide a user interface for users to modify the default activity for intents. - </p> - <p> - However, device implementations MAY provide default activities for specific URI patterns (e.g. http://play.google.com) when the default activity provides a more specific attribute for the data URI. For example, an intent filter pattern specifying the data URI “http://www.android.com” is more specific than the browser's core intent pattern for “http://”. - </p> - <p> - Android also includes a mechanism for third-party apps to declare an authoritative default <a href="https://developer.android.com/training/app-links">app linking behavior</a> for certain types of web URI intents. When such authoritative declarations are defined in an app's intent filter patterns, device implementations: - </p> - <ul> - <li>MUST attempt to validate any intent filters by performing the validation steps defined in the <a href="https://developers.google.com/digital-asset-links">Digital Asset Links specification</a> as implemented by the Package Manager in the upstream Android Open Source Project. - </li> - <li>MUST attempt validation of the intent filters during the installation of the application and set all successfully validated UIR intent filters as default app handlers for their UIRs. - </li> - <li>MAY set specific URI intent filters as default app handlers for their URIs, if they are successfully verified but other candidate URI filters fail verification. If a device implementation does this, it MUST provide the user appropriate per-URI pattern overrides in the settings menu. - </li> - <li>MUST provide the user with per-app App Links controls in Settings as follows: - <ul> - <li>The user MUST be able to override holistically the default app links behavior for an app to be: always open, always ask, or never open, which must apply to all candidate URI intent filters equally. - </li> - <li>The user MUST be able to see a list of the candidate URI intent filters. - </li> - <li>The device implementation MAY provide the user with the ability to override specific candidate URI intent filters that were successfully verified, on a per-intent filter basis. - </li> - <li>The device implementation MUST provide users with the ability to view and override specific candidate URI intent filters if the device implementation lets some candidate URI intent filters succeed verification while some others can fail. - </li> - </ul> - </li> - </ul> - <h5 id="3_2_3_3_intent_namespaces"> - 3.2.3.3. Intent Namespaces - </h5> - <p> - Device implementations MUST NOT include any Android component that honors any new intent or broadcast intent patterns using an ACTION, CATEGORY, or other key string in the android. <em>or com.android.</em> namespace. Device implementers MUST NOT include any Android components that honor any new intent or broadcast intent patterns using an ACTION, CATEGORY, or other key string in a package space belonging to another organization. Device implementers MUST NOT alter or extend any of the intent patterns used by the core apps listed in <a href="#3_2_3_1_core_application_intents">section 3.2.3.1</a> . Device implementations MAY include intent patterns using namespaces clearly and obviously associated with their own organization. This prohibition is analogous to that specified for Java language classes in <a href="#3_6_api_namespaces">section 3.6</a> . - </p> - <h5 id="3_2_3_4_broadcast_intents"> - 3.2.3.4. Broadcast Intents - </h5> - <p> - Third-party applications rely on the platform to broadcast certain intents to notify them of changes in the hardware or software environment. Android-compatible devices MUST broadcast the public broadcast intents in response to appropriate system events. Broadcast intents are described in the SDK documentation. - </p> - <h5 id="3_2_3_5_default_app_settings"> - 3.2.3.5. Default App Settings - </h5> - <p> - Android includes settings that provide users an easy way to select their default applications, for example for Home screen or SMS. Where it makes sense, device implementations MUST provide a similar settings menu and be compatible with the intent filter pattern and API methods described in the SDK documentation as below. - </p> - <p> - Device implementations: - </p> - <ul> - <li>MUST honor the <a href="http://developer.android.com/reference/android/provider/Settings.html#ACTION_HOME_SETTINGS">android.settings.HOME_SETTINGS</a> intent to show a default app settings menu for Home Screen, if the device implementation reports android.software.home_screen. - </li> - <li>MUST provide a settings menu that will call the <a href="http://developer.android.com/reference/android/provider/Telephony.Sms.Intents.html">android.provider.Telephony.ACTION_CHANGE_DEFAULT</a> intent to show a dialog to change the default SMS application, if the device implementation reports android.hardware.telephony. - </li> - <li>MUST honor the <a href="http://developer.android.com/reference/android/provider/Settings.html#ACTION_NFC_PAYMENT_SETTINGS">android.settings.NFC_PAYMENT_SETTINGS</a> intent to show a default app settings menu for Tap and Pay, if the device implementation reports android.hardware.nfc.hce. - </li> - <li>MUST honor the <a href="https://developer.android.com/reference/android/telecom/TelecomManager.html#ACTION_CHANGE_DEFAULT_DIALER">android.telecom.action.CHANGE_DEFAULT_DIALER</a> intent to show a dialog to allow the user to change the default Phone application, if the device implementation reports <code>android.hardware.telephony</code> . - </li> - <li>MUST honor the <a href="https://developer.android.com/reference/android/provider/Settings.html#ACTION_VOICE_INPUT_SETTINGS">android.settings.ACTION_VOICE_INPUT_SETTINGS</a> intent when the device supports the VoiceInteractionService and show a default app settings menu for voice input and assist. - </li> - </ul> - <h3 id="3_3_native_api_compatibility"> - 3.3. Native API Compatibility - </h3> - <p> - Native code compatibility is challenging. For this reason, device implementers are <strong>STRONGLY RECOMMENDED</strong> to use the implementations of the libraries listed below from the upstream Android Open Source Project. - </p> - <h4 id="3_3_1_application_binary_interfaces"> - 3.3.1. Application Binary Interfaces - </h4> - <p> - Managed Dalvik bytecode can call into native code provided in the application .apk file as an ELF .so file compiled for the appropriate device hardware architecture. As native code is highly dependent on the underlying processor technology, Android defines a number of Application Binary Interfaces (ABIs) in the Android NDK. Device implementations MUST be compatible with one or more defined ABIs, and MUST implement compatibility with the Android NDK, as below. - </p> - <p> - If a device implementation includes support for an Android ABI, it: - </p> - <ul> - <li>MUST include support for code running in the managed environment to call into native code, using the standard Java Native Interface (JNI) semantics. - </li> - <li>MUST be source-compatible (i.e. header compatible) and binary-compatible (for the ABI) with each required library in the list below. - </li> - <li>MUST support the equivalent 32-bit ABI if any 64-bit ABI is supported. - </li> - <li>MUST accurately report the native Application Binary Interface (ABI) supported by the device, via the android.os.Build.SUPPORTED_ABIS, android.os.Build.SUPPORTED_32_BIT_ABIS, and android.os.Build.SUPPORTED_64_BIT_ABIS parameters, each a comma separated list of ABIs ordered from the most to the least preferred one. - </li> - <li>MUST report, via the above parameters, only those ABIs documented and described in the latest version of the <a href="https://developer.android.com/ndk/guides/abis.html">Android NDK ABI Management documentation</a> , and MUST include support for the <a href="http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0388f/Beijfcja.html">Advanced SIMD</a> (a.k.a. NEON) extension. - </li> - <li>SHOULD be built using the source code and header files available in the upstream Android Open Source Project - </li> - </ul> - <p> - Note that future releases of the Android NDK may introduce support for additional ABIs. If a device implementation is not compatible with an existing predefined ABI, it MUST NOT report support for any ABIs at all. - </p> - <p> - The following native code APIs MUST be available to apps that include native code: - </p> - <ul> - <li>libandroid.so (native Android activity support) - </li> - <li>libc (C library) - </li> - <li>libcamera2ndk.so - </li> - <li>libdl (dynamic linker) - </li> - <li>libEGL.so (native OpenGL surface management) - </li> - <li>libGLESv1_CM.so (OpenGL ES 1.x) - </li> - <li>libGLESv2.so (OpenGL ES 2.0) - </li> - <li>libGLESv3.so (OpenGL ES 3.x) - </li> - <li>libicui18n.so - </li> - <li>libicuuc.so - </li> - <li>libjnigraphics.so - </li> - <li>liblog (Android logging) - </li> - <li>libmediandk.so (native media APIs support) - </li> - <li>libm (math library) - </li> - <li>libOpenMAXAL.so (OpenMAX AL 1.0.1 support) - </li> - <li>libOpenSLES.so (OpenSL ES 1.0.1 audio support) - </li> - <li>libRS.so - </li> - <li>libstdc++ (Minimal support for C++) - </li> - <li>libvulkan.so (Vulkan) - </li> - <li>libz (Zlib compression) - </li> - <li>JNI interface - </li> - <li>Support for OpenGL, as described below - </li> - </ul> - <p> - For the native libraries listed above, the device implementation MUST NOT add or remove the public functions. - </p> - <p> - Native libraries not listed above but implemented and provided in AOSP as system libraries are reserved and MUST NOT be exposed to third-party apps targeting API level 24 or higher. - </p> - <p> - Device implementations MAY add non-AOSP libraries and expose them directly as an API to third-party apps but the additional libraries SHOULD be in <code>/vendor/lib</code> or <code>/vendor/lib64</code> and MUST be listed in <code>/vendor/etc/public.libraries.txt</code> . - </p> - <p> - Note that device implementations MUST include libGLESv3.so and in turn, MUST export all the OpenGL ES 3.1 and <a href="http://developer.android.com/guide/topics/graphics/opengl.html#aep">Android Extension Pack</a> function symbols as defined in the NDK release android-24. Although all the symbols must be present, only the corresponding functions for OpenGL ES versions and extensions actually supported by the device must be fully implemented. - </p> - <h5 id="3_3_1_1_graphic_libraries"> - 3.3.1.1. Graphic Libraries - </h5> - <p> - <a href="https://www.khronos.org/registry/vulkan/specs/1.0-wsi_extensions/xhtml/vkspec.html">Vulkan</a> is a low-overhead, cross-platform API for high-performance 3D graphics. Device implementations, even if not including support of the Vulkan APIs, MUST satisfy the following requirements: - </p> - <ul> - <li>It MUST always provide a native library named <code>libvulkan.so</code> which exports function symbols for the core Vulkan 1.0 API as well as the <code>VK_KHR_surface</code> , <code>VK_KHR_android_surface</code> , and <code>VK_KHR_swapchain</code> extensions. - </li> - </ul> - <p> - Device implementations, if including support of the Vulkan APIs: - </p> - <ul> - <li>MUST report, one or more <code>VkPhysicalDevices</code> through the <code>vkEnumeratePhysicalDevices</code> call. - </li> - <li>Each enumerated <code>VkPhysicalDevices</code> MUST fully implement the Vulkan 1.0 API. - </li> - <li>MUST report the correct <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_VULKAN_HARDWARE_LEVEL"><code>PackageManager#FEATURE_VULKAN_HARDWARE_LEVEL</code></a> and <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_VULKAN_HARDWARE_VERSION"><code>PackageManager#FEATURE_VULKAN_HARDWARE_VERSION</code></a> feature flags. - </li> - <li>MUST enumerate layers, contained in native libraries named <code>libVkLayer*.so</code> in the application package’s native library directory, through the <code>vkEnumerateInstanceLayerProperties</code> and <code>vkEnumerateDeviceLayerProperties</code> functions in <code>libvulkan.so</code> - </li> - <li>MUST NOT enumerate layers provided by libraries outside of the application package, or provide other ways of tracing or intercepting the Vulkan API, unless the application has the <code>android:debuggable=”true”</code> attribute. - </li> - </ul> - <p> - Device implementations, if not including support of the Vulkan APIs: - </p> - <ul> - <li>MUST report 0 <code>VkPhysicalDevices</code> through the <code>vkEnumeratePhysicalDevices</code> call. - </li> - <li>MUST NOT declare any of the Vulkan feature flags <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_VULKAN_HARDWARE_LEVEL"><code>PackageManager#FEATURE_VULKAN_HARDWARE_LEVEL</code></a> and <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_VULKAN_HARDWARE_VERSION"><code>PackageManager#FEATURE_VULKAN_HARDWARE_VERSION</code></a> . - </li> - </ul> - <h4 id="3_3_2_32-bit_arm_native_code_compatibility"> - 3.3.2. 32-bit ARM Native Code Compatibility - </h4> - <p> - The ARMv8 architecture deprecates several CPU operations, including some operations used in existing native code. On 64-bit ARM devices, the following deprecated operations MUST remain available to 32-bit native ARM code, either through native CPU support or through software emulation: - </p> - <ul> - <li>SWP and SWPB instructions - </li> - <li>SETEND instruction - </li> - <li>CP15ISB, CP15DSB, and CP15DMB barrier operations - </li> - </ul> - <p> - Legacy versions of the Android NDK used /proc/cpuinfo to discover CPU features from 32-bit ARM native code. For compatibility with applications built using this NDK, devices MUST include the following lines in /proc/cpuinfo when it is read by 32-bit ARM applications: - </p> - <ul> - <li>"Features: ", followed by a list of any optional ARMv7 CPU features supported by the device. - </li> - <li>"CPU architecture: ", followed by an integer describing the device's highest supported ARM architecture (e.g., "8" for ARMv8 devices). - </li> - </ul> - <p> - These requirements only apply when /proc/cpuinfo is read by 32-bit ARM applications. Devices SHOULD not alter /proc/cpuinfo when read by 64-bit ARM or non-ARM applications. - </p> - <h3 id="3_4_web_compatibility"> - 3.4. Web Compatibility - </h3> - <h4 id="3_4_1_webview_compatibility"> - 3.4.1. WebView Compatibility - </h4> - <div class="note"> - Android Watch devices MAY, but all other device implementations MUST provide a complete implementation of the android.webkit.Webview API. - </div> - <p> - The platform feature android.software.webview MUST be reported on any device that provides a complete implementation of the android.webkit.WebView API, and MUST NOT be reported on devices without a complete implementation of the API. The Android Open Source implementation uses code from the Chromium Project to implement the <a href="http://developer.android.com/reference/android/webkit/WebView.html">android.webkit.WebView</a> . Because it is not feasible to develop a comprehensive test suite for a web rendering system, device implementers MUST use the specific upstream build of Chromium in the WebView implementation. Specifically: - </p> - <ul> - <li>Device android.webkit.WebView implementations MUST be based on the <a href="http://www.chromium.org/">Chromium</a> build from the upstream Android Open Source Project for Android 7.1. This build includes a specific set of functionality and security fixes for the WebView. - </li> - <li> - <p> - The user agent string reported by the WebView MUST be in this format: + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + <h1> + 1. Introduction + </h1> + <p> + This document enumerates the requirements that must be met in order for devices to be compatible with Android 7.1. + </p> + <p> + The use of “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” is per the IETF standard defined in <a href="http://www.ietf.org/rfc/rfc2119.txt">RFC2119</a>. + </p> + <p> + As used in this document, a “device implementer” or “implementer” is a person or organization developing a hardware/software solution running Android 7.1. A “device implementation” or “implementation is the hardware/software solution so developed. + </p> + <p> + To be considered compatible with Android 7.1, device implementations MUST meet the requirements presented in this Compatibility Definition, including any documents incorporated via reference. + </p> + <p> + Where this definition or the software tests described in <a href="#10_software_compatibility_testing">section 10</a> is silent, ambiguous, or incomplete, it is the responsibility of the device implementer to ensure compatibility with existing implementations. + </p> + <p> + For this reason, the <a href="http://source.android.com/">Android Open Source Project</a> is both the reference and preferred implementation of Android. Device implementers are STRONGLY RECOMMENDED to base their implementations to the greatest extent possible on the “upstream” source code available from the Android Open Source Project. While some components can hypothetically be replaced with alternate implementations, it is STRONGLY RECOMMENDED to not follow this practice, as passing the software tests will become substantially more difficult. It is the implementer’s responsibility to ensure full behavioral compatibility with the standard Android implementation, including and beyond the Compatibility Test Suite. Finally, note that certain component substitutions and modifications are explicitly forbidden by this document. + </p> + <p> + Many of the resources linked to in this document are derived directly or indirectly from the Android SDK and will be functionally identical to the information in that SDK’s documentation. In any cases where this Compatibility Definition or the Compatibility Test Suite disagrees with the SDK documentation, the SDK documentation is considered authoritative. Any technical details provided in the linked resources throughout this document are considered by inclusion to be part of this Compatibility Definition. + </p> + <h1> + 2. Device Types + </h1> + <p> + While the Android Open Source Project has been used in the implementation of a variety of device types and form factors, many aspects of the architecture and compatibility requirements were optimized for handheld devices. Starting from Android 5.0, the Android Open Source Project aims to embrace a wider variety of device types as described in this section. + </p> + <p> + <strong>Android Handheld device</strong> refers to an Android device implementation that is typically used by holding it in the hand, such as mp3 players, phones, and tablets. Android Handheld device implementations: + </p> + <ul> + <li>MUST have a touchscreen embedded in the device. + </li> + <li>MUST have a power source that provides mobility, such as a battery. + </li> + </ul> + <p> + <strong>Android Television device</strong> refers to an Android device implementation that is an entertainment interface for consuming digital media, movies, games, apps, and/or live TV for users sitting about ten feet away (a “lean back” or “10-foot user interface”). Android Television devices: + </p> + <ul> + <li>MUST have an embedded screen OR include a video output port, such as VGA, HDMI, or a wireless port for display. + </li> + <li>MUST declare the features <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_LEANBACK">android.software.leanback</a> and android.hardware.type.television. + </li> + </ul> + <p> + <strong>Android Watch device</strong> refers to an Android device implementation intended to be worn on the body, perhaps on the wrist, and: + </p> + <ul> + <li>MUST have a screen with the physical diagonal length in the range from 1.1 to 2.5 inches. + </li> + <li>MUST declare the feature android.hardware.type.watch. + </li> + <li>MUST support uiMode = <a href="http://developer.android.com/reference/android/content/res/Configuration.html#UI_MODE_TYPE_WATCH">UI_MODE_TYPE_WATCH</a>. + </li> + </ul> + <p> + <strong>Android Automotive implementation</strong> refers to a vehicle head unit running Android as an operating system for part or all of the system and/or infotainment functionality. Android Automotive implementations: + </p> + <ul> + <li>MUST have a screen with the physical diagonal length equal to or greater than 6 inches. + </li> + <li>MUST declare the feature android.hardware.type.automotive. + </li> + <li>MUST support uiMode = <a href="http://developer.android.com/reference/android/content/res/Configuration.html#UI_MODE_TYPE_CAR">UI_MODE_TYPE_CAR</a>. + </li> + <li>Android Automotive implementations MUST support all public APIs in the <code>android.car.*</code> namespace. + </li> + </ul> + <p> + All Android device implementations that do not fit into any of the above device types still MUST meet all requirements in this document to be Android 7.1 compatible, unless the requirement is explicitly described to be only applicable to a specific Android device type from above. + </p> + <h2> + 2.1 Device Configurations + </h2> + <p> + This is a summary of major differences in hardware configuration by device type. (Empty cells denote a “MAY”). Not all configurations are covered in this table; see relevant hardware sections for more detail. + </p> + <table> + <tr> + <th> + Category + </th> + <th> + Feature + </th> + <th> + Section + </th> + <th> + Handheld + </th> + <th> + Television + </th> + <th> + Watch + </th> + <th> + Automotive + </th> + <th> + Other + </th> + </tr> + <tr> + <td rowspan="3"> + Input + </td> + <td> + D-pad + </td> + <td> + <a href="#7_2_2_non-touch-navigation">7.2.2. Non-touch Navigation</a> + </td> + <td></td> + <td> + MUST + </td> + <td></td> + <td></td> + <td></td> + </tr> + <tr> + <td> + Touchscreen + </td> + <td> + <a href="#7_2_4_touchscreen_input">7.2.4. Touchscreen input</a> + </td> + <td> + MUST + </td> + <td></td> + <td> + MUST + </td> + <td></td> + <td> + SHOULD + </td> + </tr> + <tr> + <td> + Microphone + </td> + <td> + <a href="#7_8_1_microphone">7.8.1. Microphone</a> + </td> + <td> + MUST + </td> + <td> + SHOULD + </td> + <td> + MUST + </td> + <td> + MUST + </td> + <td> + SHOULD + </td> + </tr> + <tr> + <td rowspan="2"> + Sensors + </td> + <td> + Accelerometer + </td> + <td> + <a href="#7_3_1_accelerometer">7.3.1 Accelerometer</a> + </td> + <td> + SHOULD + </td> + <td></td> + <td> + SHOULD + </td> + <td></td> + <td> + SHOULD + </td> + </tr> + <tr> + <td> + GPS + </td> + <td> + <a href="#7_3_3_gps">7.3.3. GPS</a> + </td> + <td> + SHOULD + </td> + <td></td> + <td></td> + <td> + SHOULD + </td> + <td></td> + </tr> + <tr> + <td rowspan="6"> + Connectivity + </td> + <td> + Wi-Fi + </td> + <td> + <a href="#7_4_2_ieee_802.11">7.4.2. IEEE 802.11</a> + </td> + <td> + SHOULD + </td> + <td> + SHOULD + </td> + <td></td> + <td> + SHOULD + </td> + <td> + SHOULD + </td> + </tr> + <tr> + <td> + Wi-Fi Direct + </td> + <td> + <a href="#7_4_2_1_wi-fi-direct">7.4.2.1. Wi-Fi Direct</a> + </td> + <td> + SHOULD + </td> + <td> + SHOULD + </td> + <td></td> + <td></td> + <td> + SHOULD + </td> + </tr> + <tr> + <td> + Bluetooth + </td> + <td> + <a href="#7_4_3_bluetooth">7.4.3. Bluetooth</a> + </td> + <td> + SHOULD + </td> + <td> + MUST + </td> + <td> + MUST + </td> + <td> + MUST + </td> + <td> + SHOULD + </td> + </tr> + <tr> + <td> + Bluetooth Low Energy + </td> + <td> + <a href="#7_4_3_bluetooth">7.4.3. Bluetooth</a> + </td> + <td> + SHOULD + </td> + <td> + MUST + </td> + <td> + SHOULD + </td> + <td> + SHOULD + </td> + <td> + SHOULD + </td> + </tr> + <tr> + <td> + Cellular radio + </td> + <td> + <a href="#7_4_5_minimum_network_capability">7.4.5. Minimum Network Capability</a> + </td> + <td></td> + <td></td> + <td></td> + <td> + SHOULD + </td> + <td></td> + </tr> + <tr> + <td> + USB peripheral/host mode + </td> + <td> + <a href="#7_7_usb">7.7. USB</a> + </td> + <td> + SHOULD + </td> + <td></td> + <td></td> + <td> + SHOULD + </td> + <td> + SHOULD + </td> + </tr> + <tr> + <td> + Output + </td> + <td> + Speaker and/or Audio output ports + </td> + <td> + <a href="#7_8_2_audio_output">7.8.2. Audio Output</a> + </td> + <td> + MUST + </td> + <td> + MUST + </td> + <td></td> + <td> + MUST + </td> + <td> + MUST + </td> + </tr> + </table> + <h1> + 3. Software + </h1> + <h2> + 3.1. Managed API Compatibility + </h2> + <p> + The managed Dalvik bytecode execution environment is the primary vehicle for Android applications. The Android application programming interface (API) is the set of Android platform interfaces exposed to applications running in the managed runtime environment. Device implementations MUST provide complete implementations, including all documented behaviors, of any documented API exposed by the <a href="http://developer.android.com/reference/packages.html">Android SDK</a> or any API decorated with the “@SystemApi” marker in the upstream Android source code. + </p> + <p> + Device implementations MUST support/preserve all classes, methods, and associated elements marked by the TestApi annotation (@TestApi). + </p> + <p> + Device implementations MUST NOT omit any managed APIs, alter API interfaces or signatures, deviate from the documented behavior, or include no-ops, except where specifically allowed by this Compatibility Definition. + </p> + <p> + This Compatibility Definition permits some types of hardware for which Android includes APIs to be omitted by device implementations. In such cases, the APIs MUST still be present and behave in a reasonable way. See <a href="#7_hardware_compatibility">section 7</a> for specific requirements for this scenario. + </p> + <h2> + 3.1.1. Android Extensions + </h2> + <p> + Android includes the support of extending the managed APIs while keeping the same API level version. Android device implementations MUST preload the AOSP implementation of both the shared library <code>ExtShared</code> and services <code>ExtServices</code> with versions higher than or equal to the minimum versions allowed per each API level. For example, Android 7.0 device implementations, running API level 24 MUST include at least version 1. + </p> + <h2> + 3.2. Soft API Compatibility + </h2> + <p> + In addition to the managed APIs from <a href="#3_1_managed_api_compatibility">section 3.1</a>, Android also includes a significant runtime-only “soft” API, in the form of such things as intents, permissions, and similar aspects of Android applications that cannot be enforced at application compile time. + </p> + <h3> + 3.2.1. Permissions + </h3> + <p> + Device implementers MUST support and enforce all permission constants as documented by the <a href="http://developer.android.com/reference/android/Manifest.permission.html">Permission reference page</a>. Note that <a href="#9_security_model_compatibility">section 9</a> lists additional requirements related to the Android security model. + </p> + <h3> + 3.2.2. Build Parameters + </h3> + <p> + The Android APIs include a number of constants on the <a href="http://developer.android.com/reference/android/os/Build.html">android.os.Build class</a> that are intended to describe the current device. To provide consistent, meaningful values across device implementations, the table below includes additional restrictions on the formats of these values to which device implementations MUST conform. + </p> + <table> + <tr> + <th> + Parameter + </th> + <th> + Details + </th> + </tr> + <tr> + <td> + VERSION.RELEASE + </td> + <td> + The version of the currently-executing Android system, in human-readable format. This field MUST have one of the string values defined in <a href="http://source.android.com/compatibility/7.1/versions.html">7.1</a>. + </td> + </tr> + <tr> + <td> + VERSION.SDK + </td> + <td> + The version of the currently-executing Android system, in a format accessible to third-party application code. For Android 7.1, this field MUST have the integer value 7.1_INT. + </td> + </tr> + <tr> + <td> + VERSION.SDK_INT + </td> + <td> + The version of the currently-executing Android system, in a format accessible to third-party application code. For Android 7.1, this field MUST have the integer value 7.1_INT. + </td> + </tr> + <tr> + <td> + VERSION.INCREMENTAL + </td> + <td> + A value chosen by the device implementer designating the specific build of the currently-executing Android system, in human-readable format. This value MUST NOT be reused for different builds made available to end users. A typical use of this field is to indicate which build number or source-control change identifier was used to generate the build. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). + </td> + </tr> + <tr> + <td> + BOARD + </td> + <td> + A value chosen by the device implementer identifying the specific internal hardware used by the device, in human-readable format. A possible use of this field is to indicate the specific revision of the board powering the device. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. + </td> + </tr> + <tr> + <td> + BRAND + </td> + <td> + A value reflecting the brand name associated with the device as known to the end users. MUST be in human-readable format and SHOULD represent the manufacturer of the device or the company brand under which the device is marketed. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. + </td> + </tr> + <tr> + <td> + SUPPORTED_ABIS + </td> + <td> + The name of the instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a>. + </td> + </tr> + <tr> + <td> + SUPPORTED_32_BIT_ABIS + </td> + <td> + The name of the instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a>. + </td> + </tr> + <tr> + <td> + SUPPORTED_64_BIT_ABIS + </td> + <td> + The name of the second instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a>. + </td> + </tr> + <tr> + <td> + CPU_ABI + </td> + <td> + The name of the instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a>. + </td> + </tr> + <tr> + <td> + CPU_ABI2 + </td> + <td> + The name of the second instruction set (CPU type + ABI convention) of native code. See <a href="#3_3_native_api_compatibility">section 3.3. Native API Compatibility</a>. + </td> + </tr> + <tr> + <td> + DEVICE + </td> + <td> + A value chosen by the device implementer containing the development name or code name identifying the configuration of the hardware features and industrial design of the device. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. This device name MUST NOT change during the lifetime of the product. + </td> + </tr> + <tr> + <td> + FINGERPRINT + </td> + <td> + A string that uniquely identifies this build. It SHOULD be reasonably human-readable. It MUST follow this template: + <p class="small"> + $(BRAND)/$(PRODUCT)/<br /> + $(DEVICE):$(VERSION.RELEASE)/$(ID)/$(VERSION.INCREMENTAL):$(TYPE)/$(TAGS) </p> <p> - Mozilla/5.0 (Linux; Android $(VERSION); $(MODEL) Build/$(BUILD); wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 $(CHROMIUM_VER) Mobile Safari/537.36 + For example: </p> - <ul> - <li>The value of the $(VERSION) string MUST be the same as the value for android.os.Build.VERSION.RELEASE. - </li> - <li>The value of the $(MODEL) string MUST be the same as the value for android.os.Build.MODEL. - </li> - <li>The value of the $(BUILD) string MUST be the same as the value for android.os.Build.ID. - </li> - <li>The value of the $(CHROMIUM_VER) string MUST be the version of Chromium in the upstream Android Open Source Project. - </li> - <li>Device implementations MAY omit Mobile in the user agent string. - </li> - </ul> - </li> - </ul> - <p> - The WebView component SHOULD include support for as many HTML5 features as possible and if it supports the feature SHOULD conform to the <a href="http://html.spec.whatwg.org/multipage/">HTML5 specification</a> . - </p> - <h4 id="3_4_2_browser_compatibility"> - 3.4.2. Browser Compatibility - </h4> - <div class="note"> - Android Television, Watch, and Android Automotive implementations MAY omit a browser application, but MUST support the public intent patterns as described in <a href="#3_2_3_1_core_application_intents">section 3.2.3.1</a> . All other types of device implementations MUST include a standalone Browser application for general user web browsing. - </div> - <p> - The standalone Browser MAY be based on a browser technology other than WebKit. However, even if an alternate Browser application is used, the android.webkit.WebView component provided to third-party applications MUST be based on WebKit, as described in <a href="#3_4_1_webview_compatibility">section 3.4.1</a> . - </p> - <p> - Implementations MAY ship a custom user agent string in the standalone Browser application. - </p> - <p> - The standalone Browser application (whether based on the upstream WebKit Browser application or a third-party replacement) SHOULD include support for as much of <a href="http://html.spec.whatwg.org/multipage/">HTML5</a> as possible. Minimally, device implementations MUST support each of these APIs associated with HTML5: - </p> - <ul> - <li> - <a href="http://www.w3.org/html/wg/drafts/html/master/browsers.html#offline">application cache/offline operation</a> - </li> - <li> - <a href="http://www.w3.org/html/wg/drafts/html/master/semantics.html#video"><video> tag</a> - </li> - <li> - <a href="http://www.w3.org/TR/geolocation-API/">geolocation</a> - </li> - </ul> - <p> - Additionally, device implementations MUST support the HTML5/W3C <a href="http://www.w3.org/TR/webstorage/">webstorage API</a> and SHOULD support the HTML5/W3C <a href="http://www.w3.org/TR/IndexedDB/">IndexedDB API</a> . Note that as the web development standards bodies are transitioning to favor IndexedDB over webstorage, IndexedDB is expected to become a required component in a future version of Android. - </p> - <h3 id="3_5_api_behavioral_compatibility"> - 3.5. API Behavioral Compatibility - </h3> - <p> - The behaviors of each of the API types (managed, soft, native, and web) must be consistent with the preferred implementation of the upstream <a href="http://source.android.com/">Android Open Source Project</a> . Some specific areas of compatibility are: - </p> - <ul> - <li>Devices MUST NOT change the behavior or semantics of a standard intent. - </li> - <li>Devices MUST NOT alter the lifecycle or lifecycle semantics of a particular type of system component (such as Service, Activity, ContentProvider, etc.). - </li> - <li>Devices MUST NOT change the semantics of a standard permission. - </li> - </ul> - <p> - The above list is not comprehensive. The Compatibility Test Suite (CTS) tests significant portions of the platform for behavioral compatibility, but not all. It is the responsibility of the implementer to ensure behavioral compatibility with the Android Open Source Project. For this reason, device implementers SHOULD use the source code available via the Android Open Source Project where possible, rather than re-implement significant parts of the system. - </p> - <h3 id="3_6_api_namespaces"> - 3.6. API Namespaces - </h3> - <p> - Android follows the package and class namespace conventions defined by the Java programming language. To ensure compatibility with third-party applications, device implementers MUST NOT make any prohibited modifications (see below) to these package namespaces: - </p> - <ul> - <li>java.* - </li> - <li>javax.* - </li> - <li>sun.* - </li> - <li>android.* - </li> - <li>com.android.* - </li> - </ul> - <p> - <strong>Prohibited modifications include</strong> : - </p> - <ul> - <li>Device implementations MUST NOT modify the publicly exposed APIs on the Android platform by changing any method or class signatures, or by removing classes or class fields. - </li> - <li>Device implementers MAY modify the underlying implementation of the APIs, but such modifications MUST NOT impact the stated behavior and Java-language signature of any publicly exposed APIs. - </li> - <li>Device implementers MUST NOT add any publicly exposed elements (such as classes or interfaces, or fields or methods to existing classes or interfaces) to the APIs above. - </li> - </ul> - <p> - A “publicly exposed element” is any construct that is not decorated with the“@hide” marker as used in the upstream Android source code. In other words, device implementers MUST NOT expose new APIs or alter existing APIs in the namespaces noted above. Device implementers MAY make internal-only modifications, but those modifications MUST NOT be advertised or otherwise exposed to developers. - </p> - <p> - Device implementers MAY add custom APIs, but any such APIs MUST NOT be in a namespace owned by or referring to another organization. For instance, device implementers MUST NOT add APIs to the com.google.* or similar namespace: only Google may do so. Similarly, Google MUST NOT add APIs to other companies' namespaces. Additionally, if a device implementation includes custom APIs outside the standard Android namespace, those APIs MUST be packaged in an Android shared library so that only apps that explicitly use them (via the <uses-library> mechanism) are affected by the increased memory usage of such APIs. - </p> - <p> - If a device implementer proposes to improve one of the package namespaces above (such as by adding useful new functionality to an existing API, or adding a new API), the implementer SHOULD visit <a href="http://source.android.com/">source.android.com</a> and begin the process for contributing changes and code, according to the information on that site. - </p> - <p> - Note that the restrictions above correspond to standard conventions for naming APIs in the Java programming language; this section simply aims to reinforce those conventions and make them binding through inclusion in this Compatibility Definition. - </p> - <h3 id="3_7_runtime_compatibility"> - 3.7. Runtime Compatibility - </h3> - <p> - Device implementations MUST support the full Dalvik Executable (DEX) format and <a href="https://android.googlesource.com/platform/dalvik/">Dalvik bytecode specification and semantics</a> . Device implementers SHOULD use ART, the reference upstream implementation of the Dalvik Executable Format, and the reference implementation’s package management system. - </p> - <p> - Device implementations MUST configure Dalvik runtimes to allocate memory in accordance with the upstream Android platform, and as specified by the following table. (See <a href="#7_1_1_screen_configuration">section 7.1.1</a> for screen size and screen density definitions.) Note that memory values specified below are considered minimum values and device implementations MAY allocate more memory per application. - </p> - <table> - <tr> - <th> - Screen Layout - </th> - <th> - Screen Density - </th> - <th> - Minimum Application Memory - </th> - </tr> - <tr> - <td rowspan="12"> - Android Watch - </td> - <td> - 120 dpi (ldpi) - </td> - <td rowspan="3"> - 32MB - </td> - </tr> - <tr> - <td> - 160 dpi (mdpi) - </td> - </tr> - <tr> - <td> - 213 dpi (tvdpi) - </td> - </tr> - <tr> - <td> - 240 dpi (hdpi) - </td> - <td rowspan="2"> - 36MB - </td> - </tr> - <tr> - <td> - 280 dpi (280dpi) - </td> - </tr> - <tr> - <td> - 320 dpi (xhdpi) - </td> - <td rowspan="2"> - 48MB - </td> - </tr> - <tr> - <td> - 360 dpi (360dpi) - </td> - </tr> - <tr> - <td> - 400 dpi (400dpi) - </td> - <td> - 56MB - </td> - </tr> - <tr> - <td> - 420 dpi (420dpi) - </td> - <td> - 64MB - </td> - </tr> - <tr> - <td> - 480 dpi (xxhdpi) - </td> - <td> - 88MB - </td> - </tr> - <tr> - <td> - 560 dpi (560dpi) - </td> - <td> - 112MB - </td> - </tr> - <tr> - <td> - 640 dpi (xxxhdpi) - </td> - <td> - 154MB - </td> - </tr> - <tr> - <td rowspan="12"> - small/normal - </td> - <td> - 120 dpi (ldpi) - </td> - <td rowspan="2"> - 32MB - </td> - </tr> - <tr> - <td> - 160 dpi (mdpi) - </td> - </tr> - <tr> - <td> - 213 dpi (tvdpi) - </td> - <td rowspan="3"> - 48MB - </td> - </tr> - <tr> - <td> - 240 dpi (hdpi) - </td> - </tr> - <tr> - <td> - 280 dpi (280dpi) - </td> - </tr> - <tr> - <td> - 320 dpi (xhdpi) - </td> - <td rowspan="2"> - 80MB - </td> - </tr> - <tr> - <td> - 360 dpi (360dpi) - </td> - </tr> - <tr> - <td> - 400 dpi (400dpi) - </td> - <td> - 96MB - </td> - </tr> - <tr> - <td> - 420 dpi (420dpi) - </td> - <td> - 112MB - </td> - </tr> - <tr> - <td> - 480 dpi (xxhdpi) - </td> - <td> - 128MB - </td> - </tr> - <tr> - <td> - 560 dpi (560dpi) - </td> - <td> - 192MB - </td> - </tr> - <tr> - <td> - 640 dpi (xxxhdpi) - </td> - <td> - 256MB - </td> - </tr> - <tr> - <td rowspan="12"> - large - </td> - <td> - 120 dpi (ldpi) - </td> - <td> - 32MB - </td> - </tr> - <tr> - <td> - 160 dpi (mdpi) - </td> - <td> - 48MB - </td> - </tr> - <tr> - <td> - 213 dpi (tvdpi) - </td> - <td rowspan="2"> - 80MB - </td> - </tr> - <tr> - <td> - 240 dpi (hdpi) - </td> - </tr> - <tr> - <td> - 280 dpi (280dpi) - </td> - <td> - 96MB - </td> - </tr> - <tr> - <td> - 320 dpi (xhdpi) - </td> - <td> - 128MB - </td> - </tr> - <tr> - <td> - 360 dpi (360dpi) - </td> - <td> - 160MB - </td> - </tr> - <tr> - <td> - 400 dpi (400dpi) - </td> - <td> - 192MB - </td> - </tr> - <tr> - <td> - 420 dpi (420dpi) - </td> - <td> - 228MB - </td> - </tr> - <tr> - <td> - 480 dpi (xxhdpi) - </td> - <td> - 256MB - </td> - </tr> - <tr> - <td> - 560 dpi (560dpi) - </td> - <td> - 384MB - </td> - </tr> - <tr> - <td> - 640 dpi (xxxhdpi) - </td> - <td> - 512MB - </td> - </tr> - <tr> - <td rowspan="12"> - xlarge - </td> - <td> - 120 dpi (ldpi) - </td> - <td> - 48MB - </td> - </tr> - <tr> - <td> - 160 dpi (mdpi) - </td> - <td> - 80MB - </td> - </tr> - <tr> - <td> - 213 dpi (tvdpi) - </td> - <td rowspan="2"> - 96MB - </td> - </tr> - <tr> - <td> - 240 dpi (hdpi) - </td> - </tr> - <tr> - <td> - 280 dpi (280dpi) - </td> - <td> - 144MB - </td> - </tr> - <tr> - <td> - 320 dpi (xhdpi) - </td> - <td> - 192MB - </td> - </tr> - <tr> - <td> - 360 dpi (360dpi) - </td> - <td> - 240MB - </td> - </tr> - <tr> - <td> - 400 dpi (400dpi) - </td> - <td> - 288MB - </td> - </tr> - <tr> - <td> - 420 dpi (420dpi) - </td> - <td> - 336MB - </td> - </tr> - <tr> - <td> - 480 dpi (xxhdpi) - </td> - <td> - 384MB - </td> - </tr> - <tr> - <td> - 560 dpi (560dpi) - </td> - <td> - 576MB - </td> - </tr> - <tr> - <td> - 640 dpi (xxxhdpi) - </td> - <td> - 768MB - </td> - </tr> - </table> - <h3 id="3_8_user_interface_compatibility"> - 3.8. User Interface Compatibility - </h3> - <h4 id="3_8_1_launcher_(home_screen)"> - 3.8.1. Launcher (Home Screen) - </h4> - <p> - Android includes a launcher application (home screen) and support for third-party applications to replace the device launcher (home screen). Device implementations that allow third-party applications to replace the device home screen MUST declare the platform feature android.software.home_screen. - </p> - <h4 id="3_8_2_widgets"> - 3.8.2. Widgets - </h4> - <div class="note"> - Widgets are optional for all Android device implementations, but SHOULD be supported on Android Handheld devices. - </div> - <p> - Android defines a component type and corresponding API and lifecycle that allows applications to expose an <a href="http://developer.android.com/guide/practices/ui_guidelines/widget_design.html">“AppWidget”</a> to the end user, a feature that is STRONGLY RECOMMENDED to be supported on Handheld Device implementations. Device implementations that support embedding widgets on the home screen MUST meet the following requirements and declare support for platform feature android.software.app_widgets. - </p> - <ul> - <li>Device launchers MUST include built-in support for AppWidgets and expose user interface affordances to add, configure, view, and remove AppWidgets directly within the Launcher. - </li> - <li>Device implementations MUST be capable of rendering widgets that are 4 x 4 in the standard grid size. See the <a href="http://developer.android.com/guide/practices/ui_guidelines/widget_design.html">App Widget Design Guidelines</a> in the Android SDK documentation for details. - </li> - <li>Device implementations that include support for lock screen MAY support application widgets on the lock screen. - </li> - <li>SHOULD trigger the fast-switch action between the two most recently used apps, when the recents function key is tapped twice. - </li> - <li>SHOULD trigger the split-screen multiwindow-mode, if supported, when the recents functions key is long pressed. - </li> - </ul> - <h4 id="3_8_3_notifications"> - 3.8.3. Notifications - </h4> - <p> - Android includes APIs that allow developers to <a href="http://developer.android.com/guide/topics/ui/notifiers/notifications.html">notify users of notable events</a> using hardware and software features of the device. - </p> - <p> - Some APIs allow applications to perform notifications or attract attention using hardware—specifically sound, vibration, and light. Device implementations MUST support notifications that use hardware features, as described in the SDK documentation, and to the extent possible with the device implementation hardware. For instance, if a device implementation includes a vibrator, it MUST correctly implement the vibration APIs. If a device implementation lacks hardware, the corresponding APIs MUST be implemented as no-ops. This behavior is further detailed in <a href="#7_hardware_compatibility">section 7</a> . - </p> - <p> - Additionally, the implementation MUST correctly render all <a href="https://developer.android.com/guide/topics/resources/available-resources.html">resources</a> (icons, animation files etc.) provided for in the APIs, or in the Status/System Bar <a href="http://developer.android.com/design/style/iconography.html">icon style guide</a> , which in the case of an Android Television device includes the possibility to not display the notifications. Device implementers MAY provide an alternative user experience for notifications than that provided by the reference Android Open Source implementation; however, such alternative notification systems MUST support existing notification resources, as above. - </p> - <div class="note"> - Android Automotive implementations MAY manage the visibility and timing of notifications to mitigate driver distraction, but MUST display notifications that use <a href="https://developer.android.com/reference/android/app/Notification.CarExtender.html">CarExtender</a> when requested by applications. - </div> - <p> - Android includes support for various notifications, such as: - </p> - <ul> - <li> - <strong>Rich notifications</strong> . Interactive Views for ongoing notifications. - </li> - <li> - <strong>Heads-up notifications</strong> . Interactive Views users can act on or dismiss without leaving the current app. - </li> - <li> - <strong>Lock screen notifications</strong> . Notifications shown over a lock screen with granular control on visibility. - </li> - </ul> - <p> - Android device implementations, when such notifications are made visible, MUST properly execute Rich and Heads-up notifications and include the title/name, icon, text as <a href="https://developer.android.com/design/patterns/notifications.html">documented in the Android APIs</a> . - </p> - <p> - Android includes Notification Listener Service APIs that allow apps (once explicitly enabled by the user) to receive a copy of all notifications as they are posted or updated. Device implementations MUST correctly and promptly send notifications in their entirety to all such installed and user-enabled listener services, including any and all metadata attached to the Notification object. - </p> - <p> - Handheld device implementations MUST support the behaviors of updating, removing, replying to, and bundling notifications as described in this <a href="https://developer.android.com/guide/topics/ui/notifiers/notifications.html#Managing">section</a> . - </p> - <p> - Also, handheld device implementations MUST provide: - </p> - <ul> - <li>The ability to control notifications directly in the notification shade. - </li> - <li>The visual affordance to trigger the control panel in the notification shade. - </li> - <li>The ability to BLOCK, MUTE and RESET notification preference from a package, both in the inline control panel as well as in the settings app. - </li> - </ul> - <p> - All 6 direct subclasses of the <code>Notification.Style class</code> MUST be supported as described in the <a href="https://developer.android.com/reference/android/app/Notification.Style.html">SDK documents</a> . - </p> - <p> - Device implementations that support the DND (Do not Disturb) feature MUST meet the following requirements: - </p> - <ul> - <li>MUST implement an activity where the user can grant or deny the app access to DND policy configurations in response to the intent <a href="https://developer.android.com/reference/android/provider/Settings.html#ACTION_NOTIFICATION_POLICY_ACCESS_SETTINGS">ACTION_NOTIFICATION_POLICY_ACCESS_SETTINGS</a> . - </li> - <li>MUST display <a href="https://developer.android.com/reference/android/app/NotificationManager.html#addAutomaticZenRule%28android.app.AutomaticZenRule%29">Automatic DND rules</a> created by applications alongside the user-created and pre-defined rules. - </li> - <li>MUST honor the <a href="https://developer.android.com/reference/android/app/NotificationManager.Policy.html#suppressedVisualEffects"><code>suppressedVisualEffects</code></a> values passed along the <a href="https://developer.android.com/reference/android/app/NotificationManager.Policy.html#NotificationManager.Policy%28int,%20int,%20int,%20int%29"><code>NotificationManager.Policy</code></a> and if an app has set any of the SUPPRESSED_EFFECT_SCREEN_OFF or SUPPRESSED_EFFECT_SCREEN_ON flags, it SHOULD indicate to the user that the visual effects are suppressed in the DND settings menu. - </li> - </ul> - <h4 id="3_8_4_search"> - 3.8.4. Search - </h4> - <p> - Android includes APIs that allow developers to <a href="http://developer.android.com/reference/android/app/SearchManager.html">incorporate search</a> into their applications and expose their application’s data into the global system search. Generally speaking, this functionality consists of a single, system-wide user interface that allows users to enter queries, displays suggestions as users type, and displays results. The Android APIs allow developers to reuse this interface to provide search within their own apps and allow developers to supply results to the common global search user interface. - </p> - <p> - Android device implementations SHOULD include global search, a single, shared, system-wide search user interface capable of real-time suggestions in response to user input. Device implementations SHOULD implement the APIs that allow developers to reuse this user interface to provide search within their own applications. Device implementations that implement the global search interface MUST implement the APIs that allow third-party applications to add suggestions to the search box when it is run in global search mode. If no third-party applications are installed that make use of this functionality, the default behavior SHOULD be to display web search engine results and suggestions. - </p> - <p> - Android device implementations SHOULD, and Android Automotive implementations MUST, implement an assistant on the device to handle the <a href="http://developer.android.com/reference/android/content/Intent.html#ACTION_ASSIST">Assist action</a> . - </p> - <p> - Android also includes the <a href="https://developer.android.com/reference/android/app/assist/package-summary.html">Assist APIs</a> to allow applications to elect how much information of the current context is shared with the assistant on the device. Device implementations supporting the Assist action MUST indicate clearly to the end user when the context is shared by displaying a white light around the edges of the screen. To ensure clear visibility to the end user, the indication MUST meet or exceed the duration and brightness of the Android Open Source Project implementation. - </p> - <p> - This indication MAY be disabled by default for preinstalled apps using the Assist and VoiceInteractionService API, if all following requirements are met: - </p> - <ul> - <li> - <p> - The preinstalled app MUST request the context to be shared only when the user invoked the app by one of the following means, and the app is running in the foreground: + <p class="small"> + acme/myproduct/<br /> + mydevice:7.1/LMYXX/3359:userdebug/test-keys </p> - <ul> - <li>hotword invocation - </li> - <li>input of the ASSIST navigation key/button/gesture - </li> - </ul> - </li> - <li> <p> - The device implementation MUST provide an affordance to enable the indication, less than two navigations away from (the default voice input and assistant app settings menu) <a href="#3_2_3_5_default_app_settings">section 3.2.3.5</a> . + The fingerprint MUST NOT include whitespace characters. If other fields included in the template above have whitespace characters, they MUST be replaced in the build fingerprint with another character, such as the underscore ("_") character. The value of this field MUST be encodable as 7-bit ASCII. </p> - </li> - </ul> - <h4 id="3_8_5_toasts"> - 3.8.5. Toasts - </h4> - <p> - Applications can use the <a href="http://developer.android.com/reference/android/widget/Toast.html">“Toast” API</a> to display short non-modal strings to the end user that disappear after a brief period of time. Device implementations MUST display Toasts from applications to end users in some high-visibility manner. - </p> - <h4 id="3_8_6_themes"> - 3.8.6. Themes - </h4> - <p> - Android provides “themes” as a mechanism for applications to apply styles across an entire Activity or application. - </p> - <p> - Android includes a “Holo” theme family as a set of defined styles for application developers to use if they want to match the <a href="http://developer.android.com/guide/topics/ui/themes.html">Holo theme look and feel</a> as defined by the Android SDK. Device implementations MUST NOT alter any of the <a href="http://developer.android.com/reference/android/R.style.html">Holo theme attributes</a> exposed to applications. - </p> - <p> - Android includes a “Material” theme family as a set of defined styles for application developers to use if they want to match the design theme’s look and feel across the wide variety of different Android device types. Device implementations MUST support the “Material” theme family and MUST NOT alter any of the <a href="http://developer.android.com/reference/android/R.style.html#Theme_Material">Material theme attributes</a> or their assets exposed to applications. - </p> - <p> - Android also includes a “Device Default” theme family as a set of defined styles for application developers to use if they want to match the look and feel of the device theme as defined by the device implementer. Device implementations MAY modify the <a href="http://developer.android.com/reference/android/R.style.html">Device Default theme attributes</a> exposed to applications. - </p> - <p> - Android supports a variant theme with translucent system bars, which allows application developers to fill the area behind the status and navigation bar with their app content. To enable a consistent developer experience in this configuration, it is important the status bar icon style is maintained across different device implementations. Therefore, Android device implementations MUST use white for system status icons (such as signal strength and battery level) and notifications issued by the system, unless the icon is indicating a problematic status or an app requests a light status bar using the SYSTEM_UI_FLAG_LIGHT_STATUS_BAR flag. When an app requests a light status bar, Android device implementations MUST change the color of the system status icons to black (for details, refer to <a href="http://developer.android.com/reference/android/R.style.html">R.style</a> ). - </p> - <h4 id="3_8_7_live_wallpapers"> - 3.8.7. Live Wallpapers - </h4> - <p> - Android defines a component type and corresponding API and lifecycle that allows applications to expose one or more <a href="http://developer.android.com/reference/android/service/wallpaper/WallpaperService.html">“Live Wallpapers”</a> to the end user. Live wallpapers are animations, patterns, or similar images with limited input capabilities that display as a wallpaper, behind other applications. - </p> - <p> - Hardware is considered capable of reliably running live wallpapers if it can run all live wallpapers, with no limitations on functionality, at a reasonable frame rate with no adverse effects on other applications. If limitations in the hardware cause wallpapers and/or applications to crash, malfunction, consume excessive CPU or battery power, or run at unacceptably low frame rates, the hardware is considered incapable of running live wallpaper. As an example, some live wallpapers may use an OpenGL 2.0 or 3.x context to render their content. Live wallpaper will not run reliably on hardware that does not support multiple OpenGL contexts because the live wallpaper use of an OpenGL context may conflict with other applications that also use an OpenGL context. - </p> - <p> - Device implementations capable of running live wallpapers reliably as described above SHOULD implement live wallpapers, and when implemented MUST report the platform feature flag android.software.live_wallpaper. - </p> - <h4 id="3_8_8_activity_switching"> - 3.8.8. Activity Switching - </h4> - <div class="note"> - As the Recent function navigation key is OPTIONAL, the requirement to implement the overview screen is OPTIONAL for Android Watch and Android Automotive implementations, and RECOMMENDED for Android Television devices. There SHOULD still be a method to switch between activities on Android Automotive implementations. - </div> - <p> - The upstream Android source code includes the <a href="http://developer.android.com/guide/components/recents.html">overview screen</a> , a system-level user interface for task switching and displaying recently accessed activities and tasks using a thumbnail image of the application’s graphical state at the moment the user last left the application. Device implementations including the recents function navigation key as detailed in <a href="#7_2_3_navigation_keys">section 7.2.3</a> MAY alter the interface but MUST meet the following requirements: - </p> - <ul> - <li>MUST support at least up to 20 displayed activities. - </li> - <li>SHOULD display the titles of at least 4 activities at a time. - </li> - <li>MUST implement the <a href="http://developer.android.com/about/versions/android-5.0.html#ScreenPinning">screen pinning behavior</a> and provide the user with a settings menu to toggle the feature. - </li> - <li>SHOULD display highlight color, icon, screen title in recents. - </li> - <li>SHOULD display a closing affordance ("x") but MAY delay this until user interacts with screens. - </li> - <li>SHOULD implement a shortcut to switch easily to the previous activity - </li> - <li>MAY display affiliated recents as a group that moves together. - </li> - </ul> - <p> - Device implementations are STRONGLY RECOMMENDED to use the upstream Android user interface (or a similar thumbnail-based interface) for the overview screen. - </p> - <h4 id="3_8_9_input_management"> - 3.8.9. Input Management - </h4> - <p> - Android includes support for <a href="http://developer.android.com/guide/topics/text/creating-input-method.html">Input Management</a> and support for third-party input method editors. Device implementations that allow users to use third-party input methods on the device MUST declare the platform feature android.software.input_methods and support IME APIs as defined in the Android SDK documentation. - </p> - <p> - Device implementations that declare the android.software.input_methods feature MUST provide a user-accessible mechanism to add and configure third-party input methods. Device implementations MUST display the settings interface in response to the android.settings.INPUT_METHOD_SETTINGS intent. - </p> - <h4 id="3_8_10_lock_screen_media_control"> - 3.8.10. Lock Screen Media Control - </h4> - <p> - The Remote Control Client API is deprecated from Android 5.0 in favor of the <a href="http://developer.android.com/reference/android/app/Notification.MediaStyle.html">Media Notification Template</a> that allows media applications to integrate with playback controls that are displayed on the lock screen. Device implementations that support a lock screen, unless an Android Automotive or Watch implementation, MUST display the Lock screen Notifications including the Media Notification Template. - </p> - <h4 id="3_8_11_screen_savers_(previously_dreams)"> - 3.8.11. Screen savers (previously Dreams) - </h4> - <p> - Android includes support for <a href="http://developer.android.com/reference/android/service/dreams/DreamService.html">interactivescreensavers</a> , previously referred to as Dreams. Screen savers allow users to interact with applications when a device connected to a power source is idle or docked in a desk dock. Android Watch devices MAY implement screen savers, but other types of device implementations SHOULD include support for screen savers and provide a settings option for users toconfigure screen savers in response to the <code>android.settings.DREAM_SETTINGS</code> intent. - </p> - <h4 id="3_8_12_location"> - 3.8.12. Location - </h4> - <p> - When a device has a hardware sensor (e.g. GPS) that is capable of providing the location coordinates, <a href="http://developer.android.com/reference/android/provider/Settings.Secure.html#LOCATION_MODE">location modes</a> MUST be displayed in the Location menu within Settings. - </p> - <h4 id="3_8_13_unicode_and_font"> - 3.8.13. Unicode and Font - </h4> - <p> - Android includes support for the emoji characters defined in <a href="http://www.unicode.org/versions/Unicode9.0.0/">Unicode 9.0</a> . All device implementations MUST be capable of rendering these emoji characters in color glyph and when Android device implementations include an IME, it SHOULD provide an input method to the user for these emoji characters. - </p> - <p> - Android handheld devices SHOULD support the skin tone and diverse family emojis as specified in the <a href="http://unicode.org/reports/tr51">Unicode Technical Report #51</a> . - </p> - <p> - Android includes support for Roboto 2 font with different weights—sans-serif-thin, sans-serif-light, sans-serif-medium, sans-serif-black, sans-serif-condensed, sans-serif-condensed-light—which MUST all be included for the languages available on the device and full Unicode 7.0 coverage of Latin, Greek, and Cyrillic, including the Latin Extended A, B, C, and D ranges, and all glyphs in the currency symbols block of Unicode 7.0. - </p> - <h4 id="3_8_14_multi-windows"> - 3.8.14. Multi-windows - </h4> - <p> - A device implementation MAY choose not to implement any multi-window modes, but if it has the capability to display multiple activities at the same time it MUST implement such multi-window mode(s) in accordance with the application behaviors and APIs described in the Android SDK <a href="https://developer.android.com/preview/features/multi-window.html">multi-window mode support documentation</a> and meet the following requirements: - </p> - <ul> - <li>Applications can indicate whether they are capable of operating in multi-window mode in the AndroidManifest.xml file, either explicitly via the <a href="https://developer.android.com/reference/android/R.attr.html#resizeableActivity"><code>android:resizeableActivity</code></a> attribute or implicitly by having the targetSdkVersion > 24. Apps that explicitly set this attribute to false in their manifest MUST not be launched in multi-window mode. Apps that don't set the attribute in their manifest file (targetSdkVersion < 24) can be launched in multi-window mode, but the system MUST provide warning that the app may not work as expected in multi-window mode. - </li> - <li>Device implementations MUST NOT offer split-screen or freeform mode if both the screen height and width is less than 440 dp. - </li> - <li>Device implementations with screen size <code>xlarge</code> SHOULD support freeform mode. - </li> - <li>Android Television device implementations MUST support picture-in-picture (PIP) mode multi-window and place the PIP multi-window in the top right corner when PIP is ON. - </li> - <li>Device implementations with PIP mode multi-window support MUST allocate at least 240x135 dp for the PIP window. - </li> - <li>If the PIP multi-window mode is supported the <a href="https://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_WINDOW"><code>KeyEvent.KEYCODE_WINDOW</code></a> key MUST be used to control the PIP window; otherwise, the key MUST be available to the foreground activity. - </li> - </ul> - <h3 id="3_9_device_administration"> - 3.9. Device Administration - </h3> - <p> - Android includes features that allow security-aware applications to perform device administration functions at the system level, such as enforcing password policies or performing remote wipe, through the <a href="http://developer.android.com/guide/topics/admin/device-admin.html">Android Device Administration API</a> ]. Device implementations MUST provide an implementation of the <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html">DevicePolicyManager</a> class. Device implementations that supports a secure lock screen MUST implement the full range of <a href="http://developer.android.com/guide/topics/admin/device-admin.html">device administration</a> policies defined in the Android SDK documentation and report the platform feature android.software.device_admin. - </p> - <h4 id="3_9_1_device_provisioning"> - 3.9.1 Device Provisioning - </h4> - <h5 id="3_9_1_1_device_owner_provisioning"> - 3.9.1.1 Device owner provisioning - </h5> - <p> - If a device implementation declares the <code>android.software.device_admin</code> feature then it MUST implement the provisioning of the <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#isDeviceOwnerApp(java.lang.String)">Device Owner app</a> of a Device Policy Client (DPC) application as indicated below: - </p> - <ul> - <li>When the device implementation has no user data configured yet, it: - <ul> - <li>MUST report <code>true</code> for <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#isProvisioningAllowed(java.lang.String)"><code>DevicePolicyManager.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE)</code></a> . - </li> - <li>MUST enroll the DPC application as the Device Owner app in response to the intent action <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#ACTION_PROVISION_MANAGED_DEVICE"><code>android.app.action.PROVISION_MANAGED_DEVICE</code></a> . - </li> - <li>MUST enroll the DPC application as the Device Owner app if the device declares Near-Field Communications (NFC) support via the feature flag <code>android.hardware.nfc</code> and receives an NFC message containing a record with MIME type <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#MIME_TYPE_PROVISIONING_NFC"><code>MIME_TYPE_PROVISIONING_NFC</code></a> . - </li> - </ul> - </li> - <li>When the device implementation has user data, it: - <ul> - <li>MUST report <code>false</code> for the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#isProvisioningAllowed(java.lang.String)"><code>DevicePolicyManager.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE)</code></a> . - </li> - <li>MUST not enroll any DPC application as the Device Owner App any more. - </li> - </ul> - </li> - </ul> - <p> - Device implementations MAY have a preinstalled application performing device administration functions but this application MUST NOT be set as the Device Owner app without explicit consent or action from the user or the administrator of the device. - </p> - <h5 id="3_9_1_2_managed_profile_provisioning"> - 3.9.1.2 Managed profile provisioning - </h5> - <p> - If a device implementation declares the android.software.managed_users, it MUST be possible to enroll a Device Policy Controller (DPC) application as the <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#isProfileOwnerApp(java.lang.String)">owner of a new Managed Profile</a> . - </p> - <p> - The managed profile provisioning process (the flow initiated by <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#ACTION_PROVISION_MANAGED_PROFILE">android.app.action.PROVISION_MANAGED_PROFILE</a> ) user experience MUST align with the AOSP implementation. - </p> - <p> - Device implementations MUST provide the following user affordances within the Settings user interface to indicate to the user when a particular system function has been disabled by the Device Policy Controller (DPC): - </p> - <ul> - <li>A consistent icon or other user affordance (for example the upstream AOSP info icon) to represent when a particular setting is restricted by a Device Admin. - </li> - <li>A short explanation message, as provided by the Device Admin via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setShortSupportMessage%28android.content.ComponentName,%20java.lang.CharSequence%29"><code>setShortSupportMessage</code></a> . - </li> - <li>The DPC application’s icon. - </li> - </ul> - <h3 id="3_9_2_managed_profile_support"> - 3.9.2 Managed Profile Support - </h3> - <p> - Managed profile capable devices are those devices that: - </p> - <ul> - <li>Declare android.software.device_admin (see <a href="#3_9_device_administration">section 3.9 Device Administration</a> ). - </li> - <li>Are not low RAM devices (see <a href="#7_6_1_minimum_memory_and_storage">section 7.6.1</a> ). - </li> - <li>Allocate internal (non-removable) storage as shared storage (see <a href="#7_6_2_application_shared_storage">section 7.6.2</a> ). - </li> - </ul> - <p> - Managed profile capable devices MUST: - </p> - <ul> - <li>Declare the platform feature flag <code>android.software.managed_users</code> . - </li> - <li>Support managed profiles via the <code>android.app.admin.DevicePolicyManager</code> APIs. - </li> - <li>Allow one and only <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#ACTION_PROVISION_MANAGED_PROFILE">one managed profile to be created</a> . - </li> - <li>Use an icon badge (similar to the AOSP upstream work badge) to represent the managed applications and widgets and other badged UI elements like Recents & Notifications. - </li> - <li>Display a notification icon (similar to the AOSP upstream work badge) to indicate when user is within a managed profile application. - </li> - <li>Display a toast indicating that the user is in the managed profile if and when the device wakes up (ACTION_USER_PRESENT) and the foreground application is within the managed profile. - </li> - <li>Where a managed profile exists, show a visual affordance in the Intent 'Chooser' to allow the user to forward the intent from the managed profile to the primary user or vice versa, if enabled by the Device Policy Controller. - </li> - <li>Where a managed profile exists, expose the following user affordances for both the primary user and the managed profile: + </td> + </tr> + <tr> + <td> + HARDWARE + </td> + <td> + The name of the hardware (from the kernel command line or /proc). It SHOULD be reasonably human-readable. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. + </td> + </tr> + <tr> + <td> + HOST + </td> + <td> + A string that uniquely identifies the host the build was built on, in human-readable format. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). + </td> + </tr> + <tr> + <td> + ID + </td> + <td> + An identifier chosen by the device implementer to refer to a specific release, in human-readable format. This field can be the same as android.os.Build.VERSION.INCREMENTAL, but SHOULD be a value sufficiently meaningful for end users to distinguish between software builds. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9._-]+$”. + </td> + </tr> + <tr> + <td> + MANUFACTURER + </td> + <td> + The trade name of the Original Equipment Manufacturer (OEM) of the product. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). + </td> + </tr> + <tr> + <td> + MODEL + </td> + <td> + A value chosen by the device implementer containing the name of the device as known to the end user. This SHOULD be the same name under which the device is marketed and sold to end users. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). + </td> + </tr> + <tr> + <td> + PRODUCT + </td> + <td> + A value chosen by the device implementer containing the development name or code name of the specific product (SKU) that MUST be unique within the same brand. MUST be human-readable, but is not necessarily intended for view by end users. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. This product name MUST NOT change during the lifetime of the product. + </td> + </tr> + <tr> + <td> + SERIAL + </td> + <td> + A hardware serial number, which MUST be available and unique across devices with the same MODEL and MANUFACTURER. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^([a-zA-Z0-9]{6,20})$”. + </td> + </tr> + <tr> + <td> + TAGS + </td> + <td> + A comma-separated list of tags chosen by the device implementer that further distinguishes the build. This field MUST have one of the values corresponding to the three typical Android platform signing configurations: release-keys, dev-keys, test-keys. + </td> + </tr> + <tr> + <td> + TIME + </td> + <td> + A value representing the timestamp of when the build occurred. + </td> + </tr> + <tr> + <td> + TYPE + </td> + <td> + A value chosen by the device implementer specifying the runtime configuration of the build. This field MUST have one of the values corresponding to the three typical Android runtime configurations: user, userdebug, or eng. + </td> + </tr> + <tr> + <td> + USER + </td> + <td> + A name or user ID of the user (or automated user) that generated the build. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). + </td> + </tr> + <tr> + <td> + SECURITY_PATCH + </td> + <td> + A value indicating the security patch level of a build. It MUST signify that the build is not in any way vulnerable to any of the issues described up through the designated Android Public Security Bulletin. It MUST be in the format [YYYY-MM-DD], matching a defined string documented in the <a href="source.android.com/security/bulletin">Android Public Security Bulletin</a> or in the <a href="http://source.android.com/security/advisory">Android Security Advisory</a>, for example "2015-11-01". + </td> + </tr> + <tr> + <td> + BASE_OS + </td> + <td> + A value representing the FINGERPRINT parameter of the build that is otherwise identical to this build except for the patches provided in the Android Public Security Bulletin. It MUST report the correct value and if such a build does not exist, report an empty string (""). + </td> + </tr> + </table> + <h3> + 3.2.3. Intent Compatibility + </h3> + <h4> + 3.2.3.1. Core Application Intents + </h4> + <p> + Android intents allow application components to request functionality from other Android components. The Android upstream project includes a list of applications considered core Android applications, which implements several intent patterns to perform common actions. The core Android applications are: + </p> + <ul> + <li>Desk Clock + </li> + <li>Browser + </li> + <li>Calendar + </li> + <li>Contacts + </li> + <li>Gallery + </li> + <li>GlobalSearch + </li> + <li>Launcher + </li> + <li>Music + </li> + <li>Settings + </li> + </ul> + <p> + Device implementations MUST include the core Android applications as appropriate or a component implementing the same intent patterns defined by all the Activity or Service components of these core Android applications exposed to other applications, implicitly or explicitly, through the <code>android:exported</code> attribute. + </p> + <h4> + 3.2.3.2. Intent Resolution + </h4> + <p> + As Android is an extensible platform, device implementations MUST allow each intent pattern referenced in <a href="#3_2_3_1_core_application_intents">section 3.2.3.1</a> to be overridden by third-party applications. The upstream Android open source implementation allows this by default; device implementers MUST NOT attach special privileges to system applications' use of these intent patterns, or prevent third-party applications from binding to and assuming control of these patterns. This prohibition specifically includes but is not limited to disabling the “Chooser” user interface that allows the user to select between multiple applications that all handle the same intent pattern. + </p> + <p> + Device implementations MUST provide a user interface for users to modify the default activity for intents. + </p> + <p> + However, device implementations MAY provide default activities for specific URI patterns (e.g. http://play.google.com) when the default activity provides a more specific attribute for the data URI. For example, an intent filter pattern specifying the data URI “http://www.android.com” is more specific than the browser's core intent pattern for “http://”. + </p> + <p> + Android also includes a mechanism for third-party apps to declare an authoritative default <a href="https://developer.android.com/training/app-links">app linking behavior</a> for certain types of web URI intents. When such authoritative declarations are defined in an app's intent filter patterns, device implementations: + </p> + <ul> + <li>MUST attempt to validate any intent filters by performing the validation steps defined in the <a href="https://developers.google.com/digital-asset-links">Digital Asset Links specification</a> as implemented by the Package Manager in the upstream Android Open Source Project. + </li> + <li>MUST attempt validation of the intent filters during the installation of the application and set all successfully validated UIR intent filters as default app handlers for their UIRs. + </li> + <li>MAY set specific URI intent filters as default app handlers for their URIs, if they are successfully verified but other candidate URI filters fail verification. If a device implementation does this, it MUST provide the user appropriate per-URI pattern overrides in the settings menu. + </li> + <li>MUST provide the user with per-app App Links controls in Settings as follows: + <ul> + <li>The user MUST be able to override holistically the default app links behavior for an app to be: always open, always ask, or never open, which must apply to all candidate URI intent filters equally. + </li> + <li>The user MUST be able to see a list of the candidate URI intent filters. + </li> + <li>The device implementation MAY provide the user with the ability to override specific candidate URI intent filters that were successfully verified, on a per-intent filter basis. + </li> + <li>The device implementation MUST provide users with the ability to view and override specific candidate URI intent filters if the device implementation lets some candidate URI intent filters succeed verification while some others can fail. + </li> + </ul> + </li> + </ul> + <h4> + 3.2.3.3. Intent Namespaces + </h4> + <p> + Device implementations MUST NOT include any Android component that honors any new intent or broadcast intent patterns using an ACTION, CATEGORY, or other key string in the android. <em>or com.android.</em> namespace. Device implementers MUST NOT include any Android components that honor any new intent or broadcast intent patterns using an ACTION, CATEGORY, or other key string in a package space belonging to another organization. Device implementers MUST NOT alter or extend any of the intent patterns used by the core apps listed in <a href="#3_2_3_1_core_application_intents">section 3.2.3.1</a>. Device implementations MAY include intent patterns using namespaces clearly and obviously associated with their own organization. This prohibition is analogous to that specified for Java language classes in <a href="#3_6_api_namespaces">section 3.6</a>. + </p> + <h4> + 3.2.3.4. Broadcast Intents + </h4> + <p> + Third-party applications rely on the platform to broadcast certain intents to notify them of changes in the hardware or software environment. Android-compatible devices MUST broadcast the public broadcast intents in response to appropriate system events. Broadcast intents are described in the SDK documentation. + </p> + <h4> + 3.2.3.5. Default App Settings + </h4> + <p> + Android includes settings that provide users an easy way to select their default applications, for example for Home screen or SMS. Where it makes sense, device implementations MUST provide a similar settings menu and be compatible with the intent filter pattern and API methods described in the SDK documentation as below. + </p> + <p> + Device implementations: + </p> + <ul> + <li>MUST honor the <a href="http://developer.android.com/reference/android/provider/Settings.html#ACTION_HOME_SETTINGS">android.settings.HOME_SETTINGS</a> intent to show a default app settings menu for Home Screen, if the device implementation reports android.software.home_screen. + </li> + <li>MUST provide a settings menu that will call the <a href="http://developer.android.com/reference/android/provider/Telephony.Sms.Intents.html">android.provider.Telephony.ACTION_CHANGE_DEFAULT</a> intent to show a dialog to change the default SMS application, if the device implementation reports android.hardware.telephony. + </li> + <li>MUST honor the <a href="http://developer.android.com/reference/android/provider/Settings.html#ACTION_NFC_PAYMENT_SETTINGS">android.settings.NFC_PAYMENT_SETTINGS</a> intent to show a default app settings menu for Tap and Pay, if the device implementation reports android.hardware.nfc.hce. + </li> + <li>MUST honor the <a href="https://developer.android.com/reference/android/telecom/TelecomManager.html#ACTION_CHANGE_DEFAULT_DIALER">android.telecom.action.CHANGE_DEFAULT_DIALER</a> intent to show a dialog to allow the user to change the default Phone application, if the device implementation reports <code>android.hardware.telephony</code>. + </li> + <li>MUST honor the <a href="https://developer.android.com/reference/android/provider/Settings.html#ACTION_VOICE_INPUT_SETTINGS">android.settings.ACTION_VOICE_INPUT_SETTINGS</a> intent when the device supports the VoiceInteractionService and show a default app settings menu for voice input and assist. + </li> + </ul> + <h2> + 3.3. Native API Compatibility + </h2> + <p> + Native code compatibility is challenging. For this reason, device implementers are <strong>STRONGLY RECOMMENDED</strong> to use the implementations of the libraries listed below from the upstream Android Open Source Project. + </p> + <h3> + 3.3.1. Application Binary Interfaces + </h3> + <p> + Managed Dalvik bytecode can call into native code provided in the application .apk file as an ELF .so file compiled for the appropriate device hardware architecture. As native code is highly dependent on the underlying processor technology, Android defines a number of Application Binary Interfaces (ABIs) in the Android NDK. Device implementations MUST be compatible with one or more defined ABIs, and MUST implement compatibility with the Android NDK, as below. + </p> + <p> + If a device implementation includes support for an Android ABI, it: + </p> + <ul> + <li>MUST include support for code running in the managed environment to call into native code, using the standard Java Native Interface (JNI) semantics. + </li> + <li>MUST be source-compatible (i.e. header compatible) and binary-compatible (for the ABI) with each required library in the list below. + </li> + <li>MUST support the equivalent 32-bit ABI if any 64-bit ABI is supported. + </li> + <li>MUST accurately report the native Application Binary Interface (ABI) supported by the device, via the android.os.Build.SUPPORTED_ABIS, android.os.Build.SUPPORTED_32_BIT_ABIS, and android.os.Build.SUPPORTED_64_BIT_ABIS parameters, each a comma separated list of ABIs ordered from the most to the least preferred one. + </li> + <li>MUST report, via the above parameters, only those ABIs documented and described in the latest version of the <a href="https://developer.android.com/ndk/guides/abis.html">Android NDK ABI Management documentation</a>, and MUST include support for the <a href="http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0388f/Beijfcja.html">Advanced SIMD</a> (a.k.a. NEON) extension. + </li> + <li>SHOULD be built using the source code and header files available in the upstream Android Open Source Project + </li> + </ul> + <p> + Note that future releases of the Android NDK may introduce support for additional ABIs. If a device implementation is not compatible with an existing predefined ABI, it MUST NOT report support for any ABIs at all. + </p> + <p> + The following native code APIs MUST be available to apps that include native code: + </p> + <ul> + <li>libandroid.so (native Android activity support) + </li> + <li>libc (C library) + </li> + <li>libcamera2ndk.so + </li> + <li>libdl (dynamic linker) + </li> + <li>libEGL.so (native OpenGL surface management) + </li> + <li>libGLESv1_CM.so (OpenGL ES 1.x) + </li> + <li>libGLESv2.so (OpenGL ES 2.0) + </li> + <li>libGLESv3.so (OpenGL ES 3.x) + </li> + <li>libicui18n.so + </li> + <li>libicuuc.so + </li> + <li>libjnigraphics.so + </li> + <li>liblog (Android logging) + </li> + <li>libmediandk.so (native media APIs support) + </li> + <li>libm (math library) + </li> + <li>libOpenMAXAL.so (OpenMAX AL 1.0.1 support) + </li> + <li>libOpenSLES.so (OpenSL ES 1.0.1 audio support) + </li> + <li>libRS.so + </li> + <li>libstdc++ (Minimal support for C++) + </li> + <li>libvulkan.so (Vulkan) + </li> + <li>libz (Zlib compression) + </li> + <li>JNI interface + </li> + <li>Support for OpenGL, as described below + </li> + </ul> + <p> + For the native libraries listed above, the device implementation MUST NOT add or remove the public functions. + </p> + <p> + Native libraries not listed above but implemented and provided in AOSP as system libraries are reserved and MUST NOT be exposed to third-party apps targeting API level 24 or higher. + </p> + <p> + Device implementations MAY add non-AOSP libraries and expose them directly as an API to third-party apps but the additional libraries SHOULD be in <code>/vendor/lib</code> or <code>/vendor/lib64</code> and MUST be listed in <code>/vendor/etc/public.libraries.txt</code>. + </p> + <p> + Note that device implementations MUST include libGLESv3.so and in turn, MUST export all the OpenGL ES 3.1 and <a href="http://developer.android.com/guide/topics/graphics/opengl.html#aep">Android Extension Pack</a> function symbols as defined in the NDK release android-24. Although all the symbols must be present, only the corresponding functions for OpenGL ES versions and extensions actually supported by the device must be fully implemented. + </p> + <h4> + 3.3.1.1. Graphic Libraries + </h4> + <p> + <a href="https://www.khronos.org/registry/vulkan/specs/1.0-wsi_extensions/xhtml/vkspec.html">Vulkan</a> is a low-overhead, cross-platform API for high-performance 3D graphics. Device implementations, even if not including support of the Vulkan APIs, MUST satisfy the following requirements: + </p> + <ul> + <li>It MUST always provide a native library named <code>libvulkan.so</code> which exports function symbols for the core Vulkan 1.0 API as well as the <code>VK_KHR_surface</code>, <code>VK_KHR_android_surface</code>, and <code>VK_KHR_swapchain</code> extensions. + </li> + </ul> + <p> + Device implementations, if including support of the Vulkan APIs: + </p> + <ul> + <li>MUST report, one or more <code>VkPhysicalDevices</code> through the <code>vkEnumeratePhysicalDevices</code> call. + </li> + <li>Each enumerated <code>VkPhysicalDevices</code> MUST fully implement the Vulkan 1.0 API. + </li> + <li>MUST report the correct <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_VULKAN_HARDWARE_LEVEL"><code>PackageManager#FEATURE_VULKAN_HARDWARE_LEVEL</code></a> and <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_VULKAN_HARDWARE_VERSION"><code>PackageManager#FEATURE_VULKAN_HARDWARE_VERSION</code></a> feature flags. + </li> + <li>MUST enumerate layers, contained in native libraries named <code>libVkLayer*.so</code> in the application package’s native library directory, through the <code>vkEnumerateInstanceLayerProperties</code> and <code>vkEnumerateDeviceLayerProperties</code> functions in <code>libvulkan.so</code> + </li> + <li>MUST NOT enumerate layers provided by libraries outside of the application package, or provide other ways of tracing or intercepting the Vulkan API, unless the application has the <code>android:debuggable=”true”</code> attribute. + </li> + </ul> + <p> + Device implementations, if not including support of the Vulkan APIs: + </p> + <ul> + <li>MUST report 0 <code>VkPhysicalDevices</code> through the <code>vkEnumeratePhysicalDevices</code> call. + </li> + <li>MUST NOT declare any of the Vulkan feature flags <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_VULKAN_HARDWARE_LEVEL"><code>PackageManager#FEATURE_VULKAN_HARDWARE_LEVEL</code></a> and <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html#FEATURE_VULKAN_HARDWARE_VERSION"><code>PackageManager#FEATURE_VULKAN_HARDWARE_VERSION</code></a>. + </li> + </ul> + <h3> + 3.3.2. 32-bit ARM Native Code Compatibility + </h3> + <p> + The ARMv8 architecture deprecates several CPU operations, including some operations used in existing native code. On 64-bit ARM devices, the following deprecated operations MUST remain available to 32-bit native ARM code, either through native CPU support or through software emulation: + </p> + <ul> + <li>SWP and SWPB instructions + </li> + <li>SETEND instruction + </li> + <li>CP15ISB, CP15DSB, and CP15DMB barrier operations + </li> + </ul> + <p> + Legacy versions of the Android NDK used /proc/cpuinfo to discover CPU features from 32-bit ARM native code. For compatibility with applications built using this NDK, devices MUST include the following lines in /proc/cpuinfo when it is read by 32-bit ARM applications: + </p> + <ul> + <li>"Features: ", followed by a list of any optional ARMv7 CPU features supported by the device. + </li> + <li>"CPU architecture: ", followed by an integer describing the device's highest supported ARM architecture (e.g., "8" for ARMv8 devices). + </li> + </ul> + <p> + These requirements only apply when /proc/cpuinfo is read by 32-bit ARM applications. Devices SHOULD not alter /proc/cpuinfo when read by 64-bit ARM or non-ARM applications. + </p> + <h2> + 3.4. Web Compatibility + </h2> + <h3> + 3.4.1. WebView Compatibility + </h3> + <div class="note"> + Android Watch devices MAY, but all other device implementations MUST provide a complete implementation of the android.webkit.Webview API. + </div> + <p> + The platform feature android.software.webview MUST be reported on any device that provides a complete implementation of the android.webkit.WebView API, and MUST NOT be reported on devices without a complete implementation of the API. The Android Open Source implementation uses code from the Chromium Project to implement the <a href="http://developer.android.com/reference/android/webkit/WebView.html">android.webkit.WebView</a>. Because it is not feasible to develop a comprehensive test suite for a web rendering system, device implementers MUST use the specific upstream build of Chromium in the WebView implementation. Specifically: + </p> + <ul> + <li>Device android.webkit.WebView implementations MUST be based on the <a href="http://www.chromium.org/">Chromium</a> build from the upstream Android Open Source Project for Android 7.1. This build includes a specific set of functionality and security fixes for the WebView. + </li> + <li> + <p> + The user agent string reported by the WebView MUST be in this format: + </p> + <p> + Mozilla/5.0 (Linux; Android $(VERSION); $(MODEL) Build/$(BUILD); wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 $(CHROMIUM_VER) Mobile Safari/537.36 + </p> + <ul> + <li>The value of the $(VERSION) string MUST be the same as the value for android.os.Build.VERSION.RELEASE. + </li> + <li>The value of the $(MODEL) string MUST be the same as the value for android.os.Build.MODEL. + </li> + <li>The value of the $(BUILD) string MUST be the same as the value for android.os.Build.ID. + </li> + <li>The value of the $(CHROMIUM_VER) string MUST be the version of Chromium in the upstream Android Open Source Project. + </li> + <li>Device implementations MAY omit Mobile in the user agent string. + </li> + </ul> + </li> + </ul> + <p> + The WebView component SHOULD include support for as many HTML5 features as possible and if it supports the feature SHOULD conform to the <a href="http://html.spec.whatwg.org/multipage/">HTML5 specification</a>. + </p> + <h3> + 3.4.2. Browser Compatibility + </h3> + <div class="note"> + Android Television, Watch, and Android Automotive implementations MAY omit a browser application, but MUST support the public intent patterns as described in <a href="#3_2_3_1_core_application_intents">section 3.2.3.1</a>. All other types of device implementations MUST include a standalone Browser application for general user web browsing. + </div> + <p> + The standalone Browser MAY be based on a browser technology other than WebKit. However, even if an alternate Browser application is used, the android.webkit.WebView component provided to third-party applications MUST be based on WebKit, as described in <a href="#3_4_1_webview_compatibility">section 3.4.1</a>. + </p> + <p> + Implementations MAY ship a custom user agent string in the standalone Browser application. + </p> + <p> + The standalone Browser application (whether based on the upstream WebKit Browser application or a third-party replacement) SHOULD include support for as much of <a href="http://html.spec.whatwg.org/multipage/">HTML5</a> as possible. Minimally, device implementations MUST support each of these APIs associated with HTML5: + </p> + <ul> + <li> + <a href="http://www.w3.org/html/wg/drafts/html/master/browsers.html#offline">application cache/offline operation</a> + </li> + <li> + <a href="http://www.w3.org/html/wg/drafts/html/master/semantics.html#video"><video> tag</a> + </li> + <li> + <a href="http://www.w3.org/TR/geolocation-API/">geolocation</a> + </li> + </ul> + <p> + Additionally, device implementations MUST support the HTML5/W3C <a href="http://www.w3.org/TR/webstorage/">webstorage API</a> and SHOULD support the HTML5/W3C <a href="http://www.w3.org/TR/IndexedDB/">IndexedDB API</a>. Note that as the web development standards bodies are transitioning to favor IndexedDB over webstorage, IndexedDB is expected to become a required component in a future version of Android. + </p> + <h2> + 3.5. API Behavioral Compatibility + </h2> + <p> + The behaviors of each of the API types (managed, soft, native, and web) must be consistent with the preferred implementation of the upstream <a href="http://source.android.com/">Android Open Source Project</a>. Some specific areas of compatibility are: + </p> + <ul> + <li>Devices MUST NOT change the behavior or semantics of a standard intent. + </li> + <li>Devices MUST NOT alter the lifecycle or lifecycle semantics of a particular type of system component (such as Service, Activity, ContentProvider, etc.). + </li> + <li>Devices MUST NOT change the semantics of a standard permission. + </li> + </ul> + <p> + The above list is not comprehensive. The Compatibility Test Suite (CTS) tests significant portions of the platform for behavioral compatibility, but not all. It is the responsibility of the implementer to ensure behavioral compatibility with the Android Open Source Project. For this reason, device implementers SHOULD use the source code available via the Android Open Source Project where possible, rather than re-implement significant parts of the system. + </p> + <h2> + 3.6. API Namespaces + </h2> + <p> + Android follows the package and class namespace conventions defined by the Java programming language. To ensure compatibility with third-party applications, device implementers MUST NOT make any prohibited modifications (see below) to these package namespaces: + </p> + <ul> + <li>java.* + </li> + <li>javax.* + </li> + <li>sun.* + </li> + <li>android.* + </li> + <li>com.android.* + </li> + </ul> + <p> + <strong>Prohibited modifications include</strong>: + </p> + <ul> + <li>Device implementations MUST NOT modify the publicly exposed APIs on the Android platform by changing any method or class signatures, or by removing classes or class fields. + </li> + <li>Device implementers MAY modify the underlying implementation of the APIs, but such modifications MUST NOT impact the stated behavior and Java-language signature of any publicly exposed APIs. + </li> + <li>Device implementers MUST NOT add any publicly exposed elements (such as classes or interfaces, or fields or methods to existing classes or interfaces) to the APIs above. + </li> + </ul> + <p> + A “publicly exposed element” is any construct that is not decorated with the“@hide” marker as used in the upstream Android source code. In other words, device implementers MUST NOT expose new APIs or alter existing APIs in the namespaces noted above. Device implementers MAY make internal-only modifications, but those modifications MUST NOT be advertised or otherwise exposed to developers. + </p> + <p> + Device implementers MAY add custom APIs, but any such APIs MUST NOT be in a namespace owned by or referring to another organization. For instance, device implementers MUST NOT add APIs to the com.google.* or similar namespace: only Google may do so. Similarly, Google MUST NOT add APIs to other companies' namespaces. Additionally, if a device implementation includes custom APIs outside the standard Android namespace, those APIs MUST be packaged in an Android shared library so that only apps that explicitly use them (via the <uses-library> mechanism) are affected by the increased memory usage of such APIs. + </p> + <p> + If a device implementer proposes to improve one of the package namespaces above (such as by adding useful new functionality to an existing API, or adding a new API), the implementer SHOULD visit <a href="http://source.android.com/">source.android.com</a> and begin the process for contributing changes and code, according to the information on that site. + </p> + <p> + Note that the restrictions above correspond to standard conventions for naming APIs in the Java programming language; this section simply aims to reinforce those conventions and make them binding through inclusion in this Compatibility Definition. + </p> + <h2> + 3.7. Runtime Compatibility + </h2> + <p> + Device implementations MUST support the full Dalvik Executable (DEX) format and <a href="https://android.googlesource.com/platform/dalvik/">Dalvik bytecode specification and semantics</a>. Device implementers SHOULD use ART, the reference upstream implementation of the Dalvik Executable Format, and the reference implementation’s package management system. + </p> + <p> + Device implementations MUST configure Dalvik runtimes to allocate memory in accordance with the upstream Android platform, and as specified by the following table. (See <a href="#7_1_1_screen_configuration">section 7.1.1</a> for screen size and screen density definitions.) Note that memory values specified below are considered minimum values and device implementations MAY allocate more memory per application. + </p> + <table> + <tr> + <th> + Screen Layout + </th> + <th> + Screen Density + </th> + <th> + Minimum Application Memory + </th> + </tr> + <tr> + <td rowspan="12"> + Android Watch + </td> + <td> + 120 dpi (ldpi) + </td> + <td rowspan="3"> + 32MB + </td> + </tr> + <tr> + <td> + 160 dpi (mdpi) + </td> + </tr> + <tr> + <td> + 213 dpi (tvdpi) + </td> + </tr> + <tr> + <td> + 240 dpi (hdpi) + </td> + <td rowspan="2"> + 36MB + </td> + </tr> + <tr> + <td> + 280 dpi (280dpi) + </td> + </tr> + <tr> + <td> + 320 dpi (xhdpi) + </td> + <td rowspan="2"> + 48MB + </td> + </tr> + <tr> + <td> + 360 dpi (360dpi) + </td> + </tr> + <tr> + <td> + 400 dpi (400dpi) + </td> + <td> + 56MB + </td> + </tr> + <tr> + <td> + 420 dpi (420dpi) + </td> + <td> + 64MB + </td> + </tr> + <tr> + <td> + 480 dpi (xxhdpi) + </td> + <td> + 88MB + </td> + </tr> + <tr> + <td> + 560 dpi (560dpi) + </td> + <td> + 112MB + </td> + </tr> + <tr> + <td> + 640 dpi (xxxhdpi) + </td> + <td> + 154MB + </td> + </tr> + <tr> + <td rowspan="12"> + small/normal + </td> + <td> + 120 dpi (ldpi) + </td> + <td rowspan="2"> + 32MB + </td> + </tr> + <tr> + <td> + 160 dpi (mdpi) + </td> + </tr> + <tr> + <td> + 213 dpi (tvdpi) + </td> + <td rowspan="3"> + 48MB + </td> + </tr> + <tr> + <td> + 240 dpi (hdpi) + </td> + </tr> + <tr> + <td> + 280 dpi (280dpi) + </td> + </tr> + <tr> + <td> + 320 dpi (xhdpi) + </td> + <td rowspan="2"> + 80MB + </td> + </tr> + <tr> + <td> + 360 dpi (360dpi) + </td> + </tr> + <tr> + <td> + 400 dpi (400dpi) + </td> + <td> + 96MB + </td> + </tr> + <tr> + <td> + 420 dpi (420dpi) + </td> + <td> + 112MB + </td> + </tr> + <tr> + <td> + 480 dpi (xxhdpi) + </td> + <td> + 128MB + </td> + </tr> + <tr> + <td> + 560 dpi (560dpi) + </td> + <td> + 192MB + </td> + </tr> + <tr> + <td> + 640 dpi (xxxhdpi) + </td> + <td> + 256MB + </td> + </tr> + <tr> + <td rowspan="12"> + large + </td> + <td> + 120 dpi (ldpi) + </td> + <td> + 32MB + </td> + </tr> + <tr> + <td> + 160 dpi (mdpi) + </td> + <td> + 48MB + </td> + </tr> + <tr> + <td> + 213 dpi (tvdpi) + </td> + <td rowspan="2"> + 80MB + </td> + </tr> + <tr> + <td> + 240 dpi (hdpi) + </td> + </tr> + <tr> + <td> + 280 dpi (280dpi) + </td> + <td> + 96MB + </td> + </tr> + <tr> + <td> + 320 dpi (xhdpi) + </td> + <td> + 128MB + </td> + </tr> + <tr> + <td> + 360 dpi (360dpi) + </td> + <td> + 160MB + </td> + </tr> + <tr> + <td> + 400 dpi (400dpi) + </td> + <td> + 192MB + </td> + </tr> + <tr> + <td> + 420 dpi (420dpi) + </td> + <td> + 228MB + </td> + </tr> + <tr> + <td> + 480 dpi (xxhdpi) + </td> + <td> + 256MB + </td> + </tr> + <tr> + <td> + 560 dpi (560dpi) + </td> + <td> + 384MB + </td> + </tr> + <tr> + <td> + 640 dpi (xxxhdpi) + </td> + <td> + 512MB + </td> + </tr> + <tr> + <td rowspan="12"> + xlarge + </td> + <td> + 120 dpi (ldpi) + </td> + <td> + 48MB + </td> + </tr> + <tr> + <td> + 160 dpi (mdpi) + </td> + <td> + 80MB + </td> + </tr> + <tr> + <td> + 213 dpi (tvdpi) + </td> + <td rowspan="2"> + 96MB + </td> + </tr> + <tr> + <td> + 240 dpi (hdpi) + </td> + </tr> + <tr> + <td> + 280 dpi (280dpi) + </td> + <td> + 144MB + </td> + </tr> + <tr> + <td> + 320 dpi (xhdpi) + </td> + <td> + 192MB + </td> + </tr> + <tr> + <td> + 360 dpi (360dpi) + </td> + <td> + 240MB + </td> + </tr> + <tr> + <td> + 400 dpi (400dpi) + </td> + <td> + 288MB + </td> + </tr> + <tr> + <td> + 420 dpi (420dpi) + </td> + <td> + 336MB + </td> + </tr> + <tr> + <td> + 480 dpi (xxhdpi) + </td> + <td> + 384MB + </td> + </tr> + <tr> + <td> + 560 dpi (560dpi) + </td> + <td> + 576MB + </td> + </tr> + <tr> + <td> + 640 dpi (xxxhdpi) + </td> + <td> + 768MB + </td> + </tr> + </table> + <h2> + 3.8. User Interface Compatibility + </h2> + <h3> + 3.8.1. Launcher (Home Screen) + </h3> + <p> + Android includes a launcher application (home screen) and support for third-party applications to replace the device launcher (home screen). Device implementations that allow third-party applications to replace the device home screen MUST declare the platform feature android.software.home_screen. + </p> + <h3> + 3.8.2. Widgets + </h3> + <div class="note"> + Widgets are optional for all Android device implementations, but SHOULD be supported on Android Handheld devices. + </div> + <p> + Android defines a component type and corresponding API and lifecycle that allows applications to expose an <a href="http://developer.android.com/guide/practices/ui_guidelines/widget_design.html">“AppWidget”</a> to the end user, a feature that is STRONGLY RECOMMENDED to be supported on Handheld Device implementations. Device implementations that support embedding widgets on the home screen MUST meet the following requirements and declare support for platform feature android.software.app_widgets. + </p> + <ul> + <li>Device launchers MUST include built-in support for AppWidgets and expose user interface affordances to add, configure, view, and remove AppWidgets directly within the Launcher. + </li> + <li>Device implementations MUST be capable of rendering widgets that are 4 x 4 in the standard grid size. See the <a href="http://developer.android.com/guide/practices/ui_guidelines/widget_design.html">App Widget Design Guidelines</a> in the Android SDK documentation for details. + </li> + <li>Device implementations that include support for lock screen MAY support application widgets on the lock screen. + </li> + </ul> + <h3> + 3.8.3. Notifications + </h3> + <p> + Android includes APIs that allow developers to <a href="http://developer.android.com/guide/topics/ui/notifiers/notifications.html">notify users of notable events</a> using hardware and software features of the device. + </p> + <p> + Some APIs allow applications to perform notifications or attract attention using hardware—specifically sound, vibration, and light. Device implementations MUST support notifications that use hardware features, as described in the SDK documentation, and to the extent possible with the device implementation hardware. For instance, if a device implementation includes a vibrator, it MUST correctly implement the vibration APIs. If a device implementation lacks hardware, the corresponding APIs MUST be implemented as no-ops. This behavior is further detailed in <a href="#7_hardware_compatibility">section 7</a>. + </p> + <p> + Additionally, the implementation MUST correctly render all <a href="https://developer.android.com/guide/topics/resources/available-resources.html">resources</a> (icons, animation files etc.) provided for in the APIs, or in the Status/System Bar <a href="http://developer.android.com/design/style/iconography.html">icon style guide</a>, which in the case of an Android Television device includes the possibility to not display the notifications. Device implementers MAY provide an alternative user experience for notifications than that provided by the reference Android Open Source implementation; however, such alternative notification systems MUST support existing notification resources, as above. + </p> + <div class="note"> + Android Automotive implementations MAY manage the visibility and timing of notifications to mitigate driver distraction, but MUST display notifications that use <a href="https://developer.android.com/reference/android/app/Notification.CarExtender.html">CarExtender</a> when requested by applications. + </div> + <p> + Android includes support for various notifications, such as: + </p> + <ul> + <li> + <strong>Rich notifications</strong>. Interactive Views for ongoing notifications. + </li> + <li> + <strong>Heads-up notifications</strong>. Interactive Views users can act on or dismiss without leaving the current app. + </li> + <li> + <strong>Lock screen notifications</strong>. Notifications shown over a lock screen with granular control on visibility. + </li> + </ul> + <p> + Android device implementations, when such notifications are made visible, MUST properly execute Rich and Heads-up notifications and include the title/name, icon, text as <a href="https://developer.android.com/design/patterns/notifications.html">documented in the Android APIs</a>. + </p> + <p> + Android includes Notification Listener Service APIs that allow apps (once explicitly enabled by the user) to receive a copy of all notifications as they are posted or updated. Device implementations MUST correctly and promptly send notifications in their entirety to all such installed and user-enabled listener services, including any and all metadata attached to the Notification object. + </p> + <p> + Handheld device implementations MUST support the behaviors of updating, removing, replying to, and bundling notifications as described in this <a href="https://developer.android.com/guide/topics/ui/notifiers/notifications.html#Managing">section</a>. + </p> + <p> + Also, handheld device implementations MUST provide: + </p> + <ul> + <li>The ability to control notifications directly in the notification shade. + </li> + <li>The visual affordance to trigger the control panel in the notification shade. + </li> + <li>The ability to BLOCK, MUTE and RESET notification preference from a package, both in the inline control panel as well as in the settings app. + </li> + </ul> + <p> + All 6 direct subclasses of the <code>Notification.Style class</code> MUST be supported as described in the <a href="https://developer.android.com/reference/android/app/Notification.Style.html">SDK documents</a>. + </p> + <p> + Device implementations that support the DND (Do not Disturb) feature MUST meet the following requirements: + </p> + <ul> + <li>MUST implement an activity that would respond to the intent <a href="https://developer.android.com/reference/android/provider/Settings.html#ACTION_NOTIFICATION_POLICY_ACCESS_SETTINGS">ACTION_NOTIFICATION_POLICY_ACCESS_SETTINGS</a>, which for implementations with UI_MODE_TYPE_NORMAL it MUST be an activity where the user can grant or deny the app access to DND policy configurations. + </li> + <li>MUST, for when the device implementation has provided a means for the user to grant or deny third-party apps to access the DND policy configuration, display <a href="https://developer.android.com/reference/android/app/NotificationManager.html#addAutomaticZenRule%28android.app.AutomaticZenRule%29">Automatic DND rules</a> created by applications alongside the user-created and pre-defined rules. + </li> + <li>MUST honor the <a href="https://developer.android.com/reference/android/app/NotificationManager.Policy.html#suppressedVisualEffects"><code>suppressedVisualEffects</code></a> values passed along the <a href="https://developer.android.com/reference/android/app/NotificationManager.Policy.html#NotificationManager.Policy%28int,%20int,%20int,%20int%29"><code>NotificationManager.Policy</code></a> and if an app has set any of the SUPPRESSED_EFFECT_SCREEN_OFF or SUPPRESSED_EFFECT_SCREEN_ON flags, it SHOULD indicate to the user that the visual effects are suppressed in the DND settings menu. + </li> + </ul> + <h3> + 3.8.4. Search + </h3> + <p> + Android includes APIs that allow developers to <a href="http://developer.android.com/reference/android/app/SearchManager.html">incorporate search</a> into their applications and expose their application’s data into the global system search. Generally speaking, this functionality consists of a single, system-wide user interface that allows users to enter queries, displays suggestions as users type, and displays results. The Android APIs allow developers to reuse this interface to provide search within their own apps and allow developers to supply results to the common global search user interface. + </p> + <p> + Android device implementations SHOULD include global search, a single, shared, system-wide search user interface capable of real-time suggestions in response to user input. Device implementations SHOULD implement the APIs that allow developers to reuse this user interface to provide search within their own applications. Device implementations that implement the global search interface MUST implement the APIs that allow third-party applications to add suggestions to the search box when it is run in global search mode. If no third-party applications are installed that make use of this functionality, the default behavior SHOULD be to display web search engine results and suggestions. + </p> + <p> + Android device implementations SHOULD, and Android Automotive implementations MUST, implement an assistant on the device to handle the <a href="http://developer.android.com/reference/android/content/Intent.html#ACTION_ASSIST">Assist action</a>. + </p> + <p> + Android also includes the <a href="https://developer.android.com/reference/android/app/assist/package-summary.html">Assist APIs</a> to allow applications to elect how much information of the current context is shared with the assistant on the device. Device implementations supporting the Assist action MUST indicate clearly to the end user when the context is shared by displaying a white light around the edges of the screen. To ensure clear visibility to the end user, the indication MUST meet or exceed the duration and brightness of the Android Open Source Project implementation. + </p> + <p> + This indication MAY be disabled by default for preinstalled apps using the Assist and VoiceInteractionService API, if all following requirements are met: + </p> + <ul> + <li> + <p> + The preinstalled app MUST request the context to be shared only when the user invoked the app by one of the following means, and the app is running in the foreground: + </p> + <ul> + <li>hotword invocation + </li> + <li>input of the ASSIST navigation key/button/gesture + </li> + </ul> + </li> + <li> + <p> + The device implementation MUST provide an affordance to enable the indication, less than two navigations away from (the default voice input and assistant app settings menu) <a href="#3_2_3_5_default_app_settings">section 3.2.3.5</a>. + </p> + </li> + </ul> + <h3> + 3.8.5. Toasts + </h3> + <p> + Applications can use the <a href="http://developer.android.com/reference/android/widget/Toast.html">“Toast” API</a> to display short non-modal strings to the end user that disappear after a brief period of time. Device implementations MUST display Toasts from applications to end users in some high-visibility manner. + </p> + <h3> + 3.8.6. Themes + </h3> + <p> + Android provides “themes” as a mechanism for applications to apply styles across an entire Activity or application. + </p> + <p> + Android includes a “Holo” theme family as a set of defined styles for application developers to use if they want to match the <a href="http://developer.android.com/guide/topics/ui/themes.html">Holo theme look and feel</a> as defined by the Android SDK. Device implementations MUST NOT alter any of the <a href="http://developer.android.com/reference/android/R.style.html">Holo theme attributes</a> exposed to applications. + </p> + <p> + Android includes a “Material” theme family as a set of defined styles for application developers to use if they want to match the design theme’s look and feel across the wide variety of different Android device types. Device implementations MUST support the “Material” theme family and MUST NOT alter any of the <a href="http://developer.android.com/reference/android/R.style.html#Theme_Material">Material theme attributes</a> or their assets exposed to applications. + </p> + <p> + Android also includes a “Device Default” theme family as a set of defined styles for application developers to use if they want to match the look and feel of the device theme as defined by the device implementer. Device implementations MAY modify the <a href="http://developer.android.com/reference/android/R.style.html">Device Default theme attributes</a> exposed to applications. + </p> + <p> + Android supports a variant theme with translucent system bars, which allows application developers to fill the area behind the status and navigation bar with their app content. To enable a consistent developer experience in this configuration, it is important the status bar icon style is maintained across different device implementations. Therefore, Android device implementations MUST use white for system status icons (such as signal strength and battery level) and notifications issued by the system, unless the icon is indicating a problematic status or an app requests a light status bar using the SYSTEM_UI_FLAG_LIGHT_STATUS_BAR flag. When an app requests a light status bar, Android device implementations MUST change the color of the system status icons to black (for details, refer to <a href="http://developer.android.com/reference/android/R.style.html">R.style</a>). + </p> + <h3> + 3.8.7. Live Wallpapers + </h3> + <p> + Android defines a component type and corresponding API and lifecycle that allows applications to expose one or more <a href="http://developer.android.com/reference/android/service/wallpaper/WallpaperService.html">“Live Wallpapers”</a> to the end user. Live wallpapers are animations, patterns, or similar images with limited input capabilities that display as a wallpaper, behind other applications. + </p> + <p> + Hardware is considered capable of reliably running live wallpapers if it can run all live wallpapers, with no limitations on functionality, at a reasonable frame rate with no adverse effects on other applications. If limitations in the hardware cause wallpapers and/or applications to crash, malfunction, consume excessive CPU or battery power, or run at unacceptably low frame rates, the hardware is considered incapable of running live wallpaper. As an example, some live wallpapers may use an OpenGL 2.0 or 3.x context to render their content. Live wallpaper will not run reliably on hardware that does not support multiple OpenGL contexts because the live wallpaper use of an OpenGL context may conflict with other applications that also use an OpenGL context. + </p> + <p> + Device implementations capable of running live wallpapers reliably as described above SHOULD implement live wallpapers, and when implemented MUST report the platform feature flag android.software.live_wallpaper. + </p> + <h3> + 3.8.8. Activity Switching + </h3> + <div class="note"> + As the Recent function navigation key is OPTIONAL, the requirement to implement the overview screen is OPTIONAL for Android Watch and Android Automotive implementations, and RECOMMENDED for Android Television devices. There SHOULD still be a method to switch between activities on Android Automotive implementations. + </div> + <p> + The upstream Android source code includes the <a href="http://developer.android.com/guide/components/recents.html">overview screen</a>, a system-level user interface for task switching and displaying recently accessed activities and tasks using a thumbnail image of the application’s graphical state at the moment the user last left the application. Device implementations including the recents function navigation key as detailed in <a href="#7_2_3_navigation_keys">section 7.2.3</a> MAY alter the interface but MUST meet the following requirements: + </p> + <ul> + <li>MUST support at least up to 20 displayed activities. + </li> + <li>SHOULD at least display the title of 4 activities at a time. + </li> + <li>MUST implement the <a href="http://developer.android.com/about/versions/android-5.0.html#ScreenPinning">screen pinning behavior</a> and provide the user with a settings menu to toggle the feature. + </li> + <li>SHOULD display highlight color, icon, screen title in recents. + </li> + <li>SHOULD display a closing affordance ("x") but MAY delay this until user interacts with screens. + </li> + <li>SHOULD implement a shortcut to switch easily to the previous activity + </li> + <li>MAY display affiliated recents as a group that moves together. + </li> + <li>SHOULD trigger the fast-switch action between the two most recently used apps, when the recents function key is tapped twice. + </li> + <li>SHOULD trigger the split-screen multiwindow-mode, if supported, when the recents functions key is long pressed. + </li> + </ul> + <p> + Device implementations are STRONGLY RECOMMENDED to use the upstream Android user interface (or a similar thumbnail-based interface) for the overview screen. + </p> + <h3> + 3.8.9. Input Management + </h3> + <p> + Android includes support for <a href="http://developer.android.com/guide/topics/text/creating-input-method.html">Input Management</a> and support for third-party input method editors. Device implementations that allow users to use third-party input methods on the device MUST declare the platform feature android.software.input_methods and support IME APIs as defined in the Android SDK documentation. + </p> + <p> + Device implementations that declare the android.software.input_methods feature MUST provide a user-accessible mechanism to add and configure third-party input methods. Device implementations MUST display the settings interface in response to the android.settings.INPUT_METHOD_SETTINGS intent. + </p> + <h3> + 3.8.10. Lock Screen Media Control + </h3> + <p> + The Remote Control Client API is deprecated from Android 5.0 in favor of the <a href="http://developer.android.com/reference/android/app/Notification.MediaStyle.html">Media Notification Template</a> that allows media applications to integrate with playback controls that are displayed on the lock screen. Device implementations that support a lock screen, unless an Android Automotive or Watch implementation, MUST display the Lock screen Notifications including the Media Notification Template. + </p> + <h3> + 3.8.11. Screen savers (previously Dreams) + </h3> + <p> + Android includes support for <a href="http://developer.android.com/reference/android/service/dreams/DreamService.html">interactivescreensavers</a>, previously referred to as Dreams. Screen savers allow users to interact with applications when a device connected to a power source is idle or docked in a desk dock. Android Watch devices MAY implement screen savers, but other types of device implementations SHOULD include support for screen savers and provide a settings option for users toconfigure screen savers in response to the <code>android.settings.DREAM_SETTINGS</code> intent. + </p> + <h3> + 3.8.12. Location + </h3> + <p> + When a device has a hardware sensor (e.g. GPS) that is capable of providing the location coordinates, <a href="http://developer.android.com/reference/android/provider/Settings.Secure.html#LOCATION_MODE">location modes</a> MUST be displayed in the Location menu within Settings. + </p> + <h3> + 3.8.13. Unicode and Font + </h3> + <p> + Android includes support for the emoji characters defined in <a href="http://www.unicode.org/versions/Unicode9.0.0/">Unicode 9.0</a>. All device implementations MUST be capable of rendering these emoji characters in color glyph and when Android device implementations include an IME, it SHOULD provide an input method to the user for these emoji characters. + </p> + <p> + Android handheld devices SHOULD support the skin tone and diverse family emojis as specified in the <a href="http://unicode.org/reports/tr51">Unicode Technical Report #51</a>. + </p> + <p> + Android includes support for Roboto 2 font with different weights—sans-serif-thin, sans-serif-light, sans-serif-medium, sans-serif-black, sans-serif-condensed, sans-serif-condensed-light—which MUST all be included for the languages available on the device and full Unicode 7.0 coverage of Latin, Greek, and Cyrillic, including the Latin Extended A, B, C, and D ranges, and all glyphs in the currency symbols block of Unicode 7.0. + </p> + <h3> + 3.8.14. Multi-windows + </h3> + <p> + A device implementation MAY choose not to implement any multi-window modes, but if it has the capability to display multiple activities at the same time it MUST implement such multi-window mode(s) in accordance with the application behaviors and APIs described in the Android SDK <a href="https://developer.android.com/preview/features/multi-window.html">multi-window mode support documentation</a> and meet the following requirements: + </p> + <ul> + <li>Applications can indicate whether they are capable of operating in multi-window mode in the AndroidManifest.xml file, either explicitly via the <a href="https://developer.android.com/reference/android/R.attr.html#resizeableActivity"><code>android:resizeableActivity</code></a> attribute or implicitly by having the targetSdkVersion > 24. Apps that explicitly set this attribute to false in their manifest MUST not be launched in multi-window mode. Apps that don't set the attribute in their manifest file (targetSdkVersion < 24) can be launched in multi-window mode, but the system MUST provide warning that the app may not work as expected in multi-window mode. + </li> + <li>Device implementations MUST NOT offer split-screen or freeform mode if both the screen height and width is less than 440 dp. + </li> + <li>Device implementations with screen size <code>xlarge</code> SHOULD support freeform mode. + </li> + <li>Android Television device implementations MUST support picture-in-picture (PIP) mode multi-window and place the PIP multi-window in the top right corner when PIP is ON. + </li> + <li>Device implementations with PIP mode multi-window support MUST allocate at least 240x135 dp for the PIP window. + </li> + <li>If the PIP multi-window mode is supported the <a href="https://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_WINDOW"><code>KeyEvent.KEYCODE_WINDOW</code></a> key MUST be used to control the PIP window; otherwise, the key MUST be available to the foreground activity. + </li> + </ul> + <h2> + 3.9. Device Administration + </h2> + <p> + Android includes features that allow security-aware applications to perform device administration functions at the system level, such as enforcing password policies or performing remote wipe, through the <a href="http://developer.android.com/guide/topics/admin/device-admin.html">Android Device Administration API</a>]. Device implementations MUST provide an implementation of the <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html">DevicePolicyManager</a> class. Device implementations that supports a secure lock screen MUST implement the full range of <a href="http://developer.android.com/guide/topics/admin/device-admin.html">device administration</a> policies defined in the Android SDK documentation and report the platform feature android.software.device_admin. + </p> + <h3> + 3.9.1 Device Provisioning + </h3> + <h4> + 3.9.1.1 Device owner provisioning + </h4> + <p> + If a device implementation declares the <code>android.software.device_admin</code> feature then it MUST implement the provisioning of the <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#isDeviceOwnerApp(java.lang.String)">Device Owner app</a> of a Device Policy Client (DPC) application as indicated below: + </p> + <ul> + <li>When the device implementation has no user data configured yet, it: + <ul> + <li>MUST report <code>true</code> for <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#isProvisioningAllowed(java.lang.String)"><code>DevicePolicyManager.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE)</code></a>. + </li> + <li>MUST enroll the DPC application as the Device Owner app in response to the intent action <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#ACTION_PROVISION_MANAGED_DEVICE"><code>android.app.action.PROVISION_MANAGED_DEVICE</code></a>. + </li> + <li>MUST enroll the DPC application as the Device Owner app if the device declares Near-Field Communications (NFC) support via the feature flag <code>android.hardware.nfc</code> and receives an NFC message containing a record with MIME type <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#MIME_TYPE_PROVISIONING_NFC"><code>MIME_TYPE_PROVISIONING_NFC</code></a>. + </li> + </ul> + </li> + <li>When the device implementation has user data, it: + <ul> + <li>MUST report <code>false</code> for the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#isProvisioningAllowed(java.lang.String)"><code>DevicePolicyManager.isProvisioningAllowed(ACTION_PROVISION_MANAGED_DEVICE)</code></a>. + </li> + <li>MUST not enroll any DPC application as the Device Owner App any more. + </li> + </ul> + </li> + </ul> + <p> + Device implementations MAY have a preinstalled application performing device administration functions but this application MUST NOT be set as the Device Owner app without explicit consent or action from the user or the administrator of the device. + </p> + <h4> + 3.9.1.2 Managed profile provisioning + </h4> + <p> + If a device implementation declares the android.software.managed_users, it MUST be possible to enroll a Device Policy Controller (DPC) application as the <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#isProfileOwnerApp(java.lang.String)">owner of a new Managed Profile</a>. + </p> + <p> + The managed profile provisioning process (the flow initiated by <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#ACTION_PROVISION_MANAGED_PROFILE">android.app.action.PROVISION_MANAGED_PROFILE</a>) user experience MUST align with the AOSP implementation. + </p> + <p> + Device implementations MUST provide the following user affordances within the Settings user interface to indicate to the user when a particular system function has been disabled by the Device Policy Controller (DPC): + </p> + <ul> + <li>A consistent icon or other user affordance (for example the upstream AOSP info icon) to represent when a particular setting is restricted by a Device Admin. + </li> + <li>A short explanation message, as provided by the Device Admin via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setShortSupportMessage%28android.content.ComponentName,%20java.lang.CharSequence%29"><code>setShortSupportMessage</code></a>. + </li> + <li>The DPC application’s icon. + </li> + </ul> + <h2> + 3.9.2 Managed Profile Support + </h2> + <p> + Managed profile capable devices are those devices that: + </p> + <ul> + <li>Declare android.software.device_admin (see <a href="#3_9_device_administration">section 3.9 Device Administration</a>). + </li> + <li>Are not low RAM devices (see <a href="#7_6_1_minimum_memory_and_storage">section 7.6.1</a>). + </li> + <li>Allocate internal (non-removable) storage as shared storage (see <a href="#7_6_2_application_shared_storage">section 7.6.2</a>). + </li> + </ul> + <p> + Managed profile capable devices MUST: + </p> + <ul> + <li>Declare the platform feature flag <code>android.software.managed_users</code>. + </li> + <li>Support managed profiles via the <code>android.app.admin.DevicePolicyManager</code> APIs. + </li> + <li>Allow one and only <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#ACTION_PROVISION_MANAGED_PROFILE">one managed profile to be created</a>. + </li> + <li>Use an icon badge (similar to the AOSP upstream work badge) to represent the managed applications and widgets and other badged UI elements like Recents & Notifications. + </li> + <li>Display a notification icon (similar to the AOSP upstream work badge) to indicate when user is within a managed profile application. + </li> + <li>Display a toast indicating that the user is in the managed profile if and when the device wakes up (ACTION_USER_PRESENT) and the foreground application is within the managed profile. + </li> + <li>Where a managed profile exists, show a visual affordance in the Intent 'Chooser' to allow the user to forward the intent from the managed profile to the primary user or vice versa, if enabled by the Device Policy Controller. + </li> + <li>Where a managed profile exists, expose the following user affordances for both the primary user and the managed profile: + <ul> + <li>Separate accounting for battery, location, mobile data and storage usage for the primary user and managed profile. + </li> + <li>Independent management of VPN Applications installed within the primary user or managed profile. + </li> + <li>Independent management of applications installed within the primary user or managed profile. + </li> + <li>Independent management of accounts within the primary user or managed profile. + </li> + </ul> + </li> + <li>Ensure the preinstalled dialer, contacts and messaging applications can search for and look up caller information from the managed profile (if one exists) alongside those from the primary profile, if the Device Policy Controller permits it. When contacts from the managed profile are displayed in the preinstalled call log, in-call UI, in-progress and missed-call notifications, contacts and messaging apps they SHOULD be badged with the same badge used to indicate managed profile applications. + </li> + <li>MUST ensure that it satisfies all the security requirements applicable for a device with multiple users enabled (see<a href="#9_5_multi-user_support">section 9.5</a>), even though the managed profile is not counted as another user in addition to the primary user. + </li> + <li>Support the ability to specify a separate lock screen meeting the following requirements to grant access to apps running in a managed profile. + <ul> + <li>Device implementations MUST honor the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#ACTION_SET_NEW_PASSWORD"><code>DevicePolicyManager.ACTION_SET_NEW_PASSWORD</code></a> intent and show an interface to configure a separate lock screen credential for the managed profile. + </li> + <li>The lock screen credentials of the managed profile MUST use the same credential storage and management mechanisms as the parent profile, as documented on the <a href="http://source.android.com/security/authentication/index.html">Android Open Source Project Site</a> + </li> + <li>The DPC <a href="https://developer.android.com/guide/topics/admin/device-admin.html#pwd">password policies</a> MUST apply to only the managed profile's lock screen credentials unless called upon the <code>DevicePolicyManager</code> instance returned by <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#getParentProfileInstance%28android.content.ComponentName%29">getParentProfileInstance</a>. + </li> + </ul> + </li> + </ul> + <h2> + 3.10. Accessibility + </h2> + <p> + Android provides an accessibility layer that helps users with disabilities to navigate their devices more easily. In addition, Android provides platform APIs that enable <a href="http://developer.android.com/reference/android/accessibilityservice/AccessibilityService.html">accessibility service implementations</a> to receive callbacks for user and system events and generate alternate feedback mechanisms, such as text-to-speech, haptic feedback, and trackball/d-pad navigation. + </p> + <p> + Device implementations include the following requirements: + </p> + <ul> + <li>Android Automotive implementations SHOULD provide an implementation of the Android accessibility framework consistent with the default Android implementation. + </li> + <li>Device implementations (Android Automotive excluded) MUST provide an implementation of the Android accessibility framework consistent with the default Android implementation. + </li> + <li>Device implementations (Android Automotive excluded) MUST support third-party accessibility service implementations through the <a href="http://developer.android.com/reference/android/view/accessibility/package-summary.html">android.accessibilityservice APIs</a>. + </li> + <li>Device implementations (Android Automotive excluded) MUST generate AccessibilityEvents and deliver these events to all registered AccessibilityService implementations in a manner consistent with the default Android implementation + </li> + <li> + <p> + Device implementations (Android Automotive and Android Watch devices with no audio output excluded), MUST provide a user-accessible mechanism to enable and disable accessibility services, and MUST display this interface in response to the android.provider.Settings.ACTION_ACCESSIBILITY_SETTINGS intent. + </p> + </li> + <li> + <p> + Android device implementations with audio output are STRONGLY RECOMMENDED to provide implementations of accessibility services on the device comparable in or exceeding functionality of the TalkBack** and Switch Access accessibility services (https://github.com/google/talkback). + </p> + </li> + <li>Android Watch devices with audio output SHOULD provide implementations of an accessibility service on the device comparable in or exceeding functionality of the TalkBack accessibility service (https://github.com/google/talkback). + </li> + <li>Device implementations SHOULD provide a mechanism in the out-of-box setup flow for users to enable relevant accessibility services, as well as options to adjust the font size, display size and magnification gestures. + </li> + </ul> + <p> + ** For languages supported by Text-to-speech. + </p> + <p> + Also, note that if there is a preloaded accessibility service, it MUST be a Direct Boot aware {directBootAware} app if the device has encrypted storage using File Based Encryption (FBE). + </p> + <h2> + 3.11. Text-to-Speech + </h2> + <p> + Android includes APIs that allow applications to make use of text-to-speech (TTS) services and allows service providers to provide implementations of TTS services. Device implementations reporting the feature android.hardware.audio.output MUST meet these requirements related to the <a href="http://developer.android.com/reference/android/speech/tts/package-summary.html">Android TTS framework</a>. + </p> + <p> + Android Automotive implementations: + </p> + <ul> + <li>MUST support the Android TTS framework APIs. + </li> + <li>MAY support installation of third-party TTS engines. If supported, partners MUST provide a user-accessible interface that allows the user to select a TTS engine for use at system level. + </li> + </ul> + <p> + All other device implementations: + </p> + <ul> + <li>MUST support the Android TTS framework APIs and SHOULD include a TTS engine supporting the languages available on the device. Note that the upstream Android open source software includes a full-featured TTS engine implementation. + </li> + <li>MUST support installation of third-party TTS engines. + </li> + <li>MUST provide a user-accessible interface that allows users to select a TTS engine for use at the system level. + </li> + </ul> + <h2> + 3.12. TV Input Framework + </h2> + <p> + The <a href="http://source.android.com/devices/tv/index.html">Android Television Input Framework (TIF)</a> simplifies the delivery of live content to Android Television devices. TIF provides a standard API to create input modules that control Android Television devices. Android Television device implementations MUST support TV Input Framework. + </p> + <p> + Device implementations that support TIF MUST declare the platform feature android.software.live_tv. + </p> + <h3> + 3.12.1. TV App + </h3> + <p> + Any device implementation that declares support for Live TV MUST have an installed TV application (TV App). The Android Open Source Project provides an implementation of the TV App. + </p> + <p> + The TV App MUST provide facilities to install and use <a href="http://developer.android.com/reference/android/media/tv/TvContract.Channels.html">TV Channels</a> and meet the following requirements: + </p> + <ul> + <li>Device implementations MUST allow third-party TIF-based inputs (<a href="https://source.android.com/devices/tv/index.html#third-party_input_example">third-party inputs</a>) to be installed and managed. + </li> + <li>Device implementations MAY provide visual separation between pre-installed <a href="https://source.android.com/devices/tv/index.html#tv_inputs">TIF-based inputs</a> (installed inputs) and third-party inputs. + </li> + <li>Device implementations MUST NOT display the third-party inputs more than a single navigation action away from the TV App (i.e. expanding a list of third-party inputs from the TV App). + </li> + </ul> + <h4> + 3.12.1.1. Electronic Program Guide + </h4> + <p> + Android Television device implementations MUST show an informational and interactive overlay, which MUST include an electronic program guide (EPG) generated from the values in the <a href="https://developer.android.com/reference/android/media/tv/TvContract.Programs.html">TvContract.Programs</a> fields. The EPG MUST meet the following requirements: + </p> + <ul> + <li>The EPG MUST display information from all installed inputs and third-party inputs. + </li> + <li>The EPG MAY provide visual separation between the installed inputs and third-party inputs. + </li> + <li>The EPG is STRONGLY RECOMMENDED to display installed inputs and third-party inputs with equal prominence. The EPG MUST NOT display the third-party inputs more than a single navigation action away from the installed inputs on the EPG. + </li> + <li>On channel change, device implementations MUST display EPG data for the currently playing program. + </li> + </ul> + <h4> + 3.12.1.2. Navigation + </h4> + <p> + The TV App MUST allow navigation for the following functions via the D-pad, Back, and Home keys on the Android Television device’s input device(s) (i.e. remote control, remote control application, or game controller): + </p> + <ul> + <li>Changing TV channels + </li> + <li>Opening EPG + </li> + <li>Configuring and tuning to third-party TIF-based inputs + </li> + <li>Opening Settings menu + </li> + </ul> + <p> + The TV App SHOULD pass key events to HDMI inputs through CEC. + </p> + <h4> + 3.12.1.3. TV input app linking + </h4> + <p> + Android Television device implementations MUST support <a href="http://developer.android.com/reference/android/media/tv/TvContract.Channels.html#COLUMN_APP_LINK_INTENT_URI">TV input app linking</a>, which allows all inputs to provide activity links from the current activity to another activity (i.e. a link from live programming to related content). The TV App MUST show TV input app linking when it is provided. + </p> + <h4> + 3.12.1.4. Time shifting + </h4> + <p> + Android Television device implementations MUST support time shifting, which allows the user to pause and resume live content. Device implementations MUST provide the user a way to pause and resume the currently playing program, if time shifting for that program <a href="https://developer.android.com/reference/android/media/tv/TvInputManager.html#TIME_SHIFT_STATUS_AVAILABLE">is available</a>. + </p> + <h4> + 3.12.1.5. TV recording + </h4> + <p> + Android Television device implementations are STRONGLY RECOMMENDED to support TV recording. If the TV input supports recording, the EPG MAY provide a way to <a href="https://developer.android.com/reference/android/media/tv/TvInputInfo.html#canRecord%28%29">record a program</a> if the recording of such a program is not <a href="https://developer.android.com/reference/android/media/tv/TvContract.Programs.html#COLUMN_RECORDING_PROHIBITED">prohibited</a>. Device implementations SHOULD provide a user interface to play recorded programs. + </p> + <h2> + 3.13. Quick Settings + </h2> + <p> + Android device implementations SHOULD include a Quick Settings UI component that allow quick access to frequently used or urgently needed actions. + </p> + <p> + Android includes the <a href="https://developer.android.com/reference/android/service/quicksettings/package-summary.html"><code>quicksettings</code></a> API allowing third party apps to implement tiles that can be added by the user alongside the system-provided tiles in the Quick Settings UI component. If a device implementation has a Quick Settings UI component, it: + </p> + <ul> + <li>MUST allow the user to add or remove tiles from a third-party app to Quick Settings. + </li> + <li>MUST NOT automatically add a tile from a third-party app directly to Quick Settings. + </li> + <li>MUST display all the user-added tiles from third-party apps alongside the system-provided quick setting tiles. + </li> + </ul> + <h2> + 3.14. Vehicle UI APIs + </h2> + <h3> + 3.14.1. Vehicle Media UI + </h3> + <p> + Any device implementation that <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html?#FEATURE_AUTOMOTIVE?">declares automotive support</a> MUST include a UI framework to support third-party apps consuming the <a href="http://developer.android.com/reference/android/media/browse/MediaBrowser.html">MediaBrowser</a> and <a href="http://developer.android.com/reference/android/media/session/MediaSession.html">MediaSession</a> APIs. + </p> + <p> + The UI framework supporting third-party apps that depend on MediaBrowser and MediaSession has the following visual requirements: + </p> + <ul> + <li>MUST display <a href="http://developer.android.com/reference/android/media/browse/MediaBrowser.MediaItem.html">MediaItem</a> icons and notification icons unaltered. + </li> + <li>MUST display those items as described by MediaSession, e.g., metadata, icons, imagery. + </li> + <li>MUST show app title. + </li> + <li>MUST have drawer to present <a href="http://developer.android.com/reference/android/media/browse/MediaBrowser.html">MediaBrowser</a> hierarchy. + </li> + </ul> + <h1> + 4. Application Packaging Compatibility + </h1> + <p> + Device implementations MUST install and run Android “.apk” files as generated by the “aapt” tool included in the <a href="http://developer.android.com/tools/help/index.html">official Android SDK</a>. For this reason device implementations SHOULD use the reference implementation’s package management system. + </p> + <p> + The package manager MUST support verifying “.apk” files using the <a href="https://source.android.com/security/apksigning/v2.html">APK Signature Scheme v2</a> and <a href="https://source.android.com/security/apksigning/v2.html#v1-verification">JAR signing</a>. + </p> + <p> + Devices implementations MUST NOT extend either the <a href="http://developer.android.com/guide/components/fundamentals.html">.apk</a>, <a href="http://developer.android.com/guide/topics/manifest/manifest-intro.html">Android Manifest</a>, <a href="https://android.googlesource.com/platform/dalvik/">Dalvik bytecode</a>, or RenderScript bytecode formats in such a way that would prevent those files from installing and running correctly on other compatible devices. + </p> + <p> + Device implementations MUST NOT allow apps other than the current "installer of record" for the package to silently uninstall the app without any prompt, as documented in the SDK for the <a href="https://developer.android.com/reference/android/Manifest.permission.html#DELETE_PACKAGES"><code>DELETE_PACKAGE</code></a> permission. The only exceptions are the system package verifier app handling <a href="https://developer.android.com/reference/android/content/Intent.html#ACTION_PACKAGE_NEEDS_VERIFICATION">PACKAGE_NEEDS_VERIFICATION</a> intent and the storage manager app handling <a href="https://developer.android.com/reference/android/os/storage/StorageManager.html#ACTION_MANAGE_STORAGE">ACTION_MANAGE_STORAGE</a> intent. + </p> + <h1> + 5. Multimedia Compatibility + </h1> + <h2> + 5.1. Media Codecs + </h2> + <p> + Device implementations— + </p> + <ul> + <li> + <p> + MUST support the <a href="http://developer.android.com/guide/appendix/media-formats.html">core media formats</a> specified in the Android SDK documentation, except where explicitly permitted in this document. + </p> + </li> + <li> + <p> + MUST support the media formats, encoders, decoders, file types, and container formats defined in the tables below and reported via <a href="http://developer.android.com/reference/android/media/MediaCodecList.html">MediaCodecList</a>. + </p> + </li> + <li> + <p> + MUST also be able to decode all profiles reported in its <a href="http://developer.android.com/reference/android/media/CamcorderProfile.html">CamcorderProfile</a> + </p> + </li> + <li> + <p> + MUST be able to decode all formats it can encode. This includes all bitstreams that its encoders generate. + </p> + </li> + </ul> + <p> + Codecs SHOULD aim for minimum codec latency, in other words, codecs— + </p> + <ul> + <li>SHOULD NOT consume and store input buffers and return input buffers only once processed + </li> + <li>SHOULD NOT hold onto decoded buffers for longer than as specified by the standard (e.g. SPS). + </li> + <li>SHOULD NOT hold onto encoded buffers longer than required by the GOP structure. + </li> + </ul> + <p> + All of the codecs listed in the table below are provided as software implementations in the preferred Android implementation from the Android Open Source Project. + </p> + <p> + Please note that neither Google nor the Open Handset Alliance make any representation that these codecs are free from third-party patents. Those intending to use this source code in hardware or software products are advised that implementations of this code, including in open source software or shareware, may require patent licenses from the relevant patent holders. + </p> + <h3> + 5.1.1. Audio Codecs + </h3> + <table> + <tr> + <th> + Format/Codec + </th> + <th> + Encoder + </th> + <th> + Decoder + </th> + <th> + Details + </th> + <th> + Supported File Types/Container Formats + </th> + </tr> + <tr> + <td> + MPEG-4 AAC Profile<br /> + (AAC LC) + </td> + <td> + REQUIRED<sup>1</sup> + </td> + <td> + REQUIRED + </td> + <td> + Support for mono/stereo/5.0/5.1<sup>2</sup> content with standard sampling rates from 8 to 48 kHz. + </td> + <td> <ul> - <li>Separate accounting for battery, location, mobile data and storage usage for the primary user and managed profile. + <li class="table_list">3GPP (.3gp) </li> - <li>Independent management of VPN Applications installed within the primary user or managed profile. + <li class="table_list">MPEG-4 (.mp4, .m4a) </li> - <li>Independent management of applications installed within the primary user or managed profile. + <li class="table_list">ADTS raw AAC (.aac, decode in Android 3.1+, encode in Android 4.0+, ADIF not supported) </li> - <li>Independent management of accounts within the primary user or managed profile. + <li class="table_list">MPEG-TS (.ts, not seekable, Android 3.0+) </li> </ul> - </li> - <li>Ensure the preinstalled dialer, contacts and messaging applications can search for and look up caller information from the managed profile (if one exists) alongside those from the primary profile, if the Device Policy Controller permits it. When contacts from the managed profile are displayed in the preinstalled call log, in-call UI, in-progress and missed-call notifications, contacts and messaging apps they SHOULD be badged with the same badge used to indicate managed profile applications. - </li> - <li>MUST ensure that it satisfies all the security requirements applicable for a device with multiple users enabled (see <a href="#9_5_multi-user_support">section 9.5</a> ), even though the managed profile is not counted as another user in addition to the primary user. - </li> - <li>Support the ability to specify a separate lock screen meeting the following requirements to grant access to apps running in a managed profile. - <ul> - <li>Device implementations MUST honor the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#ACTION_SET_NEW_PASSWORD"><code>DevicePolicyManager.ACTION_SET_NEW_PASSWORD</code></a> intent and show an interface to configure a separate lock screen credential for the managed profile. - </li> - <li>The lock screen credentials of the managed profile MUST use the same credential storage and management mechanisms as the parent profile, as documented on the <a href="http://source.android.com/security/authentication/index.html">Android Open Source Project Site</a> - </li> - <li>The DPC <a href="https://developer.android.com/guide/topics/admin/device-admin.html#pwd">password policies</a> MUST apply to only the managed profile's lock screen credentials unless called upon the <code>DevicePolicyManager</code> instance returned by <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#getParentProfileInstance%28android.content.ComponentName%29">getParentProfileInstance</a> . - </li> - </ul> - </li> - </ul> - <h3 id="3_10_accessibility"> - 3.10. Accessibility - </h3> - <p> - Android provides an accessibility layer that helps users with disabilities to navigate their devices more easily. In addition, Android provides platform APIs that enable <a href="http://developer.android.com/reference/android/accessibilityservice/AccessibilityService.html">accessibility service implementations</a> to receive callbacks for user and system events and generate alternate feedback mechanisms, such as text-to-speech, haptic feedback, and trackball/d-pad navigation. - </p> - <p> - Device implementations include the following requirements: - </p> - <ul> - <li>Android Automotive implementations SHOULD provide an implementation of the Android accessibility framework consistent with the default Android implementation. - </li> - <li>Device implementations (Android Automotive excluded) MUST provide an implementation of the Android accessibility framework consistent with the default Android implementation. - </li> - <li>Device implementations (Android Automotive excluded) MUST support third-party accessibility service implementations through the <a href="http://developer.android.com/reference/android/view/accessibility/package-summary.html">android.accessibilityservice APIs</a> . - </li> - <li>Device implementations (Android Automotive excluded) MUST generate AccessibilityEvents and deliver these events to all registered AccessibilityService implementations in a manner consistent with the default Android implementation - </li> - <li> - <p> - Device implementations (Android Automotive and Android Watch devices with no audio output excluded), MUST provide a user-accessible mechanism to enable and disable accessibility services, and MUST display this interface in response to the android.provider.Settings.ACTION_ACCESSIBILITY_SETTINGS intent. - </p> - </li> - <li> - <p> - Android device implementations with audio output are STRONGLY RECOMMENDED to provide implementations of accessibility services on the device comparable in or exceeding functionality of the TalkBack** and Switch Access accessibility services (https://github.com/google/talkback). - </p> - </li> - <li>Android Watch devices with audio output SHOULD provide implementations of an accessibility service on the device comparable in or exceeding functionality of the TalkBack accessibility service (https://github.com/google/talkback). - </li> - <li>Device implementations SHOULD provide a mechanism in the out-of-box setup flow for users to enable relevant accessibility services, as well as options to adjust the font size, display size and magnification gestures. - </li> - </ul> - <p> - ** For languages supported by Text-to-speech. - </p> - <p> - Also, note that if there is a preloaded accessibility service, it MUST be a Direct Boot aware {directBootAware} app if the device has encrypted storage using File Based Encryption (FBE). - </p> - <h3 id="3_11_text-to-speech"> - 3.11. Text-to-Speech - </h3> - <p> - Android includes APIs that allow applications to make use of text-to-speech (TTS) services and allows service providers to provide implementations of TTS services. Device implementations reporting the feature android.hardware.audio.output MUST meet these requirements related to the <a href="http://developer.android.com/reference/android/speech/tts/package-summary.html">Android TTS framework</a> . - </p> - <p> - Android Automotive implementations: - </p> - <ul> - <li>MUST support the Android TTS framework APIs. - </li> - <li>MAY support installation of third-party TTS engines. If supported, partners MUST provide a user-accessible interface that allows the user to select a TTS engine for use at system level. - </li> - </ul> - <p> - All other device implementations: - </p> - <ul> - <li>MUST support the Android TTS framework APIs and SHOULD include a TTS engine supporting the languages available on the device. Note that the upstream Android open source software includes a full-featured TTS engine implementation. - </li> - <li>MUST support installation of third-party TTS engines. - </li> - <li>MUST provide a user-accessible interface that allows users to select a TTS engine for use at the system level. - </li> - </ul> - <h3 id="3_12_tv_input_framework"> - 3.12. TV Input Framework - </h3> - <p> - The <a href="http://source.android.com/devices/tv/index.html">Android Television Input Framework (TIF)</a> simplifies the delivery of live content to Android Television devices. TIF provides a standard API to create input modules that control Android Television devices. Android Television device implementations MUST support TV Input Framework. - </p> - <p> - Device implementations that support TIF MUST declare the platform feature android.software.live_tv. - </p> - <h4 id="3_12_1_tv_app"> - 3.12.1. TV App - </h4> - <p> - Any device implementation that declares support for Live TV MUST have an installed TV application (TV App). The Android Open Source Project provides an implementation of the TV App. - </p> - <p> - The TV App MUST provide facilities to install and use <a href="http://developer.android.com/reference/android/media/tv/TvContract.Channels.html">TV Channels</a> and meet the following requirements: - </p> - <ul> - <li>Device implementations MUST allow third-party TIF-based inputs ( <a href="https://source.android.com/devices/tv/index.html#third-party_input_example">third-party inputs</a> ) to be installed and managed. - </li> - <li>Device implementations MAY provide visual separation between pre-installed <a href="https://source.android.com/devices/tv/index.html#tv_inputs">TIF-based inputs</a> (installed inputs) and third-party inputs. - </li> - <li>Device implementations MUST NOT display the third-party inputs more than a single navigation action away from the TV App (i.e. expanding a list of third-party inputs from the TV App). - </li> - </ul> - <h5 id="3_12_1_1_electronic_program_guide"> - 3.12.1.1. Electronic Program Guide - </h5> - <p> - Android Television device implementations MUST show an informational and interactive overlay, which MUST include an electronic program guide (EPG) generated from the values in the <a href="https://developer.android.com/reference/android/media/tv/TvContract.Programs.html">TvContract.Programs</a> fields. The EPG MUST meet the following requirements: - </p> - <ul> - <li>The EPG MUST display information from all installed inputs and third-party inputs. - </li> - <li>The EPG MAY provide visual separation between the installed inputs and third-party inputs. - </li> - <li>The EPG is STRONGLY RECOMMENDED to display installed inputs and third-party inputs with equal prominence. The EPG MUST NOT display the third-party inputs more than a single navigation action away from the installed inputs on the EPG. - </li> - <li>On channel change, device implementations MUST display EPG data for the currently playing program. - </li> - </ul> - <h5 id="3_12_1_2_navigation"> - 3.12.1.2. Navigation - </h5> - <p> - The TV App MUST allow navigation for the following functions via the D-pad, Back, and Home keys on the Android Television device’s input device(s) (i.e. remote control, remote control application, or game controller): - </p> - <ul> - <li>Changing TV channels - </li> - <li>Opening EPG - </li> - <li>Configuring and tuning to third-party TIF-based inputs - </li> - <li>Opening Settings menu - </li> - </ul> - <p> - The TV App SHOULD pass key events to HDMI inputs through CEC. - </p> - <h5 id="3_12_1_3_tv_input_app_linking"> - 3.12.1.3. TV input app linking - </h5> - <p> - Android Television device implementations MUST support <a href="http://developer.android.com/reference/android/media/tv/TvContract.Channels.html#COLUMN_APP_LINK_INTENT_URI">TV input app linking</a> , which allows all inputs to provide activity links from the current activity to another activity (i.e. a link from live programming to related content). The TV App MUST show TV input app linking when it is provided. - </p> - <h5 id="3_12_1_4_time_shifting"> - 3.12.1.4. Time shifting - </h5> - <p> - Android Television device implementations MUST support time shifting, which allows the user to pause and resume live content. Device implementations MUST provide the user a way to pause and resume the currently playing program, if time shifting for that program <a href="https://developer.android.com/reference/android/media/tv/TvInputManager.html#TIME_SHIFT_STATUS_AVAILABLE">is available</a> . - </p> - <h5 id="3_12_1_5_tv_recording"> - 3.12.1.5. TV recording - </h5> - <p> - Android Television device implementations are STRONGLY RECOMMENDED to support TV recording. If the TV input supports recording, the EPG MAY provide a way to <a href="https://developer.android.com/reference/android/media/tv/TvInputInfo.html#canRecord%28%29">record a program</a> if the recording of such a program is not <a href="https://developer.android.com/reference/android/media/tv/TvContract.Programs.html#COLUMN_RECORDING_PROHIBITED">prohibited</a> . Device implementations SHOULD provide a user interface to play recorded programs. - </p> - <h3 id="3_13_quick_settings"> - 3.13. Quick Settings - </h3> - <p> - Android device implementations SHOULD include a Quick Settings UI component that allow quick access to frequently used or urgently needed actions. - </p> - <p> - Android includes the <a href="https://developer.android.com/reference/android/service/quicksettings/package-summary.html"><code>quicksettings</code></a> API allowing third party apps to implement tiles that can be added by the user alongside the system-provided tiles in the Quick Settings UI component. If a device implementation has a Quick Settings UI component, it: - </p> - <ul> - <li>MUST allow the user to add or remove tiles from a third-party app to Quick Settings. - </li> - <li>MUST NOT automatically add a tile from a third-party app directly to Quick Settings. - </li> - <li>MUST display all the user-added tiles from third-party apps alongside the system-provided quick setting tiles. - </li> - </ul> - <h3 id="3_14_vehicle_ui_apis"> - 3.14. Vehicle UI APIs - </h3> - <h4 id="3_14_1__vehicle_media_ui"> - 3.14.1. Vehicle Media UI - </h4> - <p> - Any device implementation that <a href="https://developer.android.com/reference/android/content/pm/PackageManager.html?#FEATURE_AUTOMOTIVE?">declares automotive support</a> MUST include a UI framework to support third-party apps consuming the <a href="http://developer.android.com/reference/android/media/browse/MediaBrowser.html">MediaBrowser</a> and <a href="http://developer.android.com/reference/android/media/session/MediaSession.html">MediaSession</a> APIs. - </p> - <p> - The UI framework supporting third-party apps that depend on MediaBrowser and MediaSession has the following visual requirements: - </p> - <ul> - <li>MUST display <a href="http://developer.android.com/reference/android/media/browse/MediaBrowser.MediaItem.html">MediaItem</a> icons and notification icons unaltered. - </li> - <li>MUST display those items as described by MediaSession, e.g., metadata, icons, imagery. - </li> - <li>MUST show app title. - </li> - <li>MUST have drawer to present <a href="http://developer.android.com/reference/android/media/browse/MediaBrowser.html">MediaBrowser</a> hierarchy. - </li> - </ul> - <h2 id="4_application_packaging_compatibility"> - 4. Application Packaging Compatibility - </h2> - <p> - Device implementations MUST install and run Android “.apk” files as generated by the “aapt” tool included in the <a href="http://developer.android.com/tools/help/index.html">official Android SDK</a> . For this reason device implementations SHOULD use the reference implementation’s package management system. - </p> - <p> - The package manager MUST support verifying “.apk” files using the <a href="https://source.android.com/security/apksigning/v2.html">APK Signature Scheme v2</a> . - </p> - <p> - Devices implementations MUST NOT extend either the <a href="http://developer.android.com/guide/components/fundamentals.html">.apk</a> , <a href="http://developer.android.com/guide/topics/manifest/manifest-intro.html">Android Manifest</a> , <a href="https://android.googlesource.com/platform/dalvik/">Dalvik bytecode</a> , or RenderScript bytecode formats in such a way that would prevent those files from installing and running correctly on other compatible devices. - </p> - <p> - Device implementations MUST NOT allow apps other than the current "installer of record" for the package to silently uninstall the app without any prompt, as documented in the SDK for the <a href="https://developer.android.com/reference/android/Manifest.permission.html#DELETE_PACKAGES"><code>DELETE_PACKAGE</code></a> permission. The only exceptions are the system package verifier app handling <a href="https://developer.android.com/reference/android/content/Intent.html#ACTION_PACKAGE_NEEDS_VERIFICATION">PACKAGE_NEEDS_VERIFICATION</a> intent and the storage manager app handling <a href="https://developer.android.com/reference/android/os/storage/StorageManager.html#ACTION_MANAGE_STORAGE">ACTION_MANAGE_STORAGE</a> intent. - </p> - <h2 id="5_multimedia_compatibility"> - 5. Multimedia Compatibility - </h2> - <h3 id="5_1_media_codecs"> - 5.1. Media Codecs - </h3> - <p> - Device implementations— - </p> - <ul> - <li> - <p> - MUST support the <a href="http://developer.android.com/guide/appendix/media-formats.html">core media formats</a> specified in the Android SDK documentation, except where explicitly permitted in this document. - </p> - </li> - <li> - <p> - MUST support the media formats, encoders, decoders, file types, and container formats defined in the tables below and reported via <a href="http://developer.android.com/reference/android/media/MediaCodecList.html">MediaCodecList</a> . - </p> - </li> - <li> - <p> - MUST also be able to decode all profiles reported in its <a href="http://developer.android.com/reference/android/media/CamcorderProfile.html">CamcorderProfile</a> - </p> - </li> - <li> - <p> - MUST be able to decode all formats it can encode. This includes all bitstreams that its encoders generate. - </p> - </li> - </ul> - <p> - Codecs SHOULD aim for minimum codec latency, in other words, codecs— - </p> - <ul> - <li>SHOULD NOT consume and store input buffers and return input buffers only once processed - </li> - <li>SHOULD NOT hold onto decoded buffers for longer than as specified by the standard (e.g. SPS). - </li> - <li>SHOULD NOT hold onto encoded buffers longer than required by the GOP structure. - </li> - </ul> - <p> - All of the codecs listed in the table below are provided as software implementations in the preferred Android implementation from the Android Open Source Project. - </p> - <p> - Please note that neither Google nor the Open Handset Alliance make any representation that these codecs are free from third-party patents. Those intending to use this source code in hardware or software products are advised that implementations of this code, including in open source software or shareware, may require patent licenses from the relevant patent holders. - </p> - <h4 id="5_1_1_audio_codecs"> - 5.1.1. Audio Codecs - </h4> - <table> - <tr> - <th> - Format/Codec - </th> - <th> - Encoder - </th> - <th> - Decoder - </th> - <th> - Details - </th> - <th> - Supported File Types/Container Formats - </th> - </tr> - <tr> - <td> - MPEG-4 AAC Profile<br /> - (AAC LC) - </td> - <td> - REQUIRED <sup>1</sup> - </td> - <td> - REQUIRED - </td> - <td> - Support for mono/stereo/5.0/5.1 <sup>2</sup> content with standard sampling rates from 8 to 48 kHz. - </td> - <td> - <ul> - <li class="table_list">3GPP (.3gp) - </li> - <li class="table_list">MPEG-4 (.mp4, .m4a) - </li> - <li class="table_list">ADTS raw AAC (.aac, decode in Android 3.1+, encode in Android 4.0+, ADIF not supported) - </li> - <li class="table_list">MPEG-TS (.ts, not seekable, Android 3.0+) - </li> - </ul> - </td> - </tr> - <tr> - <td> - MPEG-4 HE AAC Profile (AAC+) - </td> - <td> - REQUIRED <sup>1</sup><br /> - (Android 4.1+) - </td> - <td> - REQUIRED - </td> - <td> - Support for mono/stereo/5.0/5.1 <sup>2</sup> content with standard sampling rates from 16 to 48 kHz. - </td> - <td></td> - </tr> - <tr> - <td> - MPEG-4 HE AACv2<br /> - Profile (enhanced AAC+) - </td> - <td></td> - <td> - REQUIRED - </td> - <td> - Support for mono/stereo/5.0/5.1 <sup>2</sup> content with standard sampling rates from 16 to 48 kHz. - </td> - <td></td> - </tr> - <tr> - <td> - AAC ELD (enhanced low delay AAC) - </td> - <td> - REQUIRED <sup>1</sup><br /> - (Android 4.1+) - </td> - <td> - REQUIRED<br /> - (Android 4.1+) - </td> - <td> - Support for mono/stereo content with standard sampling rates from 16 to 48 kHz. - </td> - <td></td> - </tr> - <tr> - <td> - AMR-NB - </td> - <td> - REQUIRED <sup>3</sup> - </td> - <td> - REQUIRED <sup>3</sup> - </td> - <td> - 4.75 to 12.2 kbps sampled @ 8 kHz - </td> - <td> - 3GPP (.3gp) - </td> - </tr> - <tr> - <td> - AMR-WB - </td> - <td> - REQUIRED <sup>3</sup> - </td> - <td> - REQUIRED <sup>3</sup> - </td> - <td> - 9 rates from 6.60 kbit/s to 23.85 kbit/s sampled @ 16 kHz - </td> - <td></td> - </tr> - <tr> - <td> - FLAC - </td> - <td></td> - <td> - REQUIRED<br /> - (Android 3.1+) - </td> - <td> - Mono/Stereo (no multichannel). Sample rates up to 48 kHz (but up to 44.1 kHz is RECOMMENDED on devices with 44.1 kHz output, as the 48 to 44.1 kHz downsampler does not include a low-pass filter). 16-bit RECOMMENDED; no dither applied for 24-bit. - </td> - <td> - FLAC (.flac) only - </td> - </tr> - <tr> - <td> - MP3 - </td> - <td></td> - <td> - REQUIRED - </td> - <td> - Mono/Stereo 8-320Kbps constant (CBR) or variable bitrate (VBR) - </td> - <td> - MP3 (.mp3) - </td> - </tr> - <tr> - <td> - MIDI - </td> - <td></td> - <td> - REQUIRED - </td> - <td> - MIDI Type 0 and 1. DLS Version 1 and 2. XMF and Mobile XMF. Support for ringtone formats RTTTL/RTX, OTA, and iMelody - </td> - <td> - <ul> - <li class="table_list">Type 0 and 1 (.mid, .xmf, .mxmf) - </li> - <li class="table_list">RTTTL/RTX (.rtttl, .rtx) - </li> - <li class="table_list">OTA (.ota) - </li> - <li class="table_list">iMelody (.imy) - </li> - </ul> - </td> - </tr> - <tr> - <td> - Vorbis - </td> - <td></td> - <td> - REQUIRED - </td> - <td></td> - <td> - <ul> - <li class="table_list">Ogg (.ogg) - </li> - <li class="table_list">Matroska (.mkv, Android 4.0+) - </li> - </ul> - </td> - </tr> - <tr> - <td> - PCM/WAVE - </td> - <td> - REQUIRED <sup>4</sup><br /> - (Android 4.1+) - </td> - <td> - REQUIRED - </td> - <td> - 16-bit linear PCM (rates up to limit of hardware). Devices MUST support sampling rates for raw PCM recording at 8000, 11025, 16000, and 44100 Hz frequencies. - </td> - <td> - WAVE (.wav) - </td> - </tr> - <tr> - <td> - Opus - </td> - <td></td> - <td> - REQUIRED<br /> - (Android 5.0+) - </td> - <td></td> - <td> - Matroska (.mkv), Ogg(.ogg) - </td> - </tr> - </table> - <p class="table_footnote"> - 1 Required for device implementations that define android.hardware.microphone but optional for Android Watch device implementations. - </p> - <p class="table_footnote"> - 2 Recording or playback MAY be performed in mono or stereo, but the decoding of AAC input buffers of multichannel streams (i.e. more than two channels) to PCM through the default AAC audio decoder in the android.media.MediaCodec API, the following MUST be supported: - </p> - <ul> - <li>decoding is performed without downmixing (e.g. a 5.0 AAC stream must be decoded to five channels of PCM, a 5.1 AAC stream must be decoded to six channels of PCM), - </li> - <li>dynamic range metadata, as defined in "Dynamic Range Control (DRC)" in ISO/IEC 14496-3, and the android.media.MediaFormat DRC keys to configure the dynamic range-related behaviors of the audio decoder. The AAC DRC keys were introduced in API 21,and are: KEY_AAC_DRC_ATTENUATION_FACTOR, KEY_AAC_DRC_BOOST_FACTOR, KEY_AAC_DRC_HEAVY_COMPRESSION, KEY_AAC_DRC_TARGET_REFERENCE_LEVEL and KEY_AAC_ENCODED_TARGET_LEVEL - </li> - </ul> - <p class="table_footnote"> - 3 Required for Android Handheld device implementations. - </p> - <p class="table_footnote"> - 4 Required for device implementations that define android.hardware.microphone, including Android Watch device implementations. - </p> - <h4 id="5_1_2_image_codecs"> - 5.1.2. Image Codecs - </h4> - <table> - <tr> - <th> - Format/Codec - </th> - <th> - Encoder - </th> - <th> - Decoder - </th> - <th> - Details - </th> - <th> - Supported File Types/Container Formats - </th> - </tr> - <tr> - <td> - JPEG - </td> - <td> - REQUIRED - </td> - <td> - REQUIRED - </td> - <td> - Base+progressive - </td> - <td> - JPEG (.jpg) - </td> - </tr> - <tr> - <td> - GIF - </td> - <td></td> - <td> - REQUIRED - </td> - <td></td> - <td> - GIF (.gif) - </td> - </tr> - <tr> - <td> - PNG - </td> - <td> - REQUIRED - </td> - <td> - REQUIRED - </td> - <td></td> - <td> - PNG (.png) - </td> - </tr> - <tr> - <td> - BMP - </td> - <td></td> - <td> - REQUIRED - </td> - <td></td> - <td> - BMP (.bmp) - </td> - </tr> - <tr> - <td> - WebP - </td> - <td> - REQUIRED - </td> - <td> - REQUIRED - </td> - <td></td> - <td> - WebP (.webp) - </td> - </tr> - <tr> - <td> - Raw - </td> - <td></td> - <td> - REQUIRED - </td> - <td></td> - <td> - ARW (.arw), CR2 (.cr2), DNG (.dng), NEF (.nef), NRW (.nrw), ORF (.orf), PEF (.pef), RAF (.raf), RW2 (.rw2), SRW (.srw) - </td> - </tr> - </table> - <h4 id="5_1_3_video_codecs"> - 5.1.3. Video Codecs - </h4> - <ul> - <li> - <p> - Codecs advertising HDR profile support MUST support HDR static metadata parsing and handling. - </p> - </li> - <li> - <p> - If a media codec advertises intra refresh support, then it MUST support the refresh periods in the range of 10 - 60 frames and accurately operate within 20% of configured refresh period. - </p> - </li> - <li> - <p> - Video codecs MUST support output and input bytebuffer sizes that accommodate the largest feasible compressed and uncompressed frame as dictated by the standard and configuration but also not overallocate. - </p> - </li> - <li> - <p> - Video encoders and decoders MUST support YUV420 flexible color format (COLOR_FormatYUV420Flexible). - </p> - </li> - </ul> - <table> - <tr> - <th> - Format/Codec - </th> - <th> - Encoder - </th> - <th> - Decoder - </th> - <th> - Details - </th> - <th> - Supported File Types/<br /> - Container Formats - </th> - </tr> - <tr> - <td> - H.263 - </td> - <td> - MAY - </td> - <td> - MAY - </td> - <td></td> - <td> - <ul> - <li class="table_list">3GPP (.3gp) - </li> - <li class="table_list">MPEG-4 (.mp4) - </li> - </ul> - </td> - </tr> - <tr> - <td> - H.264 AVC - </td> - <td> - REQUIRED <sup>2</sup> - </td> - <td> - REQUIRED <sup>2</sup> - </td> - <td> - See <a href="#5_2_video_encoding">section 5.2</a> and <a href="#5_3_video_decoding">5.3</a> for details - </td> - <td> - <ul> - <li class="table_list">3GPP (.3gp) - </li> - <li class="table_list">MPEG-4 (.mp4) - </li> - <li class="table_list">MPEG-2 TS (.ts, AAC audio only, not seekable, Android 3.0+) - </li> - </ul> - </td> - </tr> - <tr> - <td> - H.265 HEVC - </td> - <td></td> - <td> - REQUIRED <sup>5</sup> - </td> - <td> - See <a href="#5_3_video_decoding">section 5.3</a> for details - </td> - <td> - MPEG-4 (.mp4) - </td> - </tr> - <tr> - <td> - MPEG-2 - </td> - <td></td> - <td> - STRONGLY RECOMMENDED <sup>6</sup> - </td> - <td> - Main Profile - </td> - <td> - MPEG2-TS - </td> - </tr> - <tr> - <td> - MPEG-4 SP - </td> - <td></td> - <td> - REQUIRED <sup>2</sup> - </td> - <td></td> - <td> - 3GPP (.3gp) - </td> - </tr> - <tr> - <td> - VP8 <sup>3</sup> - </td> - <td> - REQUIRED <sup>2</sup><br /> - (Android 4.3+) - </td> - <td> - REQUIRED <sup>2</sup><br /> - (Android 2.3.3+) - </td> - <td> - See <a href="#5_2_video_encoding">section 5.2</a> and <a href="#5_3_video_decoding">5.3</a> for details - </td> - <td> - <ul> - <li class="table_list"> - <a href="http://www.webmproject.org/">WebM (.webm)</a> - </li> - <li class="table_list">Matroska (.mkv, Android 4.0+) <sup>4</sup> - </li> - </ul> - </td> - </tr> - <tr> - <td> - VP9 - </td> - <td></td> - <td> - REQUIRED <sup>2</sup><br /> - (Android 4.4+) - </td> - <td> - See <a href="#5_3_video_decoding">section 5.3</a> for details - </td> - <td> - <ul> - <li class="table_list"> - <a href="http://www.webmproject.org/">WebM (.webm)</a> - </li> - <li class="table_list">Matroska (.mkv, Android 4.0+) <sup>4</sup> - </li> - </ul> - </td> - </tr> - </table> - <p class="table_footnote"> - 1 Required for device implementations that include camera hardware and define android.hardware.camera or android.hardware.camera.front. - </p> - <p class="table_footnote"> - 2 Required for device implementations except Android Watch devices. - </p> - <p class="table_footnote"> - 3 For acceptable quality of web video streaming and video-conference services, device implementations SHOULD use a hardware VP8 codec that meets the <a href="http://www.webmproject.org/hardware/rtc-coding-requirements/">requirements</a> . - </p> - <p class="table_footnote"> - 4 Device implementations SHOULD support writing Matroska WebM files. - </p> - <p class="table_footnote"> - 5 STRONGLY RECOMMENDED for Android Automotive, optional for Android Watch, and required for all other device types. - </p> - <p class="table_footnote"> - 6 Applies only to Android Television device implementations. - </p> - <h3 id="5_2_video_encoding"> - 5.2. Video Encoding - </h3> - <div class="note"> - Video codecs are optional for Android Watch device implementations. - </div> - <p> - H.264, VP8, VP9 and HEVC video encoders— - </p> - <ul> - <li>MUST support dynamically configurable bitrates. - </li> - <li>SHOULD support variable frame rates, where video encoder SHOULD determine instantaneous frame duration based on the timestamps of input buffers, and allocate its bit bucket based on that frame duration. - </li> - </ul> - <p> - H.263 and MPEG-4 video encoder SHOULD support dynamically configurable bitrates. - </p> - <p> - All video encoders SHOULD meet the following bitrate targets over two sliding windows: - </p> - <ul> - <li>It SHOULD be not more than ~15% over the bitrate between intraframe (I-frame) intervals. - </li> - <li>It SHOULD be not more than ~100% over the bitrate over a sliding window of 1 second. - </li> - </ul> - <h4 id="5_2_1_h_263"> - 5.2.1. H.263 - </h4> - <p> - Android device implementations with H.263 encoders MUST support Baseline Profile Level 45. - </p> - <h4 id="5_2_2_h-264"> - 5.2.2. H-264 - </h4> - <p> - Android device implementations with H.264 codec support: - </p> - <ul> - <li>MUST support Baseline Profile Level 3.<br /> - However, support for ASO (Arbitrary Slice Ordering), FMO (Flexible Macroblock Ordering) and RS (Redundant Slices) is OPTIONAL. Moreover, to maintain compatibility with other Android devices, it is RECOMMENDED that ASO, FMO and RS are not used for Baseline Profile by encoders. - </li> - <li>MUST support the SD (Standard Definition) video encoding profiles in the following table. - </li> - <li>SHOULD support Main Profile Level 4. - </li> - <li>SHOULD support the HD (High Definition) video encoding profiles as indicated in the following table. - </li> - <li>In addition, Android Television devices are STRONGLY RECOMMENDED to encode HD 1080p video at 30 fps. - </li> - </ul> - <table> - <tr> - <th></th> - <th> - SD (Low quality) - </th> - <th> - SD (High quality) - </th> - <th> - HD 720p <sup>1</sup> - </th> - <th> - HD 1080p <sup>1</sup> - </th> - </tr> - <tr> - <th> - Video resolution - </th> - <td> - 320 x 240 px - </td> - <td> - 720 x 480 px - </td> - <td> - 1280 x 720 px - </td> - <td> - 1920 x 1080 px - </td> - </tr> - <tr> - <th> - Video frame rate - </th> - <td> - 20 fps - </td> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - </tr> - <tr> - <th> - Video bitrate - </th> - <td> - 384 Kbps - </td> - <td> - 2 Mbps - </td> - <td> - 4 Mbps - </td> - <td> - 10 Mbps - </td> - </tr> - </table> - <p class="table_footnote"> - 1 When supported by hardware, but STRONGLY RECOMMENDED for Android Television devices. - </p> - <h4 id="5_2_3_vp8"> - 5.2.3. VP8 - </h4> - <p> - Android device implementations with VP8 codec support MUST support the SD video encoding profiles and SHOULD support the following HD (High Definition) video encoding profiles. - </p> - <table> - <tr> - <th></th> - <th> - SD (Low quality) - </th> - <th> - SD (High quality) - </th> - <th> - HD 720p <sup>1</sup> - </th> - <th> - HD 1080p <sup>1</sup> - </th> - </tr> - <tr> - <th> - Video resolution - </th> - <td> - 320 x 180 px - </td> - <td> - 640 x 360 px - </td> - <td> - 1280 x 720 px - </td> - <td> - 1920 x 1080 px - </td> - </tr> - <tr> - <th> - Video frame rate - </th> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - </tr> - <tr> - <th> - Video bitrate - </th> - <td> - 800 Kbps - </td> - <td> - 2 Mbps - </td> - <td> - 4 Mbps - </td> - <td> - 10 Mbps - </td> - </tr> - </table> - <p class="table_footnote"> - 1 When supported by hardware. - </p> - <h3 id="5_3_video_decoding"> - 5.3. Video Decoding - </h3> - <div class="note"> - Video codecs are optional for Android Watch device implementations. - </div> - <p> - Device implementations— - </p> - <ul> - <li> - <p> - MUST support dynamic video resolution and frame rate switching through the standard Android APIs within the same stream for all VP8, VP9, H.264, and H.265 codecs in real time and up to the maximum resolution supported by each codec on the device. - </p> - </li> - <li> - <p> - Implementations that support the Dolby Vision decoder— - </p> - </li> - <li>MUST provide a Dolby Vision-capable extractor. - </li> - <li> - <p> - MUST properly display Dolby Vision content on the device screen or on a standard video output port (e.g., HDMI). - </p> - </li> - <li> - <p> - Implementations that provide a Dolby Vision-capable extractor MUST set the track index of backward-compatible base-layer(s) (if present) to be the same as the combined Dolby Vision layer's track index. - </p> - </li> - </ul> - <h4 id="5_3_1_mpeg-2"> - 5.3.1. MPEG-2 - </h4> - <p> - Android device implementations with MPEG-2 decoders must support the Main Profile High Level. - </p> - <h4 id="5_3_2_h_263"> - 5.3.2. H.263 - </h4> - <p> - Android device implementations with H.263 decoders MUST support Baseline Profile Level 30 and Level 45. - </p> - <h4 id="5_3_3_mpeg-4"> - 5.3.3. MPEG-4 - </h4> - <p> - Android device implementations with MPEG-4 decoders MUST support Simple Profile Level 3. - </p> - <h4 id="5_3_4_h_264"> - 5.3.4. H.264 - </h4> - <p> - Android device implementations with H.264 decoders: - </p> - <ul> - <li>MUST support Main Profile Level 3.1 and Baseline Profile.<br /> - Support for ASO (Arbitrary Slice Ordering), FMO (Flexible Macroblock Ordering) and RS (Redundant Slices) is OPTIONAL. - </li> - <li>MUST be capable of decoding videos with the SD (Standard Definition) profiles listed in the following table and encoded with the Baseline Profile and Main Profile Level 3.1 (including 720p30). - </li> - <li>SHOULD be capable of decoding videos with the HD (High Definition) profiles as indicated in the following table. - </li> - <li>In addition, Android Television devices— + </td> + </tr> + <tr> + <td> + MPEG-4 HE AAC Profile (AAC+) + </td> + <td> + REQUIRED<sup>1</sup><br /> + (Android 4.1+) + </td> + <td> + REQUIRED + </td> + <td> + Support for mono/stereo/5.0/5.1<sup>2</sup> content with standard sampling rates from 16 to 48 kHz. + </td> + <td></td> + </tr> + <tr> + <td> + MPEG-4 HE AACv2<br /> + Profile (enhanced AAC+) + </td> + <td></td> + <td> + REQUIRED + </td> + <td> + Support for mono/stereo/5.0/5.1<sup>2</sup> content with standard sampling rates from 16 to 48 kHz. + </td> + <td></td> + </tr> + <tr> + <td> + AAC ELD (enhanced low delay AAC) + </td> + <td> + REQUIRED<sup>1</sup><br /> + (Android 4.1+) + </td> + <td> + REQUIRED<br /> + (Android 4.1+) + </td> + <td> + Support for mono/stereo content with standard sampling rates from 16 to 48 kHz. + </td> + <td></td> + </tr> + <tr> + <td> + AMR-NB + </td> + <td> + REQUIRED<sup>3</sup> + </td> + <td> + REQUIRED<sup>3</sup> + </td> + <td> + 4.75 to 12.2 kbps sampled @ 8 kHz + </td> + <td> + 3GPP (.3gp) + </td> + </tr> + <tr> + <td> + AMR-WB + </td> + <td> + REQUIRED<sup>3</sup> + </td> + <td> + REQUIRED<sup>3</sup> + </td> + <td> + 9 rates from 6.60 kbit/s to 23.85 kbit/s sampled @ 16 kHz + </td> + <td></td> + </tr> + <tr> + <td> + FLAC + </td> + <td></td> + <td> + REQUIRED<br /> + (Android 3.1+) + </td> + <td> + Mono/Stereo (no multichannel). Sample rates up to 48 kHz (but up to 44.1 kHz is RECOMMENDED on devices with 44.1 kHz output, as the 48 to 44.1 kHz downsampler does not include a low-pass filter). 16-bit RECOMMENDED; no dither applied for 24-bit. + </td> + <td> + FLAC (.flac) only + </td> + </tr> + <tr> + <td> + MP3 + </td> + <td></td> + <td> + REQUIRED + </td> + <td> + Mono/Stereo 8-320Kbps constant (CBR) or variable bitrate (VBR) + </td> + <td> + MP3 (.mp3) + </td> + </tr> + <tr> + <td> + MIDI + </td> + <td></td> + <td> + REQUIRED + </td> + <td> + MIDI Type 0 and 1. DLS Version 1 and 2. XMF and Mobile XMF. Support for ringtone formats RTTTL/RTX, OTA, and iMelody + </td> + <td> <ul> - <li>MUST support High Profile Level 4.2 and the HD 1080p60 decoding profile. - </li> - <li>MUST be capable of decoding videos with both HD profiles as indicated in the following table and encoded with either the Baseline Profile, Main Profile, or the High Profile Level 4.2 + <li class="table_list">Type 0 and 1 (.mid, .xmf, .mxmf) </li> - </ul> - </li> - </ul> - <table> - <tr> - <th></th> - <th> - SD (Low quality) - </th> - <th> - SD (High quality) - </th> - <th> - HD 720p <sup>1</sup> - </th> - <th> - HD 1080p <sup>1</sup> - </th> - </tr> - <tr> - <th> - Video resolution - </th> - <td> - 320 x 240 px - </td> - <td> - 720 x 480 px - </td> - <td> - 1280 x 720 px - </td> - <td> - 1920 x 1080 px - </td> - </tr> - <tr> - <th> - Video frame rate - </th> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - <td> - 60 fps - </td> - <td> - 30 fps (60 fps <sup>2</sup> ) - </td> - </tr> - <tr> - <th> - Video bitrate - </th> - <td> - 800 Kbps - </td> - <td> - 2 Mbps - </td> - <td> - 8 Mbps - </td> - <td> - 20 Mbps - </td> - </tr> - </table> - <p class="table_footnote"> - 1 REQUIRED for when the height as reported by the Display.getSupportedModes() method is equal or greater than the video resolution. - </p> - <p class="table_footnote"> - 2 REQUIRED for Android Television device implementations. - </p> - <h4 id="5_3_5_h_265_(hevc)"> - 5.3.5. H.265 (HEVC) - </h4> - <p> - Android device implementations, when supporting H.265 codec as described in <a href="#5_1_3_video_codecs">section 5.1.3</a> : - </p> - <ul> - <li>MUST support the Main Profile Level 3 Main tier and the SD video decoding profiles as indicated in the following table. - </li> - <li>SHOULD support the HD decoding profiles as indicated in the following table. - </li> - <li>MUST support the HD decoding profiles as indicated in the following table if there is a hardware decoder. - </li> - <li>In addition, Android Television devices: - </li> - <li>MUST support the HD 720p decoding profile. - </li> - <li>STRONGLY RECOMMENDED to support the HD 1080p decoding profile. If the HD 1080p decoding profile is supported, it MUST support the Main Profile Level 4.1 Main tier. - </li> - <li>SHOULD support the UHD decoding profile. If the UHD decoding profile is supported the codec MUST support Main10 Level 5 Main Tier profile. - </li> - </ul> - <table> - <tr> - <th></th> - <th> - SD (Low quality) - </th> - <th> - SD (High quality) - </th> - <th> - HD 720p - </th> - <th> - HD 1080p - </th> - <th> - UHD - </th> - </tr> - <tr> - <th> - Video resolution - </th> - <td> - 352 x 288 px - </td> - <td> - 720 x 480 px - </td> - <td> - 1280 x 720 px - </td> - <td> - 1920 x 1080 px - </td> - <td> - 3840 x 2160 px - </td> - </tr> - <tr> - <th> - Video frame rate - </th> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - <td> - 30 fps (60 fps <sup>1</sup> ) - </td> - <td> - 60 fps - </td> - </tr> - <tr> - <th> - Video bitrate - </th> - <td> - 600 Kbps - </td> - <td> - 1.6 Mbps - </td> - <td> - 4 Mbps - </td> - <td> - 5 Mbps - </td> - <td> - 20 Mbps - </td> - </tr> - </table> - <p class="table_footnote"> - 1 REQUIRED for Android Television device implementations with H.265 hardware decoding. - </p> - <h4 id="5_3_6_vp8"> - 5.3.6. VP8 - </h4> - <p> - Android device implementations, when supporting VP8 codec as described in <a href="https://source.android.com/compatibility/android-cdd.html#5_1_3_video_codecs">section 5.1.3</a> : - </p> - <ul> - <li>MUST support the SD decoding profiles in the following table. - </li> - <li>SHOULD support the HD decoding profiles in the following table. - </li> - <li>Android Television devices MUST support the HD 1080p60 decoding profile. - </li> - </ul> - <table> - <tr> - <th></th> - <th> - SD (Low quality) - </th> - <th> - SD (High quality) - </th> - <th> - HD 720p <sup>1</sup> - </th> - <th> - HD 1080p <sup>1</sup> - </th> - </tr> - <tr> - <th> - Video resolution - </th> - <td> - 320 x 180 px - </td> - <td> - 640 x 360 px - </td> - <td> - 1280 x 720 px - </td> - <td> - 1920 x 1080 px - </td> - </tr> - <tr> - <th> - Video frame rate - </th> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - <td> - 30 fps (60 fps <sup>2</sup> ) - </td> - <td> - 30 (60 fps <sup>2</sup> ) - </td> - </tr> - <tr> - <th> - Video bitrate - </th> - <td> - 800 Kbps - </td> - <td> - 2 Mbps - </td> - <td> - 8 Mbps - </td> - <td> - 20 Mbps - </td> - </tr> - </table> - <p class="table_footnote"> - 1 REQUIRED for when the height as reported by the Display.getSupportedModes() method is equal or greater than the video resolution. - </p> - <p class="table_footnote"> - 2 REQUIRED for Android Television device implementations. - </p> - <h4 id="5_3_7_vp9"> - 5.3.7. VP9 - </h4> - <p> - Android device implementations, when supporting VP9 codec as described in <a href="https://source.android.com/compatibility/android-cdd.html#5_1_3_video_codecs">section 5.1.3</a> : - </p> - <ul> - <li>MUST support the SD video decoding profiles as indicated in the following table. - </li> - <li>SHOULD support the HD decoding profiles as indicated in the following table. - </li> - <li>MUST support the HD decoding profiles as indicated in the following table, if there is a hardware decoder. - </li> - <li> - <p> - In addition, Android Television devices: - </p> - <ul> - <li>MUST support the HD 720p decoding profile. + <li class="table_list">RTTTL/RTX (.rtttl, .rtx) </li> - <li>STRONGLY RECOMMENDED to support the HD 1080p decoding profile. + <li class="table_list">OTA (.ota) </li> - <li>SHOULD support the UHD decoding profile. If the UHD video decoding profile is supported, it MUST support 8-bit color depth and SHOULD support VP9 Profile 2 (10-bit). + <li class="table_list">iMelody (.imy) </li> </ul> - </li> - </ul> - <table> - <tr> - <th></th> - <th> - SD (Low quality) - </th> - <th> - SD (High quality) - </th> - <th> - HD 720p - </th> - <th> - HD 1080p - </th> - <th> - UHD - </th> - </tr> - <tr> - <th> - Video resolution - </th> - <td> - 320 x 180 px - </td> - <td> - 640 x 360 px - </td> - <td> - 1280 x 720 px - </td> - <td> - 1920 x 1080 px - </td> - <td> - 3840 x 2160 px - </td> - </tr> - <tr> - <th> - Video frame rate - </th> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - <td> - 30 fps - </td> - <td> - 30 fps (60 fps <sup>1</sup> ) - </td> - <td> - 60 fps - </td> - </tr> - <tr> - <th> - Video bitrate - </th> - <td> - 600 Kbps - </td> - <td> - 1.6 Mbps - </td> - <td> - 4 Mbps - </td> - <td> - 5 Mbps - </td> - <td> - 20 Mbps - </td> - </tr> - </table> - <p class="table_footnote"> - 1 REQUIRED for Android Television device implementations with VP9 hardware decoding. - </p> - <h3 id="5_4_audio_recording"> - 5.4. Audio Recording - </h3> - <p> - While some of the requirements outlined in this section are stated as SHOULD since Android 4.3, the Compatibility Definition for a future version is planned to change these to MUST. Existing and new Android devices are <strong>STRONGLY RECOMMENDED</strong> to meet these requirements that are stated as SHOULD, or they will not be able to attain Android compatibility when upgraded to the future version. - </p> - <h4 id="5_4_1_raw_audio_capture"> - 5.4.1. Raw Audio Capture - </h4> - <p> - Device implementations that declare android.hardware.microphone MUST allow capture of raw audio content with the following characteristics: - </p> - <ul> - <li> - <strong>Format</strong> : Linear PCM, 16-bit - </li> - <li> - <strong>Sampling rates</strong> : 8000, 11025, 16000, 44100 - </li> - <li> - <strong>Channels</strong> : Mono - </li> - </ul> - <p> - The capture for the above sample rates MUST be done without up-sampling, and any down-sampling MUST include an appropriate anti-aliasing filter. - </p> - <p> - Device implementations that declare android.hardware.microphone SHOULD allow capture of raw audio content with the following characteristics: - </p> - <ul> - <li> - <strong>Format</strong> : Linear PCM, 16-bit - </li> - <li> - <strong>Sampling rates</strong> : 22050, 48000 - </li> - <li> - <strong>Channels</strong> : Stereo - </li> - </ul> - <p> - If capture for the above sample rates is supported, then the capture MUST be done without up-sampling at any ratio higher than 16000:22050 or 44100:48000. Any up-sampling or down-sampling MUST include an appropriate anti-aliasing filter. - </p> - <h4 id="5_4_2_capture_for_voice_recognition"> - 5.4.2. Capture for Voice Recognition - </h4> - <p> - The android.media.MediaRecorder.AudioSource.VOICE_RECOGNITION audio source MUST support capture at one of the sampling rates, 44100 and 48000. - </p> - <p> - In addition to the above recording specifications, when an application has started recording an audio stream using the android.media.MediaRecorder.AudioSource.VOICE_RECOGNITION audio source: - </p> - <ul> - <li>The device SHOULD exhibit approximately flat amplitude versus frequency characteristics: specifically, ±3 dB, from 100 Hz to 4000 Hz. - </li> - <li>Audio input sensitivity SHOULD be set such that a 90 dB sound power level (SPL) source at 1000 Hz yields RMS of 2500 for 16-bit samples. - </li> - <li>PCM amplitude levels SHOULD linearly track input SPL changes over at least a 30 dB range from -18 dB to +12 dB re 90 dB SPL at the microphone. - </li> - <li>Total harmonic distortion SHOULD be less than 1% for 1 kHz at 90 dB SPL input level at the microphone. - </li> - <li>Noise reduction processing, if present, MUST be disabled. - </li> - <li>Automatic gain control, if present, MUST be disabled. - </li> - </ul> - <p> - If the platform supports noise suppression technologies tuned for speech recognition, the effect MUST be controllable from the android.media.audiofx.NoiseSuppressor API. Moreover, the UUID field for the noise suppressor’s effect descriptor MUST uniquely identify each implementation of the noise suppression technology. - </p> - <h4 id="5_4_3_capture_for_rerouting_of_playback"> - 5.4.3. Capture for Rerouting of Playback - </h4> - <p> - The android.media.MediaRecorder.AudioSource class includes the REMOTE_SUBMIX audio source. Devices that declare android.hardware.audio.output MUST properly implement the REMOTE_SUBMIX audio source so that when an application uses the android.media.AudioRecord API to record from this audio source, it can capture a mix of all audio streams except for the following: - </p> - <ul> - <li>STREAM_RING - </li> - <li>STREAM_ALARM - </li> - <li>STREAM_NOTIFICATION - </li> - </ul> - <h3 id="5_5_audio_playback"> - 5.5. Audio Playback - </h3> - <p> - Device implementations that declare android.hardware.audio.output MUST conform to the requirements in this section. - </p> - <h4 id="5_5_1_raw_audio_playback"> - 5.5.1. Raw Audio Playback - </h4> - <p> - The device MUST allow playback of raw audio content with the following characteristics: - </p> - <ul> - <li> - <strong>Format</strong> : Linear PCM, 16-bit - </li> - <li> - <strong>Sampling rates</strong> : 8000, 11025, 16000, 22050, 32000, 44100 - </li> - <li> - <strong>Channels</strong> : Mono, Stereo - </li> - </ul> - <p> - The device SHOULD allow playback of raw audio content with the following characteristics: - </p> - <ul> - <li> - <strong>Sampling rates</strong> : 24000, 48000 - </li> - </ul> - <h4 id="5_5_2_audio_effects"> - 5.5.2. Audio Effects - </h4> - <p> - Android provides an <a href="http://developer.android.com/reference/android/media/audiofx/AudioEffect.html">API for audio effects</a> for device implementations. Device implementations that declare the feature android.hardware.audio.output: - </p> - <ul> - <li>MUST support the EFFECT_TYPE_EQUALIZER and EFFECT_TYPE_LOUDNESS_ENHANCER implementations controllable through the AudioEffect subclasses Equalizer, LoudnessEnhancer. - </li> - <li>MUST support the visualizer API implementation, controllable through the Visualizer class. - </li> - <li>SHOULD support the EFFECT_TYPE_BASS_BOOST, EFFECT_TYPE_ENV_REVERB, EFFECT_TYPE_PRESET_REVERB, and EFFECT_TYPE_VIRTUALIZER implementations controllable through the AudioEffect sub-classes BassBoost, EnvironmentalReverb, PresetReverb, and Virtualizer. - </li> - </ul> - <h4 id="5_5_3_audio_output_volume"> - 5.5.3. Audio Output Volume - </h4> - <p> - Android Television device implementations MUST include support for system Master Volume and digital audio output volume attenuation on supported outputs, except for compressed audio passthrough output (where no audio decoding is done on the device). - </p> - <p> - Android Automotive device implementations SHOULD allow adjusting audio volume separately per each audio stream using the content type or usage as defined by <a href="" title="http://developer.android.com/reference/android/media/AudioAttributes.html">AudioAttributes</a> and car audio usage as publicly defined in <code>android.car.CarAudioManager</code> . - </p> - <h3 id="5_6_audio_latency"> - 5.6. Audio Latency - </h3> - <p> - Audio latency is the time delay as an audio signal passes through a system. Many classes of applications rely on short latencies, to achieve real-time sound effects. - </p> - <p> - For the purposes of this section, use the following definitions: - </p> - <ul> - <li> - <strong>output latency</strong> . The interval between when an application writes a frame of PCM-coded data and when the corresponding sound is presented to environment at an on-device transducer or signal leaves the device via a port and can be observed externally. - </li> - <li> - <strong>cold output latency</strong> . The output latency for the first frame, when the audio output system has been idle and powered down prior to the request. - </li> - <li> - <strong>continuous output latency</strong> . The output latency for subsequent frames, after the device is playing audio. - </li> - <li> - <strong>input latency</strong> . The interval between when a sound is presented by environment to device at an on-device transducer or signal enters the device via a port and when an application reads the corresponding frame of PCM-coded data. - </li> - <li> - <strong>lost input</strong> . The initial portion of an input signal that is unusable or unavailable. - </li> - <li> - <strong>cold input latency</strong> . The sum of lost input time and the input latency for the first frame, when the audio input system has been idle and powered down prior to the request. - </li> - <li> - <strong>continuous input latency</strong> . The input latency for subsequent frames, while the device is capturing audio. - </li> - <li> - <strong>cold output jitter</strong> . The variability among separate measurements of cold output latency values. - </li> - <li> - <strong>cold input jitter</strong> . The variability among separate measurements of cold input latency values. - </li> - <li> - <strong>continuous round-trip latency</strong> . The sum of continuous input latency plus continuous output latency plus one buffer period. The buffer period allows time for the app to process the signal and time for the app to mitigate phase difference between input and output streams. - </li> - <li> - <strong>OpenSL ES PCM buffer queue API</strong> . The set of PCM-related OpenSL ES APIs within <a href="https://developer.android.com/ndk/index.html">Android NDK</a> . - </li> - </ul> - <p> - Device implementations that declare android.hardware.audio.output are STRONGLY RECOMMENDED to meet or exceed these audio output requirements: - </p> - <ul> - <li>cold output latency of 100 milliseconds or less - </li> - <li>continuous output latency of 45 milliseconds or less - </li> - <li>minimize the cold output jitter - </li> - </ul> - <p> - If a device implementation meets the requirements of this section after any initial calibration when using the OpenSL ES PCM buffer queue API, for continuous output latency and cold output latency over at least one supported audio output device, it is STRONGLY RECOMMENDED to report support for low-latency audio, by reporting the feature android.hardware.audio.low_latency via the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class. Conversely, if the device implementation does not meet these requirements it MUST NOT report support for low-latency audio. - </p> - <p> - Device implementations that include android.hardware.microphone are STRONGLY RECOMMENDED to meet these input audio requirements: - </p> - <ul> - <li>cold input latency of 100 milliseconds or less - </li> - <li>continuous input latency of 30 milliseconds or less - </li> - <li>continuous round-trip latency of 50 milliseconds or less - </li> - <li>minimize the cold input jitter - </li> - </ul> - <h3 id="5_7_network_protocols"> - 5.7. Network Protocols - </h3> - <p> - Devices MUST support the <a href="http://developer.android.com/guide/appendix/media-formats.html">media network protocols</a> for audio and video playback as specified in the Android SDK documentation. Specifically, devices MUST support the following media network protocols: - </p> - <ul> - <li> - <p> - HTTP(S) progressive streaming<br /> - All required codecs and container formats in <a href="#5_1_media_codecs">section 5.1</a> MUST be supported over HTTP(S) - </p> - </li> - <li> - <p> - <a href="http://tools.ietf.org/html/draft-pantos-http-live-streaming-07">HTTP Live Streaming draft protocol, Version 7</a><br /> - The following media segment formats MUST be supported: - </p> - </li> - </ul> - <table> - <tr> - <th> - Segment formats - </th> - <th> - Reference(s) - </th> - <th> - Required codec support - </th> - </tr> - <tr id="mp2t"> - <td> - MPEG-2 Transport Stream - </td> - <td> - <a href="http://www.iso.org/iso/catalogue_detail?csnumber=44169">ISO 13818</a> - </td> - <td> - Video codecs: - <ul> - <li class="table_list">H264 AVC - </li> - <li class="table_list">MPEG-4 SP - </li> - <li class="table_list">MPEG-2 - </li> - </ul>See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on H264 AVC, MPEG2-4 SP,<br /> - and MPEG-2. - <p> - Audio codecs: - </p> - <ul> - <li class="table_list">AAC - </li> - </ul>See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AAC and its variants. - </td> - </tr> - <tr> - <td> - AAC with ADTS framing and ID3 tags - </td> - <td> - <a href="http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=43345">ISO 13818-7</a> - </td> - <td> - See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AAC and its variants - </td> - </tr> - <tr> - <td> - WebVTT - </td> - <td> - <a href="http://dev.w3.org/html5/webvtt/">WebVTT</a> - </td> - <td></td> - </tr> - </table> - <ul> - <li> - <p> - RTSP (RTP, SDP) - </p> - <p> - The following RTP audio video profile and related codecs MUST be supported. For exceptions please see the table footnotes in <a href="#5_1_media_codecs">section 5.1</a> . - </p> - </li> - </ul> - <table> - <tr> - <th> - Profile name - </th> - <th> - Reference(s) - </th> - <th> - Required codec support - </th> - </tr> - <tr> - <td> - H264 AVC - </td> - <td> - <a href="https://tools.ietf.org/html/rfc6184">RFC 6184</a> - </td> - <td> - See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on H264 AVC - </td> - </tr> - <tr> - <td> - MP4A-LATM - </td> - <td> - <a href="https://tools.ietf.org/html/rfc6416">RFC 6416</a> - </td> - <td> - See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AAC and its variants - </td> - </tr> - <tr> - <td> - H263-1998 - </td> - <td> - <a href="https://tools.ietf.org/html/rfc3551">RFC 3551</a><br /> - <a href="https://tools.ietf.org/html/rfc4629">RFC 4629</a><br /> - <a href="https://tools.ietf.org/html/rfc2190">RFC 2190</a> - </td> - <td> - See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on H263 - </td> - </tr> - <tr> - <td> - H263-2000 - </td> - <td> - <a href="https://tools.ietf.org/html/rfc4629">RFC 4629</a> - </td> - <td> - See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on H263 - </td> - </tr> - <tr> - <td> - AMR - </td> - <td> - <a href="https://tools.ietf.org/html/rfc4867">RFC 4867</a> - </td> - <td> - See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AMR-NB - </td> - </tr> - <tr> - <td> - AMR-WB - </td> - <td> - <a href="https://tools.ietf.org/html/rfc4867">RFC 4867</a> - </td> - <td> - See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AMR-WB - </td> - </tr> - <tr> - <td> - MP4V-ES - </td> - <td> - <a href="https://tools.ietf.org/html/rfc6416">RFC 6416</a> - </td> - <td> - See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on MPEG-4 SP - </td> - </tr> - <tr> - <td> - mpeg4-generic - </td> - <td> - <a href="https://tools.ietf.org/html/rfc3640">RFC 3640</a> - </td> - <td> - See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AAC and its variants - </td> - </tr> - <tr> - <td> - MP2T - </td> - <td> - <a href="https://tools.ietf.org/html/rfc2250">RFC 2250</a> - </td> - <td> - See <a href="#mp2t">MPEG-2 Transport Stream</a> underneath HTTP Live Streaming for details - </td> - </tr> - </table> - <h3 id="5_8_secure_media"> - 5.8. Secure Media - </h3> - <p> - Device implementations that support secure video output and are capable of supporting secure surfaces MUST declare support for Display.FLAG_SECURE. Device implementations that declare support for Display.FLAG_SECURE, if they support a wireless display protocol, MUST secure the link with a cryptographically strong mechanism such as HDCP 2.x or higher for Miracast wireless displays. Similarly if they support a wired external display, the device implementations MUST support HDCP 1.2 or higher. Android Television device implementations MUST support HDCP 2.2 for devices supporting 4K resolution and HDCP 1.4 or above for lower resolutions. The upstream Android open source implementation includes support for wireless (Miracast) and wired (HDMI) displays that satisfies this requirement. - </p> - <h3 id="5_9_musical_instrument_digital_interface_(midi)"> - 5.9. Musical Instrument Digital Interface (MIDI) - </h3> - <p> - If a device implementation supports the inter-app MIDI software transport (virtual MIDI devices), and it supports MIDI over <em>all</em> of the following MIDI-capable hardware transports for which it provides generic non-MIDI connectivity, it is STRONGLY RECOMMENDED to report support for feature android.software.midi via the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class. - </p> - <p> - The MIDI-capable hardware transports are: - </p> - <ul> - <li>USB host mode (section 7.7 USB) - </li> - <li>USB peripheral mode (section 7.7 USB) - </li> - <li>MIDI over Bluetooth LE acting in central role (section 7.4.3 Bluetooth) - </li> - </ul> - <p> - Conversely, if the device implementation provides generic non-MIDI connectivity over a particular MIDI-capable hardware transport listed above, but does not support MIDI over that hardware transport, it MUST NOT report support for feature android.software.midi. - </p> - <h3 id="5_10_professional_audio"> - 5.10. Professional Audio - </h3> - <p> - If a device implementation meets <em>all</em> of the following requirements, it is STRONGLY RECOMMENDED to report support for feature android.hardware.audio.pro via the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class. - </p> - <ul> - <li>The device implementation MUST report support for feature android.hardware.audio.low_latency. - </li> - <li>The continuous round-trip audio latency, as defined in section 5.6 Audio Latency, MUST be 20 milliseconds or less and SHOULD be 10 milliseconds or less over at least one supported path. - </li> - <li>If the device includes a 4 conductor 3.5mm audio jack, the continuous round-trip audio latency MUST be 20 milliseconds or less over the audio jack path, and SHOULD be 10 milliseconds or less over at the audio jack path. - </li> - <li>The device implementation MUST include a USB port(s) supporting USB host mode and USB peripheral mode. - </li> - <li>The USB host mode MUST implement the USB audio class. - </li> - <li>If the device includes an HDMI port, the device implementation MUST support output in stereo and eight channels at 20-bit or 24-bit depth and 192 kHz without bit-depth loss or resampling. - </li> - <li>The device implementation MUST report support for feature android.software.midi. - </li> - <li>If the device includes a 4 conductor 3.5mm audio jack, the device implementation is STRONGLY RECOMMENDED to comply with section <a href="https://source.android.com/accessories/headset/specification.html#mobile_device_jack_specifications">Mobile device (jack) specifications</a> of the <a href="https://source.android.com/accessories/headset/specification.html">Wired Audio Headset Specification (v1.1)</a> . - </li> - </ul> - <p> - Latencies and USB audio requirements MUST be met using the <a href="https://developer.android.com/ndk/guides/audio/opensl-for-android.html">OpenSL ES</a> PCM buffer queue API. - </p> - <p> - In addition, a device implementation that reports support for this feature SHOULD: - </p> - <ul> - <li>Provide a sustainable level of CPU performance while audio is active. - </li> - <li>Minimize audio clock inaccuracy and drift relative to standard time. - </li> - <li>Minimize audio clock drift relative to the CPU <code>CLOCK_MONOTONIC</code> when both are active. - </li> - <li>Minimize audio latency over on-device transducers. - </li> - <li>Minimize audio latency over USB digital audio. - </li> - <li>Document audio latency measurements over all paths. - </li> - <li>Minimize jitter in audio buffer completion callback entry times, as this affects usable percentage of full CPU bandwidth by the callback. - </li> - <li>Provide zero audio underruns (output) or overruns (input) under normal use at reported latency. - </li> - <li>Provide zero inter-channel latency difference. - </li> - <li>Minimize MIDI mean latency over all transports. - </li> - <li>Minimize MIDI latency variability under load (jitter) over all transports. - </li> - <li>Provide accurate MIDI timestamps over all transports. - </li> - <li>Minimize audio signal noise over on-device transducers, including the period immediately after cold start. - </li> - <li>Provide zero audio clock difference between the input and output sides of corresponding end-points, when both are active. Examples of corresponding end-points include the on-device microphone and speaker, or the audio jack input and output. - </li> - <li>Handle audio buffer completion callbacks for the input and output sides of corresponding end-points on the same thread when both are active, and enter the output callback immediately after the return from the input callback. Or if it is not feasible to handle the callbacks on the same thread, then enter the output callback shortly after entering the input callback to permit the application to have a consistent timing of the input and output sides. - </li> - <li>Minimize the phase difference between HAL audio buffering for the input and output sides of corresponding end-points. - </li> - <li>Minimize touch latency. - </li> - <li>Minimize touch latency variability under load (jitter). - </li> - </ul> - <h3 id="5_11_capture_for_unprocessed"> - 5.11. Capture for Unprocessed - </h3> - <p> - Starting from Android 7.0, a new recording source has been added. It can be accessed using the <code>android.media.MediaRecorder.AudioSource.UNPROCESSED</code> audio source. In OpenSL ES, it can be accessed with the record preset <code>SL_ANDROID_RECORDING_PRESET_UNPROCESSED</code> . - </p> - <p> - A device MUST satisfy all of the following requirements to report support of the unprocessed audio source via the <code>android.media.AudioManager</code> property <a href="http://developer.android.com/reference/android/media/AudioManager.html#PROPERTY_SUPPORT_AUDIO_SOURCE_UNPROCESSED">PROPERTY_SUPPORT_AUDIO_SOURCE_UNPROCESSED</a> : - </p> - <ul> - <li> - <p> - The device MUST exhibit approximately flat amplitude-versus-frequency characteristics in the mid-frequency range: specifically ±10dB from 100 Hz to 7000 Hz. - </p> - </li> - <li> - <p> - The device MUST exhibit amplitude levels in the low frequency range: specifically from ±20 dB from 5 Hz to 100 Hz compared to the mid-frequency range. - </p> - </li> - <li> - <p> - The device MUST exhibit amplitude levels in the high frequency range: specifically from ±30 dB from 7000 Hz to 22 KHz compared to the mid-frequency range. - </p> - </li> - <li> - <p> - Audio input sensitivity MUST be set such that a 1000 Hz sinusoidal tone source played at 94 dB Sound Pressure Level (SPL) yields a response with RMS of 520 for 16 bit-samples (or -36 dB Full Scale for floating point/double precision samples). - </p> - </li> - <li> - <p> - SNR > 60 dB (difference between 94 dB SPL and equivalent SPL of self noise, A-weighted). - </p> - </li> - <li> - <p> - Total harmonic distortion MUST be less than 1% for 1 kHZ at 90 dB SPL input level at the microphone. - </p> - </li> - <li> - <p> - The only signal processing allowed in the path is a level multiplier to bring the level to desired range. This level multiplier MUST NOT introduce delay or latency to the signal path. - </p> - </li> - <li> - <p> - No other signal processing is allowed in the path, such as Automatic Gain Control, High Pass Filter, or Echo Cancellation. If any signal processing is present in the architecture for any reason, it MUST be disabled and effectively introduce zero delay or extra latency to the signal path. - </p> - </li> - </ul> - <p> - All SPL measurements are made directly next to the microphone under test. - </p> - <p> - For multiple microphone configurations, these requirements apply to each microphone. - </p> - <p> - It is STRONGLY RECOMMENDED that a device satisfy as many of the requirements for the signal path for the unprocessed recording source; however, a device must satisfy <em>all</em> of these requirements, listed above, if it claims to support the unprocessed audio source. - </p> - <h2 id="6_developer_tools_and_options_compatibility"> - 6. Developer Tools and Options Compatibility - </h2> - <h3 id="6_1_developer_tools"> - 6.1. Developer Tools - </h3> - <p> - Device implementations MUST support the Android Developer Tools provided in the Android SDK. Android compatible devices MUST be compatible with: - </p> - <ul> - <li> - <a href="http://developer.android.com/tools/help/adb.html"><strong>Android Debug Bridge (adb)</strong></a> + </td> + </tr> + <tr> + <td> + Vorbis + </td> + <td></td> + <td> + REQUIRED + </td> + <td></td> + <td> <ul> - <li>Device implementations MUST support all adb functions as documented in the Android SDK including <a href="https://source.android.com/devices/input/diagnostics.html">dumpsys</a> . + <li class="table_list">Ogg (.ogg) </li> - <li>The device-side adb daemon MUST be inactive by default and there MUST be a user-accessible mechanism to turn on the Android Debug Bridge. If a device implementation omits USB peripheral mode, it MUST implement the Android Debug Bridge via local-area network (such as Ethernet or 802.11). - </li> - <li>Android includes support for secure adb. Secure adb enables adb on known authenticated hosts. Device implementations MUST support secure adb. + <li class="table_list">Matroska (.mkv, Android 4.0+) </li> </ul> - </li> - <li> - <a href="http://developer.android.com/tools/debugging/ddms.html"><strong>Dalvik Debug Monitor Service (ddms)</strong></a> + </td> + </tr> + <tr> + <td> + PCM/WAVE + </td> + <td> + REQUIRED<sup>4</sup><br /> + (Android 4.1+) + </td> + <td> + REQUIRED + </td> + <td> + 16-bit linear PCM (rates up to limit of hardware). Devices MUST support sampling rates for raw PCM recording at 8000, 11025, 16000, and 44100 Hz frequencies. + </td> + <td> + WAVE (.wav) + </td> + </tr> + <tr> + <td> + Opus + </td> + <td></td> + <td> + REQUIRED<br /> + (Android 5.0+) + </td> + <td></td> + <td> + Matroska (.mkv), Ogg(.ogg) + </td> + </tr> + </table> + <p class="table_footnote"> + 1 Required for device implementations that define android.hardware.microphone but optional for Android Watch device implementations. + </p> + <p class="table_footnote"> + 2 Recording or playback MAY be performed in mono or stereo, but the decoding of AAC input buffers of multichannel streams (i.e. more than two channels) to PCM through the default AAC audio decoder in the android.media.MediaCodec API, the following MUST be supported: + </p> + <ul> + <li>decoding is performed without downmixing (e.g. a 5.0 AAC stream must be decoded to five channels of PCM, a 5.1 AAC stream must be decoded to six channels of PCM), + </li> + <li>dynamic range metadata, as defined in "Dynamic Range Control (DRC)" in ISO/IEC 14496-3, and the android.media.MediaFormat DRC keys to configure the dynamic range-related behaviors of the audio decoder. The AAC DRC keys were introduced in API 21,and are: KEY_AAC_DRC_ATTENUATION_FACTOR, KEY_AAC_DRC_BOOST_FACTOR, KEY_AAC_DRC_HEAVY_COMPRESSION, KEY_AAC_DRC_TARGET_REFERENCE_LEVEL and KEY_AAC_ENCODED_TARGET_LEVEL + </li> + </ul> + <p class="table_footnote"> + 3 Required for Android Handheld device implementations. + </p> + <p class="table_footnote"> + 4 Required for device implementations that define android.hardware.microphone, including Android Watch device implementations. + </p> + <h3> + 5.1.2. Image Codecs + </h3> + <table> + <tr> + <th> + Format/Codec + </th> + <th> + Encoder + </th> + <th> + Decoder + </th> + <th> + Details + </th> + <th> + Supported File Types/Container Formats + </th> + </tr> + <tr> + <td> + JPEG + </td> + <td> + REQUIRED + </td> + <td> + REQUIRED + </td> + <td> + Base+progressive + </td> + <td> + JPEG (.jpg) + </td> + </tr> + <tr> + <td> + GIF + </td> + <td></td> + <td> + REQUIRED + </td> + <td></td> + <td> + GIF (.gif) + </td> + </tr> + <tr> + <td> + PNG + </td> + <td> + REQUIRED + </td> + <td> + REQUIRED + </td> + <td></td> + <td> + PNG (.png) + </td> + </tr> + <tr> + <td> + BMP + </td> + <td></td> + <td> + REQUIRED + </td> + <td></td> + <td> + BMP (.bmp) + </td> + </tr> + <tr> + <td> + WebP + </td> + <td> + REQUIRED + </td> + <td> + REQUIRED + </td> + <td></td> + <td> + WebP (.webp) + </td> + </tr> + <tr> + <td> + Raw + </td> + <td></td> + <td> + REQUIRED + </td> + <td></td> + <td> + ARW (.arw), CR2 (.cr2), DNG (.dng), NEF (.nef), NRW (.nrw), ORF (.orf), PEF (.pef), RAF (.raf), RW2 (.rw2), SRW (.srw) + </td> + </tr> + </table> + <h3 id="5_1_3_video_codecs"> + 5.1.3. Video Codecs + </h3> + <ul> + <li> + <p> + Codecs advertising HDR profile support MUST support HDR static metadata parsing and handling. + </p> + </li> + <li> + <p> + If a media codec advertises intra refresh support, then it MUST support the refresh periods in the range of 10 - 60 frames and accurately operate within 20% of configured refresh period. + </p> + </li> + <li> + <p> + Video codecs MUST support output and input bytebuffer sizes that accommodate the largest feasible compressed and uncompressed frame as dictated by the standard and configuration but also not overallocate. + </p> + </li> + <li> + <p> + Video encoders and decoders MUST support YUV420 flexible color format (COLOR_FormatYUV420Flexible). + </p> + </li> + </ul> + <table> + <tr> + <th> + Format/Codec + </th> + <th> + Encoder + </th> + <th> + Decoder + </th> + <th> + Details + </th> + <th> + Supported File Types/<br /> + Container Formats + </th> + </tr> + <tr> + <td> + H.263 + </td> + <td> + MAY + </td> + <td> + MAY + </td> + <td></td> + <td> <ul> - <li>Device implementations MUST support all ddms features as documented in the Android SDK. + <li class="table_list">3GPP (.3gp) </li> - <li>As ddms uses adb, support for ddms SHOULD be inactive by default, but MUST be supported whenever the user has activated the Android Debug Bridge, as above. + <li class="table_list">MPEG-4 (.mp4) </li> </ul> - </li> - <li> - <a href="http://developer.android.com/tools/help/monkey.html"><strong>Monkey</strong></a> Device implementations MUST include the Monkey framework, and make it available for applications to use. - </li> - <li> - <a href="http://developer.android.com/tools/help/systrace.html"><strong>SysTrace</strong></a> + </td> + </tr> + <tr> + <td> + H.264 AVC + </td> + <td> + REQUIRED<sup>2</sup> + </td> + <td> + REQUIRED<sup>2</sup> + </td> + <td> + See <a href="#5_2_video_encoding">section 5.2</a> and <a href="#5_3_video_decoding">5.3</a> for details + </td> + <td> <ul> - <li>Device implementations MUST support systrace tool as documented in the Android SDK. Systrace must be inactive by default, and there MUST be a user-accessible mechanism to turn on Systrace. + <li class="table_list">3GPP (.3gp) </li> - <li>Most Linux-based systems and Apple Macintosh systems recognize Android devices using the standard Android SDK tools, without additional support; however Microsoft Windows systems typically require a driver for new Android devices. (For instance, new vendor IDs and sometimes new device IDs require custom USB drivers for Windows systems.) + <li class="table_list">MPEG-4 (.mp4) </li> - <li>If a device implementation is unrecognized by the adb tool as provided in the standard Android SDK, device implementers MUST provide Windows drivers allowing developers to connect to the device using the adb protocol. These drivers MUST be provided for Windows XP, Windows Vista, Windows 7, Windows 8, and Windows 10 in both 32-bit and 64-bit versions. + <li class="table_list">MPEG-2 TS (.ts, AAC audio only, not seekable, Android 3.0+) </li> </ul> - </li> - </ul> - <h3 id="6_2_developer_options"> - 6.2. Developer Options - </h3> - <p> - Android includes support for developers to configure application development-related settings. Device implementations MUST honor the <a href="http://developer.android.com/reference/android/provider/Settings.html#ACTION_APPLICATION_DEVELOPMENT_SETTINGS">android.settings.APPLICATION_DEVELOPMENT_SETTINGS</a> intent to show application development-related settings The upstream Android implementation hides the Developer Options menu by default and enables users to launch Developer Options after pressing seven (7) times on the <strong>Settings</strong> > <strong>About Device</strong> > <strong>Build Number</strong> menu item. Device implementations MUST provide a consistent experience for Developer Options. Specifically, device implementations MUST hide Developer Options by default and MUST provide a mechanism to enable Developer Options that is consistent with the upstream Android implementation. - </p> - <div class="note"> - Android Automotive implementations MAY limit access to the Developer Options menu by visually hiding or disabling the menu when the vehicle is in motion. - </div> - <h2 id="7_hardware_compatibility"> - 7. Hardware Compatibility - </h2> - <p> - If a device includes a particular hardware component that has a corresponding API for third-party developers, the device implementation MUST implement that API as described in the Android SDK documentation. If an API in the SDK interacts with a hardware component that is stated to be optional and the device implementation does not possess that component: - </p> - <ul> - <li>Complete class definitions (as documented by the SDK) for the component APIs MUST still be presented. - </li> - <li>The API’s behaviors MUST be implemented as no-ops in some reasonable fashion. - </li> - <li>API methods MUST return null values where permitted by the SDK documentation. - </li> - <li>API methods MUST return no-op implementations of classes where null values are not permitted by the SDK documentation. - </li> - <li>API methods MUST NOT throw exceptions not documented by the SDK documentation. - </li> - </ul> - <p> - A typical example of a scenario where these requirements apply is the telephony API: Even on non-phone devices, these APIs must be implemented as reasonable no-ops. - </p> - <p> - Device implementations MUST consistently report accurate hardware configuration information via the getSystemAvailableFeatures() and hasSystemFeature(String) methods on the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class for the same build fingerprint. - </p> - <h3 id="7_1_display_and_graphics"> - 7.1. Display and Graphics - </h3> - <p> - Android includes facilities that automatically adjust application assets and UI layouts appropriately for the device to ensure that third-party applications run well on a <a href="http://developer.android.com/guide/practices/screens_support.html">variety of hardware configurations</a> . Devices MUST properly implement these APIs and behaviors, as detailed in this section. - </p> - <p> - The units referenced by the requirements in this section are defined as follows: - </p> - <ul> - <li> - <strong>physical diagonal size</strong> . The distance in inches between two opposing corners of the illuminated portion of the display. - </li> - <li> - <strong>dots per inch (dpi)</strong> . The number of pixels encompassed by a linear horizontal or vertical span of 1”. Where dpi values are listed, both horizontal and vertical dpi must fall within the range. - </li> - <li> - <strong>aspect ratio</strong> . The ratio of the pixels of the longer dimension to the shorter dimension of the screen. For example, a display of 480x854 pixels would be 854/480 = 1.779, or roughly “16:9”. - </li> - <li> - <strong>density-independent pixel (dp)</strong> . The virtual pixel unit normalized to a 160 dpi screen, calculated as: pixels = dps * (density/160). - </li> - </ul> - <h4 id="7_1_1_screen_configuration"> - 7.1.1. Screen Configuration - </h4> - <h5 id="7_1_1_1_screen_size"> - 7.1.1.1. Screen Size - </h5> - <div class="note"> - Android Watch devices (detailed in <a href="#2_device_types">section 2</a> ) MAY have smaller screen sizes as described in this section. - </div> - <p> - The Android UI framework supports a variety of different screen sizes, and allows applications to query the device screen size (aka “screen layout") via android.content.res.Configuration.screenLayout with the SCREENLAYOUT_SIZE_MASK. Device implementations MUST report the correct <a href="http://developer.android.com/guide/practices/screens_support.html">screen size</a> as defined in the Android SDK documentation and determined by the upstream Android platform. Specifically, device implementations MUST report the correct screen size according to the following logical density-independent pixel (dp) screen dimensions. - </p> - <ul> - <li>Devices MUST have screen sizes of at least 426 dp x 320 dp (‘small’), unless it is an Android Watch device. - </li> - <li>Devices that report screen size ‘normal’ MUST have screen sizes of at least 480 dp x 320 dp. - </li> - <li>Devices that report screen size ‘large’ MUST have screen sizes of at least 640 dp x 480 dp. - </li> - <li>Devices that report screen size ‘xlarge’ MUST have screen sizes of at least 960 dp x 720 dp. - </li> - </ul> - <p> - In addition: - </p> - <ul> - <li>Android Watch devices MUST have a screen with the physical diagonal size in the range from 1.1 to 2.5 inches. - </li> - <li>Android Automotive devices MUST have a screen with the physical diagonal size greater than or equal to 6 inches. - </li> - <li>Android Automotive devices MUST have a screen size of at least 750 dp x 480 dp. - </li> - <li>Other types of Android device implementations, with a physically integrated screen, MUST have a screen at least 2.5 inches in physical diagonal size. - </li> - </ul> - <p> - Devices MUST NOT change their reported screen size at any time. - </p> - <p> - Applications optionally indicate which screen sizes they support via the <supports-screens> attribute in the AndroidManifest.xml file. Device implementations MUST correctly honor applications' stated support for small, normal, large, and xlarge screens, as described in the Android SDK documentation. - </p> - <h5 id="7_1_1_2_screen_aspect_ratio"> - 7.1.1.2. Screen Aspect Ratio - </h5> - <div class="note"> - Android Watch devices MAY have an aspect ratio of 1.0 (1:1). - </div> - <p> - The screen aspect ratio MUST be a value from 1.3333 (4:3) to 1.86 (roughly 16:9), but Android Watch devices MAY have an aspect ratio of 1.0 (1:1) because such a device implementation will use a UI_MODE_TYPE_WATCH as the android.content.res.Configuration.uiMode. - </p> - <h5 id="7_1_1_3_screen_density"> - 7.1.1.3. Screen Density - </h5> - <p> - The Android UI framework defines a set of standard logical densities to help application developers target application resources. Device implementations MUST report only one of the following logical Android framework densities through the android.util.DisplayMetrics APIs, and MUST execute applications at this standard density and MUST NOT change the value at at any time for the default display. - </p> - <ul> - <li>120 dpi (ldpi) - </li> - <li>160 dpi (mdpi) - </li> - <li>213 dpi (tvdpi) - </li> - <li>240 dpi (hdpi) - </li> - <li>280 dpi (280dpi) - </li> - <li>320 dpi (xhdpi) - </li> - <li>360 dpi (360dpi) - </li> - <li>400 dpi (400dpi) - </li> - <li>420 dpi (420dpi) - </li> - <li>480 dpi (xxhdpi) - </li> - <li>560 dpi (560dpi) - </li> - <li>640 dpi (xxxhdpi) - </li> - </ul> - <p> - Device implementations SHOULD define the standard Android framework density that is numerically closest to the physical density of the screen, unless that logical density pushes the reported screen size below the minimum supported. If the standard Android framework density that is numerically closest to the physical density results in a screen size that is smaller than the smallest supported compatible screen size (320 dp width), device implementations SHOULD report the next lowest standard Android framework density. - </p> - <p> - Device implementations are STRONGLY RECOMMENDED to provide users a setting to change the display size. If there is an implementation to change the display size of the device, it MUST align with the AOSP implementation as indicated below: - </p> - <ul> - <li>The display size MUST NOT be scaled any larger than 1.5 times the native density or produce an effective minimum screen dimension smaller than 320dp (equivalent to resource qualifier sw320dp), whichever comes first. - </li> - <li>Display size MUST NOT be scaled any smaller than 0.85 times the native density. - </li> - <li>To ensure good usability and consistent font sizes, it is RECOMMENDED that the following scaling of Native Display options be provided (while complying with the limits specified above) - </li> - <li>Small: 0.85x - </li> - <li>Default: 1x (Native display scale) - </li> - <li>Large: 1.15x - </li> - <li>Larger: 1.3x - </li> - <li>Largest 1.45x - </li> - </ul> - <h4 id="7_1_2_display_metrics"> - 7.1.2. Display Metrics - </h4> - <p> - Device implementations MUST report correct values for all display metrics defined in <a href="http://developer.android.com/reference/android/util/DisplayMetrics.html">android.util.DisplayMetrics</a> and MUST report the same values regardless of whether the embedded or external screen is used as the default display. - </p> - <h4 id="7_1_3_screen_orientation"> - 7.1.3. Screen Orientation - </h4> - <p> - Devices MUST report which screen orientations they support (android.hardware.screen.portrait and/or android.hardware.screen.landscape) and MUST report at least one supported orientation. For example, a device with a fixed orientation landscape screen, such as a television or laptop, SHOULD only report android.hardware.screen.landscape. - </p> - <p> - Devices that report both screen orientations MUST support dynamic orientation by applications to either portrait or landscape screen orientation. That is, the device must respect the application’s request for a specific screen orientation. Device implementations MAY select either portrait or landscape orientation as the default. - </p> - <p> - Devices MUST report the correct value for the device’s current orientation, whenever queried via the android.content.res.Configuration.orientation, android.view.Display.getOrientation(), or other APIs. - </p> - <p> - Devices MUST NOT change the reported screen size or density when changing orientation. - </p> - <h4 id="7_1_4_2d_and_3d_graphics_acceleration"> - 7.1.4. 2D and 3D Graphics Acceleration - </h4> - <p> - Device implementations MUST support both OpenGL ES 1.0 and 2.0, as embodied and detailed in the Android SDK documentations. Device implementations SHOULD support OpenGL ES 3.0, 3.1, or 3.2 on devices capable of supporting it. Device implementations MUST also support <a href="http://developer.android.com/guide/topics/renderscript/">Android RenderScript</a> , as detailed in the Android SDK documentation. - </p> - <p> - Device implementations MUST also correctly identify themselves as supporting OpenGL ES 1.0, OpenGL ES 2.0, OpenGL ES 3.0, OpenGL 3.1, or OpenGL 3.2. That is: - </p> - <ul> - <li>The managed APIs (such as via the GLES10.getString() method) MUST report support for OpenGL ES 1.0 and OpenGL ES 2.0. - </li> - <li>The native C/C++ OpenGL APIs (APIs available to apps via libGLES_v1CM.so, libGLES_v2.so, or libEGL.so) MUST report support for OpenGL ES 1.0 and OpenGL ES 2.0. - </li> - <li>Device implementations that declare support for OpenGL ES 3.0, 3.1, or 3.2 MUST support the corresponding managed APIs and include support for native C/C++ APIs. On device implementations that declare support for OpenGL ES 3.0, 3.1, or 3.2 libGLESv2.so MUST export the corresponding function symbols in addition to the OpenGL ES 2.0 function symbols. - </li> - </ul> - <p> - Android provides an OpenGL ES <a href="https://developer.android.com/reference/android/opengl/GLES31Ext.html">extension pack</a> with Java interfaces and native support for advanced graphics functionality such as tessellation and the ASTC texture compression format. Android device implementations MUST support the extension pack if the device supports OpenGL ES 3.2 and MAY support it otherwise. If the extension pack is supported in its entirety, the device MUST identify the support through the <code>android.hardware.opengles.aep</code> feature flag. - </p> - <p> - Also, device implementations MAY implement any desired OpenGL ES extensions. However, device implementations MUST report via the OpenGL ES managed and native APIs all extension strings that they do support, and conversely MUST NOT report extension strings that they do not support. - </p> - <p> - Note that Android includes support for applications to optionally specify that they require specific OpenGL texture compression formats. These formats are typically vendor-specific. Device implementations are not required by Android to implement any specific texture compression format. However, they SHOULD accurately report any texture compression formats that they do support, via the getString() method in the OpenGL API. - </p> - <p> - Android includes a mechanism for applications to declare that they want to enable hardware acceleration for 2D graphics at the Application, Activity, Window, or View level through the use of a manifest tag <a href="http://developer.android.com/guide/topics/graphics/hardware-accel.html">android:hardwareAccelerated</a> or direct API calls. - </p> - <p> - Device implementations MUST enable hardware acceleration by default, and MUST disable hardware acceleration if the developer so requests by setting android:hardwareAccelerated="false” or disabling hardware acceleration directly through the Android View APIs. - </p> - <p> - In addition, device implementations MUST exhibit behavior consistent with the Android SDK documentation on <a href="http://developer.android.com/guide/topics/graphics/hardware-accel.html">hardware acceleration</a> . - </p> - <p> - Android includes a TextureView object that lets developers directly integrate hardware-accelerated OpenGL ES textures as rendering targets in a UI hierarchy. Device implementations MUST support the TextureView API, and MUST exhibit consistent behavior with the upstream Android implementation. - </p> - <p> - Android includes support for EGL_ANDROID_RECORDABLE, an EGLConfig attribute that indicates whether the EGLConfig supports rendering to an ANativeWindow that records images to a video. Device implementations MUST support <a href="https://www.khronos.org/registry/egl/extensions/ANDROID/EGL_ANDROID_recordable.txt">EGL_ANDROID_RECORDABLE</a> extension. - </p> - <h4 id="7_1_5_legacy_application_compatibility_mode"> - 7.1.5. Legacy Application Compatibility Mode - </h4> - <p> - Android specifies a “compatibility mode” in which the framework operates in a 'normal' screen size equivalent (320dp width) mode for the benefit of legacy applications not developed for old versions of Android that pre-date screen-size independence. - </p> - <ul> - <li>Android Automotive does not support legacy compatibility mode. - </li> - <li>All other device implementations MUST include support for legacy application compatibility mode as implemented by the upstream Android open source code. That is, device implementations MUST NOT alter the triggers or thresholds at which compatibility mode is activated, and MUST NOT alter the behavior of the compatibility mode itself. - </li> - </ul> - <h4 id="7_1_6_screen_technology"> - 7.1.6. Screen Technology - </h4> - <p> - The Android platform includes APIs that allow applications to render rich graphics to the display. Devices MUST support all of these APIs as defined by the Android SDK unless specifically allowed in this document. - </p> - <ul> - <li>Devices MUST support displays capable of rendering 16-bit color graphics and SHOULD support displays capable of 24-bit color graphics. - </li> - <li>Devices MUST support displays capable of rendering animations. - </li> - <li>The display technology used MUST have a pixel aspect ratio (PAR) between 0.9 and 1.15. That is, the pixel aspect ratio MUST be near square (1.0) with a 10 ~ 15% tolerance. - </li> - </ul> - <h4 id="7_1_7_secondary_displays"> - 7.1.7. Secondary Displays - </h4> - <p> - Android includes support for secondary display to enable media sharing capabilities and developer APIs for accessing external displays. If a device supports an external display either via a wired, wireless, or an embedded additional display connection then the device implementation MUST implement the <a href="http://developer.android.com/reference/android/hardware/display/DisplayManager.html">display manager API</a> as described in the Android SDK documentation. - </p> - <h3 id="7_2_input_devices"> - 7.2. Input Devices - </h3> - <p> - Devices MUST support a touchscreen or meet the requirements listed in 7.2.2 for non-touch navigation. - </p> - <h4 id="7_2_1_keyboard"> - 7.2.1. Keyboard - </h4> - <div class="note"> - Android Watch and Android Automotive implementations MAY implement a soft keyboard. All other device implementations MUST implement a soft keyboard and: - </div> - <p> - Device implementations: - </p> - <ul> - <li>MUST include support for the Input Management Framework (which allows third-party developers to create Input Method Editors—i.e. soft keyboard) as detailed at <a href="http://developer.android.com">http://developer.android.com</a> . - </li> - <li>MUST provide at least one soft keyboard implementation (regardless of whether a hard keyboard is present) except for Android Watch devices where the screen size makes it less reasonable to have a soft keyboard. - </li> - <li>MAY include additional soft keyboard implementations. - </li> - <li>MAY include a hardware keyboard. - </li> - <li>MUST NOT include a hardware keyboard that does not match one of the formats specified in <a href="http://developer.android.com/reference/android/content/res/Configuration.html">android.content.res.Configuration.keyboard</a> (QWERTY or 12-key). - </li> - </ul> - <h4 id="7_2_2_non-touch_navigation"> - 7.2.2. Non-touch Navigation - </h4> - <div class="note"> - Android Television devices MUST support D-pad. - </div> - <p> - Device implementations: - </p> - <ul> - <li>MAY omit a non-touch navigation option (trackball, d-pad, or wheel) if the device implementation is not an Android Television device. - </li> - <li>MUST report the correct value for <a href="http://developer.android.com/reference/android/content/res/Configuration.html">android.content.res.Configuration.navigation</a> . - </li> - <li>MUST provide a reasonable alternative user interface mechanism for the selection and editing of text, compatible with Input Management Engines. The upstream Android open source implementation includes a selection mechanism suitable for use with devices that lack non-touch navigation inputs. - </li> - </ul> - <h4 id="7_2_3_navigation_keys"> - 7.2.3. Navigation Keys - </h4> - <div class="note"> - The availability and visibility requirement of the Home, Recents, and Back functions differ between device types as described in this section. - </div> - <p> - The Home, Recents, and Back functions (mapped to the key events KEYCODE_HOME, KEYCODE_APP_SWITCH, KEYCODE_BACK, respectively) are essential to the Android navigation paradigm and therefore: - </p> - <ul> - <li>Android Handheld device implementations MUST provide the Home, Recents, and Back functions. - </li> - <li>Android Television device implementations MUST provide the Home and Back functions. - </li> - <li>Android Watch device implementations MUST have the Home function available to the user, and the Back function except for when it is in <code>UI_MODE_TYPE_WATCH</code> . - </li> - <li>Android Watch device implementations, and no other Android device types, MAY consume the long press event on the key event <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BACK"><code>KEYCODE_BACK</code></a> and omit it from being sent to the foreground application. - </li> - <li>Android Automotive implementations MUST provide the Home function and MAY provide Back and Recent functions. - </li> - <li>All other types of device implementations MUST provide the Home and Back functions. - </li> - </ul> - <p> - These functions MAY be implemented via dedicated physical buttons (such as mechanical or capacitive touch buttons), or MAY be implemented using dedicated software keys on a distinct portion of the screen, gestures, touch panel, etc. Android supports both implementations. All of these functions MUST be accessible with a single action (e.g. tap, double-click or gesture) when visible. - </p> - <p> - Recents function, if provided, MUST have a visible button or icon unless hidden together with other navigation functions in full-screen mode. This does not apply to devices upgrading from earlier Android versions that have physical buttons for navigation and no recents key. - </p> - <p> - The Home and Back functions, if provided, MUST each have a visible button or icon unless hidden together with other navigation functions in full-screen mode or when the uiMode UI_MODE_TYPE_MASK is set to UI_MODE_TYPE_WATCH. - </p> - <p> - The Menu function is deprecated in favor of action bar since Android 4.0. Therefore the new device implementations shipping with Android 7.1 and later MUST NOT implement a dedicated physical button for the Menu function. Older device implementations SHOULD NOT implement a dedicated physical button for the Menu function, but if the physical Menu button is implemented and the device is running applications with targetSdkVersion > 10, the device implementation: - </p> - <ul> - <li>MUST display the action overflow button on the action bar when it is visible and the resulting action overflow menu popup is not empty. For a device implementation launched before Android 4.4 but upgrading to Android 7.1, this is RECOMMENDED. - </li> - <li>MUST NOT modify the position of the action overflow popup displayed by selecting the overflow button in the action bar. - </li> - <li>MAY render the action overflow popup at a modified position on the screen when it is displayed by selecting the physical menu button. - </li> - </ul> - <p> - For backwards compatibility, device implementations MUST make the Menu function available to applications when targetSdkVersion is less than 10, either by a physical button, a software key, or gestures. This Menu function should be presented unless hidden together with other navigation functions. - </p> - <p> - Android device implementations supporting the <a href="http://developer.android.com/reference/android/content/Intent.html#ACTION_ASSIST">Assist action</a> and/or <a href="https://developer.android.com/reference/android/service/voice/VoiceInteractionService.html"><code>VoiceInteractionService</code></a> MUST be able to launch an assist app with a single interaction (e.g. tap, double-click, or gesture) when other navigation keys are visible. It is STRONGLY RECOMMENDED to use long press on home as this interaction. The designated interaction MUST launch the user-selected assist app, in other words the app that implements a VoiceInteractionService, or an activity handling the ACTION_ASSIST intent. - </p> - <p> - Device implementations MAY use a distinct portion of the screen to display the navigation keys, but if so, MUST meet these requirements: - </p> - <ul> - <li>Device implementation navigation keys MUST use a distinct portion of the screen, not available to applications, and MUST NOT obscure or otherwise interfere with the portion of the screen available to applications. - </li> - <li>Device implementations MUST make available a portion of the display to applications that meets the requirements defined in <a href="#7_1_1_screen_configuration">section 7.1.1</a> . - </li> - <li>Device implementations MUST display the navigation keys when applications do not specify a system UI mode, or specify SYSTEM_UI_FLAG_VISIBLE. - </li> - <li>Device implementations MUST present the navigation keys in an unobtrusive “low profile” (eg. dimmed) mode when applications specify SYSTEM_UI_FLAG_LOW_PROFILE. - </li> - <li>Device implementations MUST hide the navigation keys when applications specify SYSTEM_UI_FLAG_HIDE_NAVIGATION. - </li> - </ul> - <h4 id="7_2_4_touchscreen_input"> - 7.2.4. Touchscreen Input - </h4> - <div class="note"> - Android Handhelds and Watch Devices MUST support touchscreen input. - </div> - <p> - Device implementations SHOULD have a pointer input system of some kind (either mouse-like or touch). However, if a device implementation does not support a pointer input system, it MUST NOT report the android.hardware.touchscreen or android.hardware.faketouch feature constant. Device implementations that do include a pointer input system: - </p> - <ul> - <li>SHOULD support fully independently tracked pointers, if the device input system supports multiple pointers. - </li> - <li>MUST report the value of <a href="http://developer.android.com/reference/android/content/res/Configuration.html">android.content.res.Configuration.touchscreen</a> corresponding to the type of the specific touchscreen on the device. - </li> - </ul> - <p> - Android includes support for a variety of touchscreens, touch pads, and fake touch input devices. <a href="http://source.android.com/devices/tech/input/touch-devices.html">Touchscreen-based device implementations</a> are associated with a display such that the user has the impression of directly manipulating items on screen. Since the user is directly touching the screen, the system does not require any additional affordances to indicate the objects being manipulated. In contrast, a fake touch interface provides a user input system that approximates a subset of touchscreen capabilities. For example, a mouse or remote control that drives an on-screen cursor approximates touch, but requires the user to first point or focus then click. Numerous input devices like the mouse, trackpad, gyro-based air mouse, gyro-pointer, joystick, and multi-touch trackpad can support fake touch interactions. Android includes the feature constant android.hardware.faketouch, which corresponds to a high-fidelity non-touch (pointer-based) input device such as a mouse or trackpad that can adequately emulate touch-based input (including basic gesture support), and indicates that the device supports an emulated subset of touchscreen functionality. Device implementations that declare the fake touch feature MUST meet the fake touch requirements in <a href="#7_2_5_fake_touch_input">section 7.2.5</a> . - </p> - <p> - Device implementations MUST report the correct feature corresponding to the type of input used. Device implementations that include a touchscreen (single-touch or better) MUST report the platform feature constant android.hardware.touchscreen. Device implementations that report the platform feature constant android.hardware.touchscreen MUST also report the platform feature constant android.hardware.faketouch. Device implementations that do not include a touchscreen (and rely on a pointer device only) MUST NOT report any touchscreen feature, and MUST report only android.hardware.faketouch if they meet the fake touch requirements in <a href="#7_2_5_fake_touch_input">section 7.2.5</a> . - </p> - <h4 id="7_2_5_fake_touch_input"> - 7.2.5. Fake Touch Input - </h4> - <p> - Device implementations that declare support for android.hardware.faketouch: - </p> - <ul> - <li>MUST report the <a href="http://developer.android.com/reference/android/view/MotionEvent.html">absolute X and Y screen positions</a> of the pointer location and display a visual pointer on the screen. - </li> - <li>MUST report touch event with the action code that specifies the state change that occurs on the pointer <a href="http://developer.android.com/reference/android/view/MotionEvent.html">going down or up on the screen</a> . - </li> - <li>MUST support pointer down and up on an object on the screen, which allows users to emulate tap on an object on the screen. - </li> - <li>MUST support pointer down, pointer up, pointer down then pointer up in the same place on an object on the screen within a time threshold, which allows users to <a href="http://developer.android.com/reference/android/view/MotionEvent.html">emulate double tap</a> on an object on the screen. - </li> - <li>MUST support pointer down on an arbitrary point on the screen, pointer move to any other arbitrary point on the screen, followed by a pointer up, which allows users to emulate a touch drag. - </li> - <li>MUST support pointer down then allow users to quickly move the object to a different position on the screen and then pointer up on the screen, which allows users to fling an object on the screen. - </li> - </ul> - <p> - Devices that declare support for android.hardware.faketouch.multitouch.distinct MUST meet the requirements for faketouch above, and MUST also support distinct tracking of two or more independent pointer inputs. - </p> - <h4 id="7_2_6_game_controller_support"> - 7.2.6. Game Controller Support - </h4> - <p> - Android Television device implementations MUST support button mappings for game controllers as listed below. The upstream Android implementation includes implementation for game controllers that satisfies this requirement. - </p> - <h5 id="7_2_6_1_button_mappings"> - 7.2.6.1. Button Mappings - </h5> - <p> - Android Television device implementations MUST support the following key mappings: - </p> - <table> - <tr> - <th> - Button - </th> - <th> - HID Usage <sup>2</sup> - </th> - <th> - Android Button - </th> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_A">A</a> <sup>1</sup> - </td> - <td> - 0x09 0x0001 - </td> - <td> - KEYCODE_BUTTON_A (96) - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_B">B</a> <sup>1</sup> - </td> - <td> - 0x09 0x0002 - </td> - <td> - KEYCODE_BUTTON_B (97) - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_X">X</a> <sup>1</sup> - </td> - <td> - 0x09 0x0004 - </td> - <td> - KEYCODE_BUTTON_X (99) - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_Y">Y</a> <sup>1</sup> - </td> - <td> - 0x09 0x0005 - </td> - <td> - KEYCODE_BUTTON_Y (100) - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_DPAD_UP">D-pad up</a> <sup>1</sup><br /> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_DPAD_DOWN">D-pad down</a> <sup>1</sup> - </td> - <td> - 0x01 0x0039 <sup>3</sup> - </td> - <td> - <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_HAT_Y">AXIS_HAT_Y</a> <sup>4</sup> - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_DPAD_LEFT">D-pad left</a> 1<br /> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_DPAD_RIGHT">D-pad right</a> <sup>1</sup> - </td> - <td> - 0x01 0x0039 <sup>3</sup> - </td> - <td> - <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_HAT_X">AXIS_HAT_X</a> <sup>4</sup> - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_L1">Left shoulder button</a> <sup>1</sup> - </td> - <td> - 0x09 0x0007 - </td> - <td> - KEYCODE_BUTTON_L1 (102) - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_R1">Right shoulder button</a> <sup>1</sup> - </td> - <td> - 0x09 0x0008 - </td> - <td> - KEYCODE_BUTTON_R1 (103) - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_THUMBL">Left stick click</a> <sup>1</sup> - </td> - <td> - 0x09 0x000E - </td> - <td> - KEYCODE_BUTTON_THUMBL (106) - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_THUMBR">Right stick click</a> <sup>1</sup> - </td> - <td> - 0x09 0x000F - </td> - <td> - KEYCODE_BUTTON_THUMBR (107) - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_HOME">Home</a> <sup>1</sup> - </td> - <td> - 0x0c 0x0223 - </td> - <td> - KEYCODE_HOME (3) - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BACK">Back</a> <sup>1</sup> - </td> - <td> - 0x0c 0x0224 - </td> - <td> - KEYCODE_BACK (4) - </td> - </tr> - </table> - <p class="table_footnote"> - 1 <a href="http://developer.android.com/reference/android/view/KeyEvent.html">KeyEvent</a> - </p> - <p class="table_footnote"> - 2 The above HID usages must be declared within a Game pad CA (0x01 0x0005). - </p> - <p class="table_footnote"> - 3 This usage must have a Logical Minimum of 0, a Logical Maximum of 7, a Physical Minimum of 0, a Physical Maximum of 315, Units in Degrees, and a Report Size of 4. The logical value is defined to be the clockwise rotation away from the vertical axis; for example, a logical value of 0 represents no rotation and the up button being pressed, while a logical value of 1 represents a rotation of 45 degrees and both the up and left keys being pressed. - </p> - <p class="table_footnote"> - 4 <a href="http://developer.android.com/reference/android/view/MotionEvent.html">MotionEvent</a> - </p> - <table> - <tr> - <th> - Analog Controls <sup>1</sup> - </th> - <th> - HID Usage - </th> - <th> - Android Button - </th> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_LTRIGGER">Left Trigger</a> - </td> - <td> - 0x02 0x00C5 - </td> - <td> - AXIS_LTRIGGER - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_THROTTLE">Right Trigger</a> - </td> - <td> - 0x02 0x00C4 - </td> - <td> - AXIS_RTRIGGER - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_Y">Left Joystick</a> - </td> - <td> - 0x01 0x0030<br /> - 0x01 0x0031 - </td> - <td> - AXIS_X<br /> - AXIS_Y - </td> - </tr> - <tr> - <td> - <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_Z">Right Joystick</a> - </td> - <td> - 0x01 0x0032<br /> - 0x01 0x0035 - </td> - <td> - AXIS_Z<br /> - AXIS_RZ - </td> - </tr> - </table> - <p class="table_footnote"> - 1 <a href="http://developer.android.com/reference/android/view/MotionEvent.html">MotionEvent</a> - </p> - <h4 id="7_2_7_remote_control"> - 7.2.7. Remote Control - </h4> - <p> - Android Television device implementations SHOULD provide a remote control to allow users to access the TV interface. The remote control MAY be a physical remote or can be a software-based remote that is accessible from a mobile phone or tablet. The remote control MUST meet the requirements defined below. - </p> - <ul> - <li> - <strong>Search affordance</strong> . Device implementations MUST fire KEYCODE_SEARCH when the user invokes voice search either on the physical or software-based remote. - </li> - <li> - <strong>Navigation</strong> . All Android Television remotes MUST include <a href="http://developer.android.com/reference/android/view/KeyEvent.html">Back, Home, and Select buttons and support for D-pad events</a> . - </li> - </ul> - <h3 id="7_3_sensors"> - 7.3. Sensors - </h3> - <p> - Android includes APIs for accessing a variety of sensor types. Devices implementations generally MAY omit these sensors, as provided for in the following subsections. If a device includes a particular sensor type that has a corresponding API for third-party developers, the device implementation MUST implement that API as described in the Android SDK documentation and the Android Open Source documentation on <a href="http://source.android.com/devices/sensors/">sensors</a> . For example, device implementations: - </p> - <ul> - <li>MUST accurately report the presence or absence of sensors per the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class. - </li> - <li>MUST return an accurate list of supported sensors via the SensorManager.getSensorList() and similar methods. - </li> - <li>MUST behave reasonably for all other sensor APIs (for example, by returning true or false as appropriate when applications attempt to register listeners, not calling sensor listeners when the corresponding sensors are not present; etc.). - </li> - <li>MUST <a href="http://developer.android.com/reference/android/hardware/SensorEvent.html">report all sensor measurements</a> using the relevant International System of Units (metric) values for each sensor type as defined in the Android SDK documentation. - </li> - <li>SHOULD <a href="http://developer.android.com/reference/android/hardware/SensorEvent.html#timestamp">report the event time</a> in nanoseconds as defined in the Android SDK documentation, representing the time the event happened and synchronized with the SystemClock.elapsedRealtimeNano() clock. Existing and new Android devices are <strong>STRONGLY RECOMMENDED</strong> to meet these requirements so they will be able to upgrade to the future platform releases where this might become a REQUIRED component. The synchronization error SHOULD be below 100 milliseconds. - </li> - <li>MUST report sensor data with a maximum latency of 100 milliseconds + 2 * sample_time for the case of a sensor streamed with a minimum required latency of 5 ms + 2 * sample_time when the application processor is active. This delay does not include any filtering delays. - </li> - <li>MUST report the first sensor sample within 400 milliseconds + 2 * sample_time of the sensor being activated. It is acceptable for this sample to have an accuracy of 0. - </li> - </ul> - <p> - The list above is not comprehensive; the documented behavior of the Android SDK and the Android Open Source Documentations on <a href="http://source.android.com/devices/sensors/">sensors</a> is to be considered authoritative. - </p> - <p> - Some sensor types are composite, meaning they can be derived from data provided by one or more other sensors. (Examples include the orientation sensor and the linear acceleration sensor.) Device implementations SHOULD implement these sensor types, when they include the prerequisite physical sensors as described in <a href="https://source.android.com/devices/sensors/sensor-types.html">sensor types</a> . If a device implementation includes a composite sensor it MUST implement the sensor as described in the Android Open Source documentation on <a href="https://source.android.com/devices/sensors/sensor-types.html#composite_sensor_type_summary">composite sensors</a> . - </p> - <p> - Some Android sensors support a <a href="https://source.android.com/devices/sensors/report-modes.html#continuous">“continuous” trigger mode</a> , which returns data continuously. For any API indicated by the Android SDK documentation to be a continuous sensor, device implementations MUST continuously provide periodic data samples that SHOULD have a jitter below 3%, where jitter is defined as the standard deviation of the difference of the reported timestamp values between consecutive events. - </p> - <p> - Note that the device implementations MUST ensure that the sensor event stream MUST NOT prevent the device CPU from entering a suspend state or waking up from a suspend state. - </p> - <p> - Finally, when several sensors are activated, the power consumption SHOULD NOT exceed the sum of the individual sensor’s reported power consumption. - </p> - <h4 id="7_3_1_accelerometer"> - 7.3.1. Accelerometer - </h4> - <p> - Device implementations SHOULD include a 3-axis accelerometer. Android Handheld devices, Android Automotive implementations, and Android Watch devices are STRONGLY RECOMMENDED to include this sensor. If a device implementation does include a 3-axis accelerometer, it: - </p> - <ul> - <li>MUST implement and report <a href="http://developer.android.com/reference/android/hardware/Sensor.html#TYPE_ACCELEROMETER">TYPE_ACCELEROMETER sensor</a> . - </li> - <li>MUST be able to report events up to a frequency of at least 50 Hz for Android Watch devices as such devices have a stricter power constraint and 100 Hz for all other device types. - </li> - <li>SHOULD report events up to at least 200 Hz. - </li> - <li>MUST comply with the <a href="http://developer.android.com/reference/android/hardware/SensorEvent.html">Android sensor coordinate system</a> as detailed in the Android APIs. Android Automotive implementations MUST comply with the Android <a href="http://source.android.com/devices/sensors/sensor-types.html#auto_axes">car sensor coordinate system</a> . - </li> - <li>MUST be capable of measuring from freefall up to four times the gravity (4g) or more on any axis. - </li> - <li>MUST have a resolution of at least 12-bits and SHOULD have a resolution of at least 16-bits. - </li> - <li>SHOULD be calibrated while in use if the characteristics changes over the life cycle and compensated, and preserve the compensation parameters between device reboots. - </li> - <li>SHOULD be temperature compensated. - </li> - <li>MUST have a standard deviation no greater than 0.05 m/s^, where the standard deviation should be calculated on a per axis basis on samples collected over a period of at least 3 seconds at the fastest sampling rate. - </li> - <li>SHOULD implement the TYPE_SIGNIFICANT_MOTION, TYPE_TILT_DETECTOR, TYPE_STEP_DETECTOR, TYPE_STEP_COUNTER composite sensors as described in the Android SDK document. Existing and new Android devices are <strong>STRONGLY RECOMMENDED</strong> to implement the TYPE_SIGNIFICANT_MOTION composite sensor. If any of these sensors are implemented, the sum of their power consumption MUST always be less than 4 mW and SHOULD each be below 2 mW and 0.5 mW for when the device is in a dynamic or static condition. - </li> - <li>If a gyroscope sensor is included, MUST implement the TYPE_GRAVITY and TYPE_LINEAR_ACCELERATION composite sensors and SHOULD implement the TYPE_GAME_ROTATION_VECTOR composite sensor. Existing and new Android devices are STRONGLY RECOMMENDED to implement the TYPE_GAME_ROTATION_VECTOR sensor. - </li> - <li>MUST implement a TYPE_ROTATION_VECTOR composite sensor, if a gyroscope sensor and a magnetometer sensor is also included. - </li> - </ul> - <h4 id="7_3_2_magnetometer"> - 7.3.2. Magnetometer - </h4> - <p> - Device implementations SHOULD include a 3-axis magnetometer (compass). If a device does include a 3-axis magnetometer, it: - </p> - <ul> - <li>MUST implement the TYPE_MAGNETIC_FIELD sensor and SHOULD also implement TYPE_MAGNETIC_FIELD_UNCALIBRATED sensor. Existing and new Android devices are STRONGLY RECOMMENDED to implement the TYPE_MAGNETIC_FIELD_UNCALIBRATED sensor. - </li> - <li>MUST be able to report events up to a frequency of at least 10 Hz and SHOULD report events up to at least 50 Hz. - </li> - <li>MUST comply with the <a href="http://developer.android.com/reference/android/hardware/SensorEvent.html">Android sensor coordinate system</a> as detailed in the Android APIs. - </li> - <li>MUST be capable of measuring between -900 µT and +900 µT on each axis before saturating. - </li> - <li>MUST have a hard iron offset value less than 700 µT and SHOULD have a value below 200 µT, by placing the magnetometer far from dynamic (current-induced) and static (magnet-induced) magnetic fields. - </li> - <li>MUST have a resolution equal or denser than 0.6 µT and SHOULD have a resolution equal or denser than 0.2 µT. - </li> - <li>SHOULD be temperature compensated. - </li> - <li>MUST support online calibration and compensation of the hard iron bias, and preserve the compensation parameters between device reboots. - </li> - <li>MUST have the soft iron compensation applied—the calibration can be done either while in use or during the production of the device. - </li> - <li>SHOULD have a standard deviation, calculated on a per axis basis on samples collected over a period of at least 3 seconds at the fastest sampling rate, no greater than 0.5 µT. - </li> - <li>MUST implement a TYPE_ROTATION_VECTOR composite sensor, if an accelerometer sensor and a gyroscope sensor is also included. - </li> - <li>MAY implement the TYPE_GEOMAGNETIC_ROTATION_VECTOR sensor if an accelerometer sensor is also implemented. However if implemented, it MUST consume less than 10 mW and SHOULD consume less than 3 mW when the sensor is registered for batch mode at 10 Hz. - </li> - </ul> - <h4 id="7_3_3_gps"> - 7.3.3. GPS - </h4> - <p> - Device implementations SHOULD include a GPS/GNSS receiver. If a device implementation does include a GPS/GNSS receiver and reports the capability to applications through the <code>android.hardware.location.gps</code> feature flag: - </p> - <ul> - <li>It is STRONGLY RECOMMENDED that the device continue to deliver normal GPS/GNSS outputs to applications during an emergency phone call and that location output not be blocked during an emergency phone call. - </li> - <li>It MUST support location outputs at a rate of at least 1 Hz when requested via <code>LocationManager#requestLocationUpdate</code> . - </li> - <li>It MUST be able to determine the location in open-sky conditions (strong signals, negligible multipath, HDOP < 2) within 10 seconds (fast time to first fix), when connected to a 0.5 Mbps or faster data speed internet connection. This requirement is typically met by the use of some form of Assisted or Predicted GPS/GNSS technique to minimize GPS/GNSS lock-on time (Assistance data includes Reference Time, Reference Location and Satellite Ephemeris/Clock). + </td> + </tr> + <tr> + <td> + H.265 HEVC + </td> + <td></td> + <td> + REQUIRED<sup>5</sup> + </td> + <td> + See <a href="#5_3_video_decoding">section 5.3</a> for details + </td> + <td> + MPEG-4 (.mp4) + </td> + </tr> + <tr> + <td> + MPEG-2 + </td> + <td></td> + <td> + STRONGLY RECOMMENDED<sup>6</sup> + </td> + <td> + Main Profile + </td> + <td> + MPEG2-TS + </td> + </tr> + <tr> + <td> + MPEG-4 SP + </td> + <td></td> + <td> + REQUIRED<sup>2</sup> + </td> + <td></td> + <td> + 3GPP (.3gp) + </td> + </tr> + <tr> + <td> + VP8<sup>3</sup> + </td> + <td> + REQUIRED<sup>2</sup><br /> + (Android 4.3+) + </td> + <td> + REQUIRED<sup>2</sup><br /> + (Android 2.3.3+) + </td> + <td> + See <a href="#5_2_video_encoding">section 5.2</a> and <a href="#5_3_video_decoding">5.3</a> for details + </td> + <td> <ul> - <li>After making such a location calculation, it is STRONGLY RECOMMENDED for the device to be able to determine its location, in open sky, within 10 seconds, when location requests are restarted, up to an hour after the initial location calculation, even when the subsequent request is made without a data connection, and/or after a power cycle. + <li class="table_list"> + <a href="http://www.webmproject.org/">WebM (.webm)</a> </li> - </ul> - </li> - <li>In open sky conditions after determining the location, while stationary or moving with less than 1 meter per second squared of acceleration: - <ul> - <li>It MUST be able to determine location within 20 meters, and speed within 0.5 meters per second, at least 95% of the time. - </li> - <li>It MUST simultaneously track and report via <a href="https://developer.android.com/reference/android/location/GnssStatus.Callback.html#GnssStatus.Callback()'">GnssStatus.Callback</a> at least 8 satellites from one constellation. - </li> - <li>It SHOULD be able to simultaneously track at least 24 satellites, from multiple constellations (e.g. GPS + at least one of Glonass, Beidou, Galileo). + <li class="table_list">Matroska (.mkv, Android 4.0+)<sup>4</sup> </li> </ul> - </li> - <li>It MUST report the GNSS technology generation through the test API ‘getGnssYearOfHardware’. - </li> - <li>It is STRONGLY RECOMMENDED to meet and MUST meet all requirements below if the GNSS technology generation is reported as the year "2016" or newer. + </td> + </tr> + <tr> + <td> + VP9 + </td> + <td></td> + <td> + REQUIRED<sup>2</sup><br /> + (Android 4.4+) + </td> + <td> + See <a href="#5_3_video_decoding">section 5.3</a> for details + </td> + <td> <ul> - <li>It MUST report GPS measurements, as soon as they are found, even if a location calculated from GPS/GNSS is not yet reported. + <li class="table_list"> + <a href="http://www.webmproject.org/">WebM (.webm)</a> </li> - <li>It MUST report GPS pseudoranges and pseudorange rates, that, in open-sky conditions after determining the location, while stationary or moving with less than 0.2 meter per second squared of acceleration, are sufficient to calculate position within 20 meters, and speed within 0.2 meters per second, at least 95% of the time. + <li class="table_list">Matroska (.mkv, Android 4.0+)<sup>4</sup> </li> </ul> - </li> - </ul> - <p> - Note that while some of the GPS requirements above are stated as STRONGLY RECOMMENDED, the Compatibility Definition for the next major version is expected to change these to a MUST. - </p> - <h4 id="7_3_4_gyroscope"> - 7.3.4. Gyroscope - </h4> - <p> - Device implementations SHOULD include a gyroscope (angular change sensor). Devices SHOULD NOT include a gyroscope sensor unless a 3-axis accelerometer is also included. If a device implementation includes a gyroscope, it: - </p> - <ul> - <li>MUST implement the TYPE_GYROSCOPE sensor and SHOULD also implement TYPE_GYROSCOPE_UNCALIBRATED sensor. Existing and new Android devices are STRONGLY RECOMMENDED to implement the SENSOR_TYPE_GYROSCOPE_UNCALIBRATED sensor. - </li> - <li>MUST be capable of measuring orientation changes up to 1,000 degrees per second. - </li> - <li>MUST be able to report events up to a frequency of at least 50 Hz for Android Watch devices as such devices have a stricter power constraint and 100 Hz for all other device types. - </li> - <li>SHOULD report events up to at least 200 Hz. - </li> - <li>MUST have a resolution of 12-bits or more and SHOULD have a resolution of 16-bits or more. - </li> - <li>MUST be temperature compensated. - </li> - <li>MUST be calibrated and compensated while in use, and preserve the compensation parameters between device reboots. - </li> - <li>MUST have a variance no greater than 1e-7 rad^2 / s^2 per Hz (variance per Hz, or rad^2 / s). The variance is allowed to vary with the sampling rate, but must be constrained by this value. In other words, if you measure the variance of the gyro at 1 Hz sampling rate it should be no greater than 1e-7 rad^2/s^2. - </li> - <li>MUST implement a TYPE_ROTATION_VECTOR composite sensor, if an accelerometer sensor and a magnetometer sensor is also included. - </li> - <li>If an accelerometer sensor is included, MUST implement the TYPE_GRAVITY and TYPE_LINEAR_ACCELERATION composite sensors and SHOULD implement the TYPE_GAME_ROTATION_VECTOR composite sensor. Existing and new Android devices are STRONGLY RECOMMENDED to implement the TYPE_GAME_ROTATION_VECTOR sensor. - </li> - </ul> - <h4 id="7_3_5_barometer"> - 7.3.5. Barometer - </h4> - <p> - Device implementations SHOULD include a barometer (ambient air pressure sensor). If a device implementation includes a barometer, it: - </p> - <ul> - <li>MUST implement and report TYPE_PRESSURE sensor. - </li> - <li>MUST be able to deliver events at 5 Hz or greater. - </li> - <li>MUST have adequate precision to enable estimating altitude. - </li> - <li>MUST be temperature compensated. - </li> - </ul> - <h4 id="7_3_6_thermometer"> - 7.3.6. Thermometer - </h4> - <p> - Device implementations MAY include an ambient thermometer (temperature sensor). If present, it MUST be defined as SENSOR_TYPE_AMBIENT_TEMPERATURE and it MUST measure the ambient (room) temperature in degrees Celsius. - </p> - <p> - Device implementations MAY but SHOULD NOT include a CPU temperature sensor. If present, it MUST be defined as SENSOR_TYPE_TEMPERATURE, it MUST measure the temperature of the device CPU, and it MUST NOT measure any other temperature. Note the SENSOR_TYPE_TEMPERATURE sensor type was deprecated in Android 4.0. - </p> - <div class="note"> - For Android Automotive implementations, SENSOR_TYPE_AMBIENT_TEMPERATURE MUST measure the temperature inside the vehicle cabin. - </div> - <h4 id="7_3_7_photometer"> - 7.3.7. Photometer - </h4> - <p> - Device implementations MAY include a photometer (ambient light sensor). - </p> - <h4 id="7_3_8_proximity_sensor"> - 7.3.8. Proximity Sensor - </h4> - <p> - Device implementations MAY include a proximity sensor. Devices that can make a voice call and indicate any value other than PHONE_TYPE_NONE in getPhoneType SHOULD include a proximity sensor. If a device implementation does include a proximity sensor, it: - </p> - <ul> - <li>MUST measure the proximity of an object in the same direction as the screen. That is, the proximity sensor MUST be oriented to detect objects close to the screen, as the primary intent of this sensor type is to detect a phone in use by the user. If a device implementation includes a proximity sensor with any other orientation, it MUST NOT be accessible through this API. - </li> - <li>MUST have 1-bit of accuracy or more. - </li> - </ul> - <h4 id="7_3_9_high_fidelity_sensors"> - 7.3.9. High Fidelity Sensors - </h4> - <p> - Device implementations supporting a set of higher quality sensors that can meet all the requirements listed in this section MUST identify the support through the <code>android.hardware.sensor.hifi_sensors</code> feature flag. - </p> - <p> - A device declaring android.hardware.sensor.hifi_sensors MUST support all of the following sensor types meeting the quality requirements as below: - </p> - <ul> - <li>SENSOR_TYPE_ACCELEROMETER + </td> + </tr> + </table> + <p class="table_footnote"> + 1 Required for device implementations that include camera hardware and define android.hardware.camera or android.hardware.camera.front. + </p> + <p class="table_footnote"> + 2 Required for device implementations except Android Watch devices. + </p> + <p class="table_footnote"> + 3 For acceptable quality of web video streaming and video-conference services, device implementations SHOULD use a hardware VP8 codec that meets the <a href="http://www.webmproject.org/hardware/rtc-coding-requirements/">requirements</a>. + </p> + <p class="table_footnote"> + 4 Device implementations SHOULD support writing Matroska WebM files. + </p> + <p class="table_footnote"> + 5 STRONGLY RECOMMENDED for Android Automotive, optional for Android Watch, and required for all other device types. + </p> + <p class="table_footnote"> + 6 Applies only to Android Television device implementations. + </p> + <h2> + 5.2. Video Encoding + </h2> + <div class="note"> + Video codecs are optional for Android Watch device implementations. + </div> + <p> + H.264, VP8, VP9 and HEVC video encoders— + </p> + <ul> + <li>MUST support dynamically configurable bitrates. + </li> + <li>SHOULD support variable frame rates, where video encoder SHOULD determine instantaneous frame duration based on the timestamps of input buffers, and allocate its bit bucket based on that frame duration. + </li> + </ul> + <p> + H.263 and MPEG-4 video encoder SHOULD support dynamically configurable bitrates. + </p> + <p> + All video encoders SHOULD meet the following bitrate targets over two sliding windows: + </p> + <ul> + <li>It SHOULD be not more than ~15% over the bitrate between intraframe (I-frame) intervals. + </li> + <li>It SHOULD be not more than ~100% over the bitrate over a sliding window of 1 second. + </li> + </ul> + <h3> + 5.2.1. H.263 + </h3> + <p> + Android device implementations with H.263 encoders MUST support Baseline Profile Level 45. + </p> + <h3> + 5.2.2. H-264 + </h3> + <p> + Android device implementations with H.264 codec support: + </p> + <ul> + <li>MUST support Baseline Profile Level 3.<br /> + However, support for ASO (Arbitrary Slice Ordering), FMO (Flexible Macroblock Ordering) and RS (Redundant Slices) is OPTIONAL. Moreover, to maintain compatibility with other Android devices, it is RECOMMENDED that ASO, FMO and RS are not used for Baseline Profile by encoders. + </li> + <li>MUST support the SD (Standard Definition) video encoding profiles in the following table. + </li> + <li>SHOULD support Main Profile Level 4. + </li> + <li>SHOULD support the HD (High Definition) video encoding profiles as indicated in the following table. + </li> + <li>In addition, Android Television devices are STRONGLY RECOMMENDED to encode HD 1080p video at 30 fps. + </li> + </ul> + <table> + <tr> + <th></th> + <th> + SD (Low quality) + </th> + <th> + SD (High quality) + </th> + <th> + HD 720p<sup>1</sup> + </th> + <th> + HD 1080p<sup>1</sup> + </th> + </tr> + <tr> + <th> + Video resolution + </th> + <td> + 320 x 240 px + </td> + <td> + 720 x 480 px + </td> + <td> + 1280 x 720 px + </td> + <td> + 1920 x 1080 px + </td> + </tr> + <tr> + <th> + Video frame rate + </th> + <td> + 20 fps + </td> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + </tr> + <tr> + <th> + Video bitrate + </th> + <td> + 384 Kbps + </td> + <td> + 2 Mbps + </td> + <td> + 4 Mbps + </td> + <td> + 10 Mbps + </td> + </tr> + </table> + <p class="table_footnote"> + 1 When supported by hardware, but STRONGLY RECOMMENDED for Android Television devices. + </p> + <h3> + 5.2.3. VP8 + </h3> + <p> + Android device implementations with VP8 codec support MUST support the SD video encoding profiles and SHOULD support the following HD (High Definition) video encoding profiles. + </p> + <table> + <tr> + <th></th> + <th> + SD (Low quality) + </th> + <th> + SD (High quality) + </th> + <th> + HD 720p<sup>1</sup> + </th> + <th> + HD 1080p<sup>1</sup> + </th> + </tr> + <tr> + <th> + Video resolution + </th> + <td> + 320 x 180 px + </td> + <td> + 640 x 360 px + </td> + <td> + 1280 x 720 px + </td> + <td> + 1920 x 1080 px + </td> + </tr> + <tr> + <th> + Video frame rate + </th> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + </tr> + <tr> + <th> + Video bitrate + </th> + <td> + 800 Kbps + </td> + <td> + 2 Mbps + </td> + <td> + 4 Mbps + </td> + <td> + 10 Mbps + </td> + </tr> + </table> + <p class="table_footnote"> + 1 When supported by hardware. + </p> + <h2> + 5.3. Video Decoding + </h2> + <div class="note"> + Video codecs are optional for Android Watch device implementations. + </div> + <p> + Device implementations— + </p> + <ul> + <li> + <p> + MUST support dynamic video resolution and frame rate switching through the standard Android APIs within the same stream for all VP8, VP9, H.264, and H.265 codecs in real time and up to the maximum resolution supported by each codec on the device. + </p> + </li> + <li> + <p> + Implementations that support the Dolby Vision decoder— + </p> + </li> + <li>MUST provide a Dolby Vision-capable extractor. + </li> + <li> + <p> + MUST properly display Dolby Vision content on the device screen or on a standard video output port (e.g., HDMI). + </p> + </li> + <li> + <p> + Implementations that provide a Dolby Vision-capable extractor MUST set the track index of backward-compatible base-layer(s) (if present) to be the same as the combined Dolby Vision layer's track index. + </p> + </li> + </ul> + <h3> + 5.3.1. MPEG-2 + </h3> + <p> + Android device implementations with MPEG-2 decoders must support the Main Profile High Level. + </p> + <h3> + 5.3.2. H.263 + </h3> + <p> + Android device implementations with H.263 decoders MUST support Baseline Profile Level 30 and Level 45. + </p> + <h3> + 5.3.3. MPEG-4 + </h3> + <p> + Android device implementations with MPEG-4 decoders MUST support Simple Profile Level 3. + </p> + <h3> + 5.3.4. H.264 + </h3> + <p> + Android device implementations with H.264 decoders: + </p> + <ul> + <li>MUST support Main Profile Level 3.1 and Baseline Profile.<br /> + Support for ASO (Arbitrary Slice Ordering), FMO (Flexible Macroblock Ordering) and RS (Redundant Slices) is OPTIONAL. + </li> + <li>MUST be capable of decoding videos with the SD (Standard Definition) profiles listed in the following table and encoded with the Baseline Profile and Main Profile Level 3.1 (including 720p30). + </li> + <li>SHOULD be capable of decoding videos with the HD (High Definition) profiles as indicated in the following table. + </li> + <li>In addition, Android Television devices— + <ul> + <li>MUST support High Profile Level 4.2 and the HD 1080p60 decoding profile. + </li> + <li>MUST be capable of decoding videos with both HD profiles as indicated in the following table and encoded with either the Baseline Profile, Main Profile, or the High Profile Level 4.2 + </li> + </ul> + </li> + </ul> + <table> + <tr> + <th></th> + <th> + SD (Low quality) + </th> + <th> + SD (High quality) + </th> + <th> + HD 720p<sup>1</sup> + </th> + <th> + HD 1080p<sup>1</sup> + </th> + </tr> + <tr> + <th> + Video resolution + </th> + <td> + 320 x 240 px + </td> + <td> + 720 x 480 px + </td> + <td> + 1280 x 720 px + </td> + <td> + 1920 x 1080 px + </td> + </tr> + <tr> + <th> + Video frame rate + </th> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + <td> + 60 fps + </td> + <td> + 30 fps (60 fps<sup>2</sup>) + </td> + </tr> + <tr> + <th> + Video bitrate + </th> + <td> + 800 Kbps + </td> + <td> + 2 Mbps + </td> + <td> + 8 Mbps + </td> + <td> + 20 Mbps + </td> + </tr> + </table> + <p class="table_footnote"> + 1 REQUIRED for when the height as reported by the Display.getSupportedModes() method is equal or greater than the video resolution. + </p> + <p class="table_footnote"> + 2 REQUIRED for Android Television device implementations. + </p> + <h3> + 5.3.5. H.265 (HEVC) + </h3> + <p> + Android device implementations, when supporting H.265 codec as described in <a href="#5_1_3_video_codecs">section 5.1.3</a>: + </p> + <ul> + <li>MUST support the Main Profile Level 3 Main tier and the SD video decoding profiles as indicated in the following table. + </li> + <li>SHOULD support the HD decoding profiles as indicated in the following table. + </li> + <li>MUST support the HD decoding profiles as indicated in the following table if there is a hardware decoder. + </li> + <li>In addition, Android Television devices: + </li> + <li>MUST support the HD 720p decoding profile. + </li> + <li>STRONGLY RECOMMENDED to support the HD 1080p decoding profile. If the HD 1080p decoding profile is supported, it MUST support the Main Profile Level 4.1 Main tier. + </li> + <li>SHOULD support the UHD decoding profile. If the UHD decoding profile is supported the codec MUST support Main10 Level 5 Main Tier profile. + </li> + </ul> + <table> + <tr> + <th></th> + <th> + SD (Low quality) + </th> + <th> + SD (High quality) + </th> + <th> + HD 720p + </th> + <th> + HD 1080p + </th> + <th> + UHD + </th> + </tr> + <tr> + <th> + Video resolution + </th> + <td> + 352 x 288 px + </td> + <td> + 720 x 480 px + </td> + <td> + 1280 x 720 px + </td> + <td> + 1920 x 1080 px + </td> + <td> + 3840 x 2160 px + </td> + </tr> + <tr> + <th> + Video frame rate + </th> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + <td> + 30 fps (60 fps<sup>1</sup>) + </td> + <td> + 60 fps + </td> + </tr> + <tr> + <th> + Video bitrate + </th> + <td> + 600 Kbps + </td> + <td> + 1.6 Mbps + </td> + <td> + 4 Mbps + </td> + <td> + 5 Mbps + </td> + <td> + 20 Mbps + </td> + </tr> + </table> + <p class="table_footnote"> + 1 REQUIRED for Android Television device implementations with H.265 hardware decoding. + </p> + <h3> + 5.3.6. VP8 + </h3> + <p> + Android device implementations, when supporting VP8 codec as described in <a href="https://source.android.com/compatibility/android-cdd.html#5_1_3_video_codecs">section 5.1.3</a>: + </p> + <ul> + <li>MUST support the SD decoding profiles in the following table. + </li> + <li>SHOULD support the HD decoding profiles in the following table. + </li> + <li>Android Television devices MUST support the HD 1080p60 decoding profile. + </li> + </ul> + <table> + <tr> + <th></th> + <th> + SD (Low quality) + </th> + <th> + SD (High quality) + </th> + <th> + HD 720p<sup>1</sup> + </th> + <th> + HD 1080p<sup>1</sup> + </th> + </tr> + <tr> + <th> + Video resolution + </th> + <td> + 320 x 180 px + </td> + <td> + 640 x 360 px + </td> + <td> + 1280 x 720 px + </td> + <td> + 1920 x 1080 px + </td> + </tr> + <tr> + <th> + Video frame rate + </th> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + <td> + 30 fps (60 fps<sup>2</sup>) + </td> + <td> + 30 (60 fps<sup>2</sup>) + </td> + </tr> + <tr> + <th> + Video bitrate + </th> + <td> + 800 Kbps + </td> + <td> + 2 Mbps + </td> + <td> + 8 Mbps + </td> + <td> + 20 Mbps + </td> + </tr> + </table> + <p class="table_footnote"> + 1 REQUIRED for when the height as reported by the Display.getSupportedModes() method is equal or greater than the video resolution. + </p> + <p class="table_footnote"> + 2 REQUIRED for Android Television device implementations. + </p> + <h3> + 5.3.7. VP9 + </h3> + <p> + Android device implementations, when supporting VP9 codec as described in <a href="https://source.android.com/compatibility/android-cdd.html#5_1_3_video_codecs">section 5.1.3</a>: + </p> + <ul> + <li>MUST support the SD video decoding profiles as indicated in the following table. + </li> + <li>SHOULD support the HD decoding profiles as indicated in the following table. + </li> + <li>MUST support the HD decoding profiles as indicated in the following table, if there is a hardware decoder. + </li> + <li> + <p> + In addition, Android Television devices: + </p> + <ul> + <li>MUST support the HD 720p decoding profile. + </li> + <li>STRONGLY RECOMMENDED to support the HD 1080p decoding profile. + </li> + <li>SHOULD support the UHD decoding profile. If the UHD video decoding profile is supported, it MUST support 8-bit color depth and SHOULD support VP9 Profile 2 (10-bit). + </li> + </ul> + </li> + </ul> + <table> + <tr> + <th></th> + <th> + SD (Low quality) + </th> + <th> + SD (High quality) + </th> + <th> + HD 720p + </th> + <th> + HD 1080p + </th> + <th> + UHD + </th> + </tr> + <tr> + <th> + Video resolution + </th> + <td> + 320 x 180 px + </td> + <td> + 640 x 360 px + </td> + <td> + 1280 x 720 px + </td> + <td> + 1920 x 1080 px + </td> + <td> + 3840 x 2160 px + </td> + </tr> + <tr> + <th> + Video frame rate + </th> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + <td> + 30 fps + </td> + <td> + 30 fps (60 fps<sup>1</sup>) + </td> + <td> + 60 fps + </td> + </tr> + <tr> + <th> + Video bitrate + </th> + <td> + 600 Kbps + </td> + <td> + 1.6 Mbps + </td> + <td> + 4 Mbps + </td> + <td> + 5 Mbps + </td> + <td> + 20 Mbps + </td> + </tr> + </table> + <p class="table_footnote"> + 1 REQUIRED for Android Television device implementations with VP9 hardware decoding. + </p> + <h2> + 5.4. Audio Recording + </h2> + <p> + While some of the requirements outlined in this section are stated as SHOULD since Android 4.3, the Compatibility Definition for a future version is planned to change these to MUST. Existing and new Android devices are <strong>STRONGLY RECOMMENDED</strong> to meet these requirements that are stated as SHOULD, or they will not be able to attain Android compatibility when upgraded to the future version. + </p> + <h3> + 5.4.1. Raw Audio Capture + </h3> + <p> + Device implementations that declare android.hardware.microphone MUST allow capture of raw audio content with the following characteristics: + </p> + <ul> + <li> + <strong>Format</strong>: Linear PCM, 16-bit + </li> + <li> + <strong>Sampling rates</strong>: 8000, 11025, 16000, 44100 + </li> + <li> + <strong>Channels</strong>: Mono + </li> + </ul> + <p> + The capture for the above sample rates MUST be done without up-sampling, and any down-sampling MUST include an appropriate anti-aliasing filter. + </p> + <p> + Device implementations that declare android.hardware.microphone SHOULD allow capture of raw audio content with the following characteristics: + </p> + <ul> + <li> + <strong>Format</strong>: Linear PCM, 16-bit + </li> + <li> + <strong>Sampling rates</strong>: 22050, 48000 + </li> + <li> + <strong>Channels</strong>: Stereo + </li> + </ul> + <p> + If capture for the above sample rates is supported, then the capture MUST be done without up-sampling at any ratio higher than 16000:22050 or 44100:48000. Any up-sampling or down-sampling MUST include an appropriate anti-aliasing filter. + </p> + <h3> + 5.4.2. Capture for Voice Recognition + </h3> + <p> + The android.media.MediaRecorder.AudioSource.VOICE_RECOGNITION audio source MUST support capture at one of the sampling rates, 44100 and 48000. + </p> + <p> + In addition to the above recording specifications, when an application has started recording an audio stream using the android.media.MediaRecorder.AudioSource.VOICE_RECOGNITION audio source: + </p> + <ul> + <li>The device SHOULD exhibit approximately flat amplitude versus frequency characteristics: specifically, ±3 dB, from 100 Hz to 4000 Hz. + </li> + <li>Audio input sensitivity SHOULD be set such that a 90 dB sound power level (SPL) source at 1000 Hz yields RMS of 2500 for 16-bit samples. + </li> + <li>PCM amplitude levels SHOULD linearly track input SPL changes over at least a 30 dB range from -18 dB to +12 dB re 90 dB SPL at the microphone. + </li> + <li>Total harmonic distortion SHOULD be less than 1% for 1 kHz at 90 dB SPL input level at the microphone. + </li> + <li>Noise reduction processing, if present, MUST be disabled. + </li> + <li>Automatic gain control, if present, MUST be disabled. + </li> + </ul> + <p> + If the platform supports noise suppression technologies tuned for speech recognition, the effect MUST be controllable from the android.media.audiofx.NoiseSuppressor API. Moreover, the UUID field for the noise suppressor’s effect descriptor MUST uniquely identify each implementation of the noise suppression technology. + </p> + <h3> + 5.4.3. Capture for Rerouting of Playback + </h3> + <p> + The android.media.MediaRecorder.AudioSource class includes the REMOTE_SUBMIX audio source. Devices that declare android.hardware.audio.output MUST properly implement the REMOTE_SUBMIX audio source so that when an application uses the android.media.AudioRecord API to record from this audio source, it can capture a mix of all audio streams except for the following: + </p> + <ul> + <li>STREAM_RING + </li> + <li>STREAM_ALARM + </li> + <li>STREAM_NOTIFICATION + </li> + </ul> + <h2> + 5.5. Audio Playback + </h2> + <p> + Device implementations that declare android.hardware.audio.output MUST conform to the requirements in this section. + </p> + <h3> + 5.5.1. Raw Audio Playback + </h3> + <p> + The device MUST allow playback of raw audio content with the following characteristics: + </p> + <ul> + <li> + <strong>Format</strong>: Linear PCM, 16-bit + </li> + <li> + <strong>Sampling rates</strong>: 8000, 11025, 16000, 22050, 32000, 44100 + </li> + <li> + <strong>Channels</strong>: Mono, Stereo + </li> + </ul> + <p> + The device SHOULD allow playback of raw audio content with the following characteristics: + </p> + <ul> + <li> + <strong>Sampling rates</strong>: 24000, 48000 + </li> + </ul> + <h3> + 5.5.2. Audio Effects + </h3> + <p> + Android provides an <a href="http://developer.android.com/reference/android/media/audiofx/AudioEffect.html">API for audio effects</a> for device implementations. Device implementations that declare the feature android.hardware.audio.output: + </p> + <ul> + <li>MUST support the EFFECT_TYPE_EQUALIZER and EFFECT_TYPE_LOUDNESS_ENHANCER implementations controllable through the AudioEffect subclasses Equalizer, LoudnessEnhancer. + </li> + <li>MUST support the visualizer API implementation, controllable through the Visualizer class. + </li> + <li>SHOULD support the EFFECT_TYPE_BASS_BOOST, EFFECT_TYPE_ENV_REVERB, EFFECT_TYPE_PRESET_REVERB, and EFFECT_TYPE_VIRTUALIZER implementations controllable through the AudioEffect sub-classes BassBoost, EnvironmentalReverb, PresetReverb, and Virtualizer. + </li> + </ul> + <h3> + 5.5.3. Audio Output Volume + </h3> + <p> + Android Television device implementations MUST include support for system Master Volume and digital audio output volume attenuation on supported outputs, except for compressed audio passthrough output (where no audio decoding is done on the device). + </p> + <p> + Android Automotive device implementations SHOULD allow adjusting audio volume separately per each audio stream using the content type or usage as defined by <a href="" title="http://developer.android.com/reference/android/media/AudioAttributes.html">AudioAttributes</a> and car audio usage as publicly defined in <code>android.car.CarAudioManager</code>. + </p> + <h2> + 5.6. Audio Latency + </h2> + <p> + Audio latency is the time delay as an audio signal passes through a system. Many classes of applications rely on short latencies, to achieve real-time sound effects. + </p> + <p> + For the purposes of this section, use the following definitions: + </p> + <ul> + <li> + <strong>output latency</strong>. The interval between when an application writes a frame of PCM-coded data and when the corresponding sound is presented to environment at an on-device transducer or signal leaves the device via a port and can be observed externally. + </li> + <li> + <strong>cold output latency</strong>. The output latency for the first frame, when the audio output system has been idle and powered down prior to the request. + </li> + <li> + <strong>continuous output latency</strong>. The output latency for subsequent frames, after the device is playing audio. + </li> + <li> + <strong>input latency</strong>. The interval between when a sound is presented by environment to device at an on-device transducer or signal enters the device via a port and when an application reads the corresponding frame of PCM-coded data. + </li> + <li> + <strong>lost input</strong>. The initial portion of an input signal that is unusable or unavailable. + </li> + <li> + <strong>cold input latency</strong>. The sum of lost input time and the input latency for the first frame, when the audio input system has been idle and powered down prior to the request. + </li> + <li> + <strong>continuous input latency</strong>. The input latency for subsequent frames, while the device is capturing audio. + </li> + <li> + <strong>cold output jitter</strong>. The variability among separate measurements of cold output latency values. + </li> + <li> + <strong>cold input jitter</strong>. The variability among separate measurements of cold input latency values. + </li> + <li> + <strong>continuous round-trip latency</strong>. The sum of continuous input latency plus continuous output latency plus one buffer period. The buffer period allows time for the app to process the signal and time for the app to mitigate phase difference between input and output streams. + </li> + <li> + <strong>OpenSL ES PCM buffer queue API</strong>. The set of PCM-related OpenSL ES APIs within <a href="https://developer.android.com/ndk/index.html">Android NDK</a>. + </li> + </ul> + <p> + Device implementations that declare android.hardware.audio.output are STRONGLY RECOMMENDED to meet or exceed these audio output requirements: + </p> + <ul> + <li>cold output latency of 100 milliseconds or less + </li> + <li>continuous output latency of 45 milliseconds or less + </li> + <li>minimize the cold output jitter + </li> + </ul> + <p> + If a device implementation meets the requirements of this section after any initial calibration when using the OpenSL ES PCM buffer queue API, for continuous output latency and cold output latency over at least one supported audio output device, it is STRONGLY RECOMMENDED to report support for low-latency audio, by reporting the feature android.hardware.audio.low_latency via the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class. Conversely, if the device implementation does not meet these requirements it MUST NOT report support for low-latency audio. + </p> + <p> + Device implementations that include android.hardware.microphone are STRONGLY RECOMMENDED to meet these input audio requirements: + </p> + <ul> + <li>cold input latency of 100 milliseconds or less + </li> + <li>continuous input latency of 30 milliseconds or less + </li> + <li>continuous round-trip latency of 50 milliseconds or less + </li> + <li>minimize the cold input jitter + </li> + </ul> + <h2> + 5.7. Network Protocols + </h2> + <p> + Devices MUST support the <a href="http://developer.android.com/guide/appendix/media-formats.html">media network protocols</a> for audio and video playback as specified in the Android SDK documentation. Specifically, devices MUST support the following media network protocols: + </p> + <ul> + <li> + <p> + HTTP(S) progressive streaming<br /> + All required codecs and container formats in <a href="#5_1_media_codecs">section 5.1</a> MUST be supported over HTTP(S) + </p> + </li> + <li> + <p> + <a href="http://tools.ietf.org/html/draft-pantos-http-live-streaming-07">HTTP Live Streaming draft protocol, Version 7</a><br /> + The following media segment formats MUST be supported: + </p> + </li> + </ul> + <table> + <tr> + <th> + Segment formats + </th> + <th> + Reference(s) + </th> + <th> + Required codec support + </th> + </tr> + <tr id="mp2t"> + <td> + MPEG-2 Transport Stream + </td> + <td> + <a href="http://www.iso.org/iso/catalogue_detail?csnumber=44169">ISO 13818</a> + </td> + <td> + Video codecs: <ul> - <li>MUST have a measurement range between at least -8g and +8g. - </li> - <li>MUST have a measurement resolution of at least 1024 LSB/G. + <li class="table_list">H264 AVC </li> - <li>MUST have a minimum measurement frequency of 12.5 Hz or lower. + <li class="table_list">MPEG-4 SP </li> - <li>MUST have a maximum measurement frequency of 400 Hz or higher. + <li class="table_list">MPEG-2 </li> - <li>MUST have a measurement noise not above 400 uG/√Hz. - </li> - <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 3000 sensor events. - </li> - <li>MUST have a batching power consumption not worse than 3 mW. - </li> - <li>SHOULD have a stationary noise bias stability of \<15 μg √Hz from 24hr static dataset. - </li> - <li>SHOULD have a bias change vs. temperature of ≤ +/- 1mg / °C. - </li> - <li>SHOULD have a best-fit line non-linearity of ≤ 0.5%, and sensitivity change vs. temperature of ≤ 0.03%/C°. - </li> - </ul> - </li> - <li> + </ul>See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on H264 AVC, MPEG2-4 SP,<br /> + and MPEG-2. <p> - SENSOR_TYPE_GYROSCOPE + Audio codecs: </p> <ul> - <li>MUST have a measurement range between at least -1000 and +1000 dps. - </li> - <li>MUST have a measurement resolution of at least 16 LSB/dps. - </li> - <li>MUST have a minimum measurement frequency of 12.5 Hz or lower. - </li> - <li>MUST have a maximum measurement frequency of 400 Hz or higher. - </li> - <li>MUST have a measurement noise not above 0.014°/s/√Hz. - </li> - <li>SHOULD have a stationary bias stability of < 0.0002 °/s √Hz from 24-hour static dataset. - </li> - <li>SHOULD have a bias change vs. temperature of ≤ +/- 0.05 °/ s / °C. - </li> - <li>SHOULD have a sensitivity change vs. temperature of ≤ 0.02% / °C. - </li> - <li>SHOULD have a best-fit line non-linearity of ≤ 0.2%. - </li> - <li>SHOULD have a noise density of ≤ 0.007 °/s/√Hz. - </li> - </ul> - </li> - <li> - <p> - SENSOR_TYPE_GYROSCOPE_UNCALIBRATED with the same quality requirements as SENSOR_TYPE_GYROSCOPE. - </p> - </li> - <li>SENSOR_TYPE_GEOMAGNETIC_FIELD - <ul> - <li>MUST have a measurement range between at least -900 and +900 uT. - </li> - <li>MUST have a measurement resolution of at least 5 LSB/uT. - </li> - <li>MUST have a minimum measurement frequency of 5 Hz or lower. - </li> - <li>MUST have a maximum measurement frequency of 50 Hz or higher. - </li> - <li>MUST have a measurement noise not above 0.5 uT. - </li> - </ul> - </li> - <li>SENSOR_TYPE_MAGNETIC_FIELD_UNCALIBRATED with the same quality requirements as SENSOR_TYPE_GEOMAGNETIC_FIELD and in addition: - <ul> - <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 600 sensor events. - </li> - </ul> - </li> - <li>SENSOR_TYPE_PRESSURE - <ul> - <li>MUST have a measurement range between at least 300 and 1100 hPa. - </li> - <li>MUST have a measurement resolution of at least 80 LSB/hPa. - </li> - <li>MUST have a minimum measurement frequency of 1 Hz or lower. - </li> - <li>MUST have a maximum measurement frequency of 10 Hz or higher. - </li> - <li>MUST have a measurement noise not above 2 Pa/√Hz. - </li> - <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 300 sensor events. - </li> - <li>MUST have a batching power consumption not worse than 2 mW. - </li> - </ul> - </li> - <li>SENSOR_TYPE_GAME_ROTATION_VECTOR - <ul> - <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 300 sensor events. - </li> - <li>MUST have a batching power consumption not worse than 4 mW. - </li> - </ul> - </li> - <li>SENSOR_TYPE_SIGNIFICANT_MOTION - <ul> - <li>MUST have a power consumption not worse than 0.5 mW when device is static and 1.5 mW when device is moving. - </li> - </ul> - </li> - <li>SENSOR_TYPE_STEP_DETECTOR - <ul> - <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 100 sensor events. - </li> - <li>MUST have a power consumption not worse than 0.5 mW when device is static and 1.5 mW when device is moving. - </li> - <li>MUST have a batching power consumption not worse than 4 mW. - </li> - </ul> - </li> - <li>SENSOR_TYPE_STEP_COUNTER - <ul> - <li>MUST have a power consumption not worse than 0.5 mW when device is static and 1.5 mW when device is moving. - </li> - </ul> - </li> - <li>SENSOR_TILT_DETECTOR - <ul> - <li>MUST have a power consumption not worse than 0.5 mW when device is static and 1.5 mW when device is moving. - </li> - </ul> - </li> - </ul> - <p> - Also such a device MUST meet the following sensor subsystem requirements: - </p> - <ul> - <li>The event timestamp of the same physical event reported by the Accelerometer, Gyroscope sensor and Magnetometer MUST be within 2.5 milliseconds of each other. - </li> - <li>The Gyroscope sensor event timestamps MUST be on the same time base as the camera subsystem and within 1 milliseconds of error. - </li> - <li>High Fidelity sensors MUST deliver samples to applications within 5 milliseconds from the time when the data is available on the physical sensor to the application. - </li> - <li>The power consumption MUST not be higher than 0.5 mW when device is static and 2.0 mW when device is moving when any combination of the following sensors are enabled: - <ul> - <li>SENSOR_TYPE_SIGNIFICANT_MOTION - </li> - <li>SENSOR_TYPE_STEP_DETECTOR - </li> - <li>SENSOR_TYPE_STEP_COUNTER - </li> - <li>SENSOR_TILT_DETECTORS - </li> - </ul> - </li> - </ul> - <p> - Note that all power consumption requirements in this section do not include the power consumption of the Application Processor. It is inclusive of the power drawn by the entire sensor chain—the sensor, any supporting circuitry, any dedicated sensor processing system, etc. - </p> - <p> - The following sensor types MAY also be supported on a device implementation declaring android.hardware.sensor.hifi_sensors, but if these sensor types are present they MUST meet the following minimum buffering capability requirement: - </p> - <ul> - <li>SENSOR_TYPE_PROXIMITY: 100 sensor events - </li> - </ul> - <h4 id="7_3_10_fingerprint_sensor"> - 7.3.10. Fingerprint Sensor - </h4> - <p> - Device implementations with a secure lock screen SHOULD include a fingerprint sensor. If a device implementation includes a fingerprint sensor and has a corresponding API for third-party developers, it: - </p> - <ul> - <li>MUST declare support for the android.hardware.fingerprint feature. - </li> - <li>MUST fully implement the <a href="https://developer.android.com/reference/android/hardware/fingerprint/package-summary.html">corresponding API</a> as described in the Android SDK documentation. - </li> - <li>MUST have a false acceptance rate not higher than 0.002%. - </li> - <li>Is STRONGLY RECOMMENDED to have a false rejection rate of less than 10%, as measured on the device - </li> - <li>Is STRONGLY RECOMMENDED to have a latency below 1 second, measured from when the fingerprint sensor is touched until the screen is unlocked, for one enrolled finger. - </li> - <li>MUST rate limit attempts for at least 30 seconds after five false trials for fingerprint verification. - </li> - <li>MUST have a hardware-backed keystore implementation, and perform the fingerprint matching in a Trusted Execution Environment (TEE) or on a chip with a secure channel to the TEE. - </li> - <li>MUST have all identifiable fingerprint data encrypted and cryptographically authenticated such that they cannot be acquired, read or altered outside of the Trusted Execution Environment (TEE) as documented in the <a href="https://source.android.com/devices/tech/security/authentication/fingerprint-hal.html">implementation guidelines</a> on the Android Open Source Project site. - </li> - <li>MUST prevent adding a fingerprint without first establishing a chain of trust by having the user confirm existing or add a new device credential (PIN/pattern/password) that's secured by TEE; the Android Open Source Project implementation provides the mechanism in the framework to do so. - </li> - <li>MUST NOT enable 3rd-party applications to distinguish between individual fingerprints. - </li> - <li>MUST honor the DevicePolicyManager.KEYGUARD_DISABLE_FINGERPRINT flag. - </li> - <li>MUST, when upgraded from a version earlier than Android 6.0, have the fingerprint data securely migrated to meet the above requirements or removed. - </li> - <li>SHOULD use the Android Fingerprint icon provided in the Android Open Source Project. - </li> - </ul> - <h4 id="7_3_11_android_automotive-only_sensors"> - 7.3.11. Android Automotive-only sensors - </h4> - <p> - Automotive-specific sensors are defined in the <code>android.car.CarSensorManager API</code> . - </p> - <h5 id="7_3_11_1_current_gear"> - 7.3.11.1. Current Gear - </h5> - <p> - Android Automotive implementations SHOULD provide current gear as SENSOR_TYPE_GEAR. - </p> - <h5 id="7_3_11_2_day_night_mode"> - 7.3.11.2. Day Night Mode - </h5> - <p> - Android Automotive implementations MUST support day/night mode defined as SENSOR_TYPE_NIGHT. The value of this flag MUST be consistent with dashboard day/night mode and SHOULD be based on ambient light sensor input. The underlying ambient light sensor MAY be the same as <a href="#7_3_7_photometer">Photometer</a> . - </p> - <h5 id="7_3_11_3_driving_status"> - 7.3.11.3. Driving Status - </h5> - <p> - Android Automotive implementations MUST support driving status defined as SENSOR_TYPE_DRIVING_STATUS, with a default value of DRIVE_STATUS_UNRESTRICTED when the vehicle is fully stopped and parked. It is the responsibility of device manufacturers to configure SENSOR_TYPE_DRIVING_STATUS in compliance with all laws and regulations that apply to markets where the product is shipping. - </p> - <h5 id="7_3_11_4_wheel_speed"> - 7.3.11.4. Wheel Speed - </h5> - <p> - Android Automotive implementations MUST provide vehicle speed defined as SENSOR_TYPE_CAR_SPEED. - </p> - <h3 id="7_3_12_pose_sensor"> - 7.3.12. Pose Sensor - </h3> - <p> - Device implementations MAY support pose sensor with 6 degrees of freedom. Android Handheld devices are RECOMMENDED to support this sensor. If a device implementation does support pose sensor with 6 degrees of freedom, it: - </p> - <ul> - <li>MUST implement and report <a href="https://developer.android.com/reference/android/hardware/Sensor.html#TYPE_POSE_6DOF"><code>TYPE_POSE_6DOF</code></a> sensor. - </li> - <li>MUST be more accurate than the rotation vector alone. - </li> - </ul> - <h3 id="7_4_data_connectivity"> - 7.4. Data Connectivity - </h3> - <h4 id="7_4_1_telephony"> - 7.4.1. Telephony - </h4> - <p> - “Telephony” as used by the Android APIs and this document refers specifically to hardware related to placing voice calls and sending SMS messages via a GSM or CDMA network. While these voice calls may or may not be packet-switched, they are for the purposes of Android considered independent of any data connectivity that may be implemented using the same network. In other words, the Android “telephony” functionality and APIs refer specifically to voice calls and SMS. For instance, device implementations that cannot place calls or send/receive SMS messages MUST NOT report the android.hardware.telephony feature or any subfeatures, regardless of whether they use a cellular network for data connectivity. - </p> - <p> - Android MAY be used on devices that do not include telephony hardware. That is, Android is compatible with devices that are not phones. However, if a device implementation does include GSM or CDMA telephony, it MUST implement full support for the API for that technology. Device implementations that do not include telephony hardware MUST implement the full APIs as no-ops. - </p> - <h5 id="7_4_1_1_number_blocking_compatibility"> - 7.4.1.1. Number Blocking Compatibility - </h5> - <p> - Android Telephony device implementations MUST include number blocking support and: - </p> - <ul> - <li>MUST fully implement <a href="http://developer.android.com/reference/android/provider/BlockedNumberContract.html">BlockedNumberContract</a> and the corresponding API as described in the SDK documentation. - </li> - <li>MUST block all calls and messages from a phone number in 'BlockedNumberProvider' without any interaction with apps. The only exception is when number blocking is temporarily lifted as described in the SDK documentation. - </li> - <li>MUST NOT write to the <a href="http://developer.android.com/reference/android/provider/CallLog.html">platform call log provider</a> for a blocked call. - </li> - <li>MUST NOT write to the <a href="http://developer.android.com/reference/android/provider/Telephony.html">Telephony provider</a> for a blocked message. - </li> - <li>MUST implement a blocked numbers management UI, which is opened with the intent returned by TelecomManager.createManageBlockedNumbersIntent() method. - </li> - <li>MUST NOT allow secondary users to view or edit the blocked numbers on the device as the Android platform assumes the primary user to have full control of the telephony services, a single instance, on the device. All blocking related UI MUST be hidden for secondary users and the blocked list MUST still be respected. - </li> - <li>SHOULD migrate the blocked numbers into the provider when a device updates to Android 7.0. - </li> - </ul> - <h4 id="7_4_2_ieee_802_11_(wi-fi)"> - 7.4.2. IEEE 802.11 (Wi-Fi) - </h4> - <p> - All Android device implementations SHOULD include support for one or more forms of 802.11. If a device implementation does include support for 802.11 and exposes the functionality to a third-party application, it MUST implement the corresponding Android API and: - </p> - <ul> - <li>MUST report the hardware feature flag android.hardware.wifi. - </li> - <li>MUST implement the <a href="http://developer.android.com/reference/android/net/wifi/WifiManager.MulticastLock.html">multicast API</a> as described in the SDK documentation. - </li> - <li>MUST support multicast DNS (mDNS) and MUST NOT filter mDNS packets (224.0.0.251) at any time of operation including: - <ul> - <li>Even when the screen is not in an active state. - </li> - <li>For Android Television device implementations, even when in standby power states. - </li> - </ul> - </li> - </ul> - <h5 id="7_4_2_1_wi-fi_direct"> - 7.4.2.1. Wi-Fi Direct - </h5> - <p> - Device implementations SHOULD include support for Wi-Fi Direct (Wi-Fi peer-to-peer). If a device implementation does include support for Wi-Fi Direct, it MUST implement the <a href="http://developer.android.com/reference/android/net/wifi/p2p/WifiP2pManager.html">corresponding Android API</a> as described in the SDK documentation. If a device implementation includes support for Wi-Fi Direct, then it: - </p> - <ul> - <li>MUST report the hardware feature android.hardware.wifi.direct. - </li> - <li>MUST support regular Wi-Fi operation. - </li> - <li>SHOULD support concurrent Wi-Fi and Wi-Fi Direct operation. - </li> - </ul> - <h5 id="7_4_2_2_wi-fi_tunneled_direct_link_setup"> - 7.4.2.2. Wi-Fi Tunneled Direct Link Setup - </h5> - <p> - Device implementations SHOULD include support for <a href="http://developer.android.com/reference/android/net/wifi/WifiManager.html">Wi-Fi Tunneled Direct Link Setup (TDLS)</a> as described in the Android SDK Documentation. If a device implementation does include support for TDLS and TDLS is enabled by the WiFiManager API, the device: - </p> - <ul> - <li>SHOULD use TDLS only when it is possible AND beneficial. - </li> - <li>SHOULD have some heuristic and NOT use TDLS when its performance might be worse than going through the Wi-Fi access point. - </li> - </ul> - <h4 id="7_4_3_bluetooth"> - 7.4.3. Bluetooth - </h4> - <div class="note"> - Android Watch implementations MUST support Bluetooth. Android Television implementations MUST support Bluetooth and Bluetooth LE. Android Automotive implementations MUST support Bluetooth and SHOULD support Bluetooth LE. - </div> - <p> - Device implementations that support <code>android.hardware.vr.high_performance</code> feature MUST support Bluetooth 4.2 and Bluetooth LE Data Length Extension. - </p> - <p> - Android includes support for <a href="http://developer.android.com/reference/android/bluetooth/package-summary.html">Bluetooth and Bluetooth Low Energy</a> . Device implementations that include support for Bluetooth and Bluetooth Low Energy MUST declare the relevant platform features (android.hardware.bluetooth and android.hardware.bluetooth_le respectively) and implement the platform APIs. Device implementations SHOULD implement relevant Bluetooth profiles such as A2DP, AVCP, OBEX, etc. as appropriate for the device. - </p> - <p> - Android Automotive implementations SHOULD support Message Access Profile (MAP). Android Automotive implementations MUST support the following Bluetooth profiles: - </p> - <ul> - <li>Phone calling over Hands-Free Profile (HFP). - </li> - <li>Media playback over Audio Distribution Profile (A2DP). - </li> - <li>Media playback control over Remote Control Profile (AVRCP). - </li> - <li>Contact sharing using the Phone Book Access Profile (PBAP). - </li> - </ul> - <p> - Device implementations including support for Bluetooth Low Energy: - </p> - <ul> - <li>MUST declare the hardware feature android.hardware.bluetooth_le. - </li> - <li>MUST enable the GATT (generic attribute profile) based Bluetooth APIs as described in the SDK documentation and <a href="http://developer.android.com/reference/android/bluetooth/package-summary.html">android.bluetooth</a> . - </li> - <li>are STRONGLY RECOMMENDED to implement a Resolvable Private Address (RPA) timeout no longer than 15 minutes and rotate the address at timeout to protect user privacy. - </li> - <li>SHOULD support offloading of the filtering logic to the bluetooth chipset when implementing the <a href="https://developer.android.com/reference/android/bluetooth/le/ScanFilter.html">ScanFilter API</a> , and MUST report the correct value of where the filtering logic is implemented whenever queried via the android.bluetooth.BluetoothAdapter.isOffloadedFilteringSupported() method. - </li> - <li>SHOULD support offloading of the batched scanning to the bluetooth chipset, but if not supported, MUST report ‘false’ whenever queried via the android.bluetooth.BluetoothAdapter.isOffloadedScanBatchingSupported() method. - </li> - <li>SHOULD support multi advertisement with at least 4 slots, but if not supported, MUST report ‘false’ whenever queried via the android.bluetooth.BluetoothAdapter.isMultipleAdvertisementSupported() method. - </li> - </ul> - <h4 id="7_4_4_near-field_communications"> - 7.4.4. Near-Field Communications - </h4> - <p> - Device implementations SHOULD include a transceiver and related hardware for Near-Field Communications (NFC). If a device implementation does include NFC hardware and plans to make it available to third-party apps, then it: - </p> - <ul> - <li>MUST report the android.hardware.nfc feature from the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager.hasSystemFeature() method</a> . - </li> - <li>MUST be capable of reading and writing NDEF messages via the following NFC standards: - <ul> - <li>MUST be capable of acting as an NFC Forum reader/writer (as defined by the NFC Forum technical specification NFCForum-TS-DigitalProtocol-1.0) via the following NFC standards: - <ul> - <li>NfcA (ISO14443-3A) - </li> - <li>NfcB (ISO14443-3B) - </li> - <li>NfcF (JIS X 6319-4) - </li> - <li>IsoDep (ISO 14443-4) - </li> - <li>NFC Forum Tag Types 1, 2, 3, 4 (defined by the NFC Forum) - </li> - </ul> - </li> - <li>STRONGLY RECOMMENDED to be capable of reading and writing NDEF messages as well as raw data via the following NFC standards. Note that while the NFC standards below are stated as STRONGLY RECOMMENDED, the Compatibility Definition for a future version is planned to change these to MUST. These standards are optional in this version but will be required in future versions. Existing and new devices that run this version of Android are very strongly encouraged to meet these requirements now so they will be able to upgrade to the future platform releases. - <ul> - <li>NfcV (ISO 15693) - </li> - </ul> - </li> - <li>SHOULD be capable of reading the barcode and URL (if encoded) of <a href="http://developer.android.com/reference/android/nfc/tech/NfcBarcode.html">Thinfilm NFC Barcode</a> products. - </li> - <li>MUST be capable of transmitting and receiving data via the following peer-to-peer standards and protocols: - <ul> - <li>ISO 18092 - </li> - <li>LLCP 1.2 (defined by the NFC Forum) - </li> - <li>SDP 1.0 (defined by the NFC Forum) - </li> - <li> - <a href="http://static.googleusercontent.com/media/source.android.com/en/us/compatibility/ndef-push-protocol.pdf">NDEF Push Protocol</a> - </li> - <li>SNEP 1.0 (defined by the NFC Forum) - </li> - </ul> - </li> - <li>MUST include support for <a href="http://developer.android.com/guide/topics/connectivity/nfc/nfc.html">Android Beam</a> . - </li> - <li>MUST implement the SNEP default server. Valid NDEF messages received by the default SNEP server MUST be dispatched to applications using the android.nfc.ACTION_NDEF_DISCOVERED intent. Disabling Android Beam in settings MUST NOT disable dispatch of incoming NDEF message. - </li> - <li>MUST honor the android.settings.NFCSHARING_SETTINGS intent to show <a href="http://developer.android.com/reference/android/provider/Settings.html#ACTION_NFCSHARING_SETTINGS">NFC sharing settings</a> . - </li> - <li>MUST implement the NPP server. Messages received by the NPP server MUST be processed the same way as the SNEP default server. - </li> - <li>MUST implement a SNEP client and attempt to send outbound P2P NDEF to the default SNEP server when Android Beam is enabled. If no default SNEP server is found then the client MUST attempt to send to an NPP server. - </li> - <li>MUST allow foreground activities to set the outbound P2P NDEF message using android.nfc.NfcAdapter.setNdefPushMessage, and android.nfc.NfcAdapter.setNdefPushMessageCallback, and android.nfc.NfcAdapter.enableForegroundNdefPush. - </li> - <li>SHOULD use a gesture or on-screen confirmation, such as 'Touch to Beam', before sending outbound P2P NDEF messages. - </li> - <li>SHOULD enable Android Beam by default and MUST be able to send and receive using Android Beam, even when another proprietary NFC P2p mode is turned on. - </li> - <li>MUST support NFC Connection handover to Bluetooth when the device supports Bluetooth Object Push Profile. Device implementations MUST support connection handover to Bluetooth when using android.nfc.NfcAdapter.setBeamPushUris, by implementing the “ <a href="http://members.nfc-forum.org/specs/spec_list/#conn_handover">Connection Handover version 1.2</a> ” and “ <a href="http://members.nfc-forum.org/apps/group_public/download.php/18688/NFCForum-AD-BTSSP_1_1.pdf">Bluetooth Secure Simple Pairing Using NFC version 1.0</a> ” specs from the NFC Forum. Such an implementation MUST implement the handover LLCP service with service name “urn:nfc:sn:handover” for exchanging the handover request/select records over NFC, and it MUST use the Bluetooth Object Push Profile for the actual Bluetooth data transfer. For legacy reasons (to remain compatible with Android 4.1 devices), the implementation SHOULD still accept SNEP GET requests for exchanging the handover request/select records over NFC. However an implementation itself SHOULD NOT send SNEP GET requests for performing connection handover. - </li> - <li>MUST poll for all supported technologies while in NFC discovery mode. - </li> - <li>SHOULD be in NFC discovery mode while the device is awake with the screen active and the lock-screen unlocked. - </li> - </ul> - </li> - </ul> - <p> - (Note that publicly available links are not available for the JIS, ISO, and NFC Forum specifications cited above.) - </p> - <p> - Android includes support for NFC Host Card Emulation (HCE) mode. If a device implementation does include an NFC controller chipset capable of HCE (for NfcA and/or NfcB) and it supports Application ID (AID) routing, then it: - </p> - <ul> - <li>MUST report the android.hardware.nfc.hce feature constant. - </li> - <li>MUST support <a href="http://developer.android.com/guide/topics/connectivity/nfc/hce.html">NFC HCE APIs</a> as defined in the Android SDK. - </li> - </ul> - <p> - If a device implementation does include an NFC controller chipset capable of HCE for NfcF, and it implements the feature for third-party applications, then it: - </p> - <ul> - <li>MUST report the android.hardware.nfc.hcef feature constant. - </li> - <li>MUST implement the [NfcF Card Emulation APIs] (https://developer.android.com/reference/android/nfc/cardemulation/NfcFCardEmulation.html) as defined in the Android SDK. - </li> - </ul> - <p> - Additionally, device implementations MAY include reader/writer support for the following MIFARE technologies. - </p> - <ul> - <li>MIFARE Classic - </li> - <li>MIFARE Ultralight - </li> - <li>NDEF on MIFARE Classic - </li> - </ul> - <p> - Note that Android includes APIs for these MIFARE types. If a device implementation supports MIFARE in the reader/writer role, it: - </p> - <ul> - <li>MUST implement the corresponding Android APIs as documented by the Android SDK. - </li> - <li>MUST report the feature com.nxp.mifare from the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager.hasSystemFeature()</a> method. Note that this is not a standard Android feature and as such does not appear as a constant in the android.content.pm.PackageManager class. - </li> - <li>MUST NOT implement the corresponding Android APIs nor report the com.nxp.mifare feature unless it also implements general NFC support as described in this section. - </li> - </ul> - <p> - If a device implementation does not include NFC hardware, it MUST NOT declare the android.hardware.nfc feature from the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager.hasSystemFeature()</a> method, and MUST implement the Android NFC API as a no-op. - </p> - <p> - As the classes android.nfc.NdefMessage and android.nfc.NdefRecord represent a protocol-independent data representation format, device implementations MUST implement these APIs even if they do not include support for NFC or declare the android.hardware.nfc feature. - </p> - <h4 id="7_4_5_minimum_network_capability"> - 7.4.5. Minimum Network Capability - </h4> - <p> - Device implementations MUST include support for one or more forms of data networking. Specifically, device implementations MUST include support for at least one data standard capable of 200Kbit/sec or greater. Examples of technologies that satisfy this requirement include EDGE, HSPA, EV-DO, 802.11g, Ethernet, Bluetooth PAN, etc. - </p> - <p> - Device implementations where a physical networking standard (such as Ethernet) is the primary data connection SHOULD also include support for at least one common wireless data standard, such as 802.11 (Wi-Fi). - </p> - <p> - Devices MAY implement more than one form of data connectivity. - </p> - <p> - Devices MUST include an IPv6 networking stack and support IPv6 communication using the managed APIs, such as <code>java.net.Socket</code> and <code>java.net.URLConnection</code> , as well as the native APIs, such as <code>AF_INET6</code> sockets. The required level of IPv6 support depends on the network type, as follows: - </p> - <ul> - <li>Devices that support Wi-Fi networks MUST support dual-stack and IPv6-only operation on Wi-Fi. - </li> - <li>Devices that support Ethernet networks MUST support dual-stack operation on Ethernet. - </li> - <li>Devices that support cellular data SHOULD support IPv6 operation (IPv6-only and possibly dual-stack) on cellular data. - </li> - <li>When a device is simultaneously connected to more than one network (e.g., Wi-Fi and cellular data), it MUST simultaneously meet these requirements on each network to which it is connected. - </li> - </ul> - <p> - IPv6 MUST be enabled by default. - </p> - <p> - In order to ensure that IPv6 communication is as reliable as IPv4, unicast IPv6 packets sent to the device MUST NOT be dropped, even when the screen is not in an active state. Redundant multicast IPv6 packets, such as repeated identical Router Advertisements, MAY be rate-limited in hardware or firmware if doing so is necessary to save power. In such cases, rate-limiting MUST NOT cause the device to lose IPv6 connectivity on any IPv6-compliant network that uses RA lifetimes of at least 180 seconds. - </p> - <p> - IPv6 connectivity MUST be maintained in doze mode. - </p> - <h4 id="7_4_6_sync_settings"> - 7.4.6. Sync Settings - </h4> - <p> - Device implementations MUST have the master auto-sync setting on by default so that the method <a href="http://developer.android.com/reference/android/content/ContentResolver.html">getMasterSyncAutomatically()</a> returns “true”. - </p> - <h4 id="7_4_7_data_saver"> - 7.4.7. Data Saver - </h4> - <p> - Device implementations with a metered connection are STRONGLY RECOMMENDED to provide the data saver mode. - </p> - <p> - If a device implementation provides the data saver mode, it: - </p> - <ul> - <li> - <p> - MUST support all the APIs in the <code>ConnectivityManager</code> class as described in the <a href="https://developer.android.com/training/basics/network-ops/data-saver.html">SDK documentation</a> - </p> - </li> - <li> - <p> - MUST provide a user interface in the settings, allowing users to add applications to or remove applications from the whitelist. - </p> - </li> - </ul> - <p> - Conversely if a device implementation does not provide the data saver mode, it: - </p> - <ul> - <li> - <p> - MUST return the value <code>RESTRICT_BACKGROUND_STATUS_DISABLED</code> for <a href="https://developer.android.com/reference/android/net/ConnectivityManager.html#getRestrictBackgroundStatus%28%29"><code>ConnectivityManager.getRestrictBackgroundStatus()</code></a> - </p> - </li> - <li> - <p> - MUST not broadcast <code>ConnectivityManager.ACTION_RESTRICT_BACKGROUND_CHANGED</code> - </p> - </li> - <li> - <p> - MUST have an activity that handles the <code>Settings.ACTION_IGNORE_BACKGROUND_DATA_RESTRICTIONS_SETTINGS</code> intent but MAY implement it as a no-op. - </p> - </li> - </ul> - <h3 id="7_5_cameras"> - 7.5. Cameras - </h3> - <p> - Device implementations SHOULD include a rear-facing camera and MAY include a front-facing camera. A rear-facing camera is a camera located on the side of the device opposite the display; that is, it images scenes on the far side of the device, like a traditional camera. A front-facing camera is a camera located on the same side of the device as the display; that is, a camera typically used to image the user, such as for video conferencing and similar applications. - </p> - <p> - If a device implementation includes at least one camera, it MUST be possible for an application to simultaneously allocate 3 RGBA_8888 bitmaps equal to the size of the images produced by the largest-resolution camera sensor on the device, while camera is open for the purpose of basic preview and still capture. - </p> - <h4 id="7_5_1_rear-facing_camera"> - 7.5.1. Rear-Facing Camera - </h4> - <p> - Device implementations SHOULD include a rear-facing camera. If a device implementation includes at least one rear-facing camera, it: - </p> - <ul> - <li>MUST report the feature flag android.hardware.camera and android.hardware.camera.any. - </li> - <li>MUST have a resolution of at least 2 megapixels. - </li> - <li>SHOULD have either hardware auto-focus or software auto-focus implemented in the camera driver (transparent to application software). - </li> - <li>MAY have fixed-focus or EDOF (extended depth of field) hardware. - </li> - <li>MAY include a flash. If the Camera includes a flash, the flash lamp MUST NOT be lit while an android.hardware.Camera.PreviewCallback instance has been registered on a Camera preview surface, unless the application has explicitly enabled the flash by enabling the FLASH_MODE_AUTO or FLASH_MODE_ON attributes of a Camera.Parameters object. Note that this constraint does not apply to the device’s built-in system camera application, but only to third-party applications using Camera.PreviewCallback. - </li> - </ul> - <h4 id="7_5_2_front-facing_camera"> - 7.5.2. Front-Facing Camera - </h4> - <p> - Device implementations MAY include a front-facing camera. If a device implementation includes at least one front-facing camera, it: - </p> - <ul> - <li>MUST report the feature flag android.hardware.camera.any and android.hardware.camera.front. - </li> - <li>MUST have a resolution of at least VGA (640x480 pixels). - </li> - <li>MUST NOT use a front-facing camera as the default for the Camera API. The camera API in Android has specific support for front-facing cameras and device implementations MUST NOT configure the API to to treat a front-facing camera as the default rear-facing camera, even if it is the only camera on the device. - </li> - <li>MAY include features (such as auto-focus, flash, etc.) available to rear-facing cameras as described in <a href="#7_5_1_rear-facing_camera">section 7.5.1</a> . - </li> - <li>MUST horizontally reflect (i.e. mirror) the stream displayed by an app in a CameraPreview, as follows: - <ul> - <li>If the device implementation is capable of being rotated by user (such as automatically via an accelerometer or manually via user input), the camera preview MUST be mirrored horizontally relative to the device’s current orientation. - </li> - <li>If the current application has explicitly requested that the Camera display be rotated via a call to the <a href="http://developer.android.com/reference/android/hardware/Camera.html#setDisplayOrientation(int)">android.hardware.Camera.setDisplayOrientation()</a> method, the camera preview MUST be mirrored horizontally relative to the orientation specified by the application. - </li> - <li>Otherwise, the preview MUST be mirrored along the device’s default horizontal axis. - </li> - </ul> - </li> - <li>MUST mirror the image displayed by the postview in the same manner as the camera preview image stream. If the device implementation does not support postview, this requirement obviously does not apply. - </li> - <li>MUST NOT mirror the final captured still image or video streams returned to application callbacks or committed to media storage. - </li> - </ul> - <h4 id="7_5_3_external_camera"> - 7.5.3. External Camera - </h4> - <p> - Device implementations MAY include support for an external camera that is not necessarily always connected. If a device includes support for an external camera, it: - </p> - <ul> - <li>MUST declare the platform feature flag <code>android.hardware.camera.external</code> and <code>android.hardware camera.any</code> . - </li> - <li>MAY support multiple cameras. - </li> - <li>MUST support USB Video Class (UVC 1.0 or higher) if the external camera connects through the USB port. - </li> - <li>SHOULD support video compressions such as MJPEG to enable transfer of high-quality unencoded streams (i.e. raw or independently compressed picture streams). - </li> - <li>MAY support camera-based video encoding. If supported, a simultaneous unencoded / MJPEG stream (QVGA or greater resolution) MUST be accessible to the device implementation. - </li> - </ul> - <h4 id="7_5_4_camera_api_behavior"> - 7.5.4. Camera API Behavior - </h4> - <p> - Android includes two API packages to access the camera, the newer android.hardware.camera2 API expose lower-level camera control to the app, including efficient zero-copy burst/streaming flows and per-frame controls of exposure, gain, white balance gains, color conversion, denoising, sharpening, and more. - </p> - <p> - The older API package, android.hardware.Camera, is marked as deprecated in Android 5.0 but as it should still be available for apps to use Android device implementations MUST ensure the continued support of the API as described in this section and in the Android SDK. - </p> - <p> - Device implementations MUST implement the following behaviors for the camera-related APIs, for all available cameras: - </p> - <ul> - <li>If an application has never called android.hardware.Camera.Parameters.setPreviewFormat(int), then the device MUST use android.hardware.PixelFormat.YCbCr_420_SP for preview data provided to application callbacks. - </li> - <li>If an application registers an android.hardware.Camera.PreviewCallback instance and the system calls the onPreviewFrame() method when the preview format is YCbCr_420_SP, the data in the byte[] passed into onPreviewFrame() must further be in the NV21 encoding format. That is, NV21 MUST be the default. - </li> - <li>For android.hardware.Camera, device implementations MUST support the YV12 format (as denoted by the android.graphics.ImageFormat.YV12 constant) for camera previews for both front- and rear-facing cameras. (The hardware video encoder and camera may use any native pixel format, but the device implementation MUST support conversion to YV12.) - </li> - <li>For android.hardware.camera2, device implementations must support the android.hardware.ImageFormat.YUV_420_888 and android.hardware.ImageFormat.JPEG formats as outputs through the android.media.ImageReader API. - </li> - </ul> - <p> - Device implementations MUST still implement the full <a href="http://developer.android.com/reference/android/hardware/Camera.html">Camera API</a> included in the Android SDK documentation, regardless of whether the device includes hardware autofocus or other capabilities. For instance, cameras that lack autofocus MUST still call any registered android.hardware.Camera.AutoFocusCallback instances (even though this has no relevance to a non-autofocus camera.) Note that this does apply to front-facing cameras; for instance, even though most front-facing cameras do not support autofocus, the API callbacks must still be “faked” as described. - </p> - <p> - Device implementations MUST recognize and honor each parameter name defined as a constant on the <a href="http://developer.android.com/reference/android/hardware/Camera.Parameters.html">android.hardware.Camera.Parameters</a> class, if the underlying hardware supports the feature. If the device hardware does not support a feature, the API must behave as documented. Conversely, device implementations MUST NOT honor or recognize string constants passed to the android.hardware.Camera.setParameters() method other than those documented as constants on the android.hardware.Camera.Parameters. That is, device implementations MUST support all standard Camera parameters if the hardware allows, and MUST NOT support custom Camera parameter types. For instance, device implementations that support image capture using high dynamic range (HDR) imaging techniques MUST support camera parameter Camera.SCENE_MODE_HDR. - </p> - <p> - Because not all device implementations can fully support all the features of the android.hardware.camera2 API, device implementations MUST report the proper level of support with the <a href="https://developer.android.com/reference/android/hardware/camera2/CameraCharacteristics.html#INFO_SUPPORTED_HARDWARE_LEVEL">android.info.supportedHardwareLevel</a> property as described in the Android SDK and report the appropriate <a href="http://source.android.com/devices/camera/versioning.html">framework feature flags</a> . - </p> - <p> - Device implementations MUST also declare its Individual camera capabilities of android.hardware.camera2 via the android.request.availableCapabilities property and declare the appropriate <a href="http://source.android.com/devices/camera/versioning.html">feature flags</a> ; a device must define the feature flag if any of its attached camera devices supports the feature. - </p> - <p> - Device implementations MUST broadcast the Camera.ACTION_NEW_PICTURE intent whenever a new picture is taken by the camera and the entry of the picture has been added to the media store. - </p> - <p> - Device implementations MUST broadcast the Camera.ACTION_NEW_VIDEO intent whenever a new video is recorded by the camera and the entry of the picture has been added to the media store. - </p> - <h4 id="7_5_5_camera_orientation"> - 7.5.5. Camera Orientation - </h4> - <p> - Both front- and rear-facing cameras, if present, MUST be oriented so that the long dimension of the camera aligns with the screen’s long dimension. That is, when the device is held in the landscape orientation, cameras MUST capture images in the landscape orientation. This applies regardless of the device’s natural orientation; that is, it applies to landscape-primary devices as well as portrait-primary devices. - </p> - <h3 id="7_6_memory_and_storage"> - 7.6. Memory and Storage - </h3> - <h4 id="7_6_1_minimum_memory_and_storage"> - 7.6.1. Minimum Memory and Storage - </h4> - <div class="note"> - Android Television devices MUST have at least 4GB of non-volatile storage available for application private data. - </div> - <p> - The memory available to the kernel and userspace on device implementations MUST be at least equal or larger than the minimum values specified by the following table. (See <a href="#7_1_1_screen_configuration">section 7.1.1</a> for screen size and density definitions.) - </p> - <table> - <tr> - <th> - Density and screen size - </th> - <th> - 32-bit device - </th> - <th> - 64-bit device - </th> - </tr> - <tr> - <td> - Android Watch devices (due to smaller screens) - </td> - <td> - 416MB - </td> - <td> - Not applicable - </td> - </tr> - <tr> - <td> + <li class="table_list">AAC + </li> + </ul>See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AAC and its variants. + </td> + </tr> + <tr> + <td> + AAC with ADTS framing and ID3 tags + </td> + <td> + <a href="http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=43345">ISO 13818-7</a> + </td> + <td> + See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AAC and its variants + </td> + </tr> + <tr> + <td> + WebVTT + </td> + <td> + <a href="http://dev.w3.org/html5/webvtt/">WebVTT</a> + </td> + <td></td> + </tr> + </table> + <ul> + <li> + <p> + RTSP (RTP, SDP) + </p> + <p> + The following RTP audio video profile and related codecs MUST be supported. For exceptions please see the table footnotes in <a href="#5_1_media_codecs">section 5.1</a>. + </p> + </li> + </ul> + <table> + <tr> + <th> + Profile name + </th> + <th> + Reference(s) + </th> + <th> + Required codec support + </th> + </tr> + <tr> + <td> + H264 AVC + </td> + <td> + <a href="https://tools.ietf.org/html/rfc6184">RFC 6184</a> + </td> + <td> + See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on H264 AVC + </td> + </tr> + <tr> + <td> + MP4A-LATM + </td> + <td> + <a href="https://tools.ietf.org/html/rfc6416">RFC 6416</a> + </td> + <td> + See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AAC and its variants + </td> + </tr> + <tr> + <td> + H263-1998 + </td> + <td> + <a href="https://tools.ietf.org/html/rfc3551">RFC 3551</a><br /> + <a href="https://tools.ietf.org/html/rfc4629">RFC 4629</a><br /> + <a href="https://tools.ietf.org/html/rfc2190">RFC 2190</a> + </td> + <td> + See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on H263 + </td> + </tr> + <tr> + <td> + H263-2000 + </td> + <td> + <a href="https://tools.ietf.org/html/rfc4629">RFC 4629</a> + </td> + <td> + See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on H263 + </td> + </tr> + <tr> + <td> + AMR + </td> + <td> + <a href="https://tools.ietf.org/html/rfc4867">RFC 4867</a> + </td> + <td> + See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AMR-NB + </td> + </tr> + <tr> + <td> + AMR-WB + </td> + <td> + <a href="https://tools.ietf.org/html/rfc4867">RFC 4867</a> + </td> + <td> + See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AMR-WB + </td> + </tr> + <tr> + <td> + MP4V-ES + </td> + <td> + <a href="https://tools.ietf.org/html/rfc6416">RFC 6416</a> + </td> + <td> + See <a href="#5_1_3_video_codecs">section 5.1.3</a> for details on MPEG-4 SP + </td> + </tr> + <tr> + <td> + mpeg4-generic + </td> + <td> + <a href="https://tools.ietf.org/html/rfc3640">RFC 3640</a> + </td> + <td> + See <a href="#5_1_1_audio_codecs">section 5.1.1</a> for details on AAC and its variants + </td> + </tr> + <tr> + <td> + MP2T + </td> + <td> + <a href="https://tools.ietf.org/html/rfc2250">RFC 2250</a> + </td> + <td> + See <a href="#mp2t">MPEG-2 Transport Stream</a> underneath HTTP Live Streaming for details + </td> + </tr> + </table> + <h2> + 5.8. Secure Media + </h2> + <p> + Device implementations that support secure video output and are capable of supporting secure surfaces MUST declare support for Display.FLAG_SECURE. Device implementations that declare support for Display.FLAG_SECURE, if they support a wireless display protocol, MUST secure the link with a cryptographically strong mechanism such as HDCP 2.x or higher for Miracast wireless displays. Similarly if they support a wired external display, the device implementations MUST support HDCP 1.2 or higher. Android Television device implementations MUST support HDCP 2.2 for devices supporting 4K resolution and HDCP 1.4 or above for lower resolutions. The upstream Android open source implementation includes support for wireless (Miracast) and wired (HDMI) displays that satisfies this requirement. + </p> + <h2> + 5.9. Musical Instrument Digital Interface (MIDI) + </h2> + <p> + If a device implementation supports the inter-app MIDI software transport (virtual MIDI devices), and it supports MIDI over <em>all</em> of the following MIDI-capable hardware transports for which it provides generic non-MIDI connectivity, it is STRONGLY RECOMMENDED to report support for feature android.software.midi via the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class. + </p> + <p> + The MIDI-capable hardware transports are: + </p> + <ul> + <li>USB host mode (section 7.7 USB) + </li> + <li>USB peripheral mode (section 7.7 USB) + </li> + <li>MIDI over Bluetooth LE acting in central role (section 7.4.3 Bluetooth) + </li> + </ul> + <p> + Conversely, if the device implementation provides generic non-MIDI connectivity over a particular MIDI-capable hardware transport listed above, but does not support MIDI over that hardware transport, it MUST NOT report support for feature android.software.midi. + </p> + <h2> + 5.10. Professional Audio + </h2> + <p> + If a device implementation meets <em>all</em> of the following requirements, it is STRONGLY RECOMMENDED to report support for feature android.hardware.audio.pro via the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class. + </p> + <ul> + <li>The device implementation MUST report support for feature android.hardware.audio.low_latency. + </li> + <li>The continuous round-trip audio latency, as defined in section 5.6 Audio Latency, MUST be 20 milliseconds or less and SHOULD be 10 milliseconds or less over at least one supported path. + </li> + <li>If the device includes a 4 conductor 3.5mm audio jack, the continuous round-trip audio latency MUST be 20 milliseconds or less over the audio jack path, and SHOULD be 10 milliseconds or less over at the audio jack path. + </li> + <li>The device implementation MUST include a USB port(s) supporting USB host mode and USB peripheral mode. + </li> + <li>The USB host mode MUST implement the USB audio class. + </li> + <li>If the device includes an HDMI port, the device implementation MUST support output in stereo and eight channels at 20-bit or 24-bit depth and 192 kHz without bit-depth loss or resampling. + </li> + <li>The device implementation MUST report support for feature android.software.midi. + </li> + <li>If the device includes a 4 conductor 3.5mm audio jack, the device implementation is STRONGLY RECOMMENDED to comply with section <a href="https://source.android.com/accessories/headset/specification.html#mobile_device_jack_specifications">Mobile device (jack) specifications</a> of the <a href="https://source.android.com/accessories/headset/specification.html">Wired Audio Headset Specification (v1.1)</a>. + </li> + </ul> + <p> + Latencies and USB audio requirements MUST be met using the <a href="https://developer.android.com/ndk/guides/audio/opensl-for-android.html">OpenSL ES</a> PCM buffer queue API. + </p> + <p> + In addition, a device implementation that reports support for this feature SHOULD: + </p> + <ul> + <li>Provide a sustainable level of CPU performance while audio is active. + </li> + <li>Minimize audio clock inaccuracy and drift relative to standard time. + </li> + <li>Minimize audio clock drift relative to the CPU <code>CLOCK_MONOTONIC</code> when both are active. + </li> + <li>Minimize audio latency over on-device transducers. + </li> + <li>Minimize audio latency over USB digital audio. + </li> + <li>Document audio latency measurements over all paths. + </li> + <li>Minimize jitter in audio buffer completion callback entry times, as this affects usable percentage of full CPU bandwidth by the callback. + </li> + <li>Provide zero audio underruns (output) or overruns (input) under normal use at reported latency. + </li> + <li>Provide zero inter-channel latency difference. + </li> + <li>Minimize MIDI mean latency over all transports. + </li> + <li>Minimize MIDI latency variability under load (jitter) over all transports. + </li> + <li>Provide accurate MIDI timestamps over all transports. + </li> + <li>Minimize audio signal noise over on-device transducers, including the period immediately after cold start. + </li> + <li>Provide zero audio clock difference between the input and output sides of corresponding end-points, when both are active. Examples of corresponding end-points include the on-device microphone and speaker, or the audio jack input and output. + </li> + <li>Handle audio buffer completion callbacks for the input and output sides of corresponding end-points on the same thread when both are active, and enter the output callback immediately after the return from the input callback. Or if it is not feasible to handle the callbacks on the same thread, then enter the output callback shortly after entering the input callback to permit the application to have a consistent timing of the input and output sides. + </li> + <li>Minimize the phase difference between HAL audio buffering for the input and output sides of corresponding end-points. + </li> + <li>Minimize touch latency. + </li> + <li>Minimize touch latency variability under load (jitter). + </li> + </ul> + <h2> + 5.11. Capture for Unprocessed + </h2> + <p> + Starting from Android 7.0, a new recording source has been added. It can be accessed using the <code>android.media.MediaRecorder.AudioSource.UNPROCESSED</code> audio source. In OpenSL ES, it can be accessed with the record preset <code>SL_ANDROID_RECORDING_PRESET_UNPROCESSED</code>. + </p> + <p> + A device MUST satisfy all of the following requirements to report support of the unprocessed audio source via the <code>android.media.AudioManager</code> property <a href="http://developer.android.com/reference/android/media/AudioManager.html#PROPERTY_SUPPORT_AUDIO_SOURCE_UNPROCESSED">PROPERTY_SUPPORT_AUDIO_SOURCE_UNPROCESSED</a>: + </p> + <ul> + <li> + <p> + The device MUST exhibit approximately flat amplitude-versus-frequency characteristics in the mid-frequency range: specifically ±10dB from 100 Hz to 7000 Hz. + </p> + </li> + <li> + <p> + The device MUST exhibit amplitude levels in the low frequency range: specifically from ±20 dB from 5 Hz to 100 Hz compared to the mid-frequency range. + </p> + </li> + <li> + <p> + The device MUST exhibit amplitude levels in the high frequency range: specifically from ±30 dB from 7000 Hz to 22 KHz compared to the mid-frequency range. + </p> + </li> + <li> + <p> + Audio input sensitivity MUST be set such that a 1000 Hz sinusoidal tone source played at 94 dB Sound Pressure Level (SPL) yields a response with RMS of 520 for 16 bit-samples (or -36 dB Full Scale for floating point/double precision samples). + </p> + </li> + <li> + <p> + SNR > 60 dB (difference between 94 dB SPL and equivalent SPL of self noise, A-weighted). + </p> + </li> + <li> + <p> + Total harmonic distortion MUST be less than 1% for 1 kHZ at 90 dB SPL input level at the microphone. + </p> + </li> + <li> + <p> + The only signal processing allowed in the path is a level multiplier to bring the level to desired range. This level multiplier MUST NOT introduce delay or latency to the signal path. + </p> + </li> + <li> + <p> + No other signal processing is allowed in the path, such as Automatic Gain Control, High Pass Filter, or Echo Cancellation. If any signal processing is present in the architecture for any reason, it MUST be disabled and effectively introduce zero delay or extra latency to the signal path. + </p> + </li> + </ul> + <p> + All SPL measurements are made directly next to the microphone under test. + </p> + <p> + For multiple microphone configurations, these requirements apply to each microphone. + </p> + <p> + It is STRONGLY RECOMMENDED that a device satisfy as many of the requirements for the signal path for the unprocessed recording source; however, a device must satisfy <em>all</em> of these requirements, listed above, if it claims to support the unprocessed audio source. + </p> + <h1> + 6. Developer Tools and Options Compatibility + </h1> + <h2> + 6.1. Developer Tools + </h2> + <p> + Device implementations MUST support the Android Developer Tools provided in the Android SDK. Android compatible devices MUST be compatible with: + </p> + <ul> + <li> + <a href="http://developer.android.com/tools/help/adb.html"><strong>Android Debug Bridge (adb)</strong></a> + <ul> + <li>Device implementations MUST support all adb functions as documented in the Android SDK including <a href="https://source.android.com/devices/input/diagnostics.html">dumpsys</a>. + </li> + <li>The device-side adb daemon MUST be inactive by default and there MUST be a user-accessible mechanism to turn on the Android Debug Bridge. If a device implementation omits USB peripheral mode, it MUST implement the Android Debug Bridge via local-area network (such as Ethernet or 802.11). + </li> + <li>Android includes support for secure adb. Secure adb enables adb on known authenticated hosts. Device implementations MUST support secure adb. + </li> + </ul> + </li> + <li> + <a href="http://developer.android.com/tools/debugging/ddms.html"><strong>Dalvik Debug Monitor Service (ddms)</strong></a> + <ul> + <li>Device implementations MUST support all ddms features as documented in the Android SDK. + </li> + <li>As ddms uses adb, support for ddms SHOULD be inactive by default, but MUST be supported whenever the user has activated the Android Debug Bridge, as above. + </li> + </ul> + </li> + <li> + <a href="http://developer.android.com/tools/help/monkey.html"><strong>Monkey</strong></a> Device implementations MUST include the Monkey framework, and make it available for applications to use. + </li> + <li> + <a href="http://developer.android.com/tools/help/systrace.html"><strong>SysTrace</strong></a> + <ul> + <li>Device implementations MUST support systrace tool as documented in the Android SDK. Systrace must be inactive by default, and there MUST be a user-accessible mechanism to turn on Systrace. + </li> + <li>Most Linux-based systems and Apple Macintosh systems recognize Android devices using the standard Android SDK tools, without additional support; however Microsoft Windows systems typically require a driver for new Android devices. (For instance, new vendor IDs and sometimes new device IDs require custom USB drivers for Windows systems.) + </li> + <li>If a device implementation is unrecognized by the adb tool as provided in the standard Android SDK, device implementers MUST provide Windows drivers allowing developers to connect to the device using the adb protocol. These drivers MUST be provided for Windows XP, Windows Vista, Windows 7, Windows 8, and Windows 10 in both 32-bit and 64-bit versions. + </li> + </ul> + </li> + </ul> + <h2> + 6.2. Developer Options + </h2> + <p> + Android includes support for developers to configure application development-related settings. Device implementations MUST honor the <a href="http://developer.android.com/reference/android/provider/Settings.html#ACTION_APPLICATION_DEVELOPMENT_SETTINGS">android.settings.APPLICATION_DEVELOPMENT_SETTINGS</a> intent to show application development-related settings The upstream Android implementation hides the Developer Options menu by default and enables users to launch Developer Options after pressing seven (7) times on the <strong>Settings</strong> > <strong>About Device</strong> > <strong>Build Number</strong> menu item. Device implementations MUST provide a consistent experience for Developer Options. Specifically, device implementations MUST hide Developer Options by default and MUST provide a mechanism to enable Developer Options that is consistent with the upstream Android implementation. + </p> + <div class="note"> + Android Automotive implementations MAY limit access to the Developer Options menu by visually hiding or disabling the menu when the vehicle is in motion. + </div> + <h1> + 7. Hardware Compatibility + </h1> + <p> + If a device includes a particular hardware component that has a corresponding API for third-party developers, the device implementation MUST implement that API as described in the Android SDK documentation. If an API in the SDK interacts with a hardware component that is stated to be optional and the device implementation does not possess that component: + </p> + <ul> + <li>Complete class definitions (as documented by the SDK) for the component APIs MUST still be presented. + </li> + <li>The API’s behaviors MUST be implemented as no-ops in some reasonable fashion. + </li> + <li>API methods MUST return null values where permitted by the SDK documentation. + </li> + <li>API methods MUST return no-op implementations of classes where null values are not permitted by the SDK documentation. + </li> + <li>API methods MUST NOT throw exceptions not documented by the SDK documentation. + </li> + </ul> + <p> + A typical example of a scenario where these requirements apply is the telephony API: Even on non-phone devices, these APIs must be implemented as reasonable no-ops. + </p> + <p> + Device implementations MUST consistently report accurate hardware configuration information via the getSystemAvailableFeatures() and hasSystemFeature(String) methods on the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class for the same build fingerprint. + </p> + <h2> + 7.1. Display and Graphics + </h2> + <p> + Android includes facilities that automatically adjust application assets and UI layouts appropriately for the device to ensure that third-party applications run well on a <a href="http://developer.android.com/guide/practices/screens_support.html">variety of hardware configurations</a>. Devices MUST properly implement these APIs and behaviors, as detailed in this section. + </p> + <p> + The units referenced by the requirements in this section are defined as follows: + </p> + <ul> + <li> + <strong>physical diagonal size</strong>. The distance in inches between two opposing corners of the illuminated portion of the display. + </li> + <li> + <strong>dots per inch (dpi)</strong>. The number of pixels encompassed by a linear horizontal or vertical span of 1”. Where dpi values are listed, both horizontal and vertical dpi must fall within the range. + </li> + <li> + <strong>aspect ratio</strong>. The ratio of the pixels of the longer dimension to the shorter dimension of the screen. For example, a display of 480x854 pixels would be 854/480 = 1.779, or roughly “16:9”. + </li> + <li> + <strong>density-independent pixel (dp)</strong>. The virtual pixel unit normalized to a 160 dpi screen, calculated as: pixels = dps * (density/160). + </li> + </ul> + <h3> + 7.1.1. Screen Configuration + </h3> + <h4> + 7.1.1.1. Screen Size + </h4> + <div class="note"> + Android Watch devices (detailed in <a href="#2_device_types">section 2</a>) MAY have smaller screen sizes as described in this section. + </div> + <p> + The Android UI framework supports a variety of different screen sizes, and allows applications to query the device screen size (aka “screen layout") via android.content.res.Configuration.screenLayout with the SCREENLAYOUT_SIZE_MASK. Device implementations MUST report the correct <a href="http://developer.android.com/guide/practices/screens_support.html">screen size</a> as defined in the Android SDK documentation and determined by the upstream Android platform. Specifically, device implementations MUST report the correct screen size according to the following logical density-independent pixel (dp) screen dimensions. + </p> + <ul> + <li>Devices MUST have screen sizes of at least 426 dp x 320 dp (‘small’), unless it is an Android Watch device. + </li> + <li>Devices that report screen size ‘normal’ MUST have screen sizes of at least 480 dp x 320 dp. + </li> + <li>Devices that report screen size ‘large’ MUST have screen sizes of at least 640 dp x 480 dp. + </li> + <li>Devices that report screen size ‘xlarge’ MUST have screen sizes of at least 960 dp x 720 dp. + </li> + </ul> + <p> + In addition: + </p> + <ul> + <li>Android Watch devices MUST have a screen with the physical diagonal size in the range from 1.1 to 2.5 inches. + </li> + <li>Android Automotive devices MUST have a screen with the physical diagonal size greater than or equal to 6 inches. + </li> + <li>Android Automotive devices MUST have a screen size of at least 750 dp x 480 dp. + </li> + <li>Other types of Android device implementations, with a physically integrated screen, MUST have a screen at least 2.5 inches in physical diagonal size. + </li> + </ul> + <p> + Devices MUST NOT change their reported screen size at any time. + </p> + <p> + Applications optionally indicate which screen sizes they support via the <supports-screens> attribute in the AndroidManifest.xml file. Device implementations MUST correctly honor applications' stated support for small, normal, large, and xlarge screens, as described in the Android SDK documentation. + </p> + <h4> + 7.1.1.2. Screen Aspect Ratio + </h4> + <p> + While there is no restriction to the screen aspect ratio value of the physical screen display, the screen aspect ratio of the surface that third-party apps are rendered on and which can be derived from the values reported via the <a href="https://developer.android.com/reference/android/util/DisplayMetrics.html">DisplayMetrics</a> MUST meet the following requirements: + </p> + <ul> + <li>If the <a href="https://developer.android.com/reference/android/content/res/Configuration.html#uiMode">uiMode</a> is configured as UI_MODE_TYPE_WATCH, the aspect ratio value MAY be set as 1.0 (1:1). + </li> + <li>If the third-party app indicates that it is resizeable via the <a href="https://developer.android.com/guide/topics/ui/multi-window.html#configuring">android:resizeableActivity</a> attribute, there are no restrictions to the aspect ratio value. + </li> + <li>For all other cases, the aspect ratio MUST be a value between 1.3333 (4:3) and 1.86 (roughly 16:9) unless the app has indicated explicitly that it supports a higher screen aspect ratio through the <a href="https://developer.android.com/guide/practices/screens_support.html#MaxAspectRatio">maxAspectRatio</a> metadata value. + </li> + </ul> + <h4> + 7.1.1.3. Screen Density + </h4> + <p> + The Android UI framework defines a set of standard logical densities to help application developers target application resources. Device implementations MUST report only one of the following logical Android framework densities through the android.util.DisplayMetrics APIs, and MUST execute applications at this standard density and MUST NOT change the value at at any time for the default display. + </p> + <ul> + <li>120 dpi (ldpi) + </li> + <li>160 dpi (mdpi) + </li> + <li>213 dpi (tvdpi) + </li> + <li>240 dpi (hdpi) + </li> + <li>280 dpi (280dpi) + </li> + <li>320 dpi (xhdpi) + </li> + <li>360 dpi (360dpi) + </li> + <li>400 dpi (400dpi) + </li> + <li>420 dpi (420dpi) + </li> + <li>480 dpi (xxhdpi) + </li> + <li>560 dpi (560dpi) + </li> + <li>640 dpi (xxxhdpi) + </li> + </ul> + <p> + Device implementations SHOULD define the standard Android framework density that is numerically closest to the physical density of the screen, unless that logical density pushes the reported screen size below the minimum supported. If the standard Android framework density that is numerically closest to the physical density results in a screen size that is smaller than the smallest supported compatible screen size (320 dp width), device implementations SHOULD report the next lowest standard Android framework density. + </p> + <p> + Device implementations are STRONGLY RECOMMENDED to provide users a setting to change the display size. If there is an implementation to change the display size of the device, it MUST align with the AOSP implementation as indicated below: + </p> + <ul> + <li>The display size MUST NOT be scaled any larger than 1.5 times the native density or produce an effective minimum screen dimension smaller than 320dp (equivalent to resource qualifier sw320dp), whichever comes first. + </li> + <li>Display size MUST NOT be scaled any smaller than 0.85 times the native density. + </li> + <li>To ensure good usability and consistent font sizes, it is RECOMMENDED that the following scaling of Native Display options be provided (while complying with the limits specified above) + </li> + <li>Small: 0.85x + </li> + <li>Default: 1x (Native display scale) + </li> + <li>Large: 1.15x + </li> + <li>Larger: 1.3x + </li> + <li>Largest 1.45x + </li> + </ul> + <h3> + 7.1.2. Display Metrics + </h3> + <p> + Device implementations MUST report correct values for all display metrics defined in <a href="http://developer.android.com/reference/android/util/DisplayMetrics.html">android.util.DisplayMetrics</a> and MUST report the same values regardless of whether the embedded or external screen is used as the default display. + </p> + <h3> + 7.1.3. Screen Orientation + </h3> + <p> + Devices MUST report which screen orientations they support (android.hardware.screen.portrait and/or android.hardware.screen.landscape) and MUST report at least one supported orientation. For example, a device with a fixed orientation landscape screen, such as a television or laptop, SHOULD only report android.hardware.screen.landscape. + </p> + <p> + Devices that report both screen orientations MUST support dynamic orientation by applications to either portrait or landscape screen orientation. That is, the device must respect the application’s request for a specific screen orientation. Device implementations MAY select either portrait or landscape orientation as the default. + </p> + <p> + Devices MUST report the correct value for the device’s current orientation, whenever queried via the android.content.res.Configuration.orientation, android.view.Display.getOrientation(), or other APIs. + </p> + <p> + Devices MUST NOT change the reported screen size or density when changing orientation. + </p> + <h3> + 7.1.4. 2D and 3D Graphics Acceleration + </h3> + <p> + Device implementations MUST support both OpenGL ES 1.0 and 2.0, as embodied and detailed in the Android SDK documentations. Device implementations SHOULD support OpenGL ES 3.0, 3.1, or 3.2 on devices capable of supporting it. Device implementations MUST also support <a href="http://developer.android.com/guide/topics/renderscript/">Android RenderScript</a>, as detailed in the Android SDK documentation. + </p> + <p> + Device implementations MUST also correctly identify themselves as supporting OpenGL ES 1.0, OpenGL ES 2.0, OpenGL ES 3.0, OpenGL 3.1, or OpenGL 3.2. That is: + </p> + <ul> + <li>The managed APIs (such as via the GLES10.getString() method) MUST report support for OpenGL ES 1.0 and OpenGL ES 2.0. + </li> + <li>The native C/C++ OpenGL APIs (APIs available to apps via libGLES_v1CM.so, libGLES_v2.so, or libEGL.so) MUST report support for OpenGL ES 1.0 and OpenGL ES 2.0. + </li> + <li>Device implementations that declare support for OpenGL ES 3.0, 3.1, or 3.2 MUST support the corresponding managed APIs and include support for native C/C++ APIs. On device implementations that declare support for OpenGL ES 3.0, 3.1, or 3.2 libGLESv2.so MUST export the corresponding function symbols in addition to the OpenGL ES 2.0 function symbols. + </li> + </ul> + <p> + Android provides an OpenGL ES <a href="https://developer.android.com/reference/android/opengl/GLES31Ext.html">extension pack</a> with Java interfaces and native support for advanced graphics functionality such as tessellation and the ASTC texture compression format. Android device implementations MUST support the extension pack if the device supports OpenGL ES 3.2 and MAY support it otherwise. If the extension pack is supported in its entirety, the device MUST identify the support through the <code>android.hardware.opengles.aep</code> feature flag. + </p> + <p> + Also, device implementations MAY implement any desired OpenGL ES extensions. However, device implementations MUST report via the OpenGL ES managed and native APIs all extension strings that they do support, and conversely MUST NOT report extension strings that they do not support. + </p> + <p> + Note that Android includes support for applications to optionally specify that they require specific OpenGL texture compression formats. These formats are typically vendor-specific. Device implementations are not required by Android to implement any specific texture compression format. However, they SHOULD accurately report any texture compression formats that they do support, via the getString() method in the OpenGL API. + </p> + <p> + Android includes a mechanism for applications to declare that they want to enable hardware acceleration for 2D graphics at the Application, Activity, Window, or View level through the use of a manifest tag <a href="http://developer.android.com/guide/topics/graphics/hardware-accel.html">android:hardwareAccelerated</a> or direct API calls. + </p> + <p> + Device implementations MUST enable hardware acceleration by default, and MUST disable hardware acceleration if the developer so requests by setting android:hardwareAccelerated="false” or disabling hardware acceleration directly through the Android View APIs. + </p> + <p> + In addition, device implementations MUST exhibit behavior consistent with the Android SDK documentation on <a href="http://developer.android.com/guide/topics/graphics/hardware-accel.html">hardware acceleration</a>. + </p> + <p> + Android includes a TextureView object that lets developers directly integrate hardware-accelerated OpenGL ES textures as rendering targets in a UI hierarchy. Device implementations MUST support the TextureView API, and MUST exhibit consistent behavior with the upstream Android implementation. + </p> + <p> + Android includes support for EGL_ANDROID_RECORDABLE, an EGLConfig attribute that indicates whether the EGLConfig supports rendering to an ANativeWindow that records images to a video. Device implementations MUST support <a href="https://www.khronos.org/registry/egl/extensions/ANDROID/EGL_ANDROID_recordable.txt">EGL_ANDROID_RECORDABLE</a> extension. + </p> + <h3> + 7.1.5. Legacy Application Compatibility Mode + </h3> + <p> + Android specifies a “compatibility mode” in which the framework operates in a 'normal' screen size equivalent (320dp width) mode for the benefit of legacy applications not developed for old versions of Android that pre-date screen-size independence. + </p> + <ul> + <li>Android Automotive does not support legacy compatibility mode. + </li> + <li>All other device implementations MUST include support for legacy application compatibility mode as implemented by the upstream Android open source code. That is, device implementations MUST NOT alter the triggers or thresholds at which compatibility mode is activated, and MUST NOT alter the behavior of the compatibility mode itself. + </li> + </ul> + <h3> + 7.1.6. Screen Technology + </h3> + <p> + The Android platform includes APIs that allow applications to render rich graphics to the display. Devices MUST support all of these APIs as defined by the Android SDK unless specifically allowed in this document. + </p> + <ul> + <li>Devices MUST support displays capable of rendering 16-bit color graphics and SHOULD support displays capable of 24-bit color graphics. + </li> + <li>Devices MUST support displays capable of rendering animations. + </li> + <li>The display technology used MUST have a pixel aspect ratio (PAR) between 0.9 and 1.15. That is, the pixel aspect ratio MUST be near square (1.0) with a 10 ~ 15% tolerance. + </li> + </ul> + <h3> + 7.1.7. Secondary Displays + </h3> + <p> + Android includes support for secondary display to enable media sharing capabilities and developer APIs for accessing external displays. If a device supports an external display either via a wired, wireless, or an embedded additional display connection then the device implementation MUST implement the <a href="http://developer.android.com/reference/android/hardware/display/DisplayManager.html">display manager API</a> as described in the Android SDK documentation. + </p> + <h2> + 7.2. Input Devices + </h2> + <p> + Devices MUST support a touchscreen or meet the requirements listed in 7.2.2 for non-touch navigation. + </p> + <h3> + 7.2.1. Keyboard + </h3> + <div class="note"> + Android Watch and Android Automotive implementations MAY implement a soft keyboard. All other device implementations MUST implement a soft keyboard and: + </div> + <p> + Device implementations: + </p> + <ul> + <li>MUST include support for the Input Management Framework (which allows third-party developers to create Input Method Editors—i.e. soft keyboard) as detailed at <a href="http://developer.android.com">http://developer.android.com</a>. + </li> + <li>MUST provide at least one soft keyboard implementation (regardless of whether a hard keyboard is present) except for Android Watch devices where the screen size makes it less reasonable to have a soft keyboard. + </li> + <li>MAY include additional soft keyboard implementations. + </li> + <li>MAY include a hardware keyboard. + </li> + <li>MUST NOT include a hardware keyboard that does not match one of the formats specified in <a href="http://developer.android.com/reference/android/content/res/Configuration.html">android.content.res.Configuration.keyboard</a> (QWERTY or 12-key). + </li> + </ul> + <h3> + 7.2.2. Non-touch Navigation + </h3> + <div class="note"> + Android Television devices MUST support D-pad. + </div> + <p> + Device implementations: + </p> + <ul> + <li>MAY omit a non-touch navigation option (trackball, d-pad, or wheel) if the device implementation is not an Android Television device. + </li> + <li>MUST report the correct value for <a href="http://developer.android.com/reference/android/content/res/Configuration.html">android.content.res.Configuration.navigation</a>. + </li> + <li>MUST provide a reasonable alternative user interface mechanism for the selection and editing of text, compatible with Input Management Engines. The upstream Android open source implementation includes a selection mechanism suitable for use with devices that lack non-touch navigation inputs. + </li> + </ul> + <h3> + 7.2.3. Navigation Keys + </h3> + <div class="note"> + The availability and visibility requirement of the Home, Recents, and Back functions differ between device types as described in this section. + </div> + <p> + The Home, Recents, and Back functions (mapped to the key events KEYCODE_HOME, KEYCODE_APP_SWITCH, KEYCODE_BACK, respectively) are essential to the Android navigation paradigm and therefore: + </p> + <ul> + <li>Android Handheld device implementations MUST provide the Home, Recents, and Back functions. + </li> + <li>Android Television device implementations MUST provide the Home and Back functions. + </li> + <li>Android Watch device implementations MUST have the Home function available to the user, and the Back function except for when it is in <code>UI_MODE_TYPE_WATCH</code>. + </li> + <li>Android Watch device implementations, and no other Android device types, MAY consume the long press event on the key event <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BACK"><code>KEYCODE_BACK</code></a> and omit it from being sent to the foreground application. + </li> + <li>Android Automotive implementations MUST provide the Home function and MAY provide Back and Recent functions. + </li> + <li>All other types of device implementations MUST provide the Home and Back functions. + </li> + </ul> + <p> + These functions MAY be implemented via dedicated physical buttons (such as mechanical or capacitive touch buttons), or MAY be implemented using dedicated software keys on a distinct portion of the screen, gestures, touch panel, etc. Android supports both implementations. All of these functions MUST be accessible with a single action (e.g. tap, double-click or gesture) when visible. + </p> + <p> + Recents function, if provided, MUST have a visible button or icon unless hidden together with other navigation functions in full-screen mode. This does not apply to devices upgrading from earlier Android versions that have physical buttons for navigation and no recents key. + </p> + <p> + The Home and Back functions, if provided, MUST each have a visible button or icon unless hidden together with other navigation functions in full-screen mode or when the uiMode UI_MODE_TYPE_MASK is set to UI_MODE_TYPE_WATCH. + </p> + <p> + The Menu function is deprecated in favor of action bar since Android 4.0. Therefore the new device implementations shipping with Android 7.1 and later MUST NOT implement a dedicated physical button for the Menu function. Older device implementations SHOULD NOT implement a dedicated physical button for the Menu function, but if the physical Menu button is implemented and the device is running applications with targetSdkVersion > 10, the device implementation: + </p> + <ul> + <li>MUST display the action overflow button on the action bar when it is visible and the resulting action overflow menu popup is not empty. For a device implementation launched before Android 4.4 but upgrading to Android 7.1, this is RECOMMENDED. + </li> + <li>MUST NOT modify the position of the action overflow popup displayed by selecting the overflow button in the action bar. + </li> + <li>MAY render the action overflow popup at a modified position on the screen when it is displayed by selecting the physical menu button. + </li> + </ul> + <p> + For backwards compatibility, device implementations MUST make the Menu function available to applications when targetSdkVersion is less than 10, either by a physical button, a software key, or gestures. This Menu function should be presented unless hidden together with other navigation functions. + </p> + <p> + Android device implementations supporting the <a href="http://developer.android.com/reference/android/content/Intent.html#ACTION_ASSIST">Assist action</a> and/or <a href="https://developer.android.com/reference/android/service/voice/VoiceInteractionService.html"><code>VoiceInteractionService</code></a> MUST be able to launch an assist app with a single interaction (e.g. tap, double-click, or gesture) when other navigation keys are visible. It is STRONGLY RECOMMENDED to use long press on home as this interaction. The designated interaction MUST launch the user-selected assist app, in other words the app that implements a VoiceInteractionService, or an activity handling the ACTION_ASSIST intent. + </p> + <p> + Device implementations MAY use a distinct portion of the screen to display the navigation keys, but if so, MUST meet these requirements: + </p> + <ul> + <li>Device implementation navigation keys MUST use a distinct portion of the screen, not available to applications, and MUST NOT obscure or otherwise interfere with the portion of the screen available to applications. + </li> + <li>Device implementations MUST make available a portion of the display to applications that meets the requirements defined in <a href="#7_1_1_screen_configuration">section 7.1.1</a>. + </li> + <li>Device implementations MUST display the navigation keys when applications do not specify a system UI mode, or specify SYSTEM_UI_FLAG_VISIBLE. + </li> + <li>Device implementations MUST present the navigation keys in an unobtrusive “low profile” (eg. dimmed) mode when applications specify SYSTEM_UI_FLAG_LOW_PROFILE. + </li> + <li>Device implementations MUST hide the navigation keys when applications specify SYSTEM_UI_FLAG_HIDE_NAVIGATION. + </li> + </ul> + <h3> + 7.2.4. Touchscreen Input + </h3> + <div class="note"> + Android Handhelds and Watch Devices MUST support touchscreen input. + </div> + <p> + Device implementations SHOULD have a pointer input system of some kind (either mouse-like or touch). However, if a device implementation does not support a pointer input system, it MUST NOT report the android.hardware.touchscreen or android.hardware.faketouch feature constant. Device implementations that do include a pointer input system: + </p> + <ul> + <li>SHOULD support fully independently tracked pointers, if the device input system supports multiple pointers. + </li> + <li>MUST report the value of <a href="http://developer.android.com/reference/android/content/res/Configuration.html">android.content.res.Configuration.touchscreen</a> corresponding to the type of the specific touchscreen on the device. + </li> + </ul> + <p> + Android includes support for a variety of touchscreens, touch pads, and fake touch input devices. <a href="http://source.android.com/devices/tech/input/touch-devices.html">Touchscreen-based device implementations</a> are associated with a display such that the user has the impression of directly manipulating items on screen. Since the user is directly touching the screen, the system does not require any additional affordances to indicate the objects being manipulated. In contrast, a fake touch interface provides a user input system that approximates a subset of touchscreen capabilities. For example, a mouse or remote control that drives an on-screen cursor approximates touch, but requires the user to first point or focus then click. Numerous input devices like the mouse, trackpad, gyro-based air mouse, gyro-pointer, joystick, and multi-touch trackpad can support fake touch interactions. Android includes the feature constant android.hardware.faketouch, which corresponds to a high-fidelity non-touch (pointer-based) input device such as a mouse or trackpad that can adequately emulate touch-based input (including basic gesture support), and indicates that the device supports an emulated subset of touchscreen functionality. Device implementations that declare the fake touch feature MUST meet the fake touch requirements in <a href="#7_2_5_fake_touch_input">section 7.2.5</a>. + </p> + <p> + Device implementations MUST report the correct feature corresponding to the type of input used. Device implementations that include a touchscreen (single-touch or better) MUST report the platform feature constant android.hardware.touchscreen. Device implementations that report the platform feature constant android.hardware.touchscreen MUST also report the platform feature constant android.hardware.faketouch. Device implementations that do not include a touchscreen (and rely on a pointer device only) MUST NOT report any touchscreen feature, and MUST report only android.hardware.faketouch if they meet the fake touch requirements in <a href="#7_2_5_fake_touch_input">section 7.2.5</a>. + </p> + <h3> + 7.2.5. Fake Touch Input + </h3> + <p> + Device implementations that declare support for android.hardware.faketouch: + </p> + <ul> + <li>MUST report the <a href="http://developer.android.com/reference/android/view/MotionEvent.html">absolute X and Y screen positions</a> of the pointer location and display a visual pointer on the screen. + </li> + <li>MUST report touch event with the action code that specifies the state change that occurs on the pointer <a href="http://developer.android.com/reference/android/view/MotionEvent.html">going down or up on the screen</a>. + </li> + <li>MUST support pointer down and up on an object on the screen, which allows users to emulate tap on an object on the screen. + </li> + <li>MUST support pointer down, pointer up, pointer down then pointer up in the same place on an object on the screen within a time threshold, which allows users to <a href="http://developer.android.com/reference/android/view/MotionEvent.html">emulate double tap</a> on an object on the screen. + </li> + <li>MUST support pointer down on an arbitrary point on the screen, pointer move to any other arbitrary point on the screen, followed by a pointer up, which allows users to emulate a touch drag. + </li> + <li>MUST support pointer down then allow users to quickly move the object to a different position on the screen and then pointer up on the screen, which allows users to fling an object on the screen. + </li> + </ul> + <p> + Devices that declare support for android.hardware.faketouch.multitouch.distinct MUST meet the requirements for faketouch above, and MUST also support distinct tracking of two or more independent pointer inputs. + </p> + <h3> + 7.2.6. Game Controller Support + </h3> + <p> + Android Television device implementations MUST support button mappings for game controllers as listed below. The upstream Android implementation includes implementation for game controllers that satisfies this requirement. + </p> + <h4> + 7.2.6.1. Button Mappings + </h4> + <p> + Android Television device implementations MUST support the following key mappings: + </p> + <table> + <tr> + <th> + Button + </th> + <th> + HID Usage<sup>2</sup> + </th> + <th> + Android Button + </th> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_A">A</a><sup>1</sup> + </td> + <td> + 0x09 0x0001 + </td> + <td> + KEYCODE_BUTTON_A (96) + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_B">B</a><sup>1</sup> + </td> + <td> + 0x09 0x0002 + </td> + <td> + KEYCODE_BUTTON_B (97) + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_X">X</a><sup>1</sup> + </td> + <td> + 0x09 0x0004 + </td> + <td> + KEYCODE_BUTTON_X (99) + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_Y">Y</a><sup>1</sup> + </td> + <td> + 0x09 0x0005 + </td> + <td> + KEYCODE_BUTTON_Y (100) + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_DPAD_UP">D-pad up</a><sup>1</sup><br /> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_DPAD_DOWN">D-pad down</a><sup>1</sup> + </td> + <td> + 0x01 0x0039<sup>3</sup> + </td> + <td> + <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_HAT_Y">AXIS_HAT_Y</a><sup>4</sup> + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_DPAD_LEFT">D-pad left</a>1<br /> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_DPAD_RIGHT">D-pad right</a><sup>1</sup> + </td> + <td> + 0x01 0x0039<sup>3</sup> + </td> + <td> + <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_HAT_X">AXIS_HAT_X</a><sup>4</sup> + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_L1">Left shoulder button</a><sup>1</sup> + </td> + <td> + 0x09 0x0007 + </td> + <td> + KEYCODE_BUTTON_L1 (102) + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_R1">Right shoulder button</a><sup>1</sup> + </td> + <td> + 0x09 0x0008 + </td> + <td> + KEYCODE_BUTTON_R1 (103) + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_THUMBL">Left stick click</a><sup>1</sup> + </td> + <td> + 0x09 0x000E + </td> + <td> + KEYCODE_BUTTON_THUMBL (106) + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BUTTON_THUMBR">Right stick click</a><sup>1</sup> + </td> + <td> + 0x09 0x000F + </td> + <td> + KEYCODE_BUTTON_THUMBR (107) + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_HOME">Home</a><sup>1</sup> + </td> + <td> + 0x0c 0x0223 + </td> + <td> + KEYCODE_HOME (3) + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/KeyEvent.html#KEYCODE_BACK">Back</a><sup>1</sup> + </td> + <td> + 0x0c 0x0224 + </td> + <td> + KEYCODE_BACK (4) + </td> + </tr> + </table> + <p class="table_footnote"> + 1 <a href="http://developer.android.com/reference/android/view/KeyEvent.html">KeyEvent</a> + </p> + <p class="table_footnote"> + 2 The above HID usages must be declared within a Game pad CA (0x01 0x0005). + </p> + <p class="table_footnote"> + 3 This usage must have a Logical Minimum of 0, a Logical Maximum of 7, a Physical Minimum of 0, a Physical Maximum of 315, Units in Degrees, and a Report Size of 4. The logical value is defined to be the clockwise rotation away from the vertical axis; for example, a logical value of 0 represents no rotation and the up button being pressed, while a logical value of 1 represents a rotation of 45 degrees and both the up and left keys being pressed. + </p> + <p class="table_footnote"> + 4 <a href="http://developer.android.com/reference/android/view/MotionEvent.html">MotionEvent</a> + </p> + <table> + <tr> + <th> + Analog Controls<sup>1</sup> + </th> + <th> + HID Usage + </th> + <th> + Android Button + </th> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_LTRIGGER">Left Trigger</a> + </td> + <td> + 0x02 0x00C5 + </td> + <td> + AXIS_LTRIGGER + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_THROTTLE">Right Trigger</a> + </td> + <td> + 0x02 0x00C4 + </td> + <td> + AXIS_RTRIGGER + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_Y">Left Joystick</a> + </td> + <td> + 0x01 0x0030<br /> + 0x01 0x0031 + </td> + <td> + AXIS_X<br /> + AXIS_Y + </td> + </tr> + <tr> + <td> + <a href="http://developer.android.com/reference/android/view/MotionEvent.html#AXIS_Z">Right Joystick</a> + </td> + <td> + 0x01 0x0032<br /> + 0x01 0x0035 + </td> + <td> + AXIS_Z<br /> + AXIS_RZ + </td> + </tr> + </table> + <p class="table_footnote"> + 1 <a href="http://developer.android.com/reference/android/view/MotionEvent.html">MotionEvent</a> + </p> + <h3> + 7.2.7. Remote Control + </h3> + <p> + Android Television device implementations SHOULD provide a remote control to allow users to access the TV interface. The remote control MAY be a physical remote or can be a software-based remote that is accessible from a mobile phone or tablet. The remote control MUST meet the requirements defined below. + </p> + <ul> + <li> + <strong>Search affordance</strong>. Device implementations MUST fire KEYCODE_SEARCH when the user invokes voice search either on the physical or software-based remote. + </li> + <li> + <strong>Navigation</strong>. All Android Television remotes MUST include <a href="http://developer.android.com/reference/android/view/KeyEvent.html">Back, Home, and Select buttons and support for D-pad events</a>. + </li> + </ul> + <h2> + 7.3. Sensors + </h2> + <p> + Android includes APIs for accessing a variety of sensor types. Devices implementations generally MAY omit these sensors, as provided for in the following subsections. If a device includes a particular sensor type that has a corresponding API for third-party developers, the device implementation MUST implement that API as described in the Android SDK documentation and the Android Open Source documentation on <a href="http://source.android.com/devices/sensors/">sensors</a>. For example, device implementations: + </p> + <ul> + <li>MUST accurately report the presence or absence of sensors per the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager</a> class. + </li> + <li>MUST return an accurate list of supported sensors via the SensorManager.getSensorList() and similar methods. + </li> + <li>MUST behave reasonably for all other sensor APIs (for example, by returning true or false as appropriate when applications attempt to register listeners, not calling sensor listeners when the corresponding sensors are not present; etc.). + </li> + <li>MUST <a href="http://developer.android.com/reference/android/hardware/SensorEvent.html">report all sensor measurements</a> using the relevant International System of Units (metric) values for each sensor type as defined in the Android SDK documentation. + </li> + <li>SHOULD <a href="http://developer.android.com/reference/android/hardware/SensorEvent.html#timestamp">report the event time</a> in nanoseconds as defined in the Android SDK documentation, representing the time the event happened and synchronized with the SystemClock.elapsedRealtimeNano() clock. Existing and new Android devices are <strong>STRONGLY RECOMMENDED</strong> to meet these requirements so they will be able to upgrade to the future platform releases where this might become a REQUIRED component. The synchronization error SHOULD be below 100 milliseconds. + </li> + <li>MUST report sensor data with a maximum latency of 100 milliseconds + 2 * sample_time for the case of a sensor streamed with a minimum required latency of 5 ms + 2 * sample_time when the application processor is active. This delay does not include any filtering delays. + </li> + <li>MUST report the first sensor sample within 400 milliseconds + 2 * sample_time of the sensor being activated. It is acceptable for this sample to have an accuracy of 0. + </li> + </ul> + <p> + The list above is not comprehensive; the documented behavior of the Android SDK and the Android Open Source Documentations on <a href="http://source.android.com/devices/sensors/">sensors</a> is to be considered authoritative. + </p> + <p> + Some sensor types are composite, meaning they can be derived from data provided by one or more other sensors. (Examples include the orientation sensor and the linear acceleration sensor.) Device implementations SHOULD implement these sensor types, when they include the prerequisite physical sensors as described in <a href="https://source.android.com/devices/sensors/sensor-types.html">sensor types</a>. If a device implementation includes a composite sensor it MUST implement the sensor as described in the Android Open Source documentation on <a href="https://source.android.com/devices/sensors/sensor-types.html#composite_sensor_type_summary">composite sensors</a>. + </p> + <p> + Some Android sensors support a <a href="https://source.android.com/devices/sensors/report-modes.html#continuous">“continuous” trigger mode</a>, which returns data continuously. For any API indicated by the Android SDK documentation to be a continuous sensor, device implementations MUST continuously provide periodic data samples that SHOULD have a jitter below 3%, where jitter is defined as the standard deviation of the difference of the reported timestamp values between consecutive events. + </p> + <p> + Note that the device implementations MUST ensure that the sensor event stream MUST NOT prevent the device CPU from entering a suspend state or waking up from a suspend state. + </p> + <p> + Finally, when several sensors are activated, the power consumption SHOULD NOT exceed the sum of the individual sensor’s reported power consumption. + </p> + <h3> + 7.3.1. Accelerometer + </h3> + <p> + Device implementations SHOULD include a 3-axis accelerometer. Android Handheld devices, Android Automotive implementations, and Android Watch devices are STRONGLY RECOMMENDED to include this sensor. If a device implementation does include a 3-axis accelerometer, it: + </p> + <ul> + <li>MUST implement and report <a href="http://developer.android.com/reference/android/hardware/Sensor.html#TYPE_ACCELEROMETER">TYPE_ACCELEROMETER sensor</a>. + </li> + <li>MUST be able to report events up to a frequency of at least 50 Hz for Android Watch devices as such devices have a stricter power constraint and 100 Hz for all other device types. + </li> + <li>SHOULD report events up to at least 200 Hz. + </li> + <li>MUST comply with the <a href="http://developer.android.com/reference/android/hardware/SensorEvent.html">Android sensor coordinate system</a> as detailed in the Android APIs. Android Automotive implementations MUST comply with the Android <a href="http://source.android.com/devices/sensors/sensor-types.html#auto_axes">car sensor coordinate system</a>. + </li> + <li>MUST be capable of measuring from freefall up to four times the gravity (4g) or more on any axis. + </li> + <li>MUST have a resolution of at least 12-bits and SHOULD have a resolution of at least 16-bits. + </li> + <li>SHOULD be calibrated while in use if the characteristics changes over the life cycle and compensated, and preserve the compensation parameters between device reboots. + </li> + <li>SHOULD be temperature compensated. + </li> + <li>MUST have a standard deviation no greater than 0.05 m/s^, where the standard deviation should be calculated on a per axis basis on samples collected over a period of at least 3 seconds at the fastest sampling rate. + </li> + <li>SHOULD implement the TYPE_SIGNIFICANT_MOTION, TYPE_TILT_DETECTOR, TYPE_STEP_DETECTOR, TYPE_STEP_COUNTER composite sensors as described in the Android SDK document. Existing and new Android devices are <strong>STRONGLY RECOMMENDED</strong> to implement the TYPE_SIGNIFICANT_MOTION composite sensor. If any of these sensors are implemented, the sum of their power consumption MUST always be less than 4 mW and SHOULD each be below 2 mW and 0.5 mW for when the device is in a dynamic or static condition. + </li> + <li>If a gyroscope sensor is included, MUST implement the TYPE_GRAVITY and TYPE_LINEAR_ACCELERATION composite sensors and SHOULD implement the TYPE_GAME_ROTATION_VECTOR composite sensor. Existing and new Android devices are STRONGLY RECOMMENDED to implement the TYPE_GAME_ROTATION_VECTOR sensor. + </li> + <li>MUST implement a TYPE_ROTATION_VECTOR composite sensor, if a gyroscope sensor and a magnetometer sensor is also included. + </li> + </ul> + <h3> + 7.3.2. Magnetometer + </h3> + <p> + Device implementations SHOULD include a 3-axis magnetometer (compass). If a device does include a 3-axis magnetometer, it: + </p> + <ul> + <li>MUST implement the TYPE_MAGNETIC_FIELD sensor and SHOULD also implement TYPE_MAGNETIC_FIELD_UNCALIBRATED sensor. Existing and new Android devices are STRONGLY RECOMMENDED to implement the TYPE_MAGNETIC_FIELD_UNCALIBRATED sensor. + </li> + <li>MUST be able to report events up to a frequency of at least 10 Hz and SHOULD report events up to at least 50 Hz. + </li> + <li>MUST comply with the <a href="http://developer.android.com/reference/android/hardware/SensorEvent.html">Android sensor coordinate system</a> as detailed in the Android APIs. + </li> + <li>MUST be capable of measuring between -900 µT and +900 µT on each axis before saturating. + </li> + <li>MUST have a hard iron offset value less than 700 µT and SHOULD have a value below 200 µT, by placing the magnetometer far from dynamic (current-induced) and static (magnet-induced) magnetic fields. + </li> + <li>MUST have a resolution equal or denser than 0.6 µT and SHOULD have a resolution equal or denser than 0.2 µT. + </li> + <li>SHOULD be temperature compensated. + </li> + <li>MUST support online calibration and compensation of the hard iron bias, and preserve the compensation parameters between device reboots. + </li> + <li>MUST have the soft iron compensation applied—the calibration can be done either while in use or during the production of the device. + </li> + <li>SHOULD have a standard deviation, calculated on a per axis basis on samples collected over a period of at least 3 seconds at the fastest sampling rate, no greater than 0.5 µT. + </li> + <li>MUST implement a TYPE_ROTATION_VECTOR composite sensor, if an accelerometer sensor and a gyroscope sensor is also included. + </li> + <li>MAY implement the TYPE_GEOMAGNETIC_ROTATION_VECTOR sensor if an accelerometer sensor is also implemented. However if implemented, it MUST consume less than 10 mW and SHOULD consume less than 3 mW when the sensor is registered for batch mode at 10 Hz. + </li> + </ul> + <h3> + 7.3.3. GPS + </h3> + <p> + Device implementations SHOULD include a GPS/GNSS receiver. If a device implementation does include a GPS/GNSS receiver and reports the capability to applications through the <code>android.hardware.location.gps</code> feature flag: + </p> + <ul> + <li>It is STRONGLY RECOMMENDED that the device continue to deliver normal GPS/GNSS outputs to applications during an emergency phone call and that location output not be blocked during an emergency phone call. + </li> + <li>It MUST support location outputs at a rate of at least 1 Hz when requested via <code>LocationManager#requestLocationUpdate</code>. + </li> + <li>It MUST be able to determine the location in open-sky conditions (strong signals, negligible multipath, HDOP < 2) within 10 seconds (fast time to first fix), when connected to a 0.5 Mbps or faster data speed internet connection. This requirement is typically met by the use of some form of Assisted or Predicted GPS/GNSS technique to minimize GPS/GNSS lock-on time (Assistance data includes Reference Time, Reference Location and Satellite Ephemeris/Clock). + <ul> + <li>After making such a location calculation, it is STRONGLY RECOMMENDED for the device to be able to determine its location, in open sky, within 10 seconds, when location requests are restarted, up to an hour after the initial location calculation, even when the subsequent request is made without a data connection, and/or after a power cycle. + </li> + </ul> + </li> + <li>In open sky conditions after determining the location, while stationary or moving with less than 1 meter per second squared of acceleration: + <ul> + <li>It MUST be able to determine location within 20 meters, and speed within 0.5 meters per second, at least 95% of the time. + </li> + <li>It MUST simultaneously track and report via <a href="https://developer.android.com/reference/android/location/GnssStatus.Callback.html#GnssStatus.Callback()'">GnssStatus.Callback</a> at least 8 satellites from one constellation. + </li> + <li>It SHOULD be able to simultaneously track at least 24 satellites, from multiple constellations (e.g. GPS + at least one of Glonass, Beidou, Galileo). + </li> + </ul> + </li> + <li>It MUST report the GNSS technology generation through the test API ‘getGnssYearOfHardware’. + </li> + <li>It is STRONGLY RECOMMENDED to meet and MUST meet all requirements below if the GNSS technology generation is reported as the year "2016" or newer. + <ul> + <li>It MUST report GPS measurements, as soon as they are found, even if a location calculated from GPS/GNSS is not yet reported. + </li> + <li>It MUST report GPS pseudoranges and pseudorange rates, that, in open-sky conditions after determining the location, while stationary or moving with less than 0.2 meter per second squared of acceleration, are sufficient to calculate position within 20 meters, and speed within 0.2 meters per second, at least 95% of the time. + </li> + </ul> + </li> + </ul> + <p> + Note that while some of the GPS requirements above are stated as STRONGLY RECOMMENDED, the Compatibility Definition for the next major version is expected to change these to a MUST. + </p> + <h3> + 7.3.4. Gyroscope + </h3> + <p> + Device implementations SHOULD include a gyroscope (angular change sensor). Devices SHOULD NOT include a gyroscope sensor unless a 3-axis accelerometer is also included. If a device implementation includes a gyroscope, it: + </p> + <ul> + <li>MUST implement the TYPE_GYROSCOPE sensor and SHOULD also implement TYPE_GYROSCOPE_UNCALIBRATED sensor. Existing and new Android devices are STRONGLY RECOMMENDED to implement the SENSOR_TYPE_GYROSCOPE_UNCALIBRATED sensor. + </li> + <li>MUST be capable of measuring orientation changes up to 1,000 degrees per second. + </li> + <li>MUST be able to report events up to a frequency of at least 50 Hz for Android Watch devices as such devices have a stricter power constraint and 100 Hz for all other device types. + </li> + <li>SHOULD report events up to at least 200 Hz. + </li> + <li>MUST have a resolution of 12-bits or more and SHOULD have a resolution of 16-bits or more. + </li> + <li>MUST be temperature compensated. + </li> + <li>MUST be calibrated and compensated while in use, and preserve the compensation parameters between device reboots. + </li> + <li>MUST have a variance no greater than 1e-7 rad^2 / s^2 per Hz (variance per Hz, or rad^2 / s). The variance is allowed to vary with the sampling rate, but must be constrained by this value. In other words, if you measure the variance of the gyro at 1 Hz sampling rate it should be no greater than 1e-7 rad^2/s^2. + </li> + <li>MUST implement a TYPE_ROTATION_VECTOR composite sensor, if an accelerometer sensor and a magnetometer sensor is also included. + </li> + <li>If an accelerometer sensor is included, MUST implement the TYPE_GRAVITY and TYPE_LINEAR_ACCELERATION composite sensors and SHOULD implement the TYPE_GAME_ROTATION_VECTOR composite sensor. Existing and new Android devices are STRONGLY RECOMMENDED to implement the TYPE_GAME_ROTATION_VECTOR sensor. + </li> + </ul> + <h3> + 7.3.5. Barometer + </h3> + <p> + Device implementations SHOULD include a barometer (ambient air pressure sensor). If a device implementation includes a barometer, it: + </p> + <ul> + <li>MUST implement and report TYPE_PRESSURE sensor. + </li> + <li>MUST be able to deliver events at 5 Hz or greater. + </li> + <li>MUST have adequate precision to enable estimating altitude. + </li> + <li>MUST be temperature compensated. + </li> + </ul> + <h3> + 7.3.6. Thermometer + </h3> + <p> + Device implementations MAY include an ambient thermometer (temperature sensor). If present, it MUST be defined as SENSOR_TYPE_AMBIENT_TEMPERATURE and it MUST measure the ambient (room) temperature in degrees Celsius. + </p> + <p> + Device implementations MAY but SHOULD NOT include a CPU temperature sensor. If present, it MUST be defined as SENSOR_TYPE_TEMPERATURE, it MUST measure the temperature of the device CPU, and it MUST NOT measure any other temperature. Note the SENSOR_TYPE_TEMPERATURE sensor type was deprecated in Android 4.0. + </p> + <div class="note"> + For Android Automotive implementations, SENSOR_TYPE_AMBIENT_TEMPERATURE MUST measure the temperature inside the vehicle cabin. + </div> + <h3> + 7.3.7. Photometer + </h3> + <p> + Device implementations MAY include a photometer (ambient light sensor). + </p> + <h3> + 7.3.8. Proximity Sensor + </h3> + <p> + Device implementations MAY include a proximity sensor. Devices that can make a voice call and indicate any value other than PHONE_TYPE_NONE in getPhoneType SHOULD include a proximity sensor. If a device implementation does include a proximity sensor, it: + </p> + <ul> + <li>MUST measure the proximity of an object in the same direction as the screen. That is, the proximity sensor MUST be oriented to detect objects close to the screen, as the primary intent of this sensor type is to detect a phone in use by the user. If a device implementation includes a proximity sensor with any other orientation, it MUST NOT be accessible through this API. + </li> + <li>MUST have 1-bit of accuracy or more. + </li> + </ul> + <h3> + 7.3.9. High Fidelity Sensors + </h3> + <p> + Device implementations supporting a set of higher quality sensors that can meet all the requirements listed in this section MUST identify the support through the <code>android.hardware.sensor.hifi_sensors</code> feature flag. + </p> + <p> + A device declaring android.hardware.sensor.hifi_sensors MUST support all of the following sensor types meeting the quality requirements as below: + </p> + <ul> + <li>SENSOR_TYPE_ACCELEROMETER + <ul> + <li>MUST have a measurement range between at least -8g and +8g. + </li> + <li>MUST have a measurement resolution of at least 1024 LSB/G. + </li> + <li>MUST have a minimum measurement frequency of 12.5 Hz or lower. + </li> + <li>MUST have a maximum measurement frequency of 400 Hz or higher. + </li> + <li>MUST have a measurement noise not above 400 uG/√Hz. + </li> + <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 3000 sensor events. + </li> + <li>MUST have a batching power consumption not worse than 3 mW. + </li> + <li>SHOULD have a stationary noise bias stability of \<15 μg √Hz from 24hr static dataset. + </li> + <li>SHOULD have a bias change vs. temperature of ≤ +/- 1mg / °C. + </li> + <li>SHOULD have a best-fit line non-linearity of ≤ 0.5%, and sensitivity change vs. temperature of ≤ 0.03%/C°. + </li> + </ul> + </li> + <li> + <p> + SENSOR_TYPE_GYROSCOPE + </p> + <ul> + <li>MUST have a measurement range between at least -1000 and +1000 dps. + </li> + <li>MUST have a measurement resolution of at least 16 LSB/dps. + </li> + <li>MUST have a minimum measurement frequency of 12.5 Hz or lower. + </li> + <li>MUST have a maximum measurement frequency of 400 Hz or higher. + </li> + <li>MUST have a measurement noise not above 0.014°/s/√Hz. + </li> + <li>SHOULD have a stationary bias stability of < 0.0002 °/s √Hz from 24-hour static dataset. + </li> + <li>SHOULD have a bias change vs. temperature of ≤ +/- 0.05 °/ s / °C. + </li> + <li>SHOULD have a sensitivity change vs. temperature of ≤ 0.02% / °C. + </li> + <li>SHOULD have a best-fit line non-linearity of ≤ 0.2%. + </li> + <li>SHOULD have a noise density of ≤ 0.007 °/s/√Hz. + </li> + </ul> + </li> + <li> + <p> + SENSOR_TYPE_GYROSCOPE_UNCALIBRATED with the same quality requirements as SENSOR_TYPE_GYROSCOPE. + </p> + </li> + <li>SENSOR_TYPE_GEOMAGNETIC_FIELD + <ul> + <li>MUST have a measurement range between at least -900 and +900 uT. + </li> + <li>MUST have a measurement resolution of at least 5 LSB/uT. + </li> + <li>MUST have a minimum measurement frequency of 5 Hz or lower. + </li> + <li>MUST have a maximum measurement frequency of 50 Hz or higher. + </li> + <li>MUST have a measurement noise not above 0.5 uT. + </li> + </ul> + </li> + <li>SENSOR_TYPE_MAGNETIC_FIELD_UNCALIBRATED with the same quality requirements as SENSOR_TYPE_GEOMAGNETIC_FIELD and in addition: + <ul> + <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 600 sensor events. + </li> + </ul> + </li> + <li>SENSOR_TYPE_PRESSURE + <ul> + <li>MUST have a measurement range between at least 300 and 1100 hPa. + </li> + <li>MUST have a measurement resolution of at least 80 LSB/hPa. + </li> + <li>MUST have a minimum measurement frequency of 1 Hz or lower. + </li> + <li>MUST have a maximum measurement frequency of 10 Hz or higher. + </li> + <li>MUST have a measurement noise not above 2 Pa/√Hz. + </li> + <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 300 sensor events. + </li> + <li>MUST have a batching power consumption not worse than 2 mW. + </li> + </ul> + </li> + <li>SENSOR_TYPE_GAME_ROTATION_VECTOR + <ul> + <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 300 sensor events. + </li> + <li>MUST have a batching power consumption not worse than 4 mW. + </li> + </ul> + </li> + <li>SENSOR_TYPE_SIGNIFICANT_MOTION + <ul> + <li>MUST have a power consumption not worse than 0.5 mW when device is static and 1.5 mW when device is moving. + </li> + </ul> + </li> + <li>SENSOR_TYPE_STEP_DETECTOR + <ul> + <li>MUST implement a non-wake-up form of this sensor with a buffering capability of at least 100 sensor events. + </li> + <li>MUST have a power consumption not worse than 0.5 mW when device is static and 1.5 mW when device is moving. + </li> + <li>MUST have a batching power consumption not worse than 4 mW. + </li> + </ul> + </li> + <li>SENSOR_TYPE_STEP_COUNTER + <ul> + <li>MUST have a power consumption not worse than 0.5 mW when device is static and 1.5 mW when device is moving. + </li> + </ul> + </li> + <li>SENSOR_TILT_DETECTOR + <ul> + <li>MUST have a power consumption not worse than 0.5 mW when device is static and 1.5 mW when device is moving. + </li> + </ul> + </li> + </ul> + <p> + Also such a device MUST meet the following sensor subsystem requirements: + </p> + <ul> + <li>The event timestamp of the same physical event reported by the Accelerometer, Gyroscope sensor and Magnetometer MUST be within 2.5 milliseconds of each other. + </li> + <li>The Gyroscope sensor event timestamps MUST be on the same time base as the camera subsystem and within 1 milliseconds of error. + </li> + <li>High Fidelity sensors MUST deliver samples to applications within 5 milliseconds from the time when the data is available on the physical sensor to the application. + </li> + <li>The power consumption MUST not be higher than 0.5 mW when device is static and 2.0 mW when device is moving when any combination of the following sensors are enabled: + <ul> + <li>SENSOR_TYPE_SIGNIFICANT_MOTION + </li> + <li>SENSOR_TYPE_STEP_DETECTOR + </li> + <li>SENSOR_TYPE_STEP_COUNTER + </li> + <li>SENSOR_TILT_DETECTORS + </li> + </ul> + </li> + </ul> + <p> + Note that all power consumption requirements in this section do not include the power consumption of the Application Processor. It is inclusive of the power drawn by the entire sensor chain—the sensor, any supporting circuitry, any dedicated sensor processing system, etc. + </p> + <p> + The following sensor types MAY also be supported on a device implementation declaring android.hardware.sensor.hifi_sensors, but if these sensor types are present they MUST meet the following minimum buffering capability requirement: + </p> + <ul> + <li>SENSOR_TYPE_PROXIMITY: 100 sensor events + </li> + </ul> + <h3> + 7.3.10. Fingerprint Sensor + </h3> + <p> + Device implementations with a secure lock screen SHOULD include a fingerprint sensor. If a device implementation includes a fingerprint sensor and has a corresponding API for third-party developers, it: + </p> + <ul> + <li>MUST declare support for the android.hardware.fingerprint feature. + </li> + <li>MUST fully implement the <a href="https://developer.android.com/reference/android/hardware/fingerprint/package-summary.html">corresponding API</a> as described in the Android SDK documentation. + </li> + <li>MUST have a false acceptance rate not higher than 0.002%. + </li> + <li>Is STRONGLY RECOMMENDED to have a false rejection rate of less than 10%, as measured on the device + </li> + <li>Is STRONGLY RECOMMENDED to have a latency below 1 second, measured from when the fingerprint sensor is touched until the screen is unlocked, for one enrolled finger. + </li> + <li>MUST rate limit attempts for at least 30 seconds after five false trials for fingerprint verification. + </li> + <li>MUST have a hardware-backed keystore implementation, and perform the fingerprint matching in a Trusted Execution Environment (TEE) or on a chip with a secure channel to the TEE. + </li> + <li>MUST have all identifiable fingerprint data encrypted and cryptographically authenticated such that they cannot be acquired, read or altered outside of the Trusted Execution Environment (TEE) as documented in the <a href="https://source.android.com/devices/tech/security/authentication/fingerprint-hal.html">implementation guidelines</a> on the Android Open Source Project site. + </li> + <li>MUST prevent adding a fingerprint without first establishing a chain of trust by having the user confirm existing or add a new device credential (PIN/pattern/password) that's secured by TEE; the Android Open Source Project implementation provides the mechanism in the framework to do so. + </li> + <li>MUST NOT enable 3rd-party applications to distinguish between individual fingerprints. + </li> + <li>MUST honor the DevicePolicyManager.KEYGUARD_DISABLE_FINGERPRINT flag. + </li> + <li>MUST, when upgraded from a version earlier than Android 6.0, have the fingerprint data securely migrated to meet the above requirements or removed. + </li> + <li>SHOULD use the Android Fingerprint icon provided in the Android Open Source Project. + </li> + </ul> + <h3> + 7.3.11. Android Automotive-only sensors + </h3> + <p> + Automotive-specific sensors are defined in the <code>android.car.CarSensorManager API</code>. + </p> + <h4> + 7.3.11.1. Current Gear + </h4> + <p> + Android Automotive implementations SHOULD provide current gear as SENSOR_TYPE_GEAR. + </p> + <h4> + 7.3.11.2. Day Night Mode + </h4> + <p> + Android Automotive implementations MUST support day/night mode defined as SENSOR_TYPE_NIGHT. The value of this flag MUST be consistent with dashboard day/night mode and SHOULD be based on ambient light sensor input. The underlying ambient light sensor MAY be the same as <a href="#7_3_7_photometer">Photometer</a>. + </p> + <h4> + 7.3.11.3. Driving Status + </h4> + <p> + Android Automotive implementations MUST support driving status defined as SENSOR_TYPE_DRIVING_STATUS, with a default value of DRIVE_STATUS_UNRESTRICTED when the vehicle is fully stopped and parked. It is the responsibility of device manufacturers to configure SENSOR_TYPE_DRIVING_STATUS in compliance with all laws and regulations that apply to markets where the product is shipping. + </p> + <h4> + 7.3.11.4. Wheel Speed + </h4> + <p> + Android Automotive implementations MUST provide vehicle speed defined as SENSOR_TYPE_CAR_SPEED. + </p> + <h2> + 7.3.12. Pose Sensor + </h2> + <p> + Device implementations MAY support pose sensor with 6 degrees of freedom. Android Handheld devices are RECOMMENDED to support this sensor. If a device implementation does support pose sensor with 6 degrees of freedom, it: + </p> + <ul> + <li>MUST implement and report <a href="https://developer.android.com/reference/android/hardware/Sensor.html#TYPE_POSE_6DOF"><code>TYPE_POSE_6DOF</code></a> sensor. + </li> + <li>MUST be more accurate than the rotation vector alone. + </li> + </ul> + <h2> + 7.4. Data Connectivity + </h2> + <h3> + 7.4.1. Telephony + </h3> + <p> + “Telephony” as used by the Android APIs and this document refers specifically to hardware related to placing voice calls and sending SMS messages via a GSM or CDMA network. While these voice calls may or may not be packet-switched, they are for the purposes of Android considered independent of any data connectivity that may be implemented using the same network. In other words, the Android “telephony” functionality and APIs refer specifically to voice calls and SMS. For instance, device implementations that cannot place calls or send/receive SMS messages MUST NOT report the android.hardware.telephony feature or any subfeatures, regardless of whether they use a cellular network for data connectivity. + </p> + <p> + Android MAY be used on devices that do not include telephony hardware. That is, Android is compatible with devices that are not phones. However, if a device implementation does include GSM or CDMA telephony, it MUST implement full support for the API for that technology. Device implementations that do not include telephony hardware MUST implement the full APIs as no-ops. + </p> + <h4> + 7.4.1.1. Number Blocking Compatibility + </h4> + <p> + Android Telephony device implementations MUST include number blocking support and: + </p> + <ul> + <li>MUST fully implement <a href="http://developer.android.com/reference/android/provider/BlockedNumberContract.html">BlockedNumberContract</a> and the corresponding API as described in the SDK documentation. + </li> + <li>MUST block all calls and messages from a phone number in 'BlockedNumberProvider' without any interaction with apps. The only exception is when number blocking is temporarily lifted as described in the SDK documentation. + </li> + <li>MUST NOT write to the <a href="http://developer.android.com/reference/android/provider/CallLog.html">platform call log provider</a> for a blocked call. + </li> + <li>MUST NOT write to the <a href="http://developer.android.com/reference/android/provider/Telephony.html">Telephony provider</a> for a blocked message. + </li> + <li>MUST implement a blocked numbers management UI, which is opened with the intent returned by TelecomManager.createManageBlockedNumbersIntent() method. + </li> + <li>MUST NOT allow secondary users to view or edit the blocked numbers on the device as the Android platform assumes the primary user to have full control of the telephony services, a single instance, on the device. All blocking related UI MUST be hidden for secondary users and the blocked list MUST still be respected. + </li> + <li>SHOULD migrate the blocked numbers into the provider when a device updates to Android 7.0. + </li> + </ul> + <h3> + 7.4.2. IEEE 802.11 (Wi-Fi) + </h3> + <p> + All Android device implementations SHOULD include support for one or more forms of 802.11. If a device implementation does include support for 802.11 and exposes the functionality to a third-party application, it MUST implement the corresponding Android API and: + </p> + <ul> + <li>MUST report the hardware feature flag android.hardware.wifi. + </li> + <li>MUST implement the <a href="http://developer.android.com/reference/android/net/wifi/WifiManager.MulticastLock.html">multicast API</a> as described in the SDK documentation. + </li> + <li>MUST support multicast DNS (mDNS) and MUST NOT filter mDNS packets (224.0.0.251) at any time of operation including: + <ul> + <li>Even when the screen is not in an active state. + </li> + <li>For Android Television device implementations, even when in standby power states. + </li> + </ul> + </li> + </ul> + <h4> + 7.4.2.1. Wi-Fi Direct + </h4> + <p> + Device implementations SHOULD include support for Wi-Fi Direct (Wi-Fi peer-to-peer). If a device implementation does include support for Wi-Fi Direct, it MUST implement the <a href="http://developer.android.com/reference/android/net/wifi/p2p/WifiP2pManager.html">corresponding Android API</a> as described in the SDK documentation. If a device implementation includes support for Wi-Fi Direct, then it: + </p> + <ul> + <li>MUST report the hardware feature android.hardware.wifi.direct. + </li> + <li>MUST support regular Wi-Fi operation. + </li> + <li>SHOULD support concurrent Wi-Fi and Wi-Fi Direct operation. + </li> + </ul> + <h4> + 7.4.2.2. Wi-Fi Tunneled Direct Link Setup + </h4> + <p> + Device implementations SHOULD include support for <a href="http://developer.android.com/reference/android/net/wifi/WifiManager.html">Wi-Fi Tunneled Direct Link Setup (TDLS)</a> as described in the Android SDK Documentation. If a device implementation does include support for TDLS and TDLS is enabled by the WiFiManager API, the device: + </p> + <ul> + <li>SHOULD use TDLS only when it is possible AND beneficial. + </li> + <li>SHOULD have some heuristic and NOT use TDLS when its performance might be worse than going through the Wi-Fi access point. + </li> + </ul> + <h3> + 7.4.3. Bluetooth + </h3> + <div class="note"> + Android Watch implementations MUST support Bluetooth. Android Television implementations MUST support Bluetooth and Bluetooth LE. Android Automotive implementations MUST support Bluetooth and SHOULD support Bluetooth LE. + </div> + <p> + Device implementations that support <code>android.hardware.vr.high_performance</code> feature MUST support Bluetooth 4.2 and Bluetooth LE Data Length Extension. + </p> + <p> + Android includes support for <a href="http://developer.android.com/reference/android/bluetooth/package-summary.html">Bluetooth and Bluetooth Low Energy</a>. Device implementations that include support for Bluetooth and Bluetooth Low Energy MUST declare the relevant platform features (android.hardware.bluetooth and android.hardware.bluetooth_le respectively) and implement the platform APIs. Device implementations SHOULD implement relevant Bluetooth profiles such as A2DP, AVCP, OBEX, etc. as appropriate for the device. + </p> + <p> + Android Automotive implementations SHOULD support Message Access Profile (MAP). Android Automotive implementations MUST support the following Bluetooth profiles: + </p> + <ul> + <li>Phone calling over Hands-Free Profile (HFP). + </li> + <li>Media playback over Audio Distribution Profile (A2DP). + </li> + <li>Media playback control over Remote Control Profile (AVRCP). + </li> + <li>Contact sharing using the Phone Book Access Profile (PBAP). + </li> + </ul> + <p> + Device implementations including support for Bluetooth Low Energy: + </p> + <ul> + <li>MUST declare the hardware feature android.hardware.bluetooth_le. + </li> + <li>MUST enable the GATT (generic attribute profile) based Bluetooth APIs as described in the SDK documentation and <a href="http://developer.android.com/reference/android/bluetooth/package-summary.html">android.bluetooth</a>. + </li> + <li>are STRONGLY RECOMMENDED to implement a Resolvable Private Address (RPA) timeout no longer than 15 minutes and rotate the address at timeout to protect user privacy. + </li> + <li>SHOULD support offloading of the filtering logic to the bluetooth chipset when implementing the <a href="https://developer.android.com/reference/android/bluetooth/le/ScanFilter.html">ScanFilter API</a>, and MUST report the correct value of where the filtering logic is implemented whenever queried via the android.bluetooth.BluetoothAdapter.isOffloadedFilteringSupported() method. + </li> + <li>SHOULD support offloading of the batched scanning to the bluetooth chipset, but if not supported, MUST report ‘false’ whenever queried via the android.bluetooth.BluetoothAdapter.isOffloadedScanBatchingSupported() method. + </li> + <li>SHOULD support multi advertisement with at least 4 slots, but if not supported, MUST report ‘false’ whenever queried via the android.bluetooth.BluetoothAdapter.isMultipleAdvertisementSupported() method. + </li> + </ul> + <h3> + 7.4.4. Near-Field Communications + </h3> + <p> + Device implementations SHOULD include a transceiver and related hardware for Near-Field Communications (NFC). If a device implementation does include NFC hardware and plans to make it available to third-party apps, then it: + </p> + <ul> + <li>MUST report the android.hardware.nfc feature from the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager.hasSystemFeature() method</a>. + </li> + <li>MUST be capable of reading and writing NDEF messages via the following NFC standards: + <ul> + <li>MUST be capable of acting as an NFC Forum reader/writer (as defined by the NFC Forum technical specification NFCForum-TS-DigitalProtocol-1.0) via the following NFC standards: <ul> - <li class="table_list">280dpi or lower on small/normal screens + <li>NfcA (ISO14443-3A) </li> - <li class="table_list">mdpi or lower on large screens + <li>NfcB (ISO14443-3B) </li> - <li class="table_list">ldpi or lower on extra large screens + <li>NfcF (JIS X 6319-4) </li> - </ul> - </td> - <td> - 512MB - </td> - <td> - 816MB - </td> - </tr> - <tr> - <td> - <ul> - <li class="table_list">xhdpi or higher on small/normal screens - </li> - <li class="table_list">hdpi or higher on large screens + <li>IsoDep (ISO 14443-4) </li> - <li class="table_list">mdpi or higher on extra large screens + <li>NFC Forum Tag Types 1, 2, 3, 4 (defined by the NFC Forum) </li> </ul> - </td> - <td> - 608MB - </td> - <td> - 944MB - </td> - </tr> - <tr> - <td> + </li> + <li>STRONGLY RECOMMENDED to be capable of reading and writing NDEF messages as well as raw data via the following NFC standards. Note that while the NFC standards below are stated as STRONGLY RECOMMENDED, the Compatibility Definition for a future version is planned to change these to MUST. These standards are optional in this version but will be required in future versions. Existing and new devices that run this version of Android are very strongly encouraged to meet these requirements now so they will be able to upgrade to the future platform releases. <ul> - <li class="table_list">400dpi or higher on small/normal screens - </li> - <li class="table_list">xhdpi or higher on large screens - </li> - <li class="table_list">tvdpi or higher on extra large screens + <li>NfcV (ISO 15693) </li> </ul> - </td> - <td> - 896MB - </td> - <td> - 1280MB - </td> - </tr> - <tr> - <td> + </li> + <li>SHOULD be capable of reading the barcode and URL (if encoded) of <a href="http://developer.android.com/reference/android/nfc/tech/NfcBarcode.html">Thinfilm NFC Barcode</a> products. + </li> + <li>MUST be capable of transmitting and receiving data via the following peer-to-peer standards and protocols: <ul> - <li class="table_list">560dpi or higher on small/normal screens + <li>ISO 18092 </li> - <li class="table_list">400dpi or higher on large screens + <li>LLCP 1.2 (defined by the NFC Forum) </li> - <li class="table_list">xhdpi or higher on extra large screens + <li>SDP 1.0 (defined by the NFC Forum) + </li> + <li> + <a href="http://static.googleusercontent.com/media/source.android.com/en/us/compatibility/ndef-push-protocol.pdf">NDEF Push Protocol</a> + </li> + <li>SNEP 1.0 (defined by the NFC Forum) </li> </ul> - </td> - <td> - 1344MB - </td> - <td> - 1824MB - </td> - </tr> - </table> - <p> - The minimum memory values MUST be in addition to any memory space already dedicated to hardware components such as radio, video, and so on that is not under the kernel’s control. - </p> - <p> - Device implementations with less than 512MB of memory available to the kernel and userspace, unless an Android Watch, MUST return the value "true" for ActivityManager.isLowRamDevice(). - </p> - <p> - Android Television devices MUST have at least 4GB and other device implementations MUST have at least 3GB of non-volatile storage available for application private data. That is, the /data partition MUST be at least 4GB for Android Television devices and at least 3GB for other device implementations. Device implementations that run Android are <strong>STRONGLY RECOMMENDED</strong> to have at least 4GB of non-volatile storage for application private data so they will be able to upgrade to the future platform releases. - </p> - <p> - The Android APIs include a <a href="http://developer.android.com/reference/android/app/DownloadManager.html">Download Manager</a> that applications MAY use to download data files. The device implementation of the Download Manager MUST be capable of downloading individual files of at least 100MB in size to the default “cache” location. - </p> - <h4 id="7_6_2_application_shared_storage"> - 7.6.2. Application Shared Storage - </h4> - <p> - Device implementations MUST offer shared storage for applications also often referred as “shared external storage”. - </p> - <p> - Device implementations MUST be configured with shared storage mounted by default, “out of the box”. If the shared storage is not mounted on the Linuxpath /sdcard, then the device MUST include a Linux symbolic link from /sdcard to the actual mount point. - </p> - <p> - Device implementations MAY have hardware for user-accessible removable storage, such as a Secure Digital (SD) card slot. If this slot is used to satisfy the shared storage requirement, the device implementation: - </p> - <ul> - <li>MUST implement a toast or pop-up user interface warning the user when there is no SD card. - </li> - <li>MUST include a FAT-formatted SD card 1GB in size or larger OR show on the box and other material available at time of purchase that the SD card has to be separately purchased. - </li> - <li>MUST mount the SD card by default. - </li> - </ul> - <p> - Alternatively, device implementations MAY allocate internal (non-removable) storage as shared storage for apps as included in the upstream Android Open Source Project; device implementations SHOULD use this configuration and software implementation. If a device implementation uses internal (non-removable) storage to satisfy the shared storage requirement, while that storage MAY share space with the application private data, it MUST be at least 1GB in size and mounted on /sdcard (or /sdcard MUST be a symbolic link to the physical location if it is mounted elsewhere). - </p> - <p> - Device implementations MUST enforce as documented the android.permission.WRITE_EXTERNAL_STORAGE permission on this shared storage. Shared storage MUST otherwise be writable by any application that obtains that permission. - </p> - <p> - Device implementations that include multiple shared storage paths (such as both an SD card slot and shared internal storage) MUST allow only pre-installed & privileged Android applications with the WRITE_EXTERNAL_STORAGE permission to write to the secondary external storage, except when writing to their package-specific directories or within the <code>URI</code> returned by firing the <code>ACTION_OPEN_DOCUMENT_TREE</code> intent. - </p> - <p> - However, device implementations SHOULD expose content from both storage paths transparently through Android’s media scanner service and android.provider.MediaStore. - </p> - <p> - Regardless of the form of shared storage used, if the device implementation has a USB port with USB peripheral mode support, it MUST provide some mechanism to access the contents of shared storage from a host computer. Device implementations MAY use USB mass storage, but SHOULD use Media Transfer Protocol to satisfy this requirement. If the device implementation supports Media Transfer Protocol, it: - </p> - <ul> - <li>SHOULD be compatible with the reference Android MTP host, <a href="http://www.android.com/filetransfer">Android File Transfer</a> . - </li> - <li>SHOULD report a USB device class of 0x00. - </li> - <li>SHOULD report a USB interface name of 'MTP'. - </li> - </ul> - <h4 id="7_6_3_adoptable_storage"> - 7.6.3. Adoptable Storage - </h4> - <p> - Device implementations are STRONGLY RECOMMENDED to implement <a href="http://source.android.com/devices/storage/adoptable.html">adoptable storage</a> if the removable storage device port is in a long-term stable location, such as within the battery compartment or other protective cover. - </p> - <p> - Device implementations such as a television, MAY enable adoption through USB ports as the device is expected to be static and not mobile. But for other device implementations that are mobile in nature, it is STRONGLY RECOMMENDED to implement the adoptable storage in a long-term stable location, since accidentally disconnecting them can cause data loss/corruption. - </p> - <h3 id="7_7_usb"> - 7.7. USB - </h3> - <p> - Device implementations SHOULD support USB peripheral mode and SHOULD support USB host mode. - </p> - <h4 id="7_7_1_usb_peripheral_mode"> - 7.7.1. USB peripheral mode - </h4> - <p> - If a device implementation includes a USB port supporting peripheral mode: - </p> - <ul> - <li>The port MUST be connectable to a USB host that has a standard type-A or type-C USB port. - </li> - <li>The port SHOULD use micro-B, micro-AB or Type-C USB form factor. Existing and new Android devices are <strong>STRONGLY RECOMMENDED to meet these requirements</strong> so they will be able to upgrade to the future platform releases. - </li> - <li>The port SHOULD be located on the bottom of the device (according to natural orientation) or enable software screen rotation for all apps (including home screen), so that the display draws correctly when the device is oriented with the port at bottom. Existing and new Android devices are <strong>STRONGLY RECOMMENDED to meet these requirements</strong> so they will be able to upgrade to future platform releases. - </li> - <li>It MUST allow a USB host connected with the Android device to access the contents of the shared storage volume using either USB mass storage or Media Transfer Protocol. - </li> - <li>It SHOULD implement the Android Open Accessory (AOA) API and specification as documented in the Android SDK documentation, and if it is an Android Handheld device it MUST implement the AOA API. Device implementations implementing the AOA specification: - <ul> - <li>MUST declare support for the hardware feature <a href="http://developer.android.com/guide/topics/connectivity/usb/accessory.html">android.hardware.usb.accessory</a> . - </li> - <li>MUST implement the <a href="http://developer.android.com/reference/android/hardware/usb/UsbConstants.html#USB_CLASS_AUDIO">USB audio class</a> as documented in the Android SDK documentation. - </li> - <li>The USB mass storage class MUST include the string "android" at the end of the interface description <code>iInterface</code> string of the USB mass storage - </li> - </ul> - </li> - <li>It SHOULD implement support to draw 1.5 A current during HS chirp and traffic as specified in the <a href="http://www.usb.org/developers/docs/devclass_docs/BCv1.2_070312.zip">USB Battery Charging specification, revision 1.2</a> . Existing and new Android devices are <strong>STRONGLY RECOMMENDED to meet these requirements</strong> so they will be able to upgrade to the future platform releases. - </li> - <li>Type-C devices MUST detect 1.5A and 3.0A chargers per the Type-C resistor standard and it must detect changes in the advertisement. - </li> - <li>Type-C devices also supporting USB host mode are STRONGLY RECOMMENDED to support Power Delivery for data and power role swapping. - </li> - <li>Type-C devices SHOULD support Power Delivery for high-voltage charging and support for Alternate Modes such as display out. - </li> - <li>The value of iSerialNumber in USB standard device descriptor MUST be equal to the value of android.os.Build.SERIAL. - </li> - <li>Type-C devices are STRONGLY RECOMMENDED to not support proprietary charging methods that modify Vbus voltage beyond default levels, or alter sink/source roles as such may result in interoperability issues with the chargers or devices that support the standard USB Power Delivery methods. While this is called out as "STRONGLY RECOMMENDED", in future Android versions we might REQUIRE all type-C devices to support full interoperability with standard type-C chargers. - </li> - </ul> - <h4 id="7_7_2_usb_host_mode"> - 7.7.2. USB host mode - </h4> - <p> - If a device implementation includes a USB port supporting host mode, it: - </p> - <ul> - <li>SHOULD use a type-C USB port, if the device implementation supports USB 3.1. - </li> - <li>MAY use a non-standard port form factor, but if so MUST ship with a cable or cables adapting the port to a standard type-A or type-C USB port. - </li> - <li>MAY use a micro-AB USB port, but if so SHOULD ship with a cable or cables adapting the port to a standard type-A or type-C USB port. - </li> - <li>is <strong>STRONGLY RECOMMENDED</strong> to implement the <a href="http://developer.android.com/reference/android/hardware/usb/UsbConstants.html#USB_CLASS_AUDIO">USB audio class</a> as documented in the Android SDK documentation. - </li> - <li>MUST implement the Android USB host API as documented in the Android SDK, and MUST declare support for the hardware feature <a href="http://developer.android.com/guide/topics/connectivity/usb/host.html">android.hardware.usb.host</a> . - </li> - <li>SHOULD support the Charging Downstream Port output current range of 1.5 A ~ 5 A as specified in the <a href="http://www.usb.org/developers/docs/devclass_docs/BCv1.2_070312.zip">USB Battery Charging specifications, revision 1.2</a> . - </li> - <li>USB Type-C devices are STRONGLY RECOMMENDED to support DisplayPort, SHOULD support USB SuperSpeed Data Rates, and are STRONGLY RECOMMENDED to support Power Delivery for data and power role swapping. - </li> - <li>Devices with any type-A or type-AB ports MUST NOT ship with an adapter converting from this port to a type-C receptacle. - </li> - <li>MUST recognize any remotely connected MTP (Media Transfer Protocol) devices and make their contents accessible through the <code>ACTION_GET_CONTENT</code> , <code>ACTION_OPEN_DOCUMENT</code> , and <code>ACTION_CREATE_DOCUMENT</code> intents, if the Storage Access Framework (SAF) is supported. - </li> - <li>MUST, if using a Type-C USB port and including support for peripheral mode, implement Dual Role Port functionality as defined by the USB Type-C specification (section 4.5.1.3.3). - </li> - <li>SHOULD, if the Dual Role Port functionality is supported, implement the Try.* model that is most appropriate for the device form factor. For example a handheld device SHOULD implement the Try.SNK model. - </li> - </ul> - <h3 id="7_8_audio"> - 7.8. Audio - </h3> - <h4 id="7_8_1_microphone"> - 7.8.1. Microphone - </h4> - <div class="note"> - Android Handheld, Watch, and Automotive implementations MUST include a microphone. - </div> - <p> - Device implementations MAY omit a microphone. However, if a device implementation omits a microphone, it MUST NOT report the android.hardware.microphone feature constant, and MUST implement the audio recording API at least as no-ops, per <a href="#7_hardware_compatibility">section 7</a> . Conversely, device implementations that do possess a microphone: - </p> - <ul> - <li>MUST report the android.hardware.microphone feature constant. - </li> - <li>MUST meet the audio recording requirements in <a href="#5_4_audio_recording">section 5.4</a> . - </li> - <li>MUST meet the audio latency requirements in <a href="#5_6_audio_latency">section 5.6</a> . - </li> - <li>STRONGLY RECOMMENDED to support near-ultrasound recording as described in <a href="#7_8_3_near_ultrasound">section 7.8.3</a> . - </li> - </ul> - <h4 id="7_8_2_audio_output"> - 7.8.2. Audio Output - </h4> - <div class="note"> - Android Watch devices MAY include an audio output. - </div> - <p> - Device implementations including a speaker or with an audio/multimedia output port for an audio output peripheral as a headset or an external speaker: - </p> - <ul> - <li>MUST report the android.hardware.audio.output feature constant. - </li> - <li>MUST meet the audio playback requirements in <a href="#5_5_audio_playback">section 5.5</a> . - </li> - <li>MUST meet the audio latency requirements in <a href="#5_6_audio_latency">section 5.6</a> . - </li> - <li>STRONGLY RECOMMENDED to support near-ultrasound playback as described in <a href="#7_8_3_near_ultrasound">section 7.8.3</a> . - </li> - </ul> - <p> - Conversely, if a device implementation does not include a speaker or audio output port, it MUST NOT report the android.hardware.audio output feature, and MUST implement the Audio Output related APIs as no-ops at least. - </p> - <p> - Android Watch device implementation MAY but SHOULD NOT have audio output, but other types of Android device implementations MUST have an audio output and declare android.hardware.audio.output. - </p> - <h5 id="7_8_2_1_analog_audio_ports"> - 7.8.2.1. Analog Audio Ports - </h5> - <p> - In order to be compatible with the <a href="http://source.android.com/accessories/headset-spec.html">headsets and other audio accessories</a> using the 3.5mm audio plug across the Android ecosystem, if a device implementation includes one or more analog audio ports, at least one of the audio port(s) SHOULD be a 4 conductor 3.5mm audio jack. If a device implementation has a 4 conductor 3.5mm audio jack, it: - </p> - <ul> - <li>MUST support audio playback to stereo headphones and stereo headsets with a microphone, and SHOULD support audio recording from stereo headsets with a microphone. - </li> - <li>MUST support TRRS audio plugs with the CTIA pin-out order, and SHOULD support audio plugs with the OMTP pin-out order. - </li> - <li>MUST support the detection of microphone on the plugged in audio accessory, if the device implementation supports a microphone, and broadcast the android.intent.action.HEADSET_PLUG with the extra value microphone set as 1. - </li> - <li>MUST support the detection and mapping to the keycodes for the following 3 ranges of equivalent impedance between the microphone and ground conductors on the audio plug: + </li> + <li>MUST include support for <a href="http://developer.android.com/guide/topics/connectivity/nfc/nfc.html">Android Beam</a>. + </li> + <li>MUST implement the SNEP default server. Valid NDEF messages received by the default SNEP server MUST be dispatched to applications using the android.nfc.ACTION_NDEF_DISCOVERED intent. Disabling Android Beam in settings MUST NOT disable dispatch of incoming NDEF message. + </li> + <li>MUST honor the android.settings.NFCSHARING_SETTINGS intent to show <a href="http://developer.android.com/reference/android/provider/Settings.html#ACTION_NFCSHARING_SETTINGS">NFC sharing settings</a>. + </li> + <li>MUST implement the NPP server. Messages received by the NPP server MUST be processed the same way as the SNEP default server. + </li> + <li>MUST implement a SNEP client and attempt to send outbound P2P NDEF to the default SNEP server when Android Beam is enabled. If no default SNEP server is found then the client MUST attempt to send to an NPP server. + </li> + <li>MUST allow foreground activities to set the outbound P2P NDEF message using android.nfc.NfcAdapter.setNdefPushMessage, and android.nfc.NfcAdapter.setNdefPushMessageCallback, and android.nfc.NfcAdapter.enableForegroundNdefPush. + </li> + <li>SHOULD use a gesture or on-screen confirmation, such as 'Touch to Beam', before sending outbound P2P NDEF messages. + </li> + <li>SHOULD enable Android Beam by default and MUST be able to send and receive using Android Beam, even when another proprietary NFC P2p mode is turned on. + </li> + <li>MUST support NFC Connection handover to Bluetooth when the device supports Bluetooth Object Push Profile. Device implementations MUST support connection handover to Bluetooth when using android.nfc.NfcAdapter.setBeamPushUris, by implementing the “<a href="http://members.nfc-forum.org/specs/spec_list/#conn_handover">Connection Handover version 1.2</a>” and “<a href="http://members.nfc-forum.org/apps/group_public/download.php/18688/NFCForum-AD-BTSSP_1_1.pdf">Bluetooth Secure Simple Pairing Using NFC version 1.0</a>” specs from the NFC Forum. Such an implementation MUST implement the handover LLCP service with service name “urn:nfc:sn:handover” for exchanging the handover request/select records over NFC, and it MUST use the Bluetooth Object Push Profile for the actual Bluetooth data transfer. For legacy reasons (to remain compatible with Android 4.1 devices), the implementation SHOULD still accept SNEP GET requests for exchanging the handover request/select records over NFC. However an implementation itself SHOULD NOT send SNEP GET requests for performing connection handover. + </li> + <li>MUST poll for all supported technologies while in NFC discovery mode. + </li> + <li>SHOULD be in NFC discovery mode while the device is awake with the screen active and the lock-screen unlocked. + </li> + </ul> + </li> + </ul> + <p> + (Note that publicly available links are not available for the JIS, ISO, and NFC Forum specifications cited above.) + </p> + <p> + Android includes support for NFC Host Card Emulation (HCE) mode. If a device implementation does include an NFC controller chipset capable of HCE (for NfcA and/or NfcB) and it supports Application ID (AID) routing, then it: + </p> + <ul> + <li>MUST report the android.hardware.nfc.hce feature constant. + </li> + <li>MUST support <a href="http://developer.android.com/guide/topics/connectivity/nfc/hce.html">NFC HCE APIs</a> as defined in the Android SDK. + </li> + </ul> + <p> + If a device implementation does include an NFC controller chipset capable of HCE for NfcF, and it implements the feature for third-party applications, then it: + </p> + <ul> + <li>MUST report the android.hardware.nfc.hcef feature constant. + </li> + <li>MUST implement the [NfcF Card Emulation APIs] (https://developer.android.com/reference/android/nfc/cardemulation/NfcFCardEmulation.html) as defined in the Android SDK. + </li> + </ul> + <p> + Additionally, device implementations MAY include reader/writer support for the following MIFARE technologies. + </p> + <ul> + <li>MIFARE Classic + </li> + <li>MIFARE Ultralight + </li> + <li>NDEF on MIFARE Classic + </li> + </ul> + <p> + Note that Android includes APIs for these MIFARE types. If a device implementation supports MIFARE in the reader/writer role, it: + </p> + <ul> + <li>MUST implement the corresponding Android APIs as documented by the Android SDK. + </li> + <li>MUST report the feature com.nxp.mifare from the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager.hasSystemFeature()</a> method. Note that this is not a standard Android feature and as such does not appear as a constant in the android.content.pm.PackageManager class. + </li> + <li>MUST NOT implement the corresponding Android APIs nor report the com.nxp.mifare feature unless it also implements general NFC support as described in this section. + </li> + </ul> + <p> + If a device implementation does not include NFC hardware, it MUST NOT declare the android.hardware.nfc feature from the <a href="http://developer.android.com/reference/android/content/pm/PackageManager.html">android.content.pm.PackageManager.hasSystemFeature()</a> method, and MUST implement the Android NFC API as a no-op. + </p> + <p> + As the classes android.nfc.NdefMessage and android.nfc.NdefRecord represent a protocol-independent data representation format, device implementations MUST implement these APIs even if they do not include support for NFC or declare the android.hardware.nfc feature. + </p> + <h3> + 7.4.5. Minimum Network Capability + </h3> + <p> + Device implementations MUST include support for one or more forms of data networking. Specifically, device implementations MUST include support for at least one data standard capable of 200Kbit/sec or greater. Examples of technologies that satisfy this requirement include EDGE, HSPA, EV-DO, 802.11g, Ethernet, Bluetooth PAN, etc. + </p> + <p> + Device implementations where a physical networking standard (such as Ethernet) is the primary data connection SHOULD also include support for at least one common wireless data standard, such as 802.11 (Wi-Fi). + </p> + <p> + Devices MAY implement more than one form of data connectivity. + </p> + <p> + Devices MUST include an IPv6 networking stack and support IPv6 communication using the managed APIs, such as <code>java.net.Socket</code> and <code>java.net.URLConnection</code>, as well as the native APIs, such as <code>AF_INET6</code> sockets. The required level of IPv6 support depends on the network type, as follows: + </p> + <ul> + <li>Devices that support Wi-Fi networks MUST support dual-stack and IPv6-only operation on Wi-Fi. + </li> + <li>Devices that support Ethernet networks MUST support dual-stack operation on Ethernet. + </li> + <li>Devices that support cellular data SHOULD support IPv6 operation (IPv6-only and possibly dual-stack) on cellular data. + </li> + <li>When a device is simultaneously connected to more than one network (e.g., Wi-Fi and cellular data), it MUST simultaneously meet these requirements on each network to which it is connected. + </li> + </ul> + <p> + IPv6 MUST be enabled by default. + </p> + <p> + In order to ensure that IPv6 communication is as reliable as IPv4, unicast IPv6 packets sent to the device MUST NOT be dropped, even when the screen is not in an active state. Redundant multicast IPv6 packets, such as repeated identical Router Advertisements, MAY be rate-limited in hardware or firmware if doing so is necessary to save power. In such cases, rate-limiting MUST NOT cause the device to lose IPv6 connectivity on any IPv6-compliant network that uses RA lifetimes of at least 180 seconds. + </p> + <p> + IPv6 connectivity MUST be maintained in doze mode. + </p> + <h3> + 7.4.6. Sync Settings + </h3> + <p> + Device implementations MUST have the master auto-sync setting on by default so that the method <a href="http://developer.android.com/reference/android/content/ContentResolver.html">getMasterSyncAutomatically()</a> returns “true”. + </p> + <h3> + 7.4.7. Data Saver + </h3> + <p> + Device implementations with a metered connection are STRONGLY RECOMMENDED to provide the data saver mode. + </p> + <p> + If a device implementation provides the data saver mode, it: + </p> + <ul> + <li> + <p> + MUST support all the APIs in the <code>ConnectivityManager</code> class as described in the <a href="https://developer.android.com/training/basics/network-ops/data-saver.html">SDK documentation</a> + </p> + </li> + <li> + <p> + MUST provide a user interface in the settings, allowing users to add applications to or remove applications from the whitelist. + </p> + </li> + </ul> + <p> + Conversely if a device implementation does not provide the data saver mode, it: + </p> + <ul> + <li> + <p> + MUST return the value <code>RESTRICT_BACKGROUND_STATUS_DISABLED</code> for <a href="https://developer.android.com/reference/android/net/ConnectivityManager.html#getRestrictBackgroundStatus%28%29"><code>ConnectivityManager.getRestrictBackgroundStatus()</code></a> + </p> + </li> + <li> + <p> + MUST not broadcast <code>ConnectivityManager.ACTION_RESTRICT_BACKGROUND_CHANGED</code> + </p> + </li> + <li> + <p> + MUST have an activity that handles the <code>Settings.ACTION_IGNORE_BACKGROUND_DATA_RESTRICTIONS_SETTINGS</code> intent but MAY implement it as a no-op. + </p> + </li> + </ul> + <h2> + 7.5. Cameras + </h2> + <p> + Device implementations SHOULD include a rear-facing camera and MAY include a front-facing camera. A rear-facing camera is a camera located on the side of the device opposite the display; that is, it images scenes on the far side of the device, like a traditional camera. A front-facing camera is a camera located on the same side of the device as the display; that is, a camera typically used to image the user, such as for video conferencing and similar applications. + </p> + <p> + If a device implementation includes at least one camera, it MUST be possible for an application to simultaneously allocate 3 RGBA_8888 bitmaps equal to the size of the images produced by the largest-resolution camera sensor on the device, while camera is open for the purpose of basic preview and still capture. + </p> + <h3> + 7.5.1. Rear-Facing Camera + </h3> + <p> + Device implementations SHOULD include a rear-facing camera. If a device implementation includes at least one rear-facing camera, it: + </p> + <ul> + <li>MUST report the feature flag android.hardware.camera and android.hardware.camera.any. + </li> + <li>MUST have a resolution of at least 2 megapixels. + </li> + <li>SHOULD have either hardware auto-focus or software auto-focus implemented in the camera driver (transparent to application software). + </li> + <li>MAY have fixed-focus or EDOF (extended depth of field) hardware. + </li> + <li>MAY include a flash. If the Camera includes a flash, the flash lamp MUST NOT be lit while an android.hardware.Camera.PreviewCallback instance has been registered on a Camera preview surface, unless the application has explicitly enabled the flash by enabling the FLASH_MODE_AUTO or FLASH_MODE_ON attributes of a Camera.Parameters object. Note that this constraint does not apply to the device’s built-in system camera application, but only to third-party applications using Camera.PreviewCallback. + </li> + </ul> + <h3> + 7.5.2. Front-Facing Camera + </h3> + <p> + Device implementations MAY include a front-facing camera. If a device implementation includes at least one front-facing camera, it: + </p> + <ul> + <li>MUST report the feature flag android.hardware.camera.any and android.hardware.camera.front. + </li> + <li>MUST have a resolution of at least VGA (640x480 pixels). + </li> + <li>MUST NOT use a front-facing camera as the default for the Camera API. The camera API in Android has specific support for front-facing cameras and device implementations MUST NOT configure the API to to treat a front-facing camera as the default rear-facing camera, even if it is the only camera on the device. + </li> + <li>MAY include features (such as auto-focus, flash, etc.) available to rear-facing cameras as described in <a href="#7_5_1_rear-facing_camera">section 7.5.1</a>. + </li> + <li>MUST horizontally reflect (i.e. mirror) the stream displayed by an app in a CameraPreview, as follows: + <ul> + <li>If the device implementation is capable of being rotated by user (such as automatically via an accelerometer or manually via user input), the camera preview MUST be mirrored horizontally relative to the device’s current orientation. + </li> + <li>If the current application has explicitly requested that the Camera display be rotated via a call to the <a href="http://developer.android.com/reference/android/hardware/Camera.html#setDisplayOrientation(int)">android.hardware.Camera.setDisplayOrientation()</a> method, the camera preview MUST be mirrored horizontally relative to the orientation specified by the application. + </li> + <li>Otherwise, the preview MUST be mirrored along the device’s default horizontal axis. + </li> + </ul> + </li> + <li>MUST mirror the image displayed by the postview in the same manner as the camera preview image stream. If the device implementation does not support postview, this requirement obviously does not apply. + </li> + <li>MUST NOT mirror the final captured still image or video streams returned to application callbacks or committed to media storage. + </li> + </ul> + <h3> + 7.5.3. External Camera + </h3> + <p> + Device implementations MAY include support for an external camera that is not necessarily always connected. If a device includes support for an external camera, it: + </p> + <ul> + <li>MUST declare the platform feature flag <code>android.hardware.camera.external</code> and <code>android.hardware camera.any</code>. + </li> + <li>MAY support multiple cameras. + </li> + <li>MUST support USB Video Class (UVC 1.0 or higher) if the external camera connects through the USB port. + </li> + <li>SHOULD support video compressions such as MJPEG to enable transfer of high-quality unencoded streams (i.e. raw or independently compressed picture streams). + </li> + <li>MAY support camera-based video encoding. If supported, a simultaneous unencoded / MJPEG stream (QVGA or greater resolution) MUST be accessible to the device implementation. + </li> + </ul> + <h3> + 7.5.4. Camera API Behavior + </h3> + <p> + Android includes two API packages to access the camera, the newer android.hardware.camera2 API expose lower-level camera control to the app, including efficient zero-copy burst/streaming flows and per-frame controls of exposure, gain, white balance gains, color conversion, denoising, sharpening, and more. + </p> + <p> + The older API package, android.hardware.Camera, is marked as deprecated in Android 5.0 but as it should still be available for apps to use Android device implementations MUST ensure the continued support of the API as described in this section and in the Android SDK. + </p> + <p> + Device implementations MUST implement the following behaviors for the camera-related APIs, for all available cameras: + </p> + <ul> + <li>If an application has never called android.hardware.Camera.Parameters.setPreviewFormat(int), then the device MUST use android.hardware.PixelFormat.YCbCr_420_SP for preview data provided to application callbacks. + </li> + <li>If an application registers an android.hardware.Camera.PreviewCallback instance and the system calls the onPreviewFrame() method when the preview format is YCbCr_420_SP, the data in the byte[] passed into onPreviewFrame() must further be in the NV21 encoding format. That is, NV21 MUST be the default. + </li> + <li>For android.hardware.Camera, device implementations MUST support the YV12 format (as denoted by the android.graphics.ImageFormat.YV12 constant) for camera previews for both front- and rear-facing cameras. (The hardware video encoder and camera may use any native pixel format, but the device implementation MUST support conversion to YV12.) + </li> + <li>For android.hardware.camera2, device implementations must support the android.hardware.ImageFormat.YUV_420_888 and android.hardware.ImageFormat.JPEG formats as outputs through the android.media.ImageReader API. + </li> + </ul> + <p> + Device implementations MUST still implement the full <a href="http://developer.android.com/reference/android/hardware/Camera.html">Camera API</a> included in the Android SDK documentation, regardless of whether the device includes hardware autofocus or other capabilities. For instance, cameras that lack autofocus MUST still call any registered android.hardware.Camera.AutoFocusCallback instances (even though this has no relevance to a non-autofocus camera.) Note that this does apply to front-facing cameras; for instance, even though most front-facing cameras do not support autofocus, the API callbacks must still be “faked” as described. + </p> + <p> + Device implementations MUST recognize and honor each parameter name defined as a constant on the <a href="http://developer.android.com/reference/android/hardware/Camera.Parameters.html">android.hardware.Camera.Parameters</a> class, if the underlying hardware supports the feature. If the device hardware does not support a feature, the API must behave as documented. Conversely, device implementations MUST NOT honor or recognize string constants passed to the android.hardware.Camera.setParameters() method other than those documented as constants on the android.hardware.Camera.Parameters. That is, device implementations MUST support all standard Camera parameters if the hardware allows, and MUST NOT support custom Camera parameter types. For instance, device implementations that support image capture using high dynamic range (HDR) imaging techniques MUST support camera parameter Camera.SCENE_MODE_HDR. + </p> + <p> + Because not all device implementations can fully support all the features of the android.hardware.camera2 API, device implementations MUST report the proper level of support with the <a href="https://developer.android.com/reference/android/hardware/camera2/CameraCharacteristics.html#INFO_SUPPORTED_HARDWARE_LEVEL">android.info.supportedHardwareLevel</a> property as described in the Android SDK and report the appropriate <a href="http://source.android.com/devices/camera/versioning.html">framework feature flags</a>. + </p> + <p> + Device implementations MUST also declare its Individual camera capabilities of android.hardware.camera2 via the android.request.availableCapabilities property and declare the appropriate <a href="http://source.android.com/devices/camera/versioning.html">feature flags</a>; a device must define the feature flag if any of its attached camera devices supports the feature. + </p> + <p> + Device implementations MUST broadcast the Camera.ACTION_NEW_PICTURE intent whenever a new picture is taken by the camera and the entry of the picture has been added to the media store. + </p> + <p> + Device implementations MUST broadcast the Camera.ACTION_NEW_VIDEO intent whenever a new video is recorded by the camera and the entry of the picture has been added to the media store. + </p> + <h3> + 7.5.5. Camera Orientation + </h3> + <p> + Both front- and rear-facing cameras, if present, MUST be oriented so that the long dimension of the camera aligns with the screen’s long dimension. That is, when the device is held in the landscape orientation, cameras MUST capture images in the landscape orientation. This applies regardless of the device’s natural orientation; that is, it applies to landscape-primary devices as well as portrait-primary devices. + </p> + <h2> + 7.6. Memory and Storage + </h2> + <h3> + 7.6.1. Minimum Memory and Storage + </h3> + <div class="note"> + Android Television devices MUST have at least 4GB of non-volatile storage available for application private data. + </div> + <p> + The memory available to the kernel and userspace on device implementations MUST be at least equal or larger than the minimum values specified by the following table. (See <a href="#7_1_1_screen_configuration">section 7.1.1</a> for screen size and density definitions.) + </p> + <table> + <tr> + <th> + Density and screen size + </th> + <th> + 32-bit device + </th> + <th> + 64-bit device + </th> + </tr> + <tr> + <td> + Android Watch devices (due to smaller screens) + </td> + <td> + 416MB + </td> + <td> + Not applicable + </td> + </tr> + <tr> + <td> <ul> - <li> - <strong>70 ohm or less</strong> : KEYCODE_HEADSETHOOK + <li class="table_list">280dpi or lower on small/normal screens </li> - <li> - <strong>210-290 Ohm</strong> : KEYCODE_VOLUME_UP + <li class="table_list">mdpi or lower on large screens </li> - <li> - <strong>360-680 Ohm</strong> : KEYCODE_VOLUME_DOWN + <li class="table_list">ldpi or lower on extra large screens </li> </ul> - </li> - <li>STRONGLY RECOMMENDED to detect and map to the keycode for the following range of equivalent impedance between the microphone and ground conductors on the audio plug: + </td> + <td> + 512MB + </td> + <td> + 816MB + </td> + </tr> + <tr> + <td> <ul> - <li> - <strong>110-180 Ohm:</strong> KEYCODE_VOICE_ASSIST + <li class="table_list">xhdpi or higher on small/normal screens </li> - </ul> - </li> - <li>MUST trigger ACTION_HEADSET_PLUG upon a plug insert, but only after all contacts on plug are touching their relevant segments on the jack. - </li> - <li>MUST be capable of driving at least 150mV ± 10% of output voltage on a 32 Ohm speaker impedance. - </li> - <li>MUST have a microphone bias voltage between 1.8V ~ 2.9V. - </li> - </ul> - <h4 id="7_8_3_near-ultrasound"> - 7.8.3. Near-Ultrasound - </h4> - <p> - Near-Ultrasound audio is the 18.5 kHz to 20 kHz band. Device implementations MUST correctly report the support of near-ultrasound audio capability via the <a href="http://developer.android.com/reference/android/media/AudioManager.html#getProperty%28java.lang.String%29">AudioManager.getProperty</a> API as follows: - </p> - <ul> - <li>If <a href="http://developer.android.com/reference/android/media/AudioManager.html#PROPERTY_SUPPORT_MIC_NEAR_ULTRASOUND">PROPERTY_SUPPORT_MIC_NEAR_ULTRASOUND</a> is "true", then the following requirements must be met by the VOICE_RECOGNITION and UNPROCESSED audio sources: - <ul> - <li>The microphone's mean power response in the 18.5 kHz to 20 kHz band MUST be no more than 15 dB below the response at 2 kHz. + <li class="table_list">hdpi or higher on large screens </li> - <li>The microphone's unweighted signal to noise ratio over 18.5 kHz to 20 kHz for a 19 kHz tone at -26 dBFS MUST be no lower than 50 dB. + <li class="table_list">mdpi or higher on extra large screens </li> </ul> - </li> - <li>If <a href="http://developer.android.com/reference/android/media/AudioManager.html#PROPERTY_SUPPORT_SPEAKER_NEAR_ULTRASOUND">PROPERTY_SUPPORT_SPEAKER_NEAR_ULTRASOUND</a> is "true", then the speaker's mean response in 18.5 kHz - 20 kHz MUST be no lower than 40 dB below the response at 2 kHz. - </li> - </ul> - <h3 id="7_9_virtual_reality"> - 7.9. Virtual Reality - </h3> - <p> - Android includes APIs and facilities to build "Virtual Reality" (VR) applications including high quality mobile VR experiences. Device implementations MUST properly implement these APIs and behaviors, as detailed in this section. - </p> - <h4 id="7_9_1_virtual_reality_mode"> - 7.9.1. Virtual Reality Mode - </h4> - <p> - Android handheld device implementations that support a mode for VR applications that handles stereoscopic rendering of notifications and disable monocular system UI components while a VR application has user focus MUST declare <code>android.software.vr.mode</code> feature. Devices declaring this feature MUST include an application implementing <code>android.service.vr.VrListenerService</code> that can be enabled by VR applications via <code>android.app.Activity#setVrModeEnabled</code> . - </p> - <h4 id="7_9_2_virtual_reality_high_performance"> - 7.9.2. Virtual Reality High Performance - </h4> - <p> - Android handheld device implementations MUST identify the support of high performance virtual reality for longer user periods through the <code>android.hardware.vr.high_performance</code> feature flag and meet the following requirements. - </p> - <ul> - <li>Device implementations MUST have at least 2 physical cores. - </li> - <li>Device implementations MUST declare android.software.vr.mode feature. - </li> - <li>Device implementations MAY provide an exclusive core to the foreground application and MAY support the <code>Process.getExclusiveCores</code> API to return the numbers of the CPU cores that are exclusive to the top foreground application. If exclusive core is supported, then the core MUST not allow any other userspace processes to run on it (except device drivers used by the application), but MAY allow some kernel processes to run as necessary. - </li> - <li>Device implementations MUST support sustained performance mode. - </li> - <li>Device implementations MUST support OpenGL ES 3.2. - </li> - <li>Device implementations MUST support Vulkan Hardware Level 0 and SHOULD support Vulkan Hardware Level 1. - </li> - <li>Device implementations MUST implement EGL_KHR_mutable_render_buffer and EGL_ANDROID_front_buffer_auto_refresh, EGL_ANDROID_create_native_client_buffer, EGL_KHR_fence_sync and EGL_KHR_wait_sync so that they may be used for Shared Buffer Mode, and expose the extensions in the list of available EGL extensions. - </li> - <li>The GPU and display MUST be able to synchronize access to the shared front buffer such that alternating-eye rendering of VR content at 60fps with two render contexts will be displayed with no visible tearing artifacts. - </li> - <li>Device implementations MUST implement EGL_IMG_context_priority, and expose the extension in the list of available EGL extensions. - </li> - <li>Device implementations MUST implement GL_EXT_multisampled_render_to_texture, GL_OVR_multiview, GL_OVR_multiview2 and GL_OVR_multiview_multisampled_render_to_texture, and expose the extensions in the list of available GL extensions. - </li> - <li>Device implementations MUST implement EGL_EXT_protected_content and GL_EXT_protected_textures so that it may be used for Secure Texture Video Playback, and expose the extensions in the list of available EGL and GL extensions. - </li> - <li>Device implementations MUST support H.264 decoding at least 3840x2160@30fps-40Mbps (equivalent to 4 instances of 1920x1080@30fps-10Mbps or 2 instances of 1920x1080@60fps-20Mbps). - </li> - <li>Device implementations MUST support HEVC and VP9, MUST be capable to decode at least 1920x1080@30fps-10Mbps and SHOULD be capable to decode 3840x2160@30fps-20Mbps (equivalent to 4 instances of 1920x1080@30fps-5Mbps). - </li> - <li>The device implementations are STRONGLY RECOMMENDED to support android.hardware.sensor.hifi_sensors feature and MUST meet the gyroscope, accelerometer, and magnetometer related requirements for android.hardware.hifi_sensors. - </li> - <li>Device implementations MUST support HardwarePropertiesManager.getDeviceTemperatures API and return accurate values for skin temperature. - </li> - <li>The device implementation MUST have an embedded screen, and its resolution MUST be at least be FullHD(1080p) and STRONGLY RECOMMENDED TO BE be QuadHD (1440p) or higher. - </li> - <li>The display MUST measure between 4.7" and 6" diagonal. - </li> - <li>The display MUST update at least 60 Hz while in VR Mode. - </li> - <li>The display latency on Gray-to-Gray, White-to-Black, and Black-to-White switching time MUST be ≤ 3 ms. - </li> - <li>The display MUST support a low-persistence mode with ≤5 ms persistence,persistence being defined as the amount of time for which a pixel is emitting light. - </li> - <li>Device implementations MUST support Bluetooth 4.2 and Bluetooth LE Data Length Extension <a href="#7_4_3_bluetooth">section 7.4.3</a> . - </li> - </ul> - <h2 id="8_performance_and_power"> - 8. Performance and Power - </h2> - <p> - Some minimum performance and power criteria are critical to the user experience and impact the baseline assumptions developers would have when developing an app. Android Watch devices SHOULD and other type of device implementations MUST meet the following criteria. - </p> - <h3 id="8_1_user_experience_consistency"> - 8.1. User Experience Consistency - </h3> - <p> - Device implementations MUST provide a smooth user interface by ensuring a consistent frame rate and response times for applications and games. Device implementations MUST meet the following requirements: - </p> - <ul> - <li> - <strong>Consistent frame latency</strong> . Inconsistent frame latency or a delay to render frames MUST NOT happen more often than 5 frames in a second, and SHOULD be below 1 frames in a second. - </li> - <li> - <strong>User interface latency</strong> . Device implementations MUST ensure low latency user experience by scrolling a list of 10K list entries as defined by the Android Compatibility Test Suite (CTS) in less than 36 secs. - </li> - <li> - <strong>Task switching</strong> . When multiple applications have been launched, re-launching an already-running application after it has been launched MUST take less than 1 second. - </li> - </ul> - <h3 id="8_2_file_i/o_access_performance"> - 8.2. File I/O Access Performance - </h3> - <p> - Device implementations MUST ensure internal storage file access performance consistency for read and write operations. - </p> - <ul> - <li> - <strong>Sequential write</strong> . Device implementations MUST ensure a sequential write performance of at least 5MB/s for a 256MB file using 10MB write buffer. - </li> - <li> - <strong>Random write</strong> . Device implementations MUST ensure a random write performance of at least 0.5MB/s for a 256MB file using 4KB write buffer. - </li> - <li> - <strong>Sequential read</strong> . Device implementations MUST ensure a sequential read performance of at least 15MB/s for a 256MB file using 10MB write buffer. - </li> - <li> - <strong>Random read</strong> . Device implementations MUST ensure a random read performance of at least 3.5MB/s for a 256MB file using 4KB write buffer. - </li> - </ul> - <h3 id="8_3_power-saving_modes"> - 8.3. Power-Saving Modes - </h3> - <p> - Android 6.0 introduced App Standby and Doze power-saving modes to optimize battery usage. All Apps exempted from these modes MUST be made visible to the end user. Further, the triggering, maintenance, wakeup algorithms and the use of global system settings of these power-saving modes MUST not deviate from the Android Open Source Project. - </p> - <p> - In addition to the power-saving modes, Android device implementations MAY implement any or all of the 4 sleeping power states as defined by the Advanced Configuration and Power Interface (ACPI), but if it implements S3 and S4 power states, it can only enter these states when closing a lid that is physically part of the device. - </p> - <h3 id="8_4_power_consumption_accounting"> - 8.4. Power Consumption Accounting - </h3> - <p> - A more accurate accounting and reporting of the power consumption provides the app developer both the incentives and the tools to optimize the power usage pattern of the application. Therefore, device implementations: - </p> - <ul> - <li>MUST be able to track hardware component power usage and attribute that power usage to specific applications. Specifically, implementations: + </td> + <td> + 608MB + </td> + <td> + 944MB + </td> + </tr> + <tr> + <td> <ul> - <li>MUST provide a per-component power profile that defines the <a href="http://source.android.com/devices/tech/power/values.html">current consumption value</a> for each hardware component and the approximate battery drain caused by the components over time as documented in the Android Open Source Project site. + <li class="table_list">400dpi or higher on small/normal screens </li> - <li>MUST report all power consumption values in milliampere hours (mAh). + <li class="table_list">xhdpi or higher on large screens </li> - <li>SHOULD be attributed to the hardware component itself if unable to attribute hardware component power usage to an application. - </li> - <li>MUST report CPU power consumption per each process's UID. The Android Open Source Project meets the requirement through the <code>uid_cputime</code> kernel module implementation. + <li class="table_list">tvdpi or higher on extra large screens </li> </ul> - </li> - <li>MUST make this power usage available via the <a href="http://source.android.com/devices/tech/power/batterystats.html"><code>adb shell dumpsys batterystats</code></a> shell command to the app developer. - </li> - <li>MUST honor the <a href="http://developer.android.com/reference/android/content/Intent.html#ACTION_POWER_USAGE_SUMMARY">android.intent.action.POWER_USAGE_SUMMARY</a> intent and display a settings menu that shows this power usage. - </li> - </ul> - <h3 id="8_5_consistent_performance"> - 8.5. Consistent Performance - </h3> - <p> - Performance can fluctuate dramatically for high-performance long-running apps, either because of the other apps running in the background or the CPU throttling due to temperature limits. Android includes programmatic interfaces so that when the device is capable, the top foreground application can request that the system optimize the allocation of the resources to address such fluctuations. - </p> - <p> - Device implementations SHOULD support Sustained Performance Mode which can provide the top foreground application a consistent level of performance for a prolonged amount of time when requested through the <a href="https://developer.android.com/reference/android/view/Window.html#setSustainedPerformanceMode%28boolean%29"><code>Window.setSustainedPerformanceMode()</code></a> API method. A Device implementation MUST report the support of Sustained Performance Mode accurately through the <a href="https://developer.android.com/reference/android/os/PowerManager.html#isSustainedPerformanceModeSupported%28%29"><code>PowerManager.isSustainedPerformanceModeSupported()</code></a> API method. - </p> - <p> - Device implementations with two or more CPU cores SHOULD provide at least one exclusive core that can be reserved by the top foreground application. If provided, implementations MUST meet the following requirements: - </p> - <ul> - <li>Implementations MUST report through the <a href="https://developer.android.com/reference/android/os/Process.html#getExclusiveCores%28%29"><code>Process.getExclusiveCores()</code></a> API method the id numbers of the exclusive cores that can be reserved by the top foreground application. - </li> - <li>Device implementations MUST not allow any user space processes except the device drivers used by the application to run on the exclusive cores, but MAY allow some kernel processes to run as necessary. - </li> - </ul> - <p> - If a device implementation does not support an exclusive core, it MUST return an empty list through the <a href="https://developer.android.com/reference/android/os/Process.html#getExclusiveCores%28%29"><code>Process.getExclusiveCores()</code></a> API method. - </p> - <h2 id="9_security_model_compatibility"> - 9. Security Model Compatibility - </h2> - <p> - Device implementations MUST implement a security model consistent with the Android platform security model as defined in <a href="http://developer.android.com/guide/topics/security/permissions.html">Security and Permissions reference document</a> in the APIs in the Android developer documentation. Device implementations MUST support installation of self-signed applications without requiring any additional permissions/certificates from any third parties/authorities. Specifically, compatible devices MUST support the security mechanisms described in the follow subsections. - </p> - <h3 id="9_1_permissions"> - 9.1. Permissions - </h3> - <p> - Device implementations MUST support the <a href="http://developer.android.com/guide/topics/security/permissions.html">Android permissions model</a> as defined in the Android developer documentation. Specifically, implementations MUST enforce each permission defined as described in the SDK documentation; no permissions may be omitted, altered, or ignored. Implementations MAY add additional permissions, provided the new permission ID strings are not in the android.* namespace. - </p> - <p> - Permissions with a <code>protectionLevel</code> of <a href="https://developer.android.com/reference/android/content/pm/PermissionInfo.html#PROTECTION_FLAG_PRIVILEGED">'PROTECTION_FLAG_PRIVILEGED'</a> MUST only be granted to apps preloaded in the whitelisted privileged path(s) of the system image, such as the <code>system/priv-app</code> path in the AOSP implementation. - </p> - <p> - Permissions with a protection level of dangerous are runtime permissions. Applications with targetSdkVersion > 22 request them at runtime. Device implementations: - </p> - <ul> - <li>MUST show a dedicated interface for the user to decide whether to grant the requested runtime permissions and also provide an interface for the user to manage runtime permissions. - </li> - <li>MUST have one and only one implementation of both user interfaces. - </li> - <li>MUST NOT grant any runtime permissions to preinstalled apps unless: + </td> + <td> + 896MB + </td> + <td> + 1280MB + </td> + </tr> + <tr> + <td> <ul> - <li>the user's consent can be obtained before the application uses it - </li> - <li>the runtime permissions are associated with an intent pattern for which the preinstalled application is set as the default handler + <li class="table_list">560dpi or higher on small/normal screens </li> - </ul> - </li> - </ul> - <h3 id="9_2_uid_and_process_isolation"> - 9.2. UID and Process Isolation - </h3> - <p> - Device implementations MUST support the Android application sandbox model, in which each application runs as a unique Unixstyle UID and in a separate process. Device implementations MUST support running multiple applications as the same Linux user ID, provided that the applications are properly signed and constructed, as defined in the <a href="http://developer.android.com/guide/topics/security/permissions.html">Security and Permissions reference</a> . - </p> - <h3 id="9_3_filesystem_permissions"> - 9.3. Filesystem Permissions - </h3> - <p> - Device implementations MUST support the Android file access permissions model as defined in the <a href="http://developer.android.com/guide/topics/security/permissions.html">Security and Permissions reference</a> . - </p> - <h3 id="9_4_alternate_execution_environments"> - 9.4. Alternate Execution Environments - </h3> - <p> - Device implementations MAY include runtime environments that execute applications using some other software or technology than the Dalvik Executable Format or native code. However, such alternate execution environments MUST NOT compromise the Android security model or the security of installed Android applications, as described in this section. - </p> - <p> - Alternate runtimes MUST themselves be Android applications, and abide by the standard Android security model, as described elsewhere in <a href="#9_security_model_compatibility">section 9</a> . - </p> - <p> - Alternate runtimes MUST NOT be granted access to resources protected by permissions not requested in the runtime’s AndroidManifest.xml file via the <uses-permission> mechanism. - </p> - <p> - Alternate runtimes MUST NOT permit applications to make use of features protected by Android permissions restricted to system applications. - </p> - <p> - Alternate runtimes MUST abide by the Android sandbox model. Specifically, alternate runtimes: - </p> - <ul> - <li>SHOULD install apps via the PackageManager into separate Android sandboxes (Linux user IDs, etc.). - </li> - <li>MAY provide a single Android sandbox shared by all applications using the alternate runtime. - </li> - <li>Installed applications using an alternate runtime MUST NOT reuse the sandbox of any other app installed on the device, except through the standard Android mechanisms of shared user ID and signing certificate. - </li> - <li>MUST NOT launch with, grant, or be granted access to the sandboxes corresponding to other Android applications. - </li> - <li>MUST NOT be launched with, be granted, or grant to other applications any privileges of the superuser (root), or of any other user ID. - </li> - </ul> - <p> - The .apk files of alternate runtimes MAY be included in the system image of a device implementation, but MUST be signed with a key distinct from the key used to sign other applications included with the device implementation. - </p> - <p> - When installing applications, alternate runtimes MUST obtain user consent for the Android permissions used by the application. If an application needs to make use of a device resource for which there is a corresponding Android permission (such as Camera, GPS, etc.), the alternate runtime MUST inform the user that the application will be able to access that resource. If the runtime environment does not record application capabilities in this manner, the runtime environment MUST list all permissions held by the runtime itself when installing any application using that runtime. - </p> - <h3 id="9_5_multi-user_support"> - 9.5. Multi-User Support - </h3> - <div class="note"> - This feature is optional for all device types. - </div> - <p> - Android includes <a href="http://developer.android.com/reference/android/os/UserManager.html">support for multiple users</a> and provides support for full user isolation. Device implementations MAY enable multiple users, but when enabled MUST meet the following requirements related to <a href="http://source.android.com/devices/storage/traditional.html">multi-user support</a> : - </p> - <ul> - <li>Android Automotive device implementations with multi-user support enabled MUST include a guest account that allows all functions provided by the vehicle system without requiring a user to log in. - </li> - <li>Device implementations that do not declare the android.hardware.telephony feature flag MUST support restricted profiles, a feature that allows device owners to manage additional users and their capabilities on the device. With restricted profiles, device owners can quickly set up separate environments for additional users to work in, with the ability to manage finer-grained restrictions in the apps that are available in those environments. - </li> - <li>Conversely device implementations that declare the android.hardware.telephony feature flag MUST NOT support restricted profiles but MUST align with the AOSP implementation of controls to enable /disable other users from accessing the voice calls and SMS. - </li> - <li>Device implementations MUST, for each user, implement a security model consistent with the Android platform security model as defined in <a href="http://developer.android.com/guide/topics/security/permissions.html">Security and Permissions reference document</a> in the APIs. - </li> - <li>Each user instance on an Android device MUST have separate and isolated external storage directories. Device implementations MAY store multiple users' data on the same volume or filesystem. However, the device implementation MUST ensure that applications owned by and running on behalf a given user cannot list, read, or write to data owned by any other user. Note that removable media, such as SD card slots, can allow one user to access another’s data by means of a host PC. For this reason, device implementations that use removable media for the external storage APIs MUST encrypt the contents of the SD card if multiuser is enabled using a key stored only on non-removable media accessible only to the system. As this will make the media unreadable by a host PC, device implementations will be required to switch to MTP or a similar system to provide host PCs with access to the current user’s data. Accordingly, device implementations MAY but SHOULD NOT enable multi-user if they use <a href="http://developer.android.com/reference/android/os/Environment.html">removable media</a> for primary external storage. - </li> - </ul> - <h3 id="9_6_premium_sms_warning"> - 9.6. Premium SMS Warning - </h3> - <p> - Android includes support for warning users of any outgoing <a href="http://en.wikipedia.org/wiki/Short_code">premium SMS message</a> . Premium SMS messages are text messages sent to a service registered with a carrier that may incur a charge to the user. Device implementations that declare support for android.hardware.telephony MUST warn users before sending a SMS message to numbers identified by regular expressions defined in /data/misc/sms/codes.xml file in the device. The upstream Android Open Source Project provides an implementation that satisfies this requirement. - </p> - <h3 id="9_7_kernel_security_features"> - 9.7. Kernel Security Features - </h3> - <p> - The Android Sandbox includes features that use the Security-Enhanced Linux (SELinux) mandatory access control (MAC) system, seccomp sandboxing, and other security features in the Linux kernel. SELinux or any other security features implemented below the Android framework: - </p> - <ul> - <li>MUST maintain compatibility with existing applications. - </li> - <li>MUST NOT have a visible user interface when a security violation is detected and successfully blocked, but MAY have a visible user interface when an unblocked security violation occurs resulting in a successful exploit. - </li> - <li>SHOULD NOT be user or developer configurable. - </li> - </ul> - <p> - If any API for configuration of policy is exposed to an application that can affect another application (such as a Device Administration API), the API MUST NOT allow configurations that break compatibility. - </p> - <p> - Devices MUST implement SELinux or, if using a kernel other than Linux, an equivalent mandatory access control system. Devices MUST also meet the following requirements, which are satisfied by the reference implementation in the upstream Android Open Source Project. - </p> - <p> - Device implementations: - </p> - <ul> - <li>MUST set SELinux to global enforcing mode. - </li> - <li>MUST configure all domains in enforcing mode. No permissive mode domains are allowed, including domains specific to a device/vendor. - </li> - <li>MUST NOT modify, omit, or replace the neverallow rules present within the system/sepolicy folder provided in the upstream Android Open Source Project (AOSP) and the policy MUST compile with all neverallow rules present, for both AOSP SELinux domains as well as device/vendor specific domains. - </li> - <li>MUST split the media framework into multiple processes so that it is possible to more narrowly grant access for each process as <a href="https://source.android.com/devices/media/framework-hardening.html#arch_changes">described</a> in the Android Open Source Project site. - </li> - </ul> - <p> - Device implementations SHOULD retain the default SELinux policy provided in the system/sepolicy folder of the upstream Android Open Source Project and only further add to this policy for their own device-specific configuration. Device implementations MUST be compatible with the upstream Android Open Source Project. - </p> - <p> - Devices MUST implement a kernel application sandboxing mechanism which allows filtering of system calls using a configurable policy from multithreaded programs. The upstream Android Open Source Project meets this requirement through enabling the seccomp-BPF with threadgroup synchronization (TSYNC) as described <a href="http://source.android.com/devices/tech/config/kernel.html#Seccomp-BPF-TSYNC">in the Kernel Configuration section of source.android.com</a> . - </p> - <h3 id="9_8_privacy"> - 9.8. Privacy - </h3> - <p> - If the device implements functionality in the system that captures the contents displayed on the screen and/or records the audio stream played on the device, it MUST continuously notify the user whenever this functionality is enabled and actively capturing/recording. - </p> - <p> - If a device implementation has a mechanism that routes network data traffic through a proxy server or VPN gateway by default (for example, preloading a VPN service with android.permission.CONTROL_VPN granted), the device implementation MUST ask for the user's consent before enabling that mechanism, unless that VPN is enabled by the Device Policy Controller via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setAlwaysOnVpnPackage(android.content.ComponentName,%20java.lang.String,%20boolean)"><code>DevicePolicyManager.setAlwaysOnVpnPackage()</code></a> , in which case the user does not need to provide a separate consent, but MUST only be notified. - </p> - <p> - Device implementations MUST ship with an empty user-added Certificate Authority (CA) store, and MUST preinstall the same root certificates for the system-trusted CA store as <a href="https://source.android.com/security/overview/app-security.html#certificate-authorities">provided</a> in the upstream Android Open Source Project. - </p> - <p> - When devices are routed through a VPN, or a user root CA is installed, the implementation MUST display a warning indicating the network traffic may be monitored to the user. - </p> - <p> - If a device implementation has a USB port with USB peripheral mode support, it MUST present a user interface asking for the user's consent before allowing access to the contents of the shared storage over the USB port. - </p> - <h3 id="9_9_data_storage_encryption"> - 9.9. Data Storage Encryption - </h3> - <div class="note"> - Optional for Android device implementations without a secure lock screen. - </div> - <p> - If the device implementation supports a secure lock screen as described in section 9.11.1, then the device MUST support data storage encryption of the application private data (/data partition), as well as the application shared storage partition (/sdcard partition) if it is a permanent, non-removable part of the device. - </p> - <p> - For device implementations supporting data storage encryption and with Advanced Encryption Standard (AES) crypto performance above 50MiB/sec, the data storage encryption MUST be enabled by default at the time the user has completed the out-of-box setup experience. If a device implementation is already launched on an earlier Android version with encryption disabled by default, such a device cannot meet the requirement through a system software update and thus MAY be exempted. - </p> - <p> - Device implementations SHOULD meet the above data storage encryption requirement via implementing <a href="https://source.android.com/security/encryption/file-based.html">File Based Encryption</a> (FBE). - </p> - <h4 id="9_9_1_direct_boot"> - 9.9.1. Direct Boot - </h4> - <p> - All devices MUST implement the <a href="http://developer.android.com/preview/features/direct-boot.html">Direct Boot mode</a> APIs even if they do not support Storage Encryption. In particular, the <a href="https://developer.android.com/reference/android/content/Intent.html#LOCKED_BOOT_COMPLETED">LOCKED_BOOT_COMPLETED</a> and <a href="https://developer.android.com/reference/android/content/Intent.html#ACTION_USER_UNLOCKED">ACTION_USER_UNLOCKED</a> Intents must still be broadcast to signal Direct Boot aware applications that Device Encrypted (DE) and Credential Encrypted (CE) storage locations are available for user. - </p> - <h4 id="9_9_2_file_based_encryption"> - 9.9.2. File Based Encryption - </h4> - <p> - Device implementations supporting FBE: - </p> - <ul> - <li>MUST boot up without challenging the user for credentials and allow Direct Boot aware apps to access to the Device Encrypted (DE) storage after the LOCKED_BOOT_COMPLETED message is broadcasted. - </li> - <li>MUST only allow access to Credential Encrypted (CE) storage after the user has unlocked the device by supplying their credentials (eg. passcode, pin, pattern or fingerprint) and the ACTION_USER_UNLOCKED message is broadcasted. Device implementations MUST NOT offer any method to unlock the CE protected storage without the user supplied credentials. - </li> - <li>MUST support Verified Boot and ensure that DE keys are cryptographically bound to the device's hardware root of trust. - </li> - <li>MUST support encrypting file contents using AES with a key length of 256-bits in XTS mode. - </li> - <li>MUST support encrypting file name using AES with a key length of 256-bits in CBC-CTS mode. - </li> - <li>MAY support alternative ciphers, key lengths and modes for file content and file name encryption, but MUST use the mandatorily supported ciphers, key lengths and modes by default. - </li> - <li>SHOULD make preloaded essential apps (e.g. Alarm, Phone, Messenger) Direct Boot aware. - </li> - </ul> - <p> - The keys protecting CE and DE storage areas: - </p> - <ul> - <li>MUST be cryptographically bound to a hardware-backed Keystore. CE keys must be bound to a user's lock screen credentials. If the user has specified no lock screen credentials then the CE keys MUST be bound to a default passcode. - </li> - <li>MUST be unique and distinct, in other words no user's CE or DE key may match any other user's CE or DE keys. - </li> - </ul> - <p> - The upstream Android Open Source project provides a preferred implementation of this feature based on the Linux kernel ext4 encryption feature. - </p> - <h4 id="9_9_3_full_disk_encryption"> - 9.9.3. Full Disk Encryption - </h4> - <p> - Device implementations supporting <a href="http://source.android.com/devices/tech/security/encryption/index.html">full disk encryption</a> (FDE). MUST use AES with a key of 128-bits (or greater) and a mode designed for storage (for example, AES-XTS, AES-CBC-ESSIV). The encryption key MUST NOT be written to storage at any time without being encrypted. The user MUST be provided with the possibility to AES encrypt the encryption key, except when it is in active use, with the lock screen credentials stretched using a slow stretching algorithm (e.g. PBKDF2 or scrypt). If the user has not specified a lock screen credentials or has disabled use of the passcode for encryption, the system SHOULD use a default passcode to wrap the encryption key. If the device provides a hardware-backed keystore, the password stretching algorithm MUST be cryptographically bound to that keystore. The encryption key MUST NOT be sent off the device (even when wrapped with the user passcode and/or hardware bound key). The upstream Android Open Source project provides a preferred implementation of this feature based on the Linux kernel feature dm-crypt. - </p> - <h3 id="9_10_device_integrity"> - 9.10. Device Integrity - </h3> - <p> - The following requirements ensures there is transparancy to the status of the device integrity. - </p> - <p> - Device implementations MUST correctly report through the System API method PersistentDataBlockManager.getFlashLockState() whether their bootloader state permits flashing of the system image. The <code>FLASH_LOCK_UNKNOWN</code> state is reserved for device implementations upgrading from an earlier version of Android where this new system API method did not exist. - </p> - <p> - Verified boot is a feature that guarantees the integrity of the device software. If a device implementation supports the feature, it MUST: - </p> - <ul> - <li>Declare the platform feature flag android.software.verified_boot. - </li> - <li>Perform verification on every boot sequence. - </li> - <li>Start verification from an immutable hardware key that is the root of trust and go all the way up to the system partition. - </li> - <li>Implement each stage of verification to check the integrity and authenticity of all the bytes in the next stage before executing the code in the next stage. - </li> - <li>Use verification algorithms as strong as current recommendations from NIST for hashing algorithms (SHA-256) and public key sizes (RSA-2048). - </li> - <li>MUST NOT allow boot to complete when system verification fails, unless the user consents to attempt booting anyway, in which case the data from any non-verified storage blocks MUST not be used. - </li> - <li>MUST NOT allow verified partitions on the device to be modified unless the user has explicitly unlocked the boot loader. - </li> - </ul> - <p> - The upstream Android Open Source Project provides a preferred implementation of this feature based on the Linux kernel feature dm-verity. - </p> - <p> - Starting from Android 6.0, device implementations with Advanced Encryption Standard (AES) crypto performance above 50 MiB/seconds MUST support verified boot for device integrity. - </p> - <p> - If a device implementation is already launched without supporting verified boot on an earlier version of Android, such a device can not add support for this feature with a system software update and thus are exempted from the requirement. - </p> - <h3 id="9_11_keys_and_credentials"> - 9.11. Keys and Credentials - </h3> - <p> - The <a href="https://developer.android.com/training/articles/keystore.html">Android Keystore System</a> allows app developers to store cryptographic keys in a container and use them in cryptographic operations through the <a href="https://developer.android.com/reference/android/security/KeyChain.html">KeyChain API</a> or the <a href="https://developer.android.com/reference/java/security/KeyStore.html">Keystore API</a> . - </p> - <p> - All Android device implementations MUST meet the following requirements: - </p> - <ul> - <li>SHOULD not limit the number of keys that can be generated, and MUST at least allow more than 8,192 keys to be imported. - </li> - <li>The lock screen authentication MUST rate limit attempts and MUST have an exponential backoff algorithm. Beyond 150 failed attempts, the delay MUST be at least 24 hours per attempt. - </li> - <li>When the device implementation supports a secure lock screen it MUST back up the keystore implementation with secure hardware and meet following requirements: - <ul> - <li>MUST have hardware backed implementations of RSA, AES, ECDSA and HMAC cryptographic algorithms and MD5, SHA1, SHA-2 Family hash functions to properly support the <a href="https://developer.android.com/training/articles/keystore.html#SupportedAlgorithms">Android Keystore system's supported algorithms</a> . + <li class="table_list">400dpi or higher on large screens </li> - <li>MUST perform the lock screen authentication in the secure hardware and only when successful allow the authentication-bound keys to be used. The upstream Android Open Source Project provides the <a href="http://source.android.com/devices/tech/security/authentication/gatekeeper.html">Gatekeeper Hardware Abstraction Layer (HAL)</a> that can be used to satisfy this requirement. + <li class="table_list">xhdpi or higher on extra large screens </li> </ul> - </li> - </ul> - <p> - Note that if a device implementation is already launched on an earlier Android version, and does not have a fingerprint scanner, such a device is exempted from the requirement to have a hardware-backed keystore. - </p> - <h4 id="9_11_1_secure_lock_screen"> - 9.11.1. Secure Lock Screen - </h4> - <p> - Device implementations MAY add or modify the authentication methods to unlock the lock screen, but MUST still meet the following requirements: - </p> - <ul> - <li>The authentication method, if based on a known secret, MUST NOT be treated as a secure lock screen unless it meets all following requirements: - <ul> - <li>The entropy of the shortest allowed length of inputs MUST be greater than 10 bits. - </li> - <li>The maximum entropy of all possible inputs MUST be greater than 18 bits. - </li> - <li>MUST not replace any of the existing authentication methods (PIN, pattern, password) implemented and provided in AOSP. - </li> - <li>MUST be disabled when the Device Policy Controller (DPC) application has set the password quality policy via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordQuality%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setPasswordQuality()</code></a> method with a more restrictive quality constant than <code>PASSWORD_QUALITY_SOMETHING</code> . - </li> - </ul> - </li> - <li>The authenticaion method, if based on a physical token or the location, MUST NOT be treated as a secure lock screen unless it meets all following requirements: - <ul> - <li>It MUST have a fall-back mechanism to use one of the primary authentication methods which is based on a known secret and meets the requirements to be treated as a secure lock screen. - </li> - <li>It MUST be disabled and only allow the primary authentication to unlock the screen when the Device Policy Controller (DPC) application has set the policy with either the <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setKeyguardDisabledFeatures%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setKeyguardDisabledFeatures(KEYGUARD_DISABLE_TRUST_AGENTS)</code></a> method or the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordQuality%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setPasswordQuality()</code></a> method with a more restrictive quality constant than <code>PASSWORD_QUALITY_UNSPECIFIED</code> . - </li> - </ul> - </li> - <li>The authentication method, if based on biometrics, MUST NOT be treated as a secure lock screen unless it meets all following requirements: - <ul> - <li>It MUST have a fall-back mechanism to use one of the primary authentication methods which is based on a known secret and meets the requirements to be treated as a secure lock screen. - </li> - <li>It MUST be disabled and only allow the primary authentication to unlock the screen when the Device Policy Controller (DPC) application has set the keguard feature policy by calling the method <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setKeyguardDisabledFeatures%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setKeyguardDisabledFeatures(KEYGUARD_DISABLE_FINGERPRINT)</code></a> . - </li> - <li>It MUST have a false acceptance rate that is equal or stronger than what is required for a fingerprint sensor as described in section 7.3.10, or otherwise MUST be disabled and only allow the primary authentication to unlock the screen when the Device Policy Controller (DPC) application has set the password quality policy via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordQuality%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setPasswordQuality()</code></a> method with a more restrictive quality constant than <code>PASSWORD_QUALITY_BIOMETRIC_WEAK</code> . - </li> - </ul> - </li> - <li>If the authentication method can not be treated as a secure lock screen, it: - <ul> - <li>MUST return <code>false</code> for both the <a href="http://developer.android.com/reference/android/app/KeyguardManager.html#isKeyguardSecure%28%29"><code>KeyguardManager.isKeyguardSecure()</code></a> and the <a href="https://developer.android.com/reference/android/app/KeyguardManager.html#isDeviceSecure%28%29"><code>KeyguardManager.isDeviceSecure()</code></a> methods. - </li> - <li>MUST be disabled when the Device Policy Controller (DPC) application has set the password quality policy via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordQuality%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setPasswordQuality()</code></a> method with a more restrictive quality constant than <code>PASSWORD_QUALITY_UNSPECIFIED</code> . - </li> - <li>MUST NOT reset the password expiration timers set by <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordExpirationTimeout%28android.content.ComponentName,%20long%29"><code>DevicePolicyManager.setPasswordExpirationTimeout()</code></a> . - </li> - <li>MUST NOT authenticate access to keystores if the application has called <a href="https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder.html#setUserAuthenticationRequired%28boolean%29"><code>KeyGenParameterSpec.Builder.setUserAuthenticationRequired(true)</code></a> ). - </li> - </ul> - </li> - <li>If the authentication method is based on a physical token, the location, or biometrics that has higher false acceptance rate than what is required for fingerprint sensors as described in section 7.3.10, then it: - <ul> - <li>MUST NOT reset the password expiration timers set by <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordExpirationTimeout%28android.content.ComponentName,%20long%29"><code>DevicePolicyManager.setPasswordExpirationTimeout()</code></a> . - </li> - <li>MUST NOT authenticate access to keystores if the application has called <a href="https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder.html#setUserAuthenticationRequired%28boolean%29"><code>KeyGenParameterSpec.Builder.setUserAuthenticationRequired(true)</code></a> . - </li> - </ul> - </li> - </ul> - <h3 id="9_12_data_deletion"> - 9.12. Data Deletion - </h3> - <p> - Devices MUST provide users with a mechanism to perform a "Factory Data Reset" that allows logical and physical deletion of all data except for the following: - </p> - <ul> - <li>The system image - </li> - <li>Any operating system files required by the system image - </li> - </ul> - <p> - All user-generated data MUST be deleted. This MUST satisfy relevant industry standards for data deletion such as NIST SP800-88. This MUST be used for the implementation of the wipeData() API (part of the Android Device Administration API) described in <a href="#3_9_device_administration">section 3.9 Device Administration</a> . - </p> - <p> - Devices MAY provide a fast data wipe that conducts a logical data erase. - </p> - <h3 id="9_13_safe_boot_mode"> - 9.13. Safe Boot Mode - </h3> - <p> - Android provides a mode enabling users to boot up into a mode where only preinstalled system apps are allowed to run and all third-party apps are disabled. This mode, known as "Safe Boot Mode", provides the user the capability to uninstall potentially harmful third-party apps. - </p> - <p> - Android device implementations are STRONGLY RECOMENDED to implement Safe Boot Mode and meet following requirements: - </p> - <ul> - <li> - <p> - Device implementations SHOULD provide the user an option to enter Safe Boot Mode from the boot menu which is reachable through a workflow that is different from that of normal boot. - </p> - </li> - <li> - <p> - Device implementations MUST provide the user an option to enter Safe Boot Mode in such a way that is uninterruptible from third-party apps installed on the device, except for when the third party app is a Device Policy Controller and has set the <a href="https://developer.android.com/reference/android/os/UserManager.html#DISALLOW_SAFE_BOOT"><code>UserManager.DISALLOW_SAFE_BOOT</code></a> flag as true. - </p> - </li> - <li> - <p> - Device implementations MUST provide the user the capability to uninstall any third-party apps within Safe Mode. - </p> - </li> - </ul> - <h3 id="9_14_automotive_vehicle_system_isolation"> - 9.14. Automotive Vehicle System Isolation - </h3> - <p> - Android Automotive devices are expected to exchange data with critical vehicle subsystems, e.g., by using the <a href="http://source.android.com/devices/automotive.html">vehicle HAL</a> to send and receive messages over vehicle networks such as CAN bus. Android Automotive device implementations MUST implement security features below the Android framework layers to prevent malicious or unintentional interaction between the Android framework or third-party apps and vehicle subsystems. These security features are as follows: - </p> - <ul> - <li>Gatekeeping messages from Android framework vehicle subsystems, e.g., whitelisting permitted message types and message sources. - </li> - <li>Watchdog against denial of service attacks from the Android framework or third-party apps. This guards against malicious software flooding the vehicle network with traffic, which may lead to malfunctioning vehicle subsystems. - </li> - </ul> - <h2 id="10_software_compatibility_testing"> - 10. Software Compatibility Testing - </h2> - <p> - Device implementations MUST pass all tests described in this section. - </p> - <p> - However, note that no software test package is fully comprehensive. For this reason, device implementers are <strong>STRONGLY RECOMMENDED</strong> to make the minimum number of changes as possible to the reference and preferred implementation of Android available from the Android Open Source Project. This will minimize the risk of introducing bugs that create incompatibilities requiring rework and potential device updates. - </p> - <h3 id="10_1_compatibility_test_suite"> - 10.1. Compatibility Test Suite - </h3> - <p> - Device implementations MUST pass the <a href="http://source.android.com/compatibility/index.html">Android Compatibility Test Suite (CTS)</a> available from the Android Open Source Project, using the final shipping software on the device. Additionally, device implementers SHOULD use the reference implementation in the Android Open Source tree as much as possible, and MUST ensure compatibility in cases of ambiguity in CTS and for any reimplementations of parts of the reference source code. - </p> - <p> - The CTS is designed to be run on an actual device. Like any software, the CTS may itself contain bugs. The CTS will be versioned independently of this Compatibility Definition, and multiple revisions of the CTS may be released for Android 7.1. Device implementations MUST pass the latest CTS version available at the time the device software is completed. - </p> - <h3 id="10_2_cts_verifier"> - 10.2. CTS Verifier - </h3> - <p> - Device implementations MUST correctly execute all applicable cases in the CTS Verifier. The CTS Verifier is included with the Compatibility Test Suite, and is intended to be run by a human operator to test functionality that cannot be tested by an automated system, such as correct functioning of a camera and sensors. - </p> - <p> - The CTS Verifier has tests for many kinds of hardware, including some hardware that is optional. Device implementations MUST pass all tests for hardware that they possess; for instance, if a device possesses an accelerometer, it MUST correctly execute the Accelerometer test case in the CTS Verifier. Test cases for features noted as optional by this Compatibility Definition Document MAY be skipped or omitted. - </p> - <p> - Every device and every build MUST correctly run the CTS Verifier, as noted above. However, since many builds are very similar, device implementers are not expected to explicitly run the CTS Verifier on builds that differ only in trivial ways. Specifically, device implementations that differ from an implementation that has passed the CTS Verifier only by the set of included locales, branding, etc. MAY omit the CTS Verifier test. - </p> - <h2 id="11_updatable_software"> - 11. Updatable Software - </h2> - <p> - Device implementations MUST include a mechanism to replace the entirety of the system software. The mechanism need not perform “live” upgrades—that is, a device restart MAY be required. - </p> - <p> - Any method can be used, provided that it can replace the entirety of the software preinstalled on the device. For instance, any of the following approaches will satisfy this requirement: - </p> - <ul> - <li>“Over-the-air (OTA)” downloads with offline update via reboot. - </li> - <li>“Tethered” updates over USB from a host PC. - </li> - <li>“Offline” updates via a reboot and update from a file on removable storage. - </li> - </ul> - <p> - However, if the device implementation includes support for an unmetered data connection such as 802.11 or Bluetooth PAN (Personal Area Network) profile, it MUST support OTA downloads with offline update via reboot. - </p> - <p> - The update mechanism used MUST support updates without wiping user data. That is, the update mechanism MUST preserve application private data and application shared data. Note that the upstream Android software includes an update mechanism that satisfies this requirement. - </p> - <p> - For device implementations that are launching with Android 6.0 and later, the update mechanism SHOULD support verifying that the system image is binary identical to expected result following an OTA. The block-based OTA implementation in the upstream Android Open Source Project, added since Android 5.1, satisfies this requirement. - </p> - <p> - Also, device implementations SHOULD support <a href="https://source.android.com/devices/tech/ota/ab_updates.html">A/B system updates</a> . The AOSP implements this feature using the boot control HAL. - </p> - <p> - If an error is found in a device implementation after it has been released but within its reasonable product lifetime that is determined in consultation with the Android Compatibility Team to affect the compatibility of third-party applications, the device implementer MUST correct the error via a software update available that can be applied per the mechanism just described. - </p> - <p> - Android includes features that allow the Device Owner app (if present) to control the installation of system updates. To facilitate this, the system update subsystem for devices that report android.software.device_admin MUST implement the behavior described in the <a href="http://developer.android.com/reference/android/app/admin/SystemUpdatePolicy.html">SystemUpdatePolicy</a> class. - </p> - <h2 id="12_document_changelog"> - 12. Document Changelog - </h2> - <p> - For a summary of changes to the Compatibility Definition in this release: - </p> - <ul> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/?pretty=full&no-merges">Document changelog</a> - </li> - </ul> - <p> - For a summary of changes to individuals sections: - </p> - <ol> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/1_introduction?pretty=full&no-merges">Introduction</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/2_device_types?pretty=full&no-merges">Device Types</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/3_software?pretty=full&no-merges">Software</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/4_application-packaging?pretty=full&no-merges">Application Packaging</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/5_multimedia?pretty=full&no-merges">Multimedia</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/6_dev-tools-and-options?pretty=full&no-merges">Developer Tools and Options</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/7_hardware-compatibility?pretty=full&no-merges">Hardware Compatibility</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/8_performance-and-power?pretty=full&no-merges">Performance and Power</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/9_security-model?pretty=full&no-merges">Security Model</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/10_software-compatibility-testing?pretty=full&no-merges">Software Compatibility Testing</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/11_updatable-software?pretty=full&no-merges">Updatable Software</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/12_document-changelog?pretty=full&no-merges">Document Changelog</a> - </li> - <li> - <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/13_contact-us?pretty=full&no-merges">Contact Us</a> - </li> - </ol> - <h3 id="12_1_changelog_viewing_tips"> - 12.1. Changelog Viewing Tips - </h3> - <p> - Changes are marked as follows: - </p> - <ul> - <li> - <p> - <strong>CDD</strong><br /> - Substantive changes to the compatibility requirements. - </p> - </li> - <li> - <p> - <strong>Docs</strong><br /> - Cosmetic or build related changes. - </p> - </li> - </ul> - <p> - For best viewing, append the <code>pretty=full</code> and <code>no-merges</code> URL parameters to your changelog URLs. - </p> - <h2 id="13_contact_us"> - 13. Contact Us - </h2> - <p> - You can join the <a href="https://groups.google.com/forum/#!forum/android-compatibility">android-compatibility forum</a> and ask for clarifications or bring up any issues that you think the document does not cover. - </p> + </td> + <td> + 1344MB + </td> + <td> + 1824MB + </td> + </tr> + </table> + <p> + The minimum memory values MUST be in addition to any memory space already dedicated to hardware components such as radio, video, and so on that is not under the kernel’s control. + </p> + <p> + Device implementations with less than 512MB of memory available to the kernel and userspace, unless an Android Watch, MUST return the value "true" for ActivityManager.isLowRamDevice(). + </p> + <p> + Android Television devices MUST have at least 4GB and other device implementations MUST have at least 3GB of non-volatile storage available for application private data. That is, the /data partition MUST be at least 4GB for Android Television devices and at least 3GB for other device implementations. Device implementations that run Android are <strong>STRONGLY RECOMMENDED</strong> to have at least 4GB of non-volatile storage for application private data so they will be able to upgrade to the future platform releases. + </p> + <p> + The Android APIs include a <a href="http://developer.android.com/reference/android/app/DownloadManager.html">Download Manager</a> that applications MAY use to download data files. The device implementation of the Download Manager MUST be capable of downloading individual files of at least 100MB in size to the default “cache” location. + </p> + <h3> + 7.6.2. Application Shared Storage + </h3> + <p> + Device implementations MUST offer shared storage for applications also often referred as “shared external storage”. + </p> + <p> + Device implementations MUST be configured with shared storage mounted by default, “out of the box”. If the shared storage is not mounted on the Linuxpath /sdcard, then the device MUST include a Linux symbolic link from /sdcard to the actual mount point. + </p> + <p> + Device implementations MAY have hardware for user-accessible removable storage, such as a Secure Digital (SD) card slot. If this slot is used to satisfy the shared storage requirement, the device implementation: + </p> + <ul> + <li>MUST implement a toast or pop-up user interface warning the user when there is no SD card. + </li> + <li>MUST include a FAT-formatted SD card 1GB in size or larger OR show on the box and other material available at time of purchase that the SD card has to be separately purchased. + </li> + <li>MUST mount the SD card by default. + </li> + </ul> + <p> + Alternatively, device implementations MAY allocate internal (non-removable) storage as shared storage for apps as included in the upstream Android Open Source Project; device implementations SHOULD use this configuration and software implementation. If a device implementation uses internal (non-removable) storage to satisfy the shared storage requirement, while that storage MAY share space with the application private data, it MUST be at least 1GB in size and mounted on /sdcard (or /sdcard MUST be a symbolic link to the physical location if it is mounted elsewhere). + </p> + <p> + Device implementations MUST enforce as documented the android.permission.WRITE_EXTERNAL_STORAGE permission on this shared storage. Shared storage MUST otherwise be writable by any application that obtains that permission. + </p> + <p> + Device implementations that include multiple shared storage paths (such as both an SD card slot and shared internal storage) MUST allow only pre-installed & privileged Android applications with the WRITE_EXTERNAL_STORAGE permission to write to the secondary external storage, except when writing to their package-specific directories or within the <code>URI</code> returned by firing the <code>ACTION_OPEN_DOCUMENT_TREE</code> intent. + </p> + <p> + However, device implementations SHOULD expose content from both storage paths transparently through Android’s media scanner service and android.provider.MediaStore. + </p> + <p> + Regardless of the form of shared storage used, if the device implementation has a USB port with USB peripheral mode support, it MUST provide some mechanism to access the contents of shared storage from a host computer. Device implementations MAY use USB mass storage, but SHOULD use Media Transfer Protocol to satisfy this requirement. If the device implementation supports Media Transfer Protocol, it: + </p> + <ul> + <li>SHOULD be compatible with the reference Android MTP host, <a href="http://www.android.com/filetransfer">Android File Transfer</a>. + </li> + <li>SHOULD report a USB device class of 0x00. + </li> + <li>SHOULD report a USB interface name of 'MTP'. + </li> + </ul> + <h3> + 7.6.3. Adoptable Storage + </h3> + <p> + Device implementations are STRONGLY RECOMMENDED to implement <a href="http://source.android.com/devices/storage/adoptable.html">adoptable storage</a> if the removable storage device port is in a long-term stable location, such as within the battery compartment or other protective cover. + </p> + <p> + Device implementations such as a television, MAY enable adoption through USB ports as the device is expected to be static and not mobile. But for other device implementations that are mobile in nature, it is STRONGLY RECOMMENDED to implement the adoptable storage in a long-term stable location, since accidentally disconnecting them can cause data loss/corruption. + </p> + <h2> + 7.7. USB + </h2> + <p> + Device implementations SHOULD support USB peripheral mode and SHOULD support USB host mode. + </p> + <h3> + 7.7.1. USB peripheral mode + </h3> + <p> + If a device implementation includes a USB port supporting peripheral mode: + </p> + <ul> + <li>The port MUST be connectable to a USB host that has a standard type-A or type-C USB port. + </li> + <li>The port SHOULD use micro-B, micro-AB or Type-C USB form factor. Existing and new Android devices are <strong>STRONGLY RECOMMENDED to meet these requirements</strong> so they will be able to upgrade to the future platform releases. + </li> + <li>The port SHOULD be located on the bottom of the device (according to natural orientation) or enable software screen rotation for all apps (including home screen), so that the display draws correctly when the device is oriented with the port at bottom. Existing and new Android devices are <strong>STRONGLY RECOMMENDED to meet these requirements</strong> so they will be able to upgrade to future platform releases. + </li> + <li>It MUST allow a USB host connected with the Android device to access the contents of the shared storage volume using either USB mass storage or Media Transfer Protocol. + </li> + <li>It SHOULD implement the Android Open Accessory (AOA) API and specification as documented in the Android SDK documentation, and if it is an Android Handheld device it MUST implement the AOA API. Device implementations implementing the AOA specification: + <ul> + <li>MUST declare support for the hardware feature <a href="http://developer.android.com/guide/topics/connectivity/usb/accessory.html">android.hardware.usb.accessory</a>. + </li> + <li>MUST implement the <a href="http://developer.android.com/reference/android/hardware/usb/UsbConstants.html#USB_CLASS_AUDIO">USB audio class</a> as documented in the Android SDK documentation. + </li> + <li>The USB mass storage class MUST include the string "android" at the end of the interface description <code>iInterface</code> string of the USB mass storage + </li> + </ul> + </li> + <li>It SHOULD implement support to draw 1.5 A current during HS chirp and traffic as specified in the <a href="http://www.usb.org/developers/docs/devclass_docs/BCv1.2_070312.zip">USB Battery Charging specification, revision 1.2</a>. Existing and new Android devices are <strong>STRONGLY RECOMMENDED to meet these requirements</strong> so they will be able to upgrade to the future platform releases. + </li> + <li>Type-C devices MUST detect 1.5A and 3.0A chargers per the Type-C resistor standard and it must detect changes in the advertisement. + </li> + <li>Type-C devices also supporting USB host mode are STRONGLY RECOMMENDED to support Power Delivery for data and power role swapping. + </li> + <li>Type-C devices SHOULD support Power Delivery for high-voltage charging and support for Alternate Modes such as display out. + </li> + <li>The value of iSerialNumber in USB standard device descriptor MUST be equal to the value of android.os.Build.SERIAL. + </li> + <li>Type-C devices are STRONGLY RECOMMENDED to not support proprietary charging methods that modify Vbus voltage beyond default levels, or alter sink/source roles as such may result in interoperability issues with the chargers or devices that support the standard USB Power Delivery methods. While this is called out as "STRONGLY RECOMMENDED", in future Android versions we might REQUIRE all type-C devices to support full interoperability with standard type-C chargers. + </li> + </ul> + <h3> + 7.7.2. USB host mode + </h3> + <p> + If a device implementation includes a USB port supporting host mode, it: + </p> + <ul> + <li>SHOULD use a type-C USB port, if the device implementation supports USB 3.1. + </li> + <li>MAY use a non-standard port form factor, but if so MUST ship with a cable or cables adapting the port to a standard type-A or type-C USB port. + </li> + <li>MAY use a micro-AB USB port, but if so SHOULD ship with a cable or cables adapting the port to a standard type-A or type-C USB port. + </li> + <li>is <strong>STRONGLY RECOMMENDED</strong> to implement the <a href="http://developer.android.com/reference/android/hardware/usb/UsbConstants.html#USB_CLASS_AUDIO">USB audio class</a> as documented in the Android SDK documentation. + </li> + <li>MUST implement the Android USB host API as documented in the Android SDK, and MUST declare support for the hardware feature <a href="http://developer.android.com/guide/topics/connectivity/usb/host.html">android.hardware.usb.host</a>. + </li> + <li>SHOULD support device charging while in host mode; advertising a source current of at least 1.5A as specified in the Termination Parameters section of the [USB Type-C Cable and Connector Specification Revision 1.2] (http://www.usb.org/developers/docs/usb_31_021517.zip) for USB Type-C connectors or using Charging Downstream Port(CDP) output current range as specified in the <a href="http://www.usb.org/developers/docs/devclass_docs/BCv1.2_070312.zip">USB Battery Charging specifications, revision 1.2</a> for Micro-AB connectors. + </li> + <li>USB Type-C devices are STRONGLY RECOMMENDED to support DisplayPort, SHOULD support USB SuperSpeed Data Rates, and are STRONGLY RECOMMENDED to support Power Delivery for data and power role swapping. + </li> + <li>Devices with any type-A or type-AB ports MUST NOT ship with an adapter converting from this port to a type-C receptacle. + </li> + <li>MUST recognize any remotely connected MTP (Media Transfer Protocol) devices and make their contents accessible through the <code>ACTION_GET_CONTENT</code>, <code>ACTION_OPEN_DOCUMENT</code>, and <code>ACTION_CREATE_DOCUMENT</code> intents, if the Storage Access Framework (SAF) is supported. + </li> + <li>MUST, if using a Type-C USB port and including support for peripheral mode, implement Dual Role Port functionality as defined by the USB Type-C specification (section 4.5.1.3.3). + </li> + <li>SHOULD, if the Dual Role Port functionality is supported, implement the Try.* model that is most appropriate for the device form factor. For example a handheld device SHOULD implement the Try.SNK model. + </li> + </ul> + <h2> + 7.8. Audio + </h2> + <h3> + 7.8.1. Microphone + </h3> + <div class="note"> + Android Handheld, Watch, and Automotive implementations MUST include a microphone. + </div> + <p> + Device implementations MAY omit a microphone. However, if a device implementation omits a microphone, it MUST NOT report the android.hardware.microphone feature constant, and MUST implement the audio recording API at least as no-ops, per <a href="#7_hardware_compatibility">section 7</a>. Conversely, device implementations that do possess a microphone: + </p> + <ul> + <li>MUST report the android.hardware.microphone feature constant. + </li> + <li>MUST meet the audio recording requirements in <a href="#5_4_audio_recording">section 5.4</a>. + </li> + <li>MUST meet the audio latency requirements in <a href="#5_6_audio_latency">section 5.6</a>. + </li> + <li>STRONGLY RECOMMENDED to support near-ultrasound recording as described in <a href="#7_8_3_near_ultrasound">section 7.8.3</a>. + </li> + </ul> + <h3> + 7.8.2. Audio Output + </h3> + <div class="note"> + Android Watch devices MAY include an audio output. + </div> + <p> + Device implementations including a speaker or with an audio/multimedia output port for an audio output peripheral as a headset or an external speaker: + </p> + <ul> + <li>MUST report the android.hardware.audio.output feature constant. + </li> + <li>MUST meet the audio playback requirements in <a href="#5_5_audio_playback">section 5.5</a>. + </li> + <li>MUST meet the audio latency requirements in <a href="#5_6_audio_latency">section 5.6</a>. + </li> + <li>STRONGLY RECOMMENDED to support near-ultrasound playback as described in <a href="#7_8_3_near_ultrasound">section 7.8.3</a>. + </li> + </ul> + <p> + Conversely, if a device implementation does not include a speaker or audio output port, it MUST NOT report the android.hardware.audio output feature, and MUST implement the Audio Output related APIs as no-ops at least. + </p> + <p> + Android Watch device implementation MAY but SHOULD NOT have audio output, but other types of Android device implementations MUST have an audio output and declare android.hardware.audio.output. + </p> + <h4> + 7.8.2.1. Analog Audio Ports + </h4> + <p> + In order to be compatible with the <a href="http://source.android.com/accessories/headset-spec.html">headsets and other audio accessories</a> using the 3.5mm audio plug across the Android ecosystem, if a device implementation includes one or more analog audio ports, at least one of the audio port(s) SHOULD be a 4 conductor 3.5mm audio jack. If a device implementation has a 4 conductor 3.5mm audio jack, it: + </p> + <ul> + <li>MUST support audio playback to stereo headphones and stereo headsets with a microphone, and SHOULD support audio recording from stereo headsets with a microphone. + </li> + <li>MUST support TRRS audio plugs with the CTIA pin-out order, and SHOULD support audio plugs with the OMTP pin-out order. + </li> + <li>MUST support the detection of microphone on the plugged in audio accessory, if the device implementation supports a microphone, and broadcast the android.intent.action.HEADSET_PLUG with the extra value microphone set as 1. + </li> + <li>MUST support the detection and mapping to the keycodes for the following 3 ranges of equivalent impedance between the microphone and ground conductors on the audio plug: + <ul> + <li> + <strong>70 ohm or less</strong>: KEYCODE_HEADSETHOOK + </li> + <li> + <strong>210-290 Ohm</strong>: KEYCODE_VOLUME_UP + </li> + <li> + <strong>360-680 Ohm</strong>: KEYCODE_VOLUME_DOWN + </li> + </ul> + </li> + <li>STRONGLY RECOMMENDED to detect and map to the keycode for the following range of equivalent impedance between the microphone and ground conductors on the audio plug: + <ul> + <li> + <strong>110-180 Ohm:</strong> KEYCODE_VOICE_ASSIST + </li> + </ul> + </li> + <li>MUST trigger ACTION_HEADSET_PLUG upon a plug insert, but only after all contacts on plug are touching their relevant segments on the jack. + </li> + <li>MUST be capable of driving at least 150mV ± 10% of output voltage on a 32 Ohm speaker impedance. + </li> + <li>MUST have a microphone bias voltage between 1.8V ~ 2.9V. + </li> + </ul> + <h3> + 7.8.3. Near-Ultrasound + </h3> + <p> + Near-Ultrasound audio is the 18.5 kHz to 20 kHz band. Device implementations MUST correctly report the support of near-ultrasound audio capability via the <a href="http://developer.android.com/reference/android/media/AudioManager.html#getProperty%28java.lang.String%29">AudioManager.getProperty</a> API as follows: + </p> + <ul> + <li>If <a href="http://developer.android.com/reference/android/media/AudioManager.html#PROPERTY_SUPPORT_MIC_NEAR_ULTRASOUND">PROPERTY_SUPPORT_MIC_NEAR_ULTRASOUND</a> is "true", then the following requirements must be met by the VOICE_RECOGNITION and UNPROCESSED audio sources: + <ul> + <li>The microphone's mean power response in the 18.5 kHz to 20 kHz band MUST be no more than 15 dB below the response at 2 kHz. + </li> + <li>The microphone's unweighted signal to noise ratio over 18.5 kHz to 20 kHz for a 19 kHz tone at -26 dBFS MUST be no lower than 50 dB. + </li> + </ul> + </li> + <li>If <a href="http://developer.android.com/reference/android/media/AudioManager.html#PROPERTY_SUPPORT_SPEAKER_NEAR_ULTRASOUND">PROPERTY_SUPPORT_SPEAKER_NEAR_ULTRASOUND</a> is "true", then the speaker's mean response in 18.5 kHz - 20 kHz MUST be no lower than 40 dB below the response at 2 kHz. + </li> + </ul> + <h2> + 7.9. Virtual Reality + </h2> + <p> + Android includes APIs and facilities to build "Virtual Reality" (VR) applications including high quality mobile VR experiences. Device implementations MUST properly implement these APIs and behaviors, as detailed in this section. + </p> + <h3> + 7.9.1. Virtual Reality Mode + </h3> + <p> + Android handheld device implementations that support a mode for VR applications that handles stereoscopic rendering of notifications and disable monocular system UI components while a VR application has user focus MUST declare <code>android.software.vr.mode</code> feature. Devices declaring this feature MUST include an application implementing <code>android.service.vr.VrListenerService</code> that can be enabled by VR applications via <code>android.app.Activity#setVrModeEnabled</code>. + </p> + <h3> + 7.9.2. Virtual Reality High Performance + </h3> + <p> + Android handheld device implementations MUST identify the support of high performance virtual reality for longer user periods through the <code>android.hardware.vr.high_performance</code> feature flag and meet the following requirements. + </p> + <ul> + <li>Device implementations MUST have at least 2 physical cores. + </li> + <li>Device implementations MUST declare android.software.vr.mode feature. + </li> + <li>Device implementations MAY provide an exclusive core to the foreground application and MAY support the Process.getExclusiveCores API to return the numbers of the cpu cores that are exclusive to the top foreground application. If exclusive core is supported then the core MUST not allow any other userspace processes to run on it (except device drivers used by the application), but MAY allow some kernel processes to run as necessary. + </li> + <li>Device implementations MUST support sustained performance mode. + </li> + <li>Device implementations MUST support OpenGL ES 3.2. + </li> + <li>Device implementations MUST support Vulkan Hardware Level 0 and SHOULD support Vulkan Hardware Level 1. + </li> + <li>Device implementations MUST implement EGL_KHR_mutable_render_buffer and EGL_ANDROID_front_buffer_auto_refresh, EGL_ANDROID_create_native_client_buffer, EGL_KHR_fence_sync and EGL_KHR_wait_sync so that they may be used for Shared Buffer Mode, and expose the extensions in the list of available EGL extensions. + </li> + <li>The GPU and display MUST be able to synchronize access to the shared front buffer such that alternating-eye rendering of VR content at 60fps with two render contexts will be displayed with no visible tearing artifacts. + </li> + <li>Device implementations MUST implement EGL_IMG_context_priority, and expose the extension in the list of available EGL extensions. + </li> + <li>Device implementations MUST implement GL_EXT_multisampled_render_to_texture, GL_OVR_multiview, GL_OVR_multiview2 and GL_OVR_multiview_multisampled_render_to_texture, and expose the extensions in the list of available GL extensions. + </li> + <li>Device implementations MUST implement EGL_EXT_protected_content and GL_EXT_protected_textures so that it may be used for Secure Texture Video Playback, and expose the extensions in the list of available EGL and GL extensions. + </li> + <li>Device implementations MUST support H.264 decoding at least 3840x2160@30fps-40Mbps (equivalent to 4 instances of 1920x1080@30fps-10Mbps or 2 instances of 1920x1080@60fps-20Mbps). + </li> + <li>Device implementations MUST support HEVC and VP9, MUST be capable to decode at least 1920x1080@30fps-10Mbps and SHOULD be capable to decode 3840x2160@30fps-20Mbps (equivalent to 4 instances of 1920x1080@30fps-5Mbps). + </li> + <li>The device implementations are STRONGLY RECOMMENDED to support android.hardware.sensor.hifi_sensors feature and MUST meet the gyroscope, accelerometer, and magnetometer related requirements for android.hardware.hifi_sensors. + </li> + <li>Device implementations MUST support HardwarePropertiesManager.getDeviceTemperatures API and return accurate values for skin temperature. + </li> + <li>The device implementation MUST have an embedded screen, and its resolution MUST be at least be FullHD(1080p) and STRONGLY RECOMMENDED TO BE be QuadHD (1440p) or higher. + </li> + <li>The display MUST measure between 4.7" and 6" diagonal. + </li> + <li>The display MUST update at least 60 Hz while in VR Mode. + </li> + <li>The display latency on Gray-to-Gray, White-to-Black, and Black-to-White switching time MUST be ≤ 3 ms. + </li> + <li>The display MUST support a low-persistence mode with ≤5 ms persistence,persistence being defined as the amount of time for which a pixel is emitting light. + </li> + <li>Device implementations MUST support Bluetooth 4.2 and Bluetooth LE Data Length Extension <a href="#7_4_3_bluetooth">section 7.4.3</a>. + </li> + </ul> + <h1> + 8. Performance and Power + </h1> + <p> + Some minimum performance and power criteria are critical to the user experience and impact the baseline assumptions developers would have when developing an app. Android Watch devices SHOULD and other type of device implementations MUST meet the following criteria. + </p> + <h2> + 8.1. User Experience Consistency + </h2> + <p> + Device implementations MUST provide a smooth user interface by ensuring a consistent frame rate and response times for applications and games. Device implementations MUST meet the following requirements: + </p> + <ul> + <li> + <strong>Consistent frame latency</strong>. Inconsistent frame latency or a delay to render frames MUST NOT happen more often than 5 frames in a second, and SHOULD be below 1 frames in a second. + </li> + <li> + <strong>User interface latency</strong>. Device implementations MUST ensure low latency user experience by scrolling a list of 10K list entries as defined by the Android Compatibility Test Suite (CTS) in less than 36 secs. + </li> + <li> + <strong>Task switching</strong>. When multiple applications have been launched, re-launching an already-running application after it has been launched MUST take less than 1 second. + </li> + </ul> + <h2> + 8.2. File I/O Access Performance + </h2> + <p> + Device implementations MUST ensure internal storage file access performance consistency for read and write operations. + </p> + <ul> + <li> + <strong>Sequential write</strong>. Device implementations MUST ensure a sequential write performance of at least 5MB/s for a 256MB file using 10MB write buffer. + </li> + <li> + <strong>Random write</strong>. Device implementations MUST ensure a random write performance of at least 0.5MB/s for a 256MB file using 4KB write buffer. + </li> + <li> + <strong>Sequential read</strong>. Device implementations MUST ensure a sequential read performance of at least 15MB/s for a 256MB file using 10MB write buffer. + </li> + <li> + <strong>Random read</strong>. Device implementations MUST ensure a random read performance of at least 3.5MB/s for a 256MB file using 4KB write buffer. + </li> + </ul> + <h2> + 8.3. Power-Saving Modes + </h2> + <p> + Android 6.0 introduced App Standby and Doze power-saving modes to optimize battery usage. All Apps exempted from these modes MUST be made visible to the end user. Further, the triggering, maintenance, wakeup algorithms and the use of global system settings of these power-saving modes MUST not deviate from the Android Open Source Project. + </p> + <p> + In addition to the power-saving modes, Android device implementations MAY implement any or all of the 4 sleeping power states as defined by the Advanced Configuration and Power Interface (ACPI), but if it implements S3 and S4 power states, it can only enter these states when closing a lid that is physically part of the device. + </p> + <h2> + 8.4. Power Consumption Accounting + </h2> + <p> + A more accurate accounting and reporting of the power consumption provides the app developer both the incentives and the tools to optimize the power usage pattern of the application. Therefore, device implementations: + </p> + <ul> + <li>MUST be able to track hardware component power usage and attribute that power usage to specific applications. Specifically, implementations: + <ul> + <li>MUST provide a per-component power profile that defines the <a href="http://source.android.com/devices/tech/power/values.html">current consumption value</a> for each hardware component and the approximate battery drain caused by the components over time as documented in the Android Open Source Project site. + </li> + <li>MUST report all power consumption values in milliampere hours (mAh). + </li> + <li>SHOULD be attributed to the hardware component itself if unable to attribute hardware component power usage to an application. + </li> + <li>MUST report CPU power consumption per each process's UID. The Android Open Source Project meets the requirement through the <code>uid_cputime</code> kernel module implementation. + </li> + </ul> + </li> + <li>MUST make this power usage available via the <a href="http://source.android.com/devices/tech/power/batterystats.html"><code>adb shell dumpsys batterystats</code></a> shell command to the app developer. + </li> + <li>MUST honor the <a href="http://developer.android.com/reference/android/content/Intent.html#ACTION_POWER_USAGE_SUMMARY">android.intent.action.POWER_USAGE_SUMMARY</a> intent and display a settings menu that shows this power usage. + </li> + </ul> + <h2> + 8.5. Consistent Performance + </h2> + <p> + Performance can fluctuate dramatically for high-performance long-running apps, either because of the other apps running in the background or the CPU throttling due to temperature limits. Android includes programmatic interfaces so that when the device is capable, the top foreground application can request that the system optimize the allocation of the resources to address such fluctuations. + </p> + <p> + Device implementations SHOULD support Sustained Performance Mode which can provide the top foreground application a consistent level of performance for a prolonged amount of time when requested through the <a href="https://developer.android.com/reference/android/view/Window.html#setSustainedPerformanceMode%28boolean%29"><code>Window.setSustainedPerformanceMode()</code></a> API method. A Device implementation MUST report the support of Sustained Performance Mode accurately through the <a href="https://developer.android.com/reference/android/os/PowerManager.html#isSustainedPerformanceModeSupported%28%29"><code>PowerManager.isSustainedPerformanceModeSupported()</code></a> API method. + </p> + <p> + Device implementations with two or more CPU cores SHOULD provide at least one exclusive core that can be reserved by the top foreground application. If provided, implementations MUST meet the following requirements: + </p> + <ul> + <li>Implementations MUST report through the <a href="https://developer.android.com/reference/android/os/Process.html#getExclusiveCores%28%29"><code>Process.getExclusiveCores()</code></a> API method the id numbers of the exclusive cores that can be reserved by the top foreground application. + </li> + <li>Device implementations MUST not allow any user space processes except the device drivers used by the application to run on the exclusive cores, but MAY allow some kernel processes to run as necessary. + </li> + </ul> + <p> + If a device implementation does not support an exclusive core, it MUST return an empty list through the <a href="https://developer.android.com/reference/android/os/Process.html#getExclusiveCores%28%29"><code>Process.getExclusiveCores()</code></a> API method. + </p> + <h1> + 9. Security Model Compatibility + </h1> + <p> + Device implementations MUST implement a security model consistent with the Android platform security model as defined in <a href="http://developer.android.com/guide/topics/security/permissions.html">Security and Permissions reference document</a> in the APIs in the Android developer documentation. Device implementations MUST support installation of self-signed applications without requiring any additional permissions/certificates from any third parties/authorities. Specifically, compatible devices MUST support the security mechanisms described in the follow subsections. + </p> + <h2> + 9.1. Permissions + </h2> + <p> + Device implementations MUST support the <a href="http://developer.android.com/guide/topics/security/permissions.html">Android permissions model</a> as defined in the Android developer documentation. Specifically, implementations MUST enforce each permission defined as described in the SDK documentation; no permissions may be omitted, altered, or ignored. Implementations MAY add additional permissions, provided the new permission ID strings are not in the android.* namespace. + </p> + <p> + Permissions with a <code>protectionLevel</code> of <a href="https://developer.android.com/reference/android/content/pm/PermissionInfo.html#PROTECTION_FLAG_PRIVILEGED">'PROTECTION_FLAG_PRIVILEGED'</a> MUST only be granted to apps preloaded in the whitelisted privileged path(s) of the system image, such as the <code>system/priv-app</code> path in the AOSP implementation. + </p> + <p> + Permissions with a protection level of dangerous are runtime permissions. Applications with targetSdkVersion > 22 request them at runtime. Device implementations: + </p> + <ul> + <li>MUST show a dedicated interface for the user to decide whether to grant the requested runtime permissions and also provide an interface for the user to manage runtime permissions. + </li> + <li>MUST have one and only one implementation of both user interfaces. + </li> + <li>MUST NOT grant any runtime permissions to preinstalled apps unless: + <ul> + <li>the user's consent can be obtained before the application uses it + </li> + <li>the runtime permissions are associated with an intent pattern for which the preinstalled application is set as the default handler + </li> + </ul> + </li> + </ul> + <h2> + 9.2. UID and Process Isolation + </h2> + <p> + Device implementations MUST support the Android application sandbox model, in which each application runs as a unique Unixstyle UID and in a separate process. Device implementations MUST support running multiple applications as the same Linux user ID, provided that the applications are properly signed and constructed, as defined in the <a href="http://developer.android.com/guide/topics/security/permissions.html">Security and Permissions reference</a>. + </p> + <h2> + 9.3. Filesystem Permissions + </h2> + <p> + Device implementations MUST support the Android file access permissions model as defined in the <a href="http://developer.android.com/guide/topics/security/permissions.html">Security and Permissions reference</a>. + </p> + <h2> + 9.4. Alternate Execution Environments + </h2> + <p> + Device implementations MAY include runtime environments that execute applications using some other software or technology than the Dalvik Executable Format or native code. However, such alternate execution environments MUST NOT compromise the Android security model or the security of installed Android applications, as described in this section. + </p> + <p> + Alternate runtimes MUST themselves be Android applications, and abide by the standard Android security model, as described elsewhere in <a href="#9_security_model_compatibility">section 9</a>. + </p> + <p> + Alternate runtimes MUST NOT be granted access to resources protected by permissions not requested in the runtime’s AndroidManifest.xml file via the <uses-permission> mechanism. + </p> + <p> + Alternate runtimes MUST NOT permit applications to make use of features protected by Android permissions restricted to system applications. + </p> + <p> + Alternate runtimes MUST abide by the Android sandbox model. Specifically, alternate runtimes: + </p> + <ul> + <li>SHOULD install apps via the PackageManager into separate Android sandboxes (Linux user IDs, etc.). + </li> + <li>MAY provide a single Android sandbox shared by all applications using the alternate runtime. + </li> + <li>Installed applications using an alternate runtime MUST NOT reuse the sandbox of any other app installed on the device, except through the standard Android mechanisms of shared user ID and signing certificate. + </li> + <li>MUST NOT launch with, grant, or be granted access to the sandboxes corresponding to other Android applications. + </li> + <li>MUST NOT be launched with, be granted, or grant to other applications any privileges of the superuser (root), or of any other user ID. + </li> + </ul> + <p> + The .apk files of alternate runtimes MAY be included in the system image of a device implementation, but MUST be signed with a key distinct from the key used to sign other applications included with the device implementation. + </p> + <p> + When installing applications, alternate runtimes MUST obtain user consent for the Android permissions used by the application. If an application needs to make use of a device resource for which there is a corresponding Android permission (such as Camera, GPS, etc.), the alternate runtime MUST inform the user that the application will be able to access that resource. If the runtime environment does not record application capabilities in this manner, the runtime environment MUST list all permissions held by the runtime itself when installing any application using that runtime. + </p> + <h2> + 9.5. Multi-User Support + </h2> + <div class="note"> + This feature is optional for all device types. + </div> + <p> + Android includes <a href="http://developer.android.com/reference/android/os/UserManager.html">support for multiple users</a> and provides support for full user isolation. Device implementations MAY enable multiple users, but when enabled MUST meet the following requirements related to <a href="http://source.android.com/devices/storage/traditional.html">multi-user support</a>: + </p> + <ul> + <li>Android Automotive device implementations with multi-user support enabled MUST include a guest account that allows all functions provided by the vehicle system without requiring a user to log in. + </li> + <li>Device implementations that do not declare the android.hardware.telephony feature flag MUST support restricted profiles, a feature that allows device owners to manage additional users and their capabilities on the device. With restricted profiles, device owners can quickly set up separate environments for additional users to work in, with the ability to manage finer-grained restrictions in the apps that are available in those environments. + </li> + <li>Conversely device implementations that declare the android.hardware.telephony feature flag MUST NOT support restricted profiles but MUST align with the AOSP implementation of controls to enable /disable other users from accessing the voice calls and SMS. + </li> + <li>Device implementations MUST, for each user, implement a security model consistent with the Android platform security model as defined in <a href="http://developer.android.com/guide/topics/security/permissions.html">Security and Permissions reference document</a> in the APIs. + </li> + <li>Each user instance on an Android device MUST have separate and isolated external storage directories. Device implementations MAY store multiple users' data on the same volume or filesystem. However, the device implementation MUST ensure that applications owned by and running on behalf a given user cannot list, read, or write to data owned by any other user. Note that removable media, such as SD card slots, can allow one user to access another’s data by means of a host PC. For this reason, device implementations that use removable media for the external storage APIs MUST encrypt the contents of the SD card if multiuser is enabled using a key stored only on non-removable media accessible only to the system. As this will make the media unreadable by a host PC, device implementations will be required to switch to MTP or a similar system to provide host PCs with access to the current user’s data. Accordingly, device implementations MAY but SHOULD NOT enable multi-user if they use <a href="http://developer.android.com/reference/android/os/Environment.html">removable media</a> for primary external storage. + </li> + </ul> + <h2> + 9.6. Premium SMS Warning + </h2> + <p> + Android includes support for warning users of any outgoing <a href="http://en.wikipedia.org/wiki/Short_code">premium SMS message</a>. Premium SMS messages are text messages sent to a service registered with a carrier that may incur a charge to the user. Device implementations that declare support for android.hardware.telephony MUST warn users before sending a SMS message to numbers identified by regular expressions defined in /data/misc/sms/codes.xml file in the device. The upstream Android Open Source Project provides an implementation that satisfies this requirement. + </p> + <h2> + 9.7. Kernel Security Features + </h2> + <p> + The Android Sandbox includes features that use the Security-Enhanced Linux (SELinux) mandatory access control (MAC) system, seccomp sandboxing, and other security features in the Linux kernel. SELinux or any other security features implemented below the Android framework: + </p> + <ul> + <li>MUST maintain compatibility with existing applications. + </li> + <li>MUST NOT have a visible user interface when a security violation is detected and successfully blocked, but MAY have a visible user interface when an unblocked security violation occurs resulting in a successful exploit. + </li> + <li>SHOULD NOT be user or developer configurable. + </li> + </ul> + <p> + If any API for configuration of policy is exposed to an application that can affect another application (such as a Device Administration API), the API MUST NOT allow configurations that break compatibility. + </p> + <p> + Devices MUST implement SELinux or, if using a kernel other than Linux, an equivalent mandatory access control system. Devices MUST also meet the following requirements, which are satisfied by the reference implementation in the upstream Android Open Source Project. + </p> + <p> + Device implementations: + </p> + <ul> + <li>MUST set SELinux to global enforcing mode. + </li> + <li>MUST configure all domains in enforcing mode. No permissive mode domains are allowed, including domains specific to a device/vendor. + </li> + <li>MUST NOT modify, omit, or replace the neverallow rules present within the system/sepolicy folder provided in the upstream Android Open Source Project (AOSP) and the policy MUST compile with all neverallow rules present, for both AOSP SELinux domains as well as device/vendor specific domains. + </li> + <li>MUST split the media framework into multiple processes so that it is possible to more narrowly grant access for each process as <a href="https://source.android.com/devices/media/framework-hardening.html#arch_changes">described</a> in the Android Open Source Project site. + </li> + </ul> + <p> + Device implementations SHOULD retain the default SELinux policy provided in the system/sepolicy folder of the upstream Android Open Source Project and only further add to this policy for their own device-specific configuration. Device implementations MUST be compatible with the upstream Android Open Source Project. + </p> + <p> + Devices MUST implement a kernel application sandboxing mechanism which allows filtering of system calls using a configurable policy from multithreaded programs. The upstream Android Open Source Project meets this requirement through enabling the seccomp-BPF with threadgroup synchronization (TSYNC) as described <a href="http://source.android.com/devices/tech/config/kernel.html#Seccomp-BPF-TSYNC">in the Kernel Configuration section of source.android.com</a>. + </p> + <h2> + 9.8. Privacy + </h2> + <p> + If the device implements functionality in the system that captures the contents displayed on the screen and/or records the audio stream played on the device, it MUST continuously notify the user whenever this functionality is enabled and actively capturing/recording. + </p> + <p> + If a device implementation has a mechanism that routes network data traffic through a proxy server or VPN gateway by default (for example, preloading a VPN service with android.permission.CONTROL_VPN granted), the device implementation MUST ask for the user's consent before enabling that mechanism, unless that VPN is enabled by the Device Policy Controller via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setAlwaysOnVpnPackage(android.content.ComponentName,%20java.lang.String,%20boolean)"><code>DevicePolicyManager.setAlwaysOnVpnPackage()</code></a> , in which case the user does not need to provide a separate consent, but MUST only be notified. + </p> + <p> + Device implementations MUST ship with an empty user-added Certificate Authority (CA) store, and MUST preinstall the same root certificates for the system-trusted CA store as <a href="https://source.android.com/security/overview/app-security.html#certificate-authorities">provided</a> in the upstream Android Open Source Project. + </p> + <p> + When devices are routed through a VPN, or a user root CA is installed, the implementation MUST display a warning indicating the network traffic may be monitored to the user. + </p> + <p> + If a device implementation has a USB port with USB peripheral mode support, it MUST present a user interface asking for the user's consent before allowing access to the contents of the shared storage over the USB port. + </p> + <h2> + 9.9. Data Storage Encryption + </h2> + <div class="note"> + Optional for Android device implementations without a secure lock screen. + </div> + <p> + If the device implementation supports a secure lock screen as described in section 9.11.1, then the device MUST support data storage encryption of the application private data (/data partition), as well as the application shared storage partition (/sdcard partition) if it is a permanent, non-removable part of the device. + </p> + <p> + For device implementations supporting data storage encryption and with Advanced Encryption Standard (AES) crypto performance above 50MiB/sec, the data storage encryption MUST be enabled by default at the time the user has completed the out-of-box setup experience. If a device implementation is already launched on an earlier Android version with encryption disabled by default, such a device cannot meet the requirement through a system software update and thus MAY be exempted. + </p> + <p> + Device implementations SHOULD meet the above data storage encryption requirement via implementing <a href="https://source.android.com/security/encryption/file-based.html">File Based Encryption</a> (FBE). + </p> + <h3> + 9.9.1. Direct Boot + </h3> + <p> + All devices MUST implement the <a href="http://developer.android.com/preview/features/direct-boot.html">Direct Boot mode</a> APIs even if they do not support Storage Encryption. In particular, the <a href="https://developer.android.com/reference/android/content/Intent.html#LOCKED_BOOT_COMPLETED">LOCKED_BOOT_COMPLETED</a> and <a href="https://developer.android.com/reference/android/content/Intent.html#ACTION_USER_UNLOCKED">ACTION_USER_UNLOCKED</a> Intents must still be broadcast to signal Direct Boot aware applications that Device Encrypted (DE) and Credential Encrypted (CE) storage locations are available for user. + </p> + <h3> + 9.9.2. File Based Encryption + </h3> + <p> + Device implementations supporting FBE: + </p> + <ul> + <li>MUST boot up without challenging the user for credentials and allow Direct Boot aware apps to access to the Device Encrypted (DE) storage after the LOCKED_BOOT_COMPLETED message is broadcasted. + </li> + <li>MUST only allow access to Credential Encrypted (CE) storage after the user has unlocked the device by supplying their credentials (eg. passcode, pin, pattern or fingerprint) and the ACTION_USER_UNLOCKED message is broadcasted. Device implementations MUST NOT offer any method to unlock the CE protected storage without the user supplied credentials. + </li> + <li>MUST support Verified Boot and ensure that DE keys are cryptographically bound to the device's hardware root of trust. + </li> + <li>MUST support encrypting file contents using AES with a key length of 256-bits in XTS mode. + </li> + <li>MUST support encrypting file name using AES with a key length of 256-bits in CBC-CTS mode. + </li> + <li>MAY support alternative ciphers, key lengths and modes for file content and file name encryption, but MUST use the mandatorily supported ciphers, key lengths and modes by default. + </li> + <li>SHOULD make preloaded essential apps (e.g. Alarm, Phone, Messenger) Direct Boot aware. + </li> + </ul> + <p> + The keys protecting CE and DE storage areas: + </p> + <ul> + <li>MUST be cryptographically bound to a hardware-backed Keystore. CE keys must be bound to a user's lock screen credentials. If the user has specified no lock screen credentials then the CE keys MUST be bound to a default passcode. + </li> + <li>MUST be unique and distinct, in other words no user's CE or DE key may match any other user's CE or DE keys. + </li> + </ul> + <p> + The upstream Android Open Source project provides a preferred implementation of this feature based on the Linux kernel ext4 encryption feature. + </p> + <h3> + 9.9.3. Full Disk Encryption + </h3> + <p> + Device implementations supporting <a href="http://source.android.com/devices/tech/security/encryption/index.html">full disk encryption</a> (FDE). MUST use AES with a key of 128-bits (or greater) and a mode designed for storage (for example, AES-XTS, AES-CBC-ESSIV). The encryption key MUST NOT be written to storage at any time without being encrypted. The user MUST be provided with the possibility to AES encrypt the encryption key, except when it is in active use, with the lock screen credentials stretched using a slow stretching algorithm (e.g. PBKDF2 or scrypt). If the user has not specified a lock screen credentials or has disabled use of the passcode for encryption, the system SHOULD use a default passcode to wrap the encryption key. If the device provides a hardware-backed keystore, the password stretching algorithm MUST be cryptographically bound to that keystore. The encryption key MUST NOT be sent off the device (even when wrapped with the user passcode and/or hardware bound key). The upstream Android Open Source project provides a preferred implementation of this feature based on the Linux kernel feature dm-crypt. + </p> + <h2> + 9.10. Device Integrity + </h2> + <p> + The following requirements ensures there is transparancy to the status of the device integrity. + </p> + <p> + Device implementations MUST correctly report through the System API method PersistentDataBlockManager.getFlashLockState() whether their bootloader state permits flashing of the system image. The <code>FLASH_LOCK_UNKNOWN</code> state is reserved for device implementations upgrading from an earlier version of Android where this new system API method did not exist. + </p> + <p> + Verified boot is a feature that guarantees the integrity of the device software. If a device implementation supports the feature, it MUST: + </p> + <ul> + <li>Declare the platform feature flag android.software.verified_boot. + </li> + <li>Perform verification on every boot sequence. + </li> + <li>Start verification from an immutable hardware key that is the root of trust and go all the way up to the system partition. + </li> + <li>Implement each stage of verification to check the integrity and authenticity of all the bytes in the next stage before executing the code in the next stage. + </li> + <li>Use verification algorithms as strong as current recommendations from NIST for hashing algorithms (SHA-256) and public key sizes (RSA-2048). + </li> + <li>MUST NOT allow boot to complete when system verification fails, unless the user consents to attempt booting anyway, in which case the data from any non-verified storage blocks MUST not be used. + </li> + <li>MUST NOT allow verified partitions on the device to be modified unless the user has explicitly unlocked the boot loader. + </li> + </ul> + <p> + The upstream Android Open Source Project provides a preferred implementation of this feature based on the Linux kernel feature dm-verity. + </p> + <p> + Starting from Android 6.0, device implementations with Advanced Encryption Standard (AES) crypto performance above 50 MiB/seconds MUST support verified boot for device integrity. + </p> + <p> + If a device implementation is already launched without supporting verified boot on an earlier version of Android, such a device can not add support for this feature with a system software update and thus are exempted from the requirement. + </p> + <h2> + 9.11. Keys and Credentials + </h2> + <p> + The <a href="https://developer.android.com/training/articles/keystore.html">Android Keystore System</a> allows app developers to store cryptographic keys in a container and use them in cryptographic operations through the <a href="https://developer.android.com/reference/android/security/KeyChain.html">KeyChain API</a> or the <a href="https://developer.android.com/reference/java/security/KeyStore.html">Keystore API</a>. + </p> + <p> + All Android device implementations MUST meet the following requirements: + </p> + <ul> + <li>SHOULD not limit the number of keys that can be generated, and MUST at least allow more than 8,192 keys to be imported. + </li> + <li>The lock screen authentication MUST rate limit attempts and MUST have an exponential backoff algorithm. Beyond 150 failed attempts, the delay MUST be at least 24 hours per attempt. + </li> + <li>When the device implementation supports a secure lock screen it MUST back up the keystore implementation with secure hardware and meet following requirements: + <ul> + <li>MUST have hardware backed implementations of RSA, AES, ECDSA and HMAC cryptographic algorithms and MD5, SHA1, SHA-2 Family hash functions to properly support the <a href="https://developer.android.com/training/articles/keystore.html#SupportedAlgorithms">Android Keystore system's supported algorithms</a>. + </li> + <li>MUST perform the lock screen authentication in the secure hardware and only when successful allow the authentication-bound keys to be used. The upstream Android Open Source Project provides the <a href="http://source.android.com/devices/tech/security/authentication/gatekeeper.html">Gatekeeper Hardware Abstraction Layer (HAL)</a> that can be used to satisfy this requirement. + </li> + </ul> + </li> + </ul> + <p> + Note that if a device implementation is already launched on an earlier Android version, such a device is exempted from the requirement to have a hardware-backed keystore, unless it declares the <code>android.hardware.fingerprint</code> feature which requires a hardware-backed keystore. + </p> + <h3> + 9.11.1. Secure Lock Screen + </h3> + <p> + Device implementations MAY add or modify the authentication methods to unlock the lock screen, but MUST still meet the following requirements: + </p> + <ul> + <li>The authentication method, if based on a known secret, MUST NOT be treated as a secure lock screen unless it meets all following requirements: + <ul> + <li>The entropy of the shortest allowed length of inputs MUST be greater than 10 bits. + </li> + <li>The maximum entropy of all possible inputs MUST be greater than 18 bits. + </li> + <li>MUST not replace any of the existing authentication methods (PIN, pattern, password) implemented and provided in AOSP. + </li> + <li>MUST be disabled when the Device Policy Controller (DPC) application has set the password quality policy via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordQuality%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setPasswordQuality()</code></a> method with a more restrictive quality constant than <code>PASSWORD_QUALITY_SOMETHING</code>. + </li> + </ul> + </li> + <li>The authenticaion method, if based on a physical token or the location, MUST NOT be treated as a secure lock screen unless it meets all following requirements: + <ul> + <li>It MUST have a fall-back mechanism to use one of the primary authentication methods which is based on a known secret and meets the requirements to be treated as a secure lock screen. + </li> + <li>It MUST be disabled and only allow the primary authentication to unlock the screen when the Device Policy Controller (DPC) application has set the policy with either the <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setKeyguardDisabledFeatures%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setKeyguardDisabledFeatures(KEYGUARD_DISABLE_TRUST_AGENTS)</code></a> method or the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordQuality%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setPasswordQuality()</code></a> method with a more restrictive quality constant than <code>PASSWORD_QUALITY_UNSPECIFIED</code>. + </li> + </ul> + </li> + <li>The authentication method, if based on biometrics, MUST NOT be treated as a secure lock screen unless it meets all following requirements: + <ul> + <li>It MUST have a fall-back mechanism to use one of the primary authentication methods which is based on a known secret and meets the requirements to be treated as a secure lock screen. + </li> + <li>It MUST be disabled and only allow the primary authentication to unlock the screen when the Device Policy Controller (DPC) application has set the keguard feature policy by calling the method <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setKeyguardDisabledFeatures%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setKeyguardDisabledFeatures(KEYGUARD_DISABLE_FINGERPRINT)</code></a>. + </li> + <li>It MUST have a false acceptance rate that is equal or stronger than what is required for a fingerprint sensor as described in section 7.3.10, or otherwise MUST be disabled and only allow the primary authentication to unlock the screen when the Device Policy Controller (DPC) application has set the password quality policy via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordQuality%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setPasswordQuality()</code></a> method with a more restrictive quality constant than <code>PASSWORD_QUALITY_BIOMETRIC_WEAK</code>. + </li> + </ul> + </li> + <li>If the authentication method can not be treated as a secure lock screen, it: + <ul> + <li>MUST return <code>false</code> for both the <a href="http://developer.android.com/reference/android/app/KeyguardManager.html#isKeyguardSecure%28%29"><code>KeyguardManager.isKeyguardSecure()</code></a> and the <a href="https://developer.android.com/reference/android/app/KeyguardManager.html#isDeviceSecure%28%29"><code>KeyguardManager.isDeviceSecure()</code></a> methods. + </li> + <li>MUST be disabled when the Device Policy Controller (DPC) application has set the password quality policy via the <a href="https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordQuality%28android.content.ComponentName,%20int%29"><code>DevicePolicyManager.setPasswordQuality()</code></a> method with a more restrictive quality constant than <code>PASSWORD_QUALITY_UNSPECIFIED</code>. + </li> + <li>MUST NOT reset the password expiration timers set by <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordExpirationTimeout%28android.content.ComponentName,%20long%29"><code>DevicePolicyManager.setPasswordExpirationTimeout()</code></a>. + </li> + <li>MUST NOT authenticate access to keystores if the application has called <a href="https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder.html#setUserAuthenticationRequired%28boolean%29"><code>KeyGenParameterSpec.Builder.setUserAuthenticationRequired(true)</code></a>). + </li> + </ul> + </li> + <li>If the authentication method is based on a physical token, the location, or biometrics that has higher false acceptance rate than what is required for fingerprint sensors as described in section 7.3.10, then it: + <ul> + <li>MUST NOT reset the password expiration timers set by <a href="http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setPasswordExpirationTimeout%28android.content.ComponentName,%20long%29"><code>DevicePolicyManager.setPasswordExpirationTimeout()</code></a>. + </li> + <li>MUST NOT authenticate access to keystores if the application has called <a href="https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder.html#setUserAuthenticationRequired%28boolean%29"><code>KeyGenParameterSpec.Builder.setUserAuthenticationRequired(true)</code></a>. + </li> + </ul> + </li> + </ul> + <h2> + 9.12. Data Deletion + </h2> + <p> + Devices MUST provide users with a mechanism to perform a "Factory Data Reset" that allows logical and physical deletion of all data except for the following: + </p> + <ul> + <li>The system image + </li> + <li>Any operating system files required by the system image + </li> + </ul> + <p> + All user-generated data MUST be deleted. This MUST satisfy relevant industry standards for data deletion such as NIST SP800-88. This MUST be used for the implementation of the wipeData() API (part of the Android Device Administration API) described in <a href="#3_9_device_administration">section 3.9 Device Administration</a>. + </p> + <p> + Devices MAY provide a fast data wipe that conducts a logical data erase. + </p> + <h2> + 9.13. Safe Boot Mode + </h2> + <p> + Android provides a mode enabling users to boot up into a mode where only preinstalled system apps are allowed to run and all third-party apps are disabled. This mode, known as "Safe Boot Mode", provides the user the capability to uninstall potentially harmful third-party apps. + </p> + <p> + Android device implementations are STRONGLY RECOMENDED to implement Safe Boot Mode and meet following requirements: + </p> + <ul> + <li> + <p> + Device implementations SHOULD provide the user an option to enter Safe Boot Mode from the boot menu which is reachable through a workflow that is different from that of normal boot. + </p> + </li> + <li> + <p> + Device implementations MUST provide the user an option to enter Safe Boot Mode in such a way that is uninterruptible from third-party apps installed on the device, except for when the third party app is a Device Policy Controller and has set the <a href="https://developer.android.com/reference/android/os/UserManager.html#DISALLOW_SAFE_BOOT"><code>UserManager.DISALLOW_SAFE_BOOT</code></a> flag as true. + </p> + </li> + <li> + <p> + Device implementations MUST provide the user the capability to uninstall any third-party apps within Safe Mode. + </p> + </li> + </ul> + <h2> + 9.14. Automotive Vehicle System Isolation + </h2> + <p> + Android Automotive devices are expected to exchange data with critical vehicle subsystems, e.g., by using the <a href="http://source.android.com/devices/automotive.html">vehicle HAL</a> to send and receive messages over vehicle networks such as CAN bus. Android Automotive device implementations MUST implement security features below the Android framework layers to prevent malicious or unintentional interaction between the Android framework or third-party apps and vehicle subsystems. These security features are as follows: + </p> + <ul> + <li>Gatekeeping messages from Android framework vehicle subsystems, e.g., whitelisting permitted message types and message sources. + </li> + <li>Watchdog against denial of service attacks from the Android framework or third-party apps. This guards against malicious software flooding the vehicle network with traffic, which may lead to malfunctioning vehicle subsystems. + </li> + </ul> + <h1> + 10. Software Compatibility Testing + </h1> + <p> + Device implementations MUST pass all tests described in this section. + </p> + <p> + However, note that no software test package is fully comprehensive. For this reason, device implementers are <strong>STRONGLY RECOMMENDED</strong> to make the minimum number of changes as possible to the reference and preferred implementation of Android available from the Android Open Source Project. This will minimize the risk of introducing bugs that create incompatibilities requiring rework and potential device updates. + </p> + <h2> + 10.1. Compatibility Test Suite + </h2> + <p> + Device implementations MUST pass the <a href="http://source.android.com/compatibility/index.html">Android Compatibility Test Suite (CTS)</a> available from the Android Open Source Project, using the final shipping software on the device. Additionally, device implementers SHOULD use the reference implementation in the Android Open Source tree as much as possible, and MUST ensure compatibility in cases of ambiguity in CTS and for any reimplementations of parts of the reference source code. + </p> + <p> + The CTS is designed to be run on an actual device. Like any software, the CTS may itself contain bugs. The CTS will be versioned independently of this Compatibility Definition, and multiple revisions of the CTS may be released for Android 7.1. Device implementations MUST pass the latest CTS version available at the time the device software is completed. + </p> + <h2> + 10.2. CTS Verifier + </h2> + <p> + Device implementations MUST correctly execute all applicable cases in the CTS Verifier. The CTS Verifier is included with the Compatibility Test Suite, and is intended to be run by a human operator to test functionality that cannot be tested by an automated system, such as correct functioning of a camera and sensors. + </p> + <p> + The CTS Verifier has tests for many kinds of hardware, including some hardware that is optional. Device implementations MUST pass all tests for hardware that they possess; for instance, if a device possesses an accelerometer, it MUST correctly execute the Accelerometer test case in the CTS Verifier. Test cases for features noted as optional by this Compatibility Definition Document MAY be skipped or omitted. + </p> + <p> + Every device and every build MUST correctly run the CTS Verifier, as noted above. However, since many builds are very similar, device implementers are not expected to explicitly run the CTS Verifier on builds that differ only in trivial ways. Specifically, device implementations that differ from an implementation that has passed the CTS Verifier only by the set of included locales, branding, etc. MAY omit the CTS Verifier test. + </p> + <h1> + 11. Updatable Software + </h1> + <p> + Device implementations MUST include a mechanism to replace the entirety of the system software. The mechanism need not perform “live” upgrades—that is, a device restart MAY be required. + </p> + <p> + Any method can be used, provided that it can replace the entirety of the software preinstalled on the device. For instance, any of the following approaches will satisfy this requirement: + </p> + <ul> + <li>“Over-the-air (OTA)” downloads with offline update via reboot. + </li> + <li>“Tethered” updates over USB from a host PC. + </li> + <li>“Offline” updates via a reboot and update from a file on removable storage. + </li> + </ul> + <p> + However, if the device implementation includes support for an unmetered data connection such as 802.11 or Bluetooth PAN (Personal Area Network) profile, it MUST support OTA downloads with offline update via reboot. + </p> + <p> + The update mechanism used MUST support updates without wiping user data. That is, the update mechanism MUST preserve application private data and application shared data. Note that the upstream Android software includes an update mechanism that satisfies this requirement. + </p> + <p> + For device implementations that are launching with Android 6.0 and later, the update mechanism SHOULD support verifying that the system image is binary identical to expected result following an OTA. The block-based OTA implementation in the upstream Android Open Source Project, added since Android 5.1, satisfies this requirement. + </p> + <p> + Also, device implementations SHOULD support <a href="https://source.android.com/devices/tech/ota/ab_updates.html">A/B system updates</a>. The AOSP implements this feature using the boot control HAL. + </p> + <p> + If an error is found in a device implementation after it has been released but within its reasonable product lifetime that is determined in consultation with the Android Compatibility Team to affect the compatibility of third-party applications, the device implementer MUST correct the error via a software update available that can be applied per the mechanism just described. + </p> + <p> + Android includes features that allow the Device Owner app (if present) to control the installation of system updates. To facilitate this, the system update subsystem for devices that report android.software.device_admin MUST implement the behavior described in the <a href="http://developer.android.com/reference/android/app/admin/SystemUpdatePolicy.html">SystemUpdatePolicy</a> class. + </p> + <h1> + 12. Document Changelog + </h1> + <p> + For a summary of changes to the Compatibility Definition in this release: + </p> + <ul> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/?pretty=full&no-merges">Document changelog</a> + </li> + </ul> + <p> + For a summary of changes to individuals sections: + </p> + <ol> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/1_introduction?pretty=full&no-merges">Introduction</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/2_device_types?pretty=full&no-merges">Device Types</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/3_software?pretty=full&no-merges">Software</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/4_application-packaging?pretty=full&no-merges">Application Packaging</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/5_multimedia?pretty=full&no-merges">Multimedia</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/6_dev-tools-and-options?pretty=full&no-merges">Developer Tools and Options</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/7_hardware-compatibility?pretty=full&no-merges">Hardware Compatibility</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/8_performance-and-power?pretty=full&no-merges">Performance and Power</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/9_security-model?pretty=full&no-merges">Security Model</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/10_software-compatibility-testing?pretty=full&no-merges">Software Compatibility Testing</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/11_updatable-software?pretty=full&no-merges">Updatable Software</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/12_document-changelog?pretty=full&no-merges">Document Changelog</a> + </li> + <li> + <a href="https://android.googlesource.com/platform/compatibility/cdd/+log/nougat-mr1-dev/13_contact-us?pretty=full&no-merges">Contact Us</a> + </li> + </ol> + <h2> + 12.1. Changelog Viewing Tips + </h2> + <p> + Changes are marked as follows: + </p> + <ul> + <li> + <p> + <strong>CDD</strong><br /> + Substantive changes to the compatibility requirements. + </p> + </li> + <li> + <p> + <strong>Docs</strong><br /> + Cosmetic or build related changes. + </p> + </li> + </ul> + <p> + For best viewing, append the <code>pretty=full</code> and <code>no-merges</code> URL parameters to your changelog URLs. + </p> + <h1> + 13. Contact Us + </h1> + <p> + You can join the <a href="https://groups.google.com/forum/#!forum/android-compatibility">android-compatibility forum</a> and ask for clarifications or bring up any issues that you think the document does not cover. + </p> </body> </html> diff --git a/en/compatibility/cts/setup.html b/en/compatibility/cts/setup.html index a0f6a2e9..e22f2fdd 100644 --- a/en/compatibility/cts/setup.html +++ b/en/compatibility/cts/setup.html @@ -130,7 +130,7 @@ the build-time property: <code>ro.product.first_api_level</code>. The value of t property is the first API level the device was commercially launched with.</p> <p>OEMs can add <code>PRODUCT_PROPERTY_OVERRIDES</code> into their device.mk file to set -this property, as shown in the following example: </p> +this property, as shown in the following example: </p> <pre> #ro.product.first_api_level indicates the first api level, device has been commercially launched on. @@ -138,6 +138,14 @@ PRODUCT_PROPERTY_OVERRIDES +=\ ro.product.first_api_level=21 </pre> +<aside class="note"> +<b>Note:</b> The property ro.product.first_api_level should be unset (0) for the first build of a +product, and set to the correct API level value for all subsequent builds. This +way the property can correctly identify a new product, and we have lost no +information about the first API level of the product (0 value implies +ro.product.first_api_level = Build.VERSION.SDK_INT). +</aside> + <h3 id=cts-shim-apps>CTS Shim apps</h3> <p> Android 7.0 includes the following pre-built apps (built from <a diff --git a/en/devices/audio/images/round-trip-latencies.png b/en/devices/audio/images/round-trip-latencies.png Binary files differindex 4aaa3186..8b19efcd 100644 --- a/en/devices/audio/images/round-trip-latencies.png +++ b/en/devices/audio/images/round-trip-latencies.png diff --git a/en/devices/audio/latency_measurements.html b/en/devices/audio/latency_measurements.html index 66a97925..d8483c0c 100644 --- a/en/devices/audio/latency_measurements.html +++ b/en/devices/audio/latency_measurements.html @@ -22,112 +22,85 @@ --> - -<p> -This article gives round-trip audio latency measurements for select devices and -platform versions. -</p> - -<h2 id="definition">Definition</h2> - -<p> -<a href="http://en.wikipedia.org/wiki/Latency_%28engineering%29">Latency</a> -is an important system performance metric. There are many kinds -of <a href="latency.html">audio latency</a> -metrics. One useful and well-understood metric is -<a href="latency_measure.html#measuringRoundTrip">round-trip latency</a>. -Round-trip latency is defined as the time it takes for -an audio signal to enter the input of a mobile device, be processed -by an app running on the application processor, and exit the output. -</p> - -<img src="images/round_trip_on_device.png" alt="Round-trip audio latency on device" id="figure1" /> -<p class="img-caption"> - <strong>Figure 1.</strong> Round-trip audio latency on device: T<sub>output</sub> - T<sub>input</sub> -</p> +<p><a href="http://en.wikipedia.org/wiki/Latency_%28engineering%29">Latency</a> +is an important system performance metric. While many kinds of +<a href="latency.html">audio latency</a> metrics exist, one useful and +well-understood metric is +<a href="latency_measure.html#measuringRoundTrip">round-trip latency</a>, +defined as the time it takes for an audio signal to enter the input of a mobile +device, be processed by an app running on the application processor, and exit +the output.</p> + +<img src="images/round_trip_on_device.png" alt="Round-trip audio latency on +device" id="figure1" /> +<p class="img-caption"><strong>Figure 1.</strong> Round-trip audio latency on +device: T<sub>output</sub> - T<sub>input</sub></p> + +<p>This page provides round-trip audio latency measurements for select +Nexus/Pixel devices and Android platform versions.</p> <h2 id="why">Why we measure latency</h2> -<p> -We measure and report latency so Android -app developers will have the data they need to make informed decisions about available -latency on actual devices. By sharing these numbers for select Nexus devices, we also hope to -encourage the entire Android community to measure, publish, and reduce -latency on <i>all</i> devices. -Please join us in our commitment to reducing audio latency. -</p> +<p>Google measures and reports latency so Android application developers have +the data they need to make informed decisions about available latency on actual +devices. By sharing latency numbers for select Nexus and Pixel devices, we hope +to encourage the entire Android community to measure, publish, and reduce +latency on <em>all</em> Android devices. Please join us in our commitment to +reducing audio latency!</p> <h2 id="app">Application impact on latency</h2> -<p> -There are two kinds of delays that a signal processing stage can add to latency: -algorithmic delay and computational delay. -Algorithmic delay is inherent and does not vary with the CPU. -An example is the delay added by a -<a href="http://en.wikipedia.org/wiki/Finite_impulse_response">finite impulse response</a> -(FIR) filter. -Computational delay is related to the number of CPU cycles required. -For example, attenuation of a signal is usually done by a multiplication operation, -and this multiplication will take a varying number of cycles depending on the CPU. -</p> +<p>Signal processing can add the following types of delay to latency:</p> +<ul> +<li><strong>Algorithmic</strong>. This delay is inherent and does not vary with +the CPU. An example is the delay added by a +<a href="http://en.wikipedia.org/wiki/Finite_impulse_response">finite impulse +response</a> (FIR) filter.</li> +<li><strong>Computational</strong>. This delay is related to the number of +required CPU cycles. For example, attenuation of a signal is usually done by a +multiplication operation that takes a varying number of cycles depending on the +CPU.</li> +</ul> <h2 id="how">How we measure</h2> -<p> -The measurements below were taken with the -<a href="loopback.html">Dr. Rick O'Rang audio loopback dongle</a> -and an -<a href="latency_measure.html#larsenTest">audio feedback (Larsen effect) test</a>. -</p> - -<p> -For our measurements, we assume the application signal processing -adds zero algorithmic delay and near zero computational delay. -</p> +<p>We made the measurements listed on this page using the +<a href="loopback.html">Dr. Rick O'Rang audio loopback dongle</a> and an +<a href="latency_measure.html#larsenTest">audio feedback (Larsen effect) +test</a>. Measurements assume the application signal processing adds zero +algorithmic delay and near-zero computational delay.</p> -<p> -We measure round-trip latency via the headset connector for several reasons: +<p>We measure round-trip latency via the headset connector for several reasons: </p> +<img src="images/round_trip_via_headset_connector.png" alt="Round-trip latency +via headset connector" id="figure2" /> +<p class="img-caption"><strong>Figure 2.</strong> Round-trip latency via headset +connector: T<sub>output</sub> - T<sub>input</sub></p> <ul> - <li> - There are important music applications, such as guitar and voice processing, - that use the headset connector. - </li> - <li> - Measuring round-trip latency of the on-device microphone and speaker can - be cumbersome, as it is difficult to keep a feedback loop in open air from entering - uncontrolled oscillation. - </li> - <li> - The on-device transducers are small and sacrifice frequency response - to achieve their small size. To compensate, digital signal processing is - applied but increases algorithmic delay for the on-device path. - </li> +<li>Important music applications (such as guitar and voice processing) use the +headset connector.</li> +<li>Measuring round-trip latency of the on-device microphone and speaker can be +cumbersome, as it is difficult to keep a feedback loop in open air from entering +uncontrolled oscillation.</li> +<li>On-device transducers are small and sacrifice frequency response to achieve +their small size. To compensate, digital signal processing is applied but +increases algorithmic delay for the on-device path.</li> </ul> -<p> -There are cases where on-device microphone and speaker latencies -<i>do</i> -matter, but they are usually for one direction, not round-trip. -Techniques for measuring unidirectional latency are described at +<p>There are cases where on-device microphone and speaker latencies <em>do</em> +matter, but they are usually for one direction, not round-trip. Techniques for +measuring unidirectional latency are described at <a href="latency_measure.html#measuringOutput">Measuring Output Latency</a> and -<a href="latency_measure.html#measuringInput">Measuring Input Latency</a>. -</p> - -<img src="images/round_trip_via_headset_connector.png" alt="Round-trip latency via headset connector" id="figure2" /> -<p class="img-caption"> - <strong>Figure 2.</strong> Round-trip latency via headset connector: T<sub>output</sub> - T<sub>input</sub> -</p> +<a href="latency_measure.html#measuringInput">Measuring Input Latency</a>.</p> <h2 id="measurements">Example measurements</h2> -<p> -The measurements shown are specific to a -<a href="/source/build-numbers.html">build number</a>. -Devices are listed in approximate order of initial release and within device by platform version. -The test application uses the Android native audio API based on OpenSL ES. -</p> +<p>The measurements listed below are specific to a +<a href="/source/build-numbers.html">build number</a>. Devices are listed in +approximate order of initial release and by platform version; you can also +<a href="#chart">view latencies in a chart</a>. The test application uses the +Android native audio API based on OpenSL ES.</p> <table> <tr> @@ -420,14 +393,31 @@ The test application uses the Android native audio API based on OpenSL ES. <td>18</td> </tr> +<tr> + <td>Pixel</td> + <td>7.1.2</td> + <td>NHG47L</td> + <td>48000</td> + <td>192</td> + <td>4</td> + <td>18</td> +</tr> + +<tr> + <td>Pixel XL</td> + <td>7.1.2</td> + <td>NHG47L</td> + <td>48000</td> + <td>192</td> + <td>4</td> + <td>18</td> +</tr> + </table> -<p></p> -<p></p> +<a id=chart></a> +<img src="/devices/audio/images/round-trip-latencies.png" /> +<p class="img-caption"><strong>Figure 3.</strong> Round trip latencies.</p> - <p></p> - <img src="/devices/audio/images/round-trip-latencies.png" /> - <p class="img-caption"> -<strong>Figure 3.</strong> Round trip latencies.</p> - </body> +</body> </html> diff --git a/en/devices/audio/terminology.html b/en/devices/audio/terminology.html index 14994d3c..277b25e4 100644 --- a/en/devices/audio/terminology.html +++ b/en/devices/audio/terminology.html @@ -331,12 +331,23 @@ A <a href="https://en.wikipedia.org/wiki/Dongle">dongle</a> is a small gadget, especially one that hangs off another device. </dd> +<dt>FireWire</dt> +<dd> +See IEEE 1394. +</dd> + <dt>HDMI</dt> <dd> High-Definition Multimedia Interface. Interface for transferring audio and video data. For mobile devices, a micro-HDMI (type D) or MHL connector is used. </dd> +<dt>IEEE 1394</dt> +<dd> +<a href="https://en.wikipedia.org/wiki/IEEE_1394">IEEE 1394</a>, also called FireWire, +is a serial bus used for real-time low-latency applications such as audio. +</dd> + <dt>Intel HDA</dt> <dd> Intel High Definition Audio (do not confuse with generic <em>high-definition diff --git a/en/security/bulletin/2017.html b/en/security/bulletin/2017.html index 1a7b00cf..13b8a154 100644 --- a/en/security/bulletin/2017.html +++ b/en/security/bulletin/2017.html @@ -33,21 +33,18 @@ of all bulletins, see the <a href="index.html">Android Security Bulletins</a> ho <tr> <th>Bulletin</th> <th>Languages</th> - <th>Published Date</th> - <th>Security Patch Level</th> + <th>Published date</th> + <th>Security patch level</th> </tr> <tr> <td><a href="2017-05-01.html">May 2017</a></td> <td> - Coming soon - <!-- <a href="/security/bulletin/2017-05-01.html">English</a> / <a href="/security/bulletin/2017-05-01.html?hl=ja">日本語</a> / <a href="/security/bulletin/2017-05-01.html?hl=ko">한국어</a> / <a href="/security/bulletin/2017-05-01.html?hl=ru">ру́сский</a> / <a href="/security/bulletin/2017-05-01.html?hl=zh-cn">中文 (中国)</a> / <a href="/security/bulletin/2017-05-01.html?hl=zh-tw">中文 (台灣)</a> - --> </td> <td>May 1, 2017</td> <td>2017-05-01<br> diff --git a/en/security/bulletin/index.html b/en/security/bulletin/index.html index ad90dd89..ab0c338b 100644 --- a/en/security/bulletin/index.html +++ b/en/security/bulletin/index.html @@ -76,15 +76,13 @@ Android Open Source Project (AOSP), the upstream Linux kernel, and system-on-chi </tr> <tr> <td><a href="/security/bulletin/2017-05-01.html">May 2017</a></td> - <td>Coming soon - <!-- + <td> <a href="/security/bulletin/2017-05-01.html">English</a> / <a href="/security/bulletin/2017-05-01.html?hl=ja">日本語</a> / <a href="/security/bulletin/2017-05-01.html?hl=ko">한국어</a> / <a href="/security/bulletin/2017-05-01.html?hl=ru">ру́сский</a> / <a href="/security/bulletin/2017-05-01.html?hl=zh-cn">中文 (中国)</a> / <a href="/security/bulletin/2017-05-01.html?hl=zh-tw">中文 (台灣)</a> - --> </td> <td>May 1, 2017</td> <td>2017-05-01<br> diff --git a/en/security/encryption/file-based.html b/en/security/encryption/file-based.html index 3ec76e8e..5033a8b8 100644 --- a/en/security/encryption/file-based.html +++ b/en/security/encryption/file-based.html @@ -100,7 +100,8 @@ the following services: <p> Android provides a reference implementation of file-based encryption, in which -vold (system/vold) provides the functionality for managing storage devices and +vold (<a href="https://android.googlesource.com/platform/system/vold/">system/vold</a>) +provides the functionality for managing storage devices and volumes on Android. The addition of FBE provides vold with several new commands to support key management for the CE and DE keys of multiple users. In addition to the core changes to use the <a href="#kernel-support">ext4 Encryption</a> diff --git a/en/security/overview/app-security.html b/en/security/overview/app-security.html index ea20c611..b70b182a 100644 --- a/en/security/overview/app-security.html +++ b/en/security/overview/app-security.html @@ -70,7 +70,8 @@ </li> </ul> <h2 id="the-android-permission-model-accessing-protected-apis">The Android Permission Model: Accessing Protected APIs</h2> -<p>All applications on Android run in an Application Sandbox, described earlier in this document. +<p>All applications on Android run in an <a +href="/security/overview/kernel-security#the-application-sandbox">Application Sandbox</a>. By default, an Android application can only access a limited range of system resources. The system manages Android application access to resources that, if used incorrectly or maliciously, could adversely impact the user experience, diff --git a/en/security/selinux/customize.html b/en/security/selinux/customize.html index 11b34f0b..c8ead37c 100644 --- a/en/security/selinux/customize.html +++ b/en/security/selinux/customize.html @@ -158,7 +158,7 @@ netlink_nflog_socket } { read write }; <p>In the first line, the type declaration, the DHCP daemon inherits from the base security policy (<code>domain</code>). From the previous statement examples, we know DHCP can read from and write -to <code>/dev/null.</code></p> +to <code>/dev/null</code>.</p> <p>In the second line, DHCP is identified as a permissive domain.</p> diff --git a/en/security/selinux/validate.html b/en/security/selinux/validate.html index 0f140ef3..ba3e6ec8 100644 --- a/en/security/selinux/validate.html +++ b/en/security/selinux/validate.html @@ -33,12 +33,14 @@ issuing the command:getenforce</p> <p>This will print the global SELinux mode: either Enforcing or Permissive. Please note, this command shows only the global SELinux mode. To determine the SELinux mode for each domain, you must examine the corresponding -files or run the latest version of <code>sepolicy-analyze</code> with the appropriate (-p) flag, present in /platform/system/sepolicy/tools/.</p> +files or run the latest version of <code>sepolicy-analyze</code> with the +appropriate (-p) flag, present in /platform/system/sepolicy/tools/.</p> <h2 id=reading_denials>Reading denials</h2> -<p>Then check for errors. Errors are routed as event logs to dmesg and <code>logcat</code> and are viewable locally on the device. Manufacturers should examine the -SELinux output to dmesg on these devices and refine settings prior to public +<p>Then check for errors. Errors are routed as event logs to dmesg and +<code>logcat</code> and are viewable locally on the device. Manufacturers +should examine the SELinux output to dmesg on these devices and refine settings prior to public release in permissive mode and eventual switch to enforcing mode. SELinux log messages contain "avc:" and so may easily be found with <code>grep</code>. It is possible to capture the ongoing denial logs by running <code>cat /proc/kmsg</code> @@ -74,7 +76,7 @@ run at the time the denial was generated. In this case, it’s a pretty good hin <pre> $ adb shell su root dmesg | grep 'avc: ' -<5> type=1400 audit: avc: denied { read write } for pid=177 +<5> type=1400 audit: avc: denied { read write } for pid=177 comm="rmt_storage" name="mem" dev="tmpfs" ino=6004 scontext=u:r:rmt:s0 tcontext=u:object_r:kmem_device:s0 tclass=chr_file </pre> @@ -83,17 +85,20 @@ tcontext=u:object_r:kmem_device:s0 tclass=chr_file <p>Here are the key elements from this denial:</p> <ul> - <li><em>Action</em> - the attempted action is highlighted in brackets, <code>read write</code> or <code>setenforce</code>. - <li><em>Actor</em> - The <code>scontext</code> (source context) entry represents the actor, in this case the<code> rmt_storage</code> daemon. - <li><em>Object</em> - The <code>tcontext</code> (target context) entry represents the object being acted upon, in this case -kmem. - <li><em>Result</em> - The <code>tclass</code> (target class) entry indicates the type of object being acted upon, in this -case a <code>chr_file</code> (character device). + <li><em>Action</em> - the attempted action is highlighted in brackets, + <code>read write</code> or <code>setenforce</code>. + <li><em>Actor</em> - The <code>scontext</code> (source context) entry represents + the actor, in this case the<code> rmt_storage</code> daemon. + <li><em>Object</em> - The <code>tcontext</code> (target context) entry represents + the object being acted upon, in this case kmem. + <li><em>Result</em> - The <code>tclass</code> (target class) entry indicates the type + of object being acted upon, in this case a <code>chr_file</code> (character device). </ul> <h2 id=switching_to_permissive>Switching to permissive</h2> -<p class="caution"><strong>Important:</strong> Permissive mode is not supported on production devices. CTS tests confirm +<p class="caution"><strong>Important:</strong> Permissive mode is not supported +on production devices. CTS tests confirm enforcing mode is enabled.</p> <p>To turn a device’s SELinux enforcement into globally permissive via ADB, as @@ -112,8 +117,10 @@ androidboot.selinux=enforcing <h2 id=using_audit2allow>Using audit2allow</h2> -<p>The <code>selinux/policycoreutils/audit2allow</code> tool takes <code>dmesg</code> denials and converts them into corresponding SELinux policy statements. As -such, it can greatly speed SELinux development. <code>audit2allow</code> is shipped as part of the Android source tree and +<p>The <code>selinux/policycoreutils/audit2allow</code> tool takes +<code>dmesg</code> denials and converts them into corresponding SELinux policy +statements. As such, it can greatly speed SELinux development. +<code>audit2allow</code> is shipped as part of the Android source tree and is compiled automatically when you build Android from source.</p> <p>To use it, run:</p> @@ -123,8 +130,9 @@ $ adb shell su root dmesg | audit2allow -p $OUT/root/sepolicy </pre> <p>Nevertheless, care must be taken to examine each potential addition for -overreaching permissions. For example, feeding audit2allow the <code>rmt_storage</code> denial shown earlier results in the following suggested SELinux policy -statement:</p> +overreaching permissions. For example, feeding audit2allow the +<code>rmt_storage</code> denial shown earlier results in the following +suggested SELinux policy statement:</p> <pre> #============= shell ============== @@ -134,10 +142,12 @@ allow rmt kmem_device:chr_file { read write }; </pre> -<p>This would grant <code>rmt</code> the ability to write kernel memory, a glaring security hole. Often the <code>audit2allow</code> statements are only a starting point, after which changes to the source -domain, the label of the target and the incorporation of proper macros may be -required to arrive at a good policy. Sometimes the denial being examined should -not result in any policy changes at all, but rather the offending application +<p>This would grant <code>rmt</code> the ability to write kernel memory, a +glaring security hole. Often the <code>audit2allow</code> statements are only a +starting point. After employing these statements, you may need to change the +source domain and the label of the target, as well as incorporate proper +macros, to arrive at a good policy. Sometimes the denial being examined should +not result in any policy changes at all; rather the offending application should be changed.</p> </body> diff --git a/en/source/add-device.html b/en/source/add-device.html index d9f42f89..9443ebdf 100644 --- a/en/source/add-device.html +++ b/en/source/add-device.html @@ -47,13 +47,17 @@ simplifying maintenance.</p> <tr> <td>Product</td> <td>myProduct, myProduct_eu, myProduct_eu_fr, j2, sdk</td> - <td><p>The product layer defines the feature specification of a shipping product such as the modules to build, - locales supported, and the configuration for various locales. In other words, this is the name of the - overall product. Product-specific variables are defined in product definition Makefiles. A product - can inherit from other product definitions, - which simplifies maintenance. A common method is to create a base product that contains features that apply - for all products, then creating product variants based on that base product. For example, you can have - two products that differ only by their radios (CDMA vs GSM) inherit from the same base product that does not define a radio. + <td>The product layer defines the feature specification of a shipping + product such as the modules to build, locales supported, and the + configuration for various locales. In other words, this is the name + of the overall product. Product-specific variables are defined in + product definition Makefiles. A product can inherit from other + product definitions, which simplifies maintenance. A common method + is to create a base product that contains features that apply for + all products, then creating product variants based on that base + product. For example, you can have two products that differ only by + their radios (CDMA vs GSM) inherit from the same base product that + does not define a radio. </td> </tr> @@ -65,12 +69,14 @@ simplifying maintenance.</p> devices probably include QWERTY keyboards whereas devices sold in France probably include AZERTY keyboards. This layer also represents the bare schematics of a product. These include the peripherals on the board and their - configuration. The names used are merely codes for different board/device configurations.</td> + configuration. The names used are merely codes for different board/device + configurations.</td> </tr> <tr> <td>Arch</td> <td>arm, x86, mips, arm64, x86_64, mips64</td> - <td>The architecture layer describes the processor configuration and ABI (Application Binary Interface) running on the board. </td> + <td>The architecture layer describes the processor configuration and ABI + (Application Binary Interface) running on the board. </td> </tr> </table> @@ -91,43 +97,48 @@ it is required by product configuration with <code>PRODUCT_PACKAGES</code>. <table border=1> <tr> <td> - <code>eng<code> + <code>eng</code> </td> <td> This is the default flavor. - <ul> - <li>Installs modules tagged with: <code>eng</code> and/or <code>debug</code>. - <li>Installs modules according to the product definition files, in addition to tagged modules.</li> - <li><code>ro.secure=0</code> - <li><code>ro.debuggable=1</code> - <li><code>ro.kernel.android.checkjni=1</code> - <li><code>adb</code> is enabled by default. +<ul> +<li>Installs modules tagged with: <code>eng</code> and/or <code>debug</code>.</li> +<li>Installs modules according to the product definition files, in +addition to tagged modules.</li> +<li><code>ro.secure=0</code></li> +<li><code>ro.debuggable=1</code></li> +<li><code>ro.kernel.android.checkjni=1</code></li> +<li><code>adb</code> is enabled by default.</li> +</ul> </td> </tr> <tr> <td> - <code>user<code> + <code>user</code> </td> <td> This is the flavor intended to be the final release bits. - <ul> - <li>Installs modules tagged with <code>user</code>.</li> - <li>Installs modules according to the product definition files, in addition to tagged modules.</li> - <li><code>ro.secure=1</code> </li> - <li><code>ro.debuggable=0</code> </li> - <li><code>adb</code> is disabled by default.</li> +<ul> +<li>Installs modules tagged with <code>user</code>.</li> +<li>Installs modules according to the product definition files, in +addition to tagged modules.</li> +<li><code>ro.secure=1</code> </li> +<li><code>ro.debuggable=0</code> </li> +<li><code>adb</code> is disabled by default.</li> +</ul> </td> </tr> <tr> <td> - <code>userdebug<code> + <code>userdebug</code> </td> <td> The same as <code>user</code>, except: - <ul> - <li>Also installs modules tagged with <code>debug</code>. - <li><code>ro.debuggable=1</code> - <li><code>adb</code> is enabled by default. +<ul> +<li>Also installs modules tagged with <code>debug</code>.</li> +<li><code>ro.debuggable=1</code></li> +<li><code>adb</code> is enabled by default.</li> +</ul> </td> </tr> </table> @@ -180,7 +191,7 @@ product definition Makefile that declares product-specific information about the device such as the name and model. You can view the <code>device/moto/shamu</code> directory to see how all of this is setup. </p> -<h3 id="makefiles">Write the Makefiles</h2> +<h3 id="makefiles">Write the Makefiles</h3> <p> The following steps describe how to set up product Makefiles in a way similar to that of the Nexus 6 product line: diff --git a/en/source/devices.html b/en/source/devices.html index 082478be..4970ac0e 100644 --- a/en/source/devices.html +++ b/en/source/devices.html @@ -77,12 +77,9 @@ HiKey960 board.</p> <pre>$ repo init -u <a href="https://android.googlesource.com/platform/manifest">https://android.googlesource.com/platform/manifest</a> -b master $ repo sync -j24</pre></li> <li>Download and extract binaries into the Android source tree: -<pre>$ wget https://dl.google.com/dl/android/aosp/arm-hikey960-NOU-6eafa750.tgz -$ tar xzf arm-hikey960-NOU-6eafa750.tgz -$ ./extract-arm-hikey960.sh -$ wget https://dl.google.com/dl/android/aosp/hisilicon-hikey960-NOU-5db76395.tgz -$ tar xzf hisilicon-hikey960-NOU-5db76395.tgz -$ ./extract-hisilicon-hikey960.sh</pre></li> +<pre>$ wget https://dl.google.com/dl/android/aosp/arm-hikey960-NOU-7ad3cccc.tgz +$ tar xzf arm-hikey960-NOU-7ad3cccc.tgz +$ ./extract-arm-hikey960.sh</pre></li> <li>Build: <pre>$ . ./build/envsetup.sh $ lunch hikey960-userdebug @@ -142,9 +139,7 @@ hikey-kernel directory as file Image.gz-hikey960.</li></ul> <p>Edit the <code>device/linaro/hikey/hikey960/BoardConfig.mk</code> parameter <code>BOARD_KERNEL_CMDLINE</code> and configure the <code>video</code> setting. Example setting for a 24" monitor is <code>video=HDMI-A-1:1280x800@60</code>. -For a -<a href="https://www.arrow.com/en/products/96boards-display-7/linksprite-technologies-inc">LinkSprite -7-inch Display Kit</a>, the setting is <code>video=HDMI-A-1:800x480@60</code>.</p> +</p> <h2 id="620hikey">HiKey boards</h2> @@ -176,8 +171,8 @@ board.</p> <pre>$ repo init -u <a href="https://android.googlesource.com/platform/manifest">https://android.googlesource.com/platform/manifest</a> -b master $ repo sync -j24</pre></li> <li>Download and extract HDMI binaries into the Android source tree: -<pre>$ wget <a href="https://dl.google.com/dl/android/aosp/linaro-hikey-20160226-67c37b1a.tgz">https://dl.google.com/dl/android/aosp/linaro-hikey-20160226-67c37b1a.tgz</a> -$ tar xzf linaro-hikey-20160226-67c37b1a.tgz +<pre>$ wget <a href="https://dl.google.com/dl/android/aosp/linaro-hikey-20170523-4b9ebaff.tgz">https://dl.google.com/dl/android/aosp/linaro-hikey-20170523-4b9ebaff.tgz</a> +$ tar xzf linaro-hikey-20170523-4b9ebaff.tgz $ ./extract-linaro-hikey.sh</pre></li> <li>Install mcopy utility: <pre>$ apt-get install mtools</pre></li> diff --git a/ja/security/bulletin/2017-05-01.html b/ja/security/bulletin/2017-05-01.html new file mode 100644 index 00000000..1437a410 --- /dev/null +++ b/ja/security/bulletin/2017-05-01.html @@ -0,0 +1,2499 @@ +<html devsite><head> + <title>Android のセキュリティに関する公開情報 - 2017 年 5 月</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><em>2017 年 5 月 1 日公開 | 2017 年 5 月 2 日更新</em></p> + +<p>Android のセキュリティに関する公開情報には、Android 搭載端末に影響を与えるセキュリティの脆弱性の詳細を掲載しています。情報の公開に伴い、Nexus 端末に対するセキュリティ アップデートを無線(OTA)アップデートで配信しました。Google 端末のファームウェア イメージも <a href="https://developers.google.com/android/nexus/images">Google デベロッパー サイト</a>でリリースしています。2017 年 5 月 5 日以降のセキュリティ パッチ レベルでは、下記のすべての問題に対処しています。端末のセキュリティ パッチ レベルを確認する方法については、<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel と Nexus のアップデート スケジュール</a>をご覧ください。</p> + +<p>パートナーには、この公開情報に記載の問題について 2017 年 4 月 3 日までに通知済みです。Android オープンソース プロジェクト(AOSP)のレポジトリに、下記の問題に対するソースコードのパッチをリリースしています。また、この公開情報では、これらのパッチへのリンクに加え、AOSP 以外のパッチへのリンクも掲載しています。</p> + +<p>下記の問題のうち最も重大度の高いものは、多様な方法(メール、ウェブの閲覧、MMS など)により、攻撃対象の端末でメディア ファイルを処理する際にリモートでのコード実行が可能になるおそれのある重大なセキュリティの脆弱性です。<a href="/security/overview/updates-resources.html#severity">重大度の判定</a>は、攻撃を受けた端末でその脆弱性が悪用された場合の影響に基づくもので、プラットフォームやサービスでのリスク軽減策が開発目的で無効にされるか不正に回避された場合を前提としています。</p> + +<p>この新たに報告された問題によって実際のユーザー端末が不正使用された報告はありません。<a href="/security/enhancements/index.html">Android セキュリティ プラットフォームの保護</a>や <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a> のようなサービスの保護について詳しくは、<a href="#mitigations">Android と Google サービスでのリスク軽減策</a>をご覧ください。こうした保護により、Android プラットフォームのセキュリティが改善されます。</p> + +<p>ご利用の端末で上記の更新を行うことをすべてのユーザーにおすすめします。</p> +<h2 id="announcements">お知らせ</h2> +<ul> +<li>この公開情報では、2 つのセキュリティ パッチ レベル文字列を定義しています。これは、すべての Android 搭載端末で同様の問題が発生する一部の脆弱性をサブセットとし、Android パートナーが迅速かつ柔軟に修正できるようにするためです。詳しくは、<a href="#common-questions-and-answers">一般的な質問と回答</a>をご覧ください。 + <ul> + <li><strong>2017-05-01</strong>: 部分的に対処したセキュリティ パッチ レベル文字列。このセキュリティ パッチ レベル文字列は、2017-05-01(およびそれ以前のすべてのセキュリティ パッチ レベル文字列)に関連するすべての問題に対処していることを示します。</li> + <li><strong>2017-05-05</strong>: 完全に対処したセキュリティ パッチ レベル文字列。このセキュリティ パッチ レベル文字列は、2017-05-01 と 2017-05-05(およびそれ以前のすべてのセキュリティ パッチ レベル文字列)に関連するすべての問題に対処していることを示します。</li> +</ul> +</li> +<li>サポート対象の Google 端末には、2017 年 5 月 5 日のセキュリティ パッチ レベルのアップデート 1 件が OTA で配信されます。</li> +</ul> + +<h2 id="mitigations">Android と Google サービスでのリスク軽減策</h2> + +<p>ここでは、<a href="/security/enhancements/index.html">Android セキュリティ プラットフォーム</a>の保護と SafetyNet のようなサービスの保護によるリスクの軽減について概説します。こうした機能は、Android でセキュリティの脆弱性が悪用される可能性を減らします。</p> + +<ul> +<li>Android プラットフォームの最新版での機能強化により、Android 上の多くの問題について悪用が困難になります。Google では、すべてのユーザーに対し、できる限り最新版の Android に更新することをおすすめしています。</li> +<li>Android セキュリティ チームは、<a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">「アプリの確認」や SafetyNet</a> によって脆弱性の悪用を積極的に監視しており、<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">有害なおそれのあるアプリ</a>についてユーザーに警告しています。「アプリの確認」は、<a href="http://www.android.com/gms">Google モバイル サービス</a>を搭載した端末ではデフォルトで有効になっており、Google Play 以外からアプリをインストールするユーザーにとっては特に重要です。端末のルート権限を取得するツールは Google Play では禁止されていますが、「アプリの確認」では、アプリの入手元にかかわらず、ルート権限取得アプリを検出し、インストールしようとするユーザーに警告します。また、「アプリの確認」では、悪意のある既知のアプリで権限昇格の脆弱性が悪用されないように、そのようなアプリのインストールを見つけて阻止します。こうしたアプリがすでにインストールされている場合は、ユーザーに通知して、検出されたアプリの削除を試みます。</li> +<li>Google ハングアウトやメッセンジャーなどのアプリでは状況を適宜判断し、メディアサーバーなどのプロセスに自動的にメディアを渡すことはありません。</li> +</ul> + +<h2 id="acknowledgements">謝辞</h2> + +<p>調査にご協力くださった下記の皆様方に感謝いたします(敬称略)。</p> +<ul> +<li>ADlab of Venustech: CVE-2017-0630</li> +<li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)の Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): CVE-2016-10287</li> +<li>Trend Micro の Ecular Xu(徐健): CVE-2017-0599、CVE-2017-0635</li> +<li><a href="http://www.ms509.com">MS509Team</a> の En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>)、Bo Liu: CVE-2017-0601</li> +<li><a href="https://twrp.me/">Team Win Recovery Project</a> の Ethan Yonker: CVE-2017-0493</li> +<li>Qihoo 360 Technology Co. Ltd. IceSword Lab の Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)、<a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-10285、CVE-2016-10288、CVE-2016-10290、CVE-2017-0624、CVE-2017-0616、CVE-2017-0617、CVE-2016-10294、CVE-2016-10295、CVE-2016-10296</li> +<li>Tencent PC Manager の godzheng(郑文选 <a href="https://twitter.com/virtualseekers">@VirtualSeekers</a>): CVE-2017-0602</li> +<li><a href="http://tuncay2.web.engr.illinois.edu">イリノイ大学アーバナ シャンペーン校</a>の <a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz Seray Tuncay</a>: CVE-2017-0593</li> +<li>Qihoo 360 Technology Co. Ltd. Alpha Team の Hao Chen、Guang Gong: CVE-2016-10283</li> +<li>Xiaomi Inc. の Juhu Nie、Yang Cheng、Nan Li、Qiwu Huang: CVE-2016-10276</li> +<li><a href="https://github.com/michalbednarski">Michał Bednarski</a>: CVE-2017-0598</li> +<li>Tesla、Product Security Team の Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): CVE-2017-0331、CVE-2017-0606</li> +<li><a href="mailto:jiych.guru@gmail.com">Niky1235</a>(<a href="https://twitter.com/jiych_guru">@jiych_guru</a>): CVE-2017-0603</li> +<li>Alibaba Mobile Security Group の Peng Xiao、Chengming Yang、Ning You、Chao Yang、Yang song: CVE-2016-10281、CVE-2016-10280</li> +<li><a href="https://alephsecurity.com/">Aleph Research</a> の Roee Hay(<a href="https://twitter.com/roeehay">@roeehay</a>): CVE-2016-10277</li> +<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-10274</li> +<li><a href="http://c0reteam.org">C0RE Team</a> の <a href="mailto:segfault5514@gmail.com">Tong Lin</a>、<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>、Xuxian Jiang: CVE-2016-10291</li> +<li>Vasily Vasiliev: CVE-2017-0589</li> +<li><a href="http://www.trendmicro.com">Trend Micro</a>、<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a> の V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): CVE-2017-0590、CVE-2017-0587、CVE-2017-0600</li> +<li>Tencent Security Platform Department の Xiling Gong: CVE-2017-0597</li> +<li>360 Marvel Team の Xingyuan Lin: CVE-2017-0627</li> +<li>Alibaba Inc. の Yong Wang(王勇)(<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>): CVE-2017-0588</li> +<li>Qihoo 360 Technology Co. Ltd. IceSword Lab の Yonggang Guo(<a href="https://twitter.com/guoygang">@guoygang</a>): CVE-2016-10289、CVE-2017-0465</li> +<li>Qihoo 360 Technology Co. Ltd. Vulpecker Team の Yu Pan: CVE-2016-10282、CVE-2017-0615</li> +<li>Qihoo 360 Technology Co. Ltd.Vulpecker Team の Yu Pan、Peide Zhang: CVE-2017-0618、CVE-2017-0625</li> +</ul> + +<h2 id="2017-05-01-details">セキュリティ パッチ レベル 2017-05-01 の脆弱性の詳細</h2> + +<p>パッチレベル 2017-05-01 に該当するセキュリティ脆弱性の各項目について、下記に詳細を説明します。問題の内容とその重大度の根拠について説明し、CVE、関連する参照先、重大度、更新対象の Google 端末、更新対象の AOSP バージョン(該当する場合)、報告日を表にまとめています。その問題に対処した、一般公開されている変更(AOSP の変更の一覧など)がある場合は、そのバグ ID にリンクを設定しています。複数の変更が同じバグに関係する場合は、バグ ID の後に記載した番号に、追加の参照へのリンクを設定しています。</p> + +<h3 id="rce-in-mediaserver">メディアサーバーでのリモートコード実行の脆弱性</h3> + +<p>メディアサーバーにリモートコード実行の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、メディア ファイルやデータの処理中にメモリ破壊を引き起こすおそれがあります。メディアサーバーのプロセスにおいてリモートでコードが実行されるおそれがあるため、この問題は「重大」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0587</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/a86eb798d077b9b25c8f8c77e3c02c2f287c1ce7">A-35219737</a></td> + <td>重大</td> + <td>すべて</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 4 日</td> + </tr> + <tr> + <td>CVE-2017-0588</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6f1d990ce0f116a205f467d9eb2082795e33872b">A-34618607</a></td> + <td>重大</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 21 日</td> + </tr> + <tr> + <td>CVE-2017-0589</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/bcfc7124f6ef9f1ec128fb2e90de774a5b33d199">A-34897036</a></td> + <td>重大</td> + <td>すべて</td> + <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 1 日</td> + </tr> + <tr> + <td>CVE-2017-0590</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/45c97f878bee15cd97262fe7f57ecea71990fed7">A-35039946</a></td> + <td>重大</td> + <td>すべて</td> + <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 6 日</td> + </tr> + <tr> + <td>CVE-2017-0591</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d">A-34097672</a></td> + <td>重大</td> + <td>すべて</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>Google 社内</td> + </tr> + <tr> + <td>CVE-2017-0592</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/acc192347665943ca674acf117e4f74a88436922">A-34970788</a></td> + <td>重大</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>Google 社内</td> + </tr> +</tbody></table> + +<h3 id="eop-in-framework-apis">フレームワーク API での権限昇格の脆弱性</h3> + +<p>フレームワーク API に権限昇格の脆弱性があるため、悪意のあるローカルアプリがカスタム権限にアクセスできるおそれがあります。アプリデータを別のアプリから分離するオペレーティング システムの保護を回避する一般的な方法となるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0593</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/78efbc95412b8efa9a44d573f5767ae927927d48">A-34114230</a></td> + <td>高</td> + <td>すべて</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 5 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediaserver">メディアサーバーでの権限昇格の脆弱性</h3> + +<p>メディアサーバーに権限昇格の脆弱性があるため、悪意のあるローカルアプリによって特権プロセス内で任意のコードが実行されるおそれがあります。サードパーティのアプリが通常はアクセスできない権限に昇格してローカルにアクセスすることに利用されるおそれがあるので、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0594</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb">A-34617444</a></td> + <td>高</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 22 日</td> + </tr> + <tr> + <td>CVE-2017-0595</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34705519</a></td> + <td>高</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td> + <td>2017 年 1 月 24 日</td> + </tr> + <tr> + <td>CVE-2017-0596</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34749392</a></td> + <td>高</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td> + <td>2017 年 1 月 24 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-audioserver">オーディオサーバーでの権限昇格の脆弱性</h3> + +<p>オーディオサーバーに権限昇格の脆弱性があるため、悪意のあるローカルアプリによって特権プロセス内で任意のコードが実行されるおそれがあります。サードパーティのアプリが通常はアクセスできない権限に昇格してローカルにアクセスするのに利用されるおそれがあるので、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0597</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a9188f89179a7edd301abaf37d644adf5d647a04">A-34749571</a></td> + <td>高</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 25 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-framework-apis">フレームワーク API での情報開示の脆弱性</h3> + +<p>フレームワーク API に情報開示の脆弱性があるため、悪意のあるローカルアプリが、アプリデータを他のアプリから分離するオペレーティング システムの保護を回避するおそれがあります。アプリがアクセス権限のないデータにアクセスするのに利用されるおそれがあるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0598</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> + <td>高</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 6 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver">メディアサーバーでのサービス拒否の脆弱性</h3> + +<p>メディアサーバーにリモートのサービス拒否の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、端末のハングや再起動を引き起こすおそれがあります。リモートでのサービス拒否の可能性があるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0599</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a1424724a00d62ac5efa0e27953eed66850d662f">A-34672748</a></td> + <td>高</td> + <td>すべて</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 23 日</td> + </tr> + <tr> + <td>CVE-2017-0600</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0">A-35269635</a></td> + <td>高</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 10 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-bluetooth">Bluetooth での権限昇格の脆弱性</h3> + +<p>Bluetooth に権限昇格の脆弱性があるため、悪意のあるローカルアプリが Bluetooth を経由してユーザーの許可なしに有害なファイルを受け取るおそれがあります。ユーザー操作の要件がローカルで回避されるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0601</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/667d2cbe3eb1450f273a4f6595ccef35e1f0fe4b">A-35258579</a></td> + <td>中</td> + <td>すべて</td> + <td>7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 9 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-file-based-encryption">ファイルベースの暗号化での情報開示の脆弱性</h3> + +<p>ファイルベースの暗号化に情報開示の脆弱性があるため、悪意のあるローカルの攻撃者が、ロック画面のオペレーティング システムの保護を回避するおそれがあります。ロック画面が回避されるおそれがあるため、この問題の重大度は「中」と判断されています</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0493</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>]</td> + <td>中</td> + <td>すべて</td> + <td>7.0、7.1.1</td> + <td>2016 年 11 月 9 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-bluetooth">Bluetooth での情報開示の脆弱性</h3> + +<p>Bluetooth に情報開示の脆弱性があるため、悪意のあるローカルアプリが、アプリデータを他のアプリから分離するオペレーティング システムの保護を回避するおそれがあります。この脆弱性に固有の詳細情報から、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0602</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/a4875a49404c544134df37022ae587a4a3321647">A-34946955</a></td> + <td>中</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2016 年 12 月 5 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-openssl-&-boringssl">OpenSSL と BoringSSL での情報開示の脆弱性</h3> + +<p>OpenSSL と BoringSSL に情報開示の脆弱性があり、リモートの攻撃者が機密情報にアクセスできるおそれがあります。この脆弱性に固有の詳細情報から、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-7056</td> + <td><a href="https://android.googlesource.com/platform/external/boringssl/+/13179a8e75fee98740b5ce728752aa7294b3e32d">A-33752052</a></td> + <td>中</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2016 年 12 月 19 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-2">メディアサーバーでのサービス拒否の脆弱性</h3> + +<p>メディアサーバーにサービス拒否の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、端末のハングや再起動を引き起こすおそれがあります。一般的でない端末設定が必要なため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0603</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/36b04932bb93cc3269279282686b439a17a89920">A-35763994</a></td> + <td>中</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-3">メディアサーバーでのサービス拒否の脆弱性</h3> + +<p>メディアサーバーにリモートのサービス拒否の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、端末のハングや再起動を引き起こすおそれがあります。この脆弱性に固有の詳細情報から、この問題の重大度は「低」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0635</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/523f6b49c1a2289161f40cf9fe80b92e592e9441">A-35467107</a></td> + <td>低</td> + <td>すべて</td> + <td>7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 16 日</td> + </tr> +</tbody></table> + +<h2 id="2017-05-05-details">セキュリティ パッチ レベル 2017-05-05 の脆弱性の詳細</h2> + +<p>パッチレベル 2017-05-05 に該当するセキュリティ脆弱性の各項目について、下記に詳細を説明します。問題の内容とその重大度の根拠について説明し、CVE、関連する参照先、重大度、更新対象の Google 端末、更新対象の AOSP バージョン(該当する場合)、報告日を表にまとめています。その問題に対処した、一般公開されている変更(AOSP の変更の一覧など)がある場合は、そのバグ ID にリンクを設定しています。複数の変更が同じバグに関係する場合は、バグ ID の後に記載した番号に、追加の参照へのリンクを設定しています。</p> + +<h3 id="rce-in-giflib">GIFLIB でのリモートコード実行の脆弱性</h3> + +<p>GIFLIB にリモートコード実行の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、メディア ファイルやデータの処理中にメモリ破壊を引き起こすおそれがあります。メディアサーバーのプロセスにおいてリモートでコードが実行されるおそれがあるため、この問題は「重大」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2015-7555</td> + <td><a href="https://android.googlesource.com/platform/external/giflib/+/dc07290edccc2c3fc4062da835306f809cea1fdc">A-34697653</a></td> + <td>重大</td> + <td>すべて</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2016 年 4 月 13 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-touchscreen-driver">MediaTek タッチスクリーン ドライバでの権限昇格の脆弱性</h3> + +<p>MediaTek タッチスクリーン ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10274</td> + <td>A-30202412*<br /> + M-ALPS02897901</td> + <td>重大</td> + <td>なし**</td> + <td>2016 年 7 月 16 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="eop-in-qualcomm-bootloader">Qualcomm ブートローダーでの権限昇格の脆弱性</h3> + +<p>Qualcomm ブートローダーに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10275</td> + <td>A-34514954<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=1a0a15c380e11fc46f8d8706ea5ae22b752bdd0b"> +QC-CR#1009111</a></td> + <td>重大</td> + <td>Nexus 5X、Nexus 6、Pixel、Pixel XL、Android One</td> + <td>2016 年 9 月 13 日</td> + </tr> + <tr> + <td>CVE-2016-10276</td> + <td>A-32952839<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=5dac431748027e8b50a5c4079967def4ea53ad64"> +QC-CR#1094105</a></td> + <td>重大</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td> + <td>2016 年 11 月 16 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-sound-subsystem">カーネル サウンド サブシステムでの権限昇格の脆弱性</h3> + +<p>カーネル サウンド サブシステムに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-9794</td> + <td>A-34068036<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=a27178e05b7c332522df40904f27674e36ee3757"> +アップストリーム カーネル</a></td> + <td>重大</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2016 年 12 月 3 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-motorola-bootloader">Motorola ブートローダーでの権限昇格の脆弱性</h3> + +<p>Motorola ブートローダーに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってブートローダー内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10277</td> + <td>A-33840490*<br /> + </td> + <td>重大</td> + <td>Nexus 6</td> + <td>2016 年 12 月 21 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="eop-in-nvidia-video-driver">NVIDIA ビデオドライバでの権限昇格の脆弱性</h3> + +<p>NVIDIA ビデオドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0331</td> + <td>A-34113000*<br /> + N-CVE-2017-0331</td> + <td>重大</td> + <td>Nexus 9</td> + <td>2017 年 1 月 4 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="eop-in-qualcomm-power-driver">Qualcomm 電源ドライバでの権限昇格の脆弱性</h3> + +<p>カーネルの Qualcomm 電源ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0604</td> + <td>A-35392981<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6975e2dd5f37de965093ba3a8a08635a77a960f7"> +QC-CR#826589</a></td> + <td>重大</td> + <td>なし*</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="eop-in-kernel-trace-subsystem">カーネル トレース サブシステムでの権限昇格の脆弱性</h3> + +<p>カーネル トレース サブシステムに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。ローカルでの永久的な端末の侵害につながるおそれがあり、端末を修復するにはオペレーティング システムの再適用が必要になる可能性があるため、この問題は「重大」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0605</td> + <td>A-35399704<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> +QC-CR#1048480</a></td> + <td>重大</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="vulnerabilities-in-qualcomm-components">Qualcomm コンポーネントでの脆弱性</h3> + +<p>Qualcomm コンポーネントに影響する脆弱性は次のとおりです。詳細については、Qualcomm AMSS の 2016 年 8 月、9 月、10 月、12 月のセキュリティに関する公開情報をご覧ください。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10240</td> + <td>A-32578446**<br /> + QC-CR#955710</td> + <td>重大</td> + <td>Nexus 6P</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2016-10241</td> + <td>A-35436149**<br /> + QC-CR#1068577</td> + <td>重大</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2016-10278</td> + <td>A-31624008**<br /> + QC-CR#1043004</td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2016-10279</td> + <td>A-31624421**<br /> + QC-CR#1031821</td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>Qualcomm 社内</td> + </tr> +</tbody></table> + +<p>* この一連の問題の重大度はベンダーが決定したものです。</p> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>*** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="rce-in-libxml2">libxml2 でのリモートコード実行の脆弱性</h3> + +<p>libxml2 にリモートコード実行の脆弱性があるため、攻撃者が特別に細工したファイルを使用して、非特権プロセス内で任意のコードを実行するおそれがあります。このライブラリを使用するアプリでリモートコードが実行される可能性があるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>更新対象の AOSP バージョン</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-5131</td> + <td>A-32956747*</td> + <td>高</td> + <td>なし**</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0</td> + <td>2016 年 7 月 23 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="eop-in-mediatek-thermal-driver">MediaTek サーマル ドライバでの権限昇格の脆弱性</h3> + +<p>MediaTek サーマル ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10280</td> + <td>A-28175767*<br /> + M-ALPS02696445</td> + <td>高</td> + <td>なし**</td> + <td>2016 年 4 月 11 日</td> + </tr> + <tr> + <td>CVE-2016-10281</td> + <td>A-28175647*<br /> + M-ALPS02696475</td> + <td>高</td> + <td>なし**</td> + <td>2016 年 4 月 11 日</td> + </tr> + <tr> + <td>CVE-2016-10282</td> + <td>A-33939045*<br /> + M-ALPS03149189</td> + <td>高</td> + <td>なし**</td> + <td>2016 年 12 月 27 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm Wi-Fi ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10283</td> + <td>A-32094986<br /> + <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=93863644b4547324309613361d70ad9dc91f8dfd"> +QC-CR#2002052</a></td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL、Android One</td> + <td>2016 年 10 月 11 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-video-driver">Qualcomm ビデオドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm ビデオドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10284</td> + <td>A-32402303*<br /> + QC-CR#2000664</td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 10 月 24 日</td> + </tr> + <tr> + <td>CVE-2016-10285</td> + <td>A-33752702<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67dfd3a65336e0b3f55ee83d6312321dc5f2a6f9"> +QC-CR#1104899</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 12 月 19 日</td> + </tr> + <tr> + <td>CVE-2016-10286</td> + <td>A-35400904<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=5d30a3d0dc04916ddfb972bfc52f8e636642f999"> +QC-CR#1090237</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="eop-in-kernel-performance-subsystem">カーネル パフォーマンス サブシステムでの権限昇格の脆弱性</h3> + +<p>カーネル パフォーマンス サブシステムに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2015-9004</td> + <td>A-34515362<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"> +アップストリーム カーネル</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2016 年 11 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-driver">Qualcomm サウンド ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm サウンド ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10287</td> + <td>A-33784446<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=937bc9e644180e258c68662095861803f7ba4ded"> +QC-CR#1112751</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 12 月 20 日</td> + </tr> + <tr> + <td>CVE-2017-0606</td> + <td>A-34088848<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=d3237316314c3d6f75a58192971f66e3822cd250"> +QC-CR#1116015</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 1 月 3 日</td> + </tr> + <tr> + <td>CVE-2016-5860</td> + <td>A-34623424<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=9f91ae0d7203714fc39ae78e1f1c4fd71ed40498"> +QC-CR#1100682</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 1 月 22 日</td> + </tr> + <tr> + <td>CVE-2016-5867</td> + <td>A-35400602<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5"> +QC-CR#1095947</a></td> + <td>高</td> + <td>なし*</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0607</td> + <td>A-35400551<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b003c8d5407773d3aa28a48c9841e4c124da453d"> +QC-CR#1085928</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0608</td> + <td>A-35400458<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b66f442dd97c781e873e8f7b248e197f86fd2980"> +QC-CR#1098363</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0609</td> + <td>A-35399801<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=38a83df036084c00e8c5a4599c8ee7880b4ee567"> +QC-CR#1090482</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2016-5859</td> + <td>A-35399758<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=97fdb441a9fb330a76245e473bc1a2155c809ebe"> +QC-CR#1096672</a></td> + <td>高</td> + <td>なし*</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0610</td> + <td>A-35399404<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=65009746a6e649779f73d665934561ea983892fe"> +QC-CR#1094852</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0611</td> + <td>A-35393841<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=1aa5df9246557a98181f03e98530ffd509b954c8"> +QC-CR#1084210</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2016-5853</td> + <td>A-35392629<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a8f3b894de319718aecfc2ce9c691514696805be"> +QC-CR#1102987</a></td> + <td>高</td> + <td>なし*</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="eop-in-qualcomm-led-driver">Qualcomm LED ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm LED ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10288</td> + <td>A-33863909<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=db2cdc95204bc404f03613d5dd7002251fb33660"> +QC-CR#1109763</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 12 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-crypto-driver">Qualcomm crypto ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm crypto ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10289</td> + <td>A-33899710<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a604e6f3889ccc343857532b63dea27603381816"> +QC-CR#1116295</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 12 月 24 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-shared-memory-driver">Qualcomm 共有メモリドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm 共有メモリドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10290</td> + <td>A-33898330<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td> + <td>2016 年 12 月 24 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-slimbus-driver">Qualcomm Slimbus ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm Slimbus ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10291</td> + <td>A-34030871<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a225074c0494ca8125ca0ac2f9ebc8a2bd3612de"> +QC-CR#986837</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Android One</td> + <td>2016 年 12 月 31 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm ADSPRPC ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0465</td> + <td>A-34112914<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=3823f0f8d0bbbbd675a42a54691f4051b3c7e544"> +QC-CR#1110747</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 1 月 5 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm Secure Execution Environment Communicator ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm Secure Execution Environment Communicator ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0612</td> + <td>A-34389303<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=05efafc998dc86c3b75af9803ca71255ddd7a8eb"> +QC-CR#1061845</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 1 月 10 日</td> + </tr> + <tr> + <td>CVE-2017-0613</td> + <td>A-35400457<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b108c651cae9913da1ab163cb4e5f7f2db87b747"> +QC-CR#1086140</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0614</td> + <td>A-35399405<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=fc2ae27eb9721a0ce050c2062734fec545cda604"> +QC-CR#1080290</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-power-driver">MediaTek 電源ドライバでの権限昇格の脆弱性</h3> + +<p>MediaTek 電源ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0615</td> + <td>A-34259126*<br /> + M-ALPS03150278</td> + <td>高</td> + <td>なし**</td> + <td>2017 年 1 月 12 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="eop-in-mediatek-system-management-interrupt-driver">MediaTek システム管理割り込みドライバでの権限昇格の脆弱性</h3> + +<p>MediaTek システム管理割り込みドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0616</td> + <td>A-34470286*<br /> + M-ALPS03149160</td> + <td>高</td> + <td>なし**</td> + <td>2017 年 1 月 19 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="eop-in-mediatek-video-driver">MediaTek ビデオドライバでの権限昇格の脆弱性</h3> + +<p>MediaTek ビデオドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0617</td> + <td>A-34471002*<br /> + M-ALPS03149173</td> + <td>高</td> + <td>なし**</td> + <td>2017 年 1 月 19 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="eop-in-mediatek-command-queue-driver">MediaTek コマンドキュー ドライバでの権限昇格の脆弱性</h3> + +<p>MediaTek コマンドキュー ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0618</td> + <td>A-35100728*<br /> + M-ALPS03161536</td> + <td>高</td> + <td>なし**</td> + <td>2017 年 2 月 7 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="eop-in-qualcomm-pin-controller-driver">Qualcomm ピン コントローラ ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm ピン コントローラ ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0619</td> + <td>A-35401152<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.14/commit/?id=72f67b29a9c5e6e8d3c34751600c749c5f5e13e1"> +QC-CR#826566</a></td> + <td>高</td> + <td>Nexus 6、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-channel-manager-driver">Qualcomm Secure Channel Manager ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm Secure Channel Manager ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0620</td> + <td>A-35401052<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=01b2c9a5d728ff6f2f1f28a5d4e927aaeabf56ed"> +QC-CR#1081711</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-codec-driver">Qualcomm サウンド コーデック ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm サウンド コーデック ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-5862</td> + <td>A-35399803<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04"> +QC-CR#1099607</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-voltage-regulator-driver">カーネルの電圧レギュレータ ドライバでの権限昇格の脆弱性</h3> + +<p>カーネルの電圧レギュレータ ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2014-9940</td> + <td>A-35399757<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba"> +アップストリーム カーネル</a></td> + <td>高</td> + <td>Nexus 6、Nexus 9、Pixel C、Android One、Nexus Player</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-camera-driver">Qualcomm カメラドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm カメラドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0621</td> + <td>A-35399703<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=9656e2c2b3523af20502bf1e933e35a397f5e82f"> +QC-CR#831322</a></td> + <td>高</td> + <td>Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-networking-driver">Qualcomm ネットワーク ドライバでの権限昇格の脆弱性</h3> + +<p>Qualcomm ネットワーク ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-5868</td> + <td>A-35392791<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c"> +QC-CR#1104431</a></td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-networking-subsystem">カーネル ネットワーク サブシステムでの権限昇格の脆弱性</h3> + +<p>カーネル ネットワーク サブシステムに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-7184</td> + <td>A-36565222<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a"> +アップストリーム カーネル</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df"> +[2]</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Android One</td> + <td>2017 年 5 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-goodix-touchscreen-driver">Goodix タッチスクリーン ドライバでの権限昇格の脆弱性</h3> + +<p>Goodix タッチスクリーン ドライバに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってカーネル内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0622</td> + <td>A-32749036<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=40efa25345003a96db34effbd23ed39530b3ac10"> +QC-CR#1098602</a></td> + <td>高</td> + <td>Android One</td> + <td>Google 社内</td> + </tr> +</tbody></table> + +<h3 id="eop-in-htc-bootloader">HTC ブートローダーでの権限昇格の脆弱性</h3> + +<p>HTC ブートローダーに権限昇格の脆弱性があるため、悪意のあるローカルアプリによってブートローダー内で任意のコードが実行されるおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0623</td> + <td>A-32512358*<br /> + </td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>Google 社内</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi ドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm Wi-Fi ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。ユーザーの明示的な許可を得ずに機密データにアクセスすることに利用される可能性があるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0624</td> + <td>A-34327795*<br /> + QC-CR#2005832</td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL</td> + <td>2017 年 1 月 16 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="id-in-mediatek-command-queue-driver">MediaTek コマンドキュー ドライバでの情報開示の脆弱性</h3> + +<p>MediaTek コマンドキュー ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。ユーザーの明示的な許可を得ずに機密データにアクセスすることに利用される可能性があるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0625</td> + <td>A-35142799*<br /> + M-ALPS03161531</td> + <td>高</td> + <td>なし**</td> + <td>2017 年 2 月 8 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="id-in-qualcomm-crypto-engine-driver">Qualcomm crypto エンジン ドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm crypto エンジン ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。ユーザーの明示的な許可を得ずに機密データにアクセスすることに利用される可能性があるため、この問題の重大度は「高」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0626</td> + <td>A-35393124<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=64551bccab9b5b933757f6256b58f9ca0544f004"> +QC-CR#1088050</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi ドライバでのサービス拒否の脆弱性</h3> + +<p>Qualcomm Wi-Fi ドライバにサービス拒否の脆弱性があるため、近くにいる攻撃者が Wi-Fi サブシステムでサービス拒否を引き起こすおそれがあります。リモートでのサービス拒否のおそれがあるため、この問題の重大度は「高」と判断されています</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10292</td> + <td>A-34514463*<br /> + QC-CR#1065466</td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL</td> + <td>2016 年 12 月 16 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="id-in-kernel-uvc-driver">カーネル UVC ドライバでの情報開示の脆弱性</h3> + +<p>カーネル UVC ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0627</td> + <td>A-33300353*<br /> + </td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Nexus 9、Pixel C、Nexus Player</td> + <td>2016 年 12 月 2 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="id-in-qualcomm-video-driver">Qualcomm ビデオドライバでの情報開示の脆弱性</h3> + +<p> +Qualcomm ビデオドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10293</td> + <td>A-33352393<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2469d5374745a2228f774adbca6fb95a79b9047f"> +QC-CR#1101943</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Android One</td> + <td>2016 年 12 月 4 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-power-driver-(device-specific)">Qualcomm 電源ドライバでの情報開示の脆弱性(端末固有)</h3> + +<p>Qualcomm 電源ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10294</td> + <td>A-33621829<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e9bc51ffb8a298f0be5befe346762cdb6e1d49c"> +QC-CR#1105481</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td> + <td>2016 年 12 月 14 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-led-driver">Qualcomm LED ドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm LED ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10295</td> + <td>A-33781694<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f11ae3df500bc2a093ddffee6ea40da859de0fa9"> +QC-CR#1109326</a></td> + <td>中</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 12 月 20 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-shared-memory-driver">Qualcomm 共有メモリドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm 共有メモリドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-10296</td> + <td>A-33845464<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 12 月 22 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver">Qualcomm カメラドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm カメラドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0628</td> + <td>A-34230377<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Pixel、Pixel XL</td> + <td>2017 年 1 月 10 日</td> + </tr> + <tr> + <td>CVE-2017-0629</td> + <td>A-35214296<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Pixel、Pixel XL</td> + <td>2017 年 2 月 8 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-kernel-trace-subsystem">カーネル トレース サブシステムでの情報開示の脆弱性</h3> + +<p>カーネル トレース サブシステムに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0630</td> + <td>A-34277115*<br /> + </td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2017 年 1 月 11 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="id-in-qualcomm-sound-codec-driver">Qualcomm サウンド コーデック ドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm サウンド コーデック ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-5858</td> + <td>A-35400153<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711"> +QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6"> +[2]</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver-2">Qualcomm カメラドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm カメラドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0631</td> + <td>A-35399756<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=8236d6ebc7e26361ca7078cbeba01509f10941d8"> +QC-CR#1093232</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-sound-driver">Qualcomm サウンド ドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm サウンド ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-5347</td> + <td>A-35394329<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=f14390f13e62460fc6b05fc0acde0e825374fdb6"> +QC-CR#1100878</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-spcom-driver">Qualcomm SPCom ドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm SPCom ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2016-5854</td> + <td>A-35392792<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=28d23d4d7999f683b27b6e0c489635265b67a4c9"> +QC-CR#1092683</a></td> + <td>中</td> + <td>なし*</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2016-5855</td> + <td>A-35393081<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a5edb54e93ba85719091fe2bc426d75fa7059834"> +QC-CR#1094143</a></td> + <td>中</td> + <td>なし*</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h3 id="id-in-qualcomm-sound-codec-driver-2">Qualcomm サウンド コーデック ドライバでの情報開示の脆弱性</h3> + +<p>Qualcomm サウンド コーデック ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0632</td> + <td>A-35392586<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=970d6933e53c1f7ca8c8b67f49147b18505c3b8f"> +QC-CR#832915</a></td> + <td>中</td> + <td>Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-broadcom-wi-fi-driver">Broadcom Wi-Fi ドライバでの情報開示の脆弱性</h3> + +<p>Broadcom Wi-Fi ドライバに情報開示の脆弱性があるため、悪意のあるローカル コンポーネントが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0633</td> + <td>A-36000515*<br /> + B-RB#117131</td> + <td>中</td> + <td>Nexus 6、Nexus 6P、Nexus 9、Pixel C、Nexus Player</td> + <td>2017 年 2 月 23 日</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="id-in-synaptics-touchscreen-driver">Synaptics タッチスクリーン ドライバでの情報開示の脆弱性</h3> + +<p>Synaptics タッチスクリーン ドライバに情報開示の脆弱性があるため、悪意のあるローカルアプリが権限レベルの範囲外のデータにアクセスするおそれがあります。最初に特権プロセスへの侵入が必要であるため、この問題の重大度は「中」と判断されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2017-0634</td> + <td>A-32511682*<br /> + </td> + <td>中</td> + <td>Pixel、Pixel XL</td> + <td>Google 社内</td> + </tr> +</tbody></table> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<h3 id="vulnerabilities-in-qualcomm-components-2">Qualcomm コンポーネントでの脆弱性</h3> + +<p>Qualcomm コンポーネントに影響する次の脆弱性は、2014~2016 年に Qualcomm AMSS のセキュリティに関する公開情報としてリリースされたものです。これらは Android のセキュリティ パッチ レベルとの関連付けのため、今回の「Android のセキュリティに関する公開情報」に追記されています。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参照</th> + <th>重大度</th> + <th>更新対象の Google 端末</th> + <th>報告日</th> + </tr> + <tr> + <td>CVE-2014-9923</td> + <td>A-35434045**<br /> + QC-CR#403910</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9924</td> + <td>A-35434631**<br /> + QC-CR#596102</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9925</td> + <td>A-35444657**<br /> + QC-CR#638130</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9926</td> + <td>A-35433784**<br /> + QC-CR#631527</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9927</td> + <td>A-35433785**<br /> + QC-CR#661111</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9928</td> + <td>A-35438623**<br /> + QC-CR#696972</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9929</td> + <td>A-35443954**<br /> + QC-CR#644783</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9930</td> + <td>A-35432946**<br /> + QC-CR#634637</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2015-9005</td> + <td>A-36393500**<br /> + QC-CR#741548</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2015-9006</td> + <td>A-36393450**<br /> + QC-CR#750559</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2015-9007</td> + <td>A-36393700**<br /> + QC-CR#807173</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2016-10297</td> + <td>A-36393451**<br /> + QC-CR#1061123</td> + <td>重大</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9941</td> + <td>A-36385125**<br /> + QC-CR#509915</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9942</td> + <td>A-36385319**<br /> + QC-CR#533283</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9943</td> + <td>A-36385219**<br /> + QC-CR#546527</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9944</td> + <td>A-36384534**<br /> + QC-CR#613175</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9945</td> + <td>A-36386912**<br /> + QC-CR#623452</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9946</td> + <td>A-36385281**<br /> + QC-CR#520149</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9947</td> + <td>A-36392400**<br /> + QC-CR#650540</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9948</td> + <td>A-36385126**<br /> + QC-CR#650500</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9949</td> + <td>A-36390608**<br /> + QC-CR#652426</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9950</td> + <td>A-36385321**<br /> + QC-CR#655530</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9951</td> + <td>A-36389161**<br /> + QC-CR#525043</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> + <tr> + <td>CVE-2014-9952</td> + <td>A-36387019**<br /> + QC-CR#674836</td> + <td>高</td> + <td>なし***</td> + <td>Qualcomm 社内</td> + </tr> +</tbody></table> + +<p>* この一連の問題の重大度はベンダーが決定したものです。</p> + +<p>* この問題に対するパッチは公開されていません。アップデートは <a href="https://developers.google.com/android/nexus/drivers">Google デベロッパー サイト</a>から入手できる Nexus 端末用最新バイナリ ドライバに含まれています。</p> + +<p>*** Android 7.1.1 以降が搭載されたサポート対象の Google 端末において、適用できるすべてのアップデートがインストールされている場合は、この脆弱性が悪用されることはありません。</p> + +<h2 id="common-questions-and-answers">一般的な質問と回答</h2> +<p>上記の公開情報に対する一般的な質問について、以下で回答します。</p> + +<p><strong>1. 上記の問題に対処するように端末が更新されているかどうかをどのように判断すればよいですか? +</strong></p> + +<p>端末のセキュリティ パッチ レベルを確認する方法については、<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel および Nexus のアップデート スケジュール</a>に記載されている手順をご覧ください。</p> + +<ul> +<li>セキュリティ パッチ レベル 2017-05-01 以降では、セキュリティ パッチ レベル 2017-05-01 に関連するすべての問題に対処しています。</li> +<li>セキュリティ パッチ レベル 2017-05-05 以降では、セキュリティ パッチ レベル 2017-05-05、およびそれ以前のすべてのパッチレベルに関連するすべての問題に対処しています。 +</li> +</ul> + +<p>このアップデートを組み込んだ端末メーカーは、パッチレベル文字列を以下に設定する必要があります。</p> +<ul> +<li>[ro.build.version.security_patch]:[2017-05-01]</li> +<li>[ro.build.version.security_patch]:[2017-05-05]</li> +</ul> + +<p><strong>2. この公開情報に 2 つのセキュリティ パッチ レベルがあるのはなぜですか?</strong></p> + +<p>この公開情報では、2 つのセキュリティ パッチ レベルを定義しています。これは、すべての Android 搭載端末で同様の問題が発生する一部の脆弱性をサブセットとし、Android パートナーが迅速かつ柔軟に修正できるようにするためです。Android パートナーには、この公開情報に掲載されている問題をすべて修正し、最新のセキュリティ パッチ レベルを使用することが推奨されています。</p> +<ul> +<li>2017 年 5 月 1 日のセキュリティ パッチ レベルを使用する端末には、そのセキュリティ パッチ レベルに関連するすべての問題と、それ以前のセキュリティに関する公開情報で報告されたすべての問題の修正を組み込む必要があります。</li> +<li>2017 年 5 月 5 日以降のセキュリティ パッチ レベルを使用する端末には、今回(およびそれ以前)のセキュリティに関する公開情報に掲載された、該当するすべてのパッチを組み込む必要があります。</li> +</ul> + +<p>パートナーには、対処するすべての問題の修正を 1 つのアップデートにまとめて提供することが推奨されています。</p> + +<p><strong>3. 各問題の影響を受ける Google 端末を判断するにはどうすればよいですか?</strong></p> + +<p><a href="#2017-05-01-details">2017-05-01</a> と <a href="#2017-05-05-details">2017-05-05</a> のセキュリティの脆弱性の詳細に関するセクションで、各表中の「更新対象の Google 端末」列に、その問題の影響を受ける、更新対象の Google 端末の種類を記載しています。<em></em>この列には次のいずれかが表示されています。</p> +<ul> +<li><strong>すべての Google 端末</strong>: 問題がすべての端末と Pixel 端末に影響を与える場合、表の「更新対象の Google 端末」列には「すべて」と記載されています。<em></em>「すべて」には<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">サポート対象の端末</a>(Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Android One、Nexus Player、Pixel C、Pixel、Pixel XL)が含まれます。</li> +<li><strong>一部の Google 端末</strong>: 問題が一部の Google 端末のみに影響する場合、「更新対象の Google 端末」列には影響を受ける Google 端末が記載されています。<em></em></li> +<li><strong>影響を受ける Google 端末がない</strong>: Android 7.0 を搭載した Google 端末が問題の影響を受けない場合、表の「更新対象の Google 端末」列には「なし」と記載されています。<em></em></li> +</ul> +<p><strong>4. 「参照」列の項目はどのような情報に関連付けられていますか?</strong></p> + +<p>脆弱性の詳細の表で「参照」列に記載した内容には、その参照番号が属す組織を示す接頭辞を含めている場合があります。<em></em>各接頭辞の意味は以下のとおりです。</p> + +<table> + <tbody><tr> + <th>接頭辞</th> + <th>参照</th> + </tr> + <tr> + <td>A-</td> + <td>Android バグ ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm の参照番号</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek の参照番号</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA の参照番号</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom の参照番号</td> + </tr> +</tbody></table> +<h2 id="revisions">改訂</h2> +<ul> +<li>2017 年 5 月 1 日: 情報公開</li> +<li>2017 年 5 月 2 日: 公開情報を改訂し AOSP リンクを追加</li> +</ul> + +</body></html>
\ No newline at end of file diff --git a/ko/security/bulletin/2017-05-01.html b/ko/security/bulletin/2017-05-01.html new file mode 100644 index 00000000..b9220c90 --- /dev/null +++ b/ko/security/bulletin/2017-05-01.html @@ -0,0 +1,2952 @@ +<html devsite><head> + <title>Android 보안 게시판 — 2017년 5월</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><em>2017년 5월 1일 게시됨 | 2017년 5월 2일 업데이트됨</em></p> + +<p>Android 보안 게시판에서는 Android 기기에 영향을 미치는 보안 취약성 +세부정보를 다룹니다. 게시판과 함께 무선(OTA) 업데이트를 통해 +Nexus 기기의 보안 업데이트가 출시되었습니다. Google 기기 펌웨어 이미지도 +<a href="https://developers.google.com/android/nexus/images">Google 개발자 사이트</a>에 게시되었습니다. 아래 목록의 문제는 2017년 5월 5일 +보안 패치 수준 이상에서 모두 해결되었습니다. <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 및 Nexus 업데이트 일정</a>을 +참조하여 기기의 보안 패치 수준을 확인하는 방법을 알아보세요.</p> + +<p>파트너에게는 게시판에 설명된 문제에 관한 알림을 +2017년 4월 3일 이전에 전달했습니다. 이러한 문제를 해결하기 위한 소스 코드 패치는 +Android 오픈소스 프로젝트(AOSP) 저장소에 배포되었으며 이 게시판에도 링크되어 있습니다. +이 게시판에는 AOSP 외부의 패치 링크도 포함되어 있습니다.</p> + +<p>이 중 가장 심각한 문제는 미디어 파일을 처리할 때 +이메일과 웹 탐색, MMS 등 여러 방법을 통해 대상 기기에서 +원격으로 코드를 실행할 수 있게 하는 심각한 보안 취약성입니다. <a href="/security/overview/updates-resources.html#severity">심각도 평가</a>는 +개발 목적으로 플랫폼 및 서비스 완화를 사용할 수 없거나 +우회에 성공한 경우 취약성 악용으로 인해 대상 기기가 받는 영향을 +기준으로 내려집니다.</p> + +<p>실제 고객이 새로 보고된 이러한 문제로 인해 악용당했다는 신고는 +접수되지 않았습니다. <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>과 같이 Android 플랫폼의 보안을 개선하는 +<a href="/security/enhancements/index.html">Android 보안 플랫폼 보호</a> 및 서비스 보호 기능에 관해 +자세히 알아보려면 <a href="#mitigations">Android 및 Google 서비스 완화</a> +섹션을 참조하세요.</p> + +<p>모든 고객은 기기에서 이 업데이트를 수락하는 것이 좋습니다.</p> +<h2 id="announcements">공지사항</h2> +<ul> +<li>이 게시판에는 Android 파트너가 모든 Android 기기에서 유사하게 발생하는 +취약성 문제의 일부를 더욱 빠르고 유연하게 해결하기 위한 +두 가지 보안 패치 수준 문자열이 포함되어 있습니다. 자세한 내용은 <a href="#common-questions-and-answers">일반적인 +질문 및 답변</a>을 참조하세요. + <ul> + <li><strong>2017-05-01</strong>: 부분 보안 패치 수준 문자열입니다. 이 보안 패치 수준 문자열은 + 2017-05-01 및 이전의 보안 패치 수준 문자열과 관련된 문제가 + 모두 해결되었음을 나타냅니다.</li> + <li><strong>2017-05-05</strong>: 전체 보안 패치 수준 문자열입니다. 이 보안 패치 수준 문자열은 + 2017-05-01과 2017-05-05 및 이전의 보안 패치 수준 + 문자열과 관련된 문제가 모두 해결되었음을 나타냅니다.</li> +</ul> +</li> +<li>지원되는 Google 기기는 2017년 5월 5일 보안 패치 수준을 단일 OTA +업데이트를 통해 받게 됩니다.</li> +</ul> + +<h2 id="mitigations">Android 및 Google 서비스 완화</h2> + +<p>다음은 SafetyNet과 같은 <a href="/security/enhancements/index.html">Android 보안 플랫폼</a> 및 +서비스 보호 기능에서 제공하는 완화에 관한 요약입니다. +이러한 기능을 통해 Android에서 보안 취약성이 악용될 +가능성을 줄일 수 있습니다.</p> + +<ul> +<li>Android 플랫폼 최신 버전의 향상된 기능으로 Android의 여러 문제를 +악용하기가 더욱 어려워졌습니다. 가능하다면 모든 사용자는 최신 버전의 Android로 +업데이트하는 것이 좋습니다.</li> +<li>Android 보안팀에서는 <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">잠재적으로 위험한 애플리케이션</a>에 관해 +사용자에게 경고를 보내는 <a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">앱 인증 및 SafetyNet</a>을 사용하여 +악용사례를 적극적으로 모니터링합니다. 앱 인증은 <a href="http://www.android.com/gms">Google 모바일 서비스</a>가 적용된 +기기에 기본적으로 사용 설정되어 있으며 Google Play 외부에서 +애플리케이션을 설치하는 사용자에게 특히 중요합니다. Google +Play 내에서 기기 루팅 도구는 금지되어 있지만 +사용자가 감지된 루팅 애플리케이션을 설치하려 하면 출처에 상관없이 +앱 인증이 경고를 표시합니다. 또한 앱 인증은 +권한 승격 취약성을 악용하는 것으로 알려진 악성 애플리케이션을 +식별하고 차단합니다. 이러한 애플리케이션이 이미 설치된 경우 앱 인증에서 사용자에게 +이를 알리고 감지된 애플리케이션을 삭제하려고 시도합니다.</li> +<li>가능한 경우 Google 행아웃과 메신저 애플리케이션은 미디어 서버와 같은 프로세스에 +미디어를 자동으로 전달하지 않습니다.</li> +</ul> + +<h2 id="acknowledgements">감사의 말씀</h2> + +<p>참여해 주신 다음 연구원에게 감사드립니다.</p> +<ul> +<li>Venustech의 ADlab: CVE-2017-0630</li> +<li>Tencent KeenLab(<a href="https://twitter.com/keen_lab">@keen_lab</a>)의 +Di Shen(<a href="https://twitter.com/returnsme">@returnsme</a>): +CVE-2016-10287</li> +<li>Trend Micro의 Ecular Xu(徐健): CVE-2017-0599, CVE-2017-0635</li> +<li><a href="http://www.ms509.com">MS509Team</a>의 En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>), +Bo Liu: CVE-2017-0601</li> +<li><a href="https://twrp.me/">Team Win Recovery Project</a>의 Ethan Yonker: +CVE-2017-0493</li> +<li>Qihoo 360 Technology Co. Ltd. +IceSword Lab의 Gengjia Chen(<a href="https://twitter.com/chengjia4574">@chengjia4574</a>), +<a href="http://weibo.com/jfpan">pjf</a>: CVE-2016-10285, CVE-2016-10288, CVE-2016-10290, +CVE-2017-0624, CVE-2017-0616, CVE-2017-0617, CVE-2016-10294, CVE-2016-10295, +CVE-2016-10296</li> +<li>Tencent PC Manager의 godzheng(郑文选 <a href="https://twitter.com/virtualseekers">@VirtualSeekers</a>): +CVE-2017-0602</li> +<li><a href="http://tuncay2.web.engr.illinois.edu">University of Illinois at +Urbana-Champaign</a>의 <a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz +Seray Tuncay</a>: CVE-2017-0593</li> +<li>Qihoo 360 Technology Co. Ltd. Alpha Team의 Hao Chen, Guang Gong: +CVE-2016-10283</li> +<li>Xiaomi Inc의 Juhu Nie, Yang Cheng, Nan Li, Qiwu Huang: CVE-2016-10276</li> +<li><a href="https://github.com/michalbednarski">Michał Bednarski</a>: +CVE-2017-0598</li> +<li>Tesla's Product Security Team의 Nathan Crandall(<a href="https://twitter.com/natecray">@natecray</a>): +CVE-2017-0331, CVE-2017-0606</li> +<li><a href="mailto:jiych.guru@gmail.com">Niky1235</a>(<a href="https://twitter.com/jiych_guru">@jiych_guru</a>): CVE-2017-0603</li> +<li>Alibaba Mobile Security Group의 Peng Xiao, Chengming Yang, Ning You, +Chao Yang, Yang song: CVE-2016-10281, CVE-2016-10280</li> +<li><a href="https://alephsecurity.com/">Aleph Research</a>의 Roee Hay(<a href="https://twitter.com/roeehay">@roeehay</a>): CVE-2016-10277</li> +<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a>(<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-10274</li> +<li><a href="http://c0reteam.org">C0RE Team</a>의 <a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a>, Xuxian Jiang: CVE-2016-10291</li> +<li>Vasily Vasiliev: CVE-2017-0589</li> +<li><a href="http://www.trendmicro.com">Trend Micro</a> <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a>의 +V.E.O(<a href="https://twitter.com/vysea">@VYSEa</a>): +CVE-2017-0590, CVE-2017-0587, CVE-2017-0600</li> +<li>Tencent Security Platform Department의 Xiling Gong: CVE-2017-0597</li> +<li>360 Marvel Team의 Xingyuan Lin: CVE-2017-0627</li> +<li>Alibaba Inc의 Yong Wang(王勇)(<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>): +CVE-2017-0588</li> +<li>Qihoo 360 Technology Co. Ltd. IceSword Lab의 +Yonggang Guo(<a href="https://twitter.com/guoygang">@guoygang</a>): CVE-2016-10289, CVE-2017-0465</li> +<li>Qihoo 360 Technology Co. Ltd. Vulpecker Team의 Yu Pan: CVE-2016-10282, +CVE-2017-0615</li> +<li>Qihoo 360 Technology Co. Ltd. Vulpecker Team의 Yu Pan, Peide Zhang: +CVE-2017-0618, CVE-2017-0625</li> +</ul> + +<h2 id="2017-05-01-details">2017-05-01 보안 패치 수준—취약성 +세부정보</h2> + +<p>다음 섹션에서는 2017-05-01 패치 수준에 적용되는 +각 보안 취약성에 관해 자세히 알아볼 수 있습니다. 여기에는 문제 설명, +심각도 근거 및 CVE, 관련 참조, 심각도, 업데이트된 Google 기기, 업데이트된 +AOSP 버전(해당하는 경우), 신고된 날짜가 포함된 표가 제시됩니다. 가능한 경우 +AOSP 변경사항 목록과 같이 문제를 해결한 공개 변경사항을 버그 ID에 +연결합니다. 하나의 버그와 관련된 변경사항이 여러 개인 경우 추가 +참조가 버그 ID 다음에 오는 번호에 연결되어 있습니다.</p> + +<h3 id="rce-in-mediaserver">미디어 서버의 +원격 코드 실행 취약성</h3> + +<p>미디어 서버의 원격 코드 실행 취약성으로 인해 특별히 제작된 파일을 사용하는 +공격자가 미디어 파일 및 데이터 처리 중에 메모리 손상을 일으킬 수 +있습니다. 이 문제는 미디어 서버 프로세스 내에서 원격 코드를 실행할 가능성이 있으므로 +심각도 심각으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0587</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/a86eb798d077b9b25c8f8c77e3c02c2f287c1ce7">A-35219737</a></td> + <td>심각</td> + <td>모두</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 1월 4일</td> + </tr> + <tr> + <td>CVE-2017-0588</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6f1d990ce0f116a205f467d9eb2082795e33872b">A-34618607</a></td> + <td>심각</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 1월 21일</td> + </tr> + <tr> + <td>CVE-2017-0589</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/bcfc7124f6ef9f1ec128fb2e90de774a5b33d199">A-34897036</a></td> + <td>심각</td> + <td>모두</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 2월 1일</td> + </tr> + <tr> + <td>CVE-2017-0590</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/45c97f878bee15cd97262fe7f57ecea71990fed7">A-35039946</a></td> + <td>심각</td> + <td>모두</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 2월 6일</td> + </tr> + <tr> + <td>CVE-2017-0591</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d">A-34097672</a></td> + <td>심각</td> + <td>모두</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Google 사내용</td> + </tr> + <tr> + <td>CVE-2017-0592</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/acc192347665943ca674acf117e4f74a88436922">A-34970788</a></td> + <td>심각</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Google 사내용</td> + </tr> +</tbody></table> + +<h3 id="eop-in-framework-apis">프레임워크 API의 권한 승격 +취약성</h3> + +<p>프레임워크 API의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이 +맞춤 권한에 액세스할 수 있습니다. 이 문제는 애플리케이션 데이터를 +다른 애플리케이션으로부터 분리하는 운영체제 보호를 일반적으로 +우회하는 것이므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0593</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/78efbc95412b8efa9a44d573f5767ae927927d48">A-34114230</a></td> + <td>높음</td> + <td>모두</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 1월 5일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediaserver">미디어 서버의 권한 승격 +취약성</h3> + +<p>미디어 서버의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이 +권한이 설정된 프로세스의 컨텍스트 내에서 임의의 코드를 실행할 수 +있습니다. 이 문제는 보통 타사 애플리케이션이 액세스할 수 없는 승격된 +권한으로의 로컬 액세스 권한을 확보하는 데 사용될 수 있으므로 심각도 높음으로 +평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0594</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb">A-34617444</a></td> + <td>높음</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 1월 22일</td> + </tr> + <tr> + <td>CVE-2017-0595</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34705519</a></td> + <td>높음</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> + <td>2017년 1월 24일</td> + </tr> + <tr> + <td>CVE-2017-0596</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34749392</a></td> + <td>높음</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> + <td>2017년 1월 24일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-audioserver">오디오 서버의 권한 승격 +취약성</h3> + +<p>오디오 서버의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이 +권한이 설정된 프로세스의 컨텍스트 내에서 임의의 코드를 실행할 수 +있습니다. 이 문제는 보통 타사 애플리케이션이 액세스할 수 없는 승격된 +권한으로의 로컬 액세스 권한을 확보하는 데 사용될 수 있으므로 심각도 높음으로 +평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0597</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a9188f89179a7edd301abaf37d644adf5d647a04">A-34749571</a></td> + <td>높음</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 1월 25일</td> + </tr> +</tbody></table> + +<h3 id="id-in-framework-apis">프레임워크 API의 정보 공개 +취약성</h3> + +<p>프레임워크 API의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이 +애플리케이션 데이터를 다른 애플리케이션으로부터 분리하는 운영체제 보호를 +우회할 수 있습니다. 이 문제는 애플리케이션이 액세스할 수 없는 데이터의 +액세스 권한을 확보하는 데 사용될 수 있으므로 심각도 +높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0598</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> + <td>높음</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 1월 6일</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver">미디어 서버의 서비스 거부(DoS) 취약성</h3> + +<p>미디어 서버의 원격 서비스 거부 취약성으로 인해 특별히 제작된 파일을 사용하는 +공격자가 기기를 지연시키거나 재부팅되게 만들 수 있습니다. 이 문제는 +원격 서비스 거부를 일으킬 수 있으므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0599</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a1424724a00d62ac5efa0e27953eed66850d662f">A-34672748</a></td> + <td>높음</td> + <td>모두</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 1월 23일</td> + </tr> + <tr> + <td>CVE-2017-0600</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0">A-35269635</a></td> + <td>높음</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 2월 10일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-bluetooth">블루투스의 권한 승격 +취약성</h3> + +<p>블루투스의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이 사용자 권한 없이 +블루투스를 통해 유해한 파일이 공유되도록 허용할 수 있습니다. 이 문제는 +사용자 상호작용 요구사항을 로컬에서 우회할 수 있게 하므로 +심각도 보통으로 평가됩니다. </p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0601</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/667d2cbe3eb1450f273a4f6595ccef35e1f0fe4b">A-35258579</a></td> + <td>보통</td> + <td>모두</td> + <td>7.0, 7.1.1, 7.1.2</td> + <td>2017년 2월 9일</td> + </tr> +</tbody></table> + +<h3 id="id-in-file-based-encryption">파일 기반 암호화의 정보 공개 +취약성</h3> + +<p>파일 기반 암호화의 정보 공개 취약성으로 인해 로컬 악성 공격자가 +애플리케이션 데이터를 잠금 화면의 운영체제 보호를 +우회할 수 있습니다. 이 문제는 잠금 화면을 우회할 가능성이 있으므로 +심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0493</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>]</td> + <td>보통</td> + <td>모두</td> + <td>7.0, 7.1.1</td> + <td>2016년 11월 9일</td> + </tr> +</tbody></table> + +<h3 id="id-in-bluetooth">블루투스의 정보 공개 취약성</h3> + +<p>블루투스의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이 +애플리케이션 데이터를 다른 애플리케이션으로부터 분리하는 운영체제 보호를 +우회할 수 있습니다. 이 문제는 +취약성 관련 세부정보로 인해 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0602</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/a4875a49404c544134df37022ae587a4a3321647">A-34946955</a></td> + <td>보통</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2016년 12월 5일</td> + </tr> +</tbody></table> + +<h3 id="id-in-openssl-&-boringssl">OpenSSL 및 BoringSSL의 정보 공개 취약성</h3> + +<p>OpenSSL 및 BoringSSL의 정보 공개 취약성으로 인해 +원격 공격자가 민감한 정보에 액세스할 수 +있습니다. 이 문제는 취약성 관련 +세부정보로 인해 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-7056</td> + <td><a href="https://android.googlesource.com/platform/external/boringssl/+/13179a8e75fee98740b5ce728752aa7294b3e32d">A-33752052</a></td> + <td>보통</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2016년 12월 19일</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-2">미디어 서버의 서비스 거부(DoS) +취약성</h3> + +<p>미디어 서버의 서비스 거부(DoS) 취약성으로 인해 공격자가 특별히 제작된 +파일을 사용하여 기기 지연이나 재부팅을 유발할 수 있습니다. 이 문제는 +일반적이지 않은 기기 설정이 필요하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0603</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/36b04932bb93cc3269279282686b439a17a89920">A-35763994</a></td> + <td>보통</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2017년 2월 23일</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-3">미디어 서버의 서비스 거부(DoS) +취약성</h3> + +<p>미디어 서버의 원격 서비스 거부 취약성으로 인해 특별히 제작된 파일을 사용하는 +공격자가 기기를 지연시키거나 재부팅되게 만들 수 있습니다. 이 문제는 +취약성 관련 세부정보로 인해 심각도 낮음으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0635</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/523f6b49c1a2289161f40cf9fe80b92e592e9441">A-35467107</a></td> + <td>낮음</td> + <td>모두</td> + <td>7.0, 7.1.1, 7.1.2</td> + <td>2017년 2월 16일</td> + </tr> +</tbody></table> + +<h2 id="2017-05-05-details">2017-05-05 보안 패치 수준—취약성 +세부정보</h2> + +<p>다음 섹션에서는 2017-05-05 패치 수준에 적용되는 +각 보안 취약성에 관해 자세히 알아볼 수 있습니다. 여기에는 문제 설명, +심각도 근거 및 CVE, 관련 참조, 심각도, 업데이트된 Google 기기, 업데이트된 +AOSP 버전(해당하는 경우), 신고된 날짜가 포함된 표가 제시됩니다. 가능한 경우 +AOSP 변경사항 목록과 같이 문제를 해결한 공개 변경사항을 버그 ID에 +연결합니다. 하나의 버그와 관련된 변경사항이 여러 개인 경우 추가 +참조가 버그 ID 다음에 오는 번호에 연결되어 있습니다.</p> + +<h3 id="rce-in-giflib">GIFLIB의 원격 코드 실행 취약성</h3> + +<p>GIFLIB의 원격 코드 실행 취약성으로 인해 특별히 제작된 파일을 사용하는 +공격자가 미디어 파일 및 데이터 처리 중에 메모리 손상을 일으킬 수 +있습니다. 이 문제는 미디어 서버 프로세스 내에서 원격 코드를 실행할 +가능성이 있으므로 심각도 심각으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2015-7555</td> + <td><a href="https://android.googlesource.com/platform/external/giflib/+/dc07290edccc2c3fc4062da835306f809cea1fdc">A-34697653</a></td> + <td>심각</td> + <td>모두</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>2016년 4월 13일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-touchscreen-driver">MediaTek 터치스크린 드라이버의 +권한 승격 취약성</h3> + +<p>MediaTek 터치스크린 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 영구적인 +로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며, +기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10274</td> + <td>A-30202412*<br /> + M-ALPS02897901</td> + <td>심각</td> + <td>없음**</td> + <td>2016년 7월 16일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<p>*** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="eop-in-qualcomm-bootloader">Qualcomm 부트로더의 +권한 승격 취약성</h3> + +<p>Qualcomm 부트로더의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 영구적인 +로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며, +기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10275</td> + <td>A-34514954<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=1a0a15c380e11fc46f8d8706ea5ae22b752bdd0b"> +QC-CR#1009111</a></td> + <td>심각</td> + <td>Nexus 5X, Nexus 6, Pixel, Pixel XL, Android One</td> + <td>2016년 9월 13일</td> + </tr> + <tr> + <td>CVE-2016-10276</td> + <td>A-32952839<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=5dac431748027e8b50a5c4079967def4ea53ad64"> +QC-CR#1094105</a></td> + <td>심각</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> + <td>2016년 11월 16일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-sound-subsystem">커널 사운드 하위 시스템의 +권한 승격 취약성</h3> + +<p>커널 사운드 하위 시스템의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 영구적인 +로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며, +기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-9794</td> + <td>A-34068036<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=a27178e05b7c332522df40904f27674e36ee3757"> +업스트림 커널</a></td> + <td>심각</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android +One, Nexus Player</td> + <td>2016년 12월 3일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-motorola-bootloader">Motorola 부트로더의 +권한 승격 취약성</h3> + +<p>Motorola 부트로더의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 부트로더 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 영구적인 +로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며, +기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10277</td> + <td>A-33840490*<br /> + </td> + <td>심각</td> + <td>Nexus 6</td> + <td>2016년 12월 21일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="eop-in-nvidia-video-driver">NVIDIA 동영상 드라이버의 +권한 승격 취약성</h3> + +<p>NVIDIA 동영상 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 영구적인 +로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며, +기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0331</td> + <td>A-34113000*<br /> + N-CVE-2017-0331</td> + <td>심각</td> + <td>Nexus 9</td> + <td>2017년 1월 4일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="eop-in-qualcomm-power-driver">Qualcomm 전원 드라이버의 권한 승격 취약성</h3> + +<p>커널 Qualcomm 전원 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 영구적인 +로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며, +기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0604</td> + <td>A-35392981<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6975e2dd5f37de965093ba3a8a08635a77a960f7"> +QC-CR#826589</a></td> + <td>심각</td> + <td>없음*</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<p>* 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="eop-in-kernel-trace-subsystem">커널 추적 하위 시스템의 +권한 승격 취약성</h3> + +<p>커널 추적 하위 시스템의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 영구적인 +로컬 기기 손상을 일으킬 가능성이 있으므로 심각도 심각으로 평가되며, +기기를 수리하려면 운영체제를 재설치해야 할 수도 있습니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0605</td> + <td>A-35399704<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> +QC-CR#1048480</a></td> + <td>심각</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android +One, Nexus Player</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 구성요소의 +취약성</h3> + +<p>다음 취약성은 Qualcomm 구성요소에 영향을 주며 Qualcomm AMSS +2016년 8월, 9월, 10월, 12월 보안 게시판에 자세히 설명되어 있습니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10240</td> + <td>A-32578446**<br /> + QC-CR#955710</td> + <td>심각</td> + <td>Nexus 6P</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2016-10241</td> + <td>A-35436149**<br /> + QC-CR#1068577</td> + <td>심각</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2016-10278</td> + <td>A-31624008**<br /> + QC-CR#1043004</td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2016-10279</td> + <td>A-31624421**<br /> + QC-CR#1031821</td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>Qualcomm 사내용</td> + </tr> +</tbody></table> + +<p>* 이 취약성의 심각도 등급은 공급업체에서 결정한 것입니다.</p> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<p>*** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="rce-in-libxml2">libxml2의 원격 코드 실행 취약성</h3> + +<p>libxml2의 원격 코드 실행 취약성으로 인해 공격자가 특별히 제작된 파일을 +사용하여 권한이 설정되지 않은 프로세스의 컨텍스트 내에서 임의의 코드를 실행할 수 +있습니다. 이 문제는 해당 라이브러리를 +사용하는 애플리케이션에서 원격 코드를 실행할 가능성이 있으므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>업데이트된 AOSP 버전</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-5131</td> + <td>A-32956747*</td> + <td>높음</td> + <td>없음**</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> + <td>2016년 7월 23일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 최신 바이너리 +드라이버에 포함되어 있습니다.</p> + +<p>** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="eop-in-mediatek-thermal-driver">MediaTek 열 드라이버의 +권한 승격 취약성</h3> + +<p>MediaTek 열 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10280</td> + <td>A-28175767*<br /> + M-ALPS02696445</td> + <td>높음</td> + <td>없음**</td> + <td>2016년 4월 11일</td> + </tr> + <tr> + <td>CVE-2016-10281</td> + <td>A-28175647*<br /> + M-ALPS02696475</td> + <td>높음</td> + <td>없음**</td> + <td>2016년 4월 11일</td> + </tr> + <tr> + <td>CVE-2016-10282</td> + <td>A-33939045*<br /> + M-ALPS03149189</td> + <td>높음</td> + <td>없음**</td> + <td>2016년 12월 27일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<p>** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm Wi-Fi 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 실행할 수 +있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10283</td> + <td>A-32094986<br /> + <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=93863644b4547324309613361d70ad9dc91f8dfd"> +QC-CR#2002052</a></td> + <td>높음</td> + <td>Nexus 5X, Pixel, Pixel XL, Android One</td> + <td>2016년 10월 11일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-video-driver">Qualcomm 동영상 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm 동영상 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 절차에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10284</td> + <td>A-32402303*<br /> + QC-CR#2000664</td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2016년 10월 24일</td> + </tr> + <tr> + <td>CVE-2016-10285</td> + <td>A-33752702<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67dfd3a65336e0b3f55ee83d6312321dc5f2a6f9"> +QC-CR#1104899</a></td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>2016년 12월 19일</td> + </tr> + <tr> + <td>CVE-2016-10286</td> + <td>A-35400904<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=5d30a3d0dc04916ddfb972bfc52f8e636642f999"> +QC-CR#1090237</a></td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="eop-in-kernel-performance-subsystem">커널 성능 하위 시스템의 +권한 승격 취약성</h3> + +<p>커널 성능 하위 시스템의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이 +커널 컨텍스트 내에서 임의의 코드를 실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 절차에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2015-9004</td> + <td>A-34515362<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"> +업스트림 커널</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android +One, Nexus Player</td> + <td>2016년 11월 23일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-driver">Qualcomm 사운드 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm 사운드 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 절차에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10287</td> + <td>A-33784446<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=937bc9e644180e258c68662095861803f7ba4ded"> +QC-CR#1112751</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2016년 12월 20일</td> + </tr> + <tr> + <td>CVE-2017-0606</td> + <td>A-34088848<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=d3237316314c3d6f75a58192971f66e3822cd250"> +QC-CR#1116015</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 1월 3일</td> + </tr> + <tr> + <td>CVE-2016-5860</td> + <td>A-34623424<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=9f91ae0d7203714fc39ae78e1f1c4fd71ed40498"> +QC-CR#1100682</a></td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>2017년 1월 22일</td> + </tr> + <tr> + <td>CVE-2016-5867</td> + <td>A-35400602<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5"> +QC-CR#1095947</a></td> + <td>높음</td> + <td>없음*</td> + <td>2017년 2월 15일</td> + </tr> + <tr> + <td>CVE-2017-0607</td> + <td>A-35400551<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b003c8d5407773d3aa28a48c9841e4c124da453d"> +QC-CR#1085928</a></td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>2017년 2월 15일</td> + </tr> + <tr> + <td>CVE-2017-0608</td> + <td>A-35400458<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b66f442dd97c781e873e8f7b248e197f86fd2980"> +QC-CR#1098363</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> + <tr> + <td>CVE-2017-0609</td> + <td>A-35399801<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=38a83df036084c00e8c5a4599c8ee7880b4ee567"> +QC-CR#1090482</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> + <tr> + <td>CVE-2016-5859</td> + <td>A-35399758<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=97fdb441a9fb330a76245e473bc1a2155c809ebe"> +QC-CR#1096672</a></td> + <td>높음</td> + <td>없음*</td> + <td>2017년 2월 15일</td> + </tr> + <tr> + <td>CVE-2017-0610</td> + <td>A-35399404<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=65009746a6e649779f73d665934561ea983892fe"> +QC-CR#1094852</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> + <tr> + <td>CVE-2017-0611</td> + <td>A-35393841<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=1aa5df9246557a98181f03e98530ffd509b954c8"> +QC-CR#1084210</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> + <tr> + <td>CVE-2016-5853</td> + <td>A-35392629<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a8f3b894de319718aecfc2ce9c691514696805be"> +QC-CR#1102987</a></td> + <td>높음</td> + <td>없음*</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<p>* 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="eop-in-qualcomm-led-driver">Qualcomm LED 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm LED 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10288</td> + <td>A-33863909<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=db2cdc95204bc404f03613d5dd7002251fb33660"> +QC-CR#1109763</a></td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>2016년 12월 23일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-crypto-driver">Qualcomm 암호화 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm 암호화 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10289</td> + <td>A-33899710<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a604e6f3889ccc343857532b63dea27603381816"> +QC-CR#1116295</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2016년 12월 24일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-shared-memory-driver">Qualcomm 공유 메모리 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm 공유 메모리 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10290</td> + <td>A-33898330<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> + <td>2016년 12월 24일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-slimbus-driver">Qualcomm Slimbus 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm Slimbus 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10291</td> + <td>A-34030871<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a225074c0494ca8125ca0ac2f9ebc8a2bd3612de"> +QC-CR#986837</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td> + <td>2016년 12월 31일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm ADSPRPC 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0465</td> + <td>A-34112914<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=3823f0f8d0bbbbd675a42a54691f4051b3c7e544"> +QC-CR#1110747</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 1월 5일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm Secure Execution Environment +Communicator 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm Secure Execution Environment Communicator 드라이버의 +권한 승격 취약성으로 인해 로컬 악성 애플리케이션이 커널 컨텍스트 +내에서 임의의 코드를 실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 +프로세스에 침투해야만 실행 가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0612</td> + <td>A-34389303<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=05efafc998dc86c3b75af9803ca71255ddd7a8eb"> +QC-CR#1061845</a></td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>2017년 1월 10일</td> + </tr> + <tr> + <td>CVE-2017-0613</td> + <td>A-35400457<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b108c651cae9913da1ab163cb4e5f7f2db87b747"> +QC-CR#1086140</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> + <tr> + <td>CVE-2017-0614</td> + <td>A-35399405<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=fc2ae27eb9721a0ce050c2062734fec545cda604"> +QC-CR#1080290</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-power-driver">MediaTek 전원 드라이버의 +권한 승격 취약성</h3> + +<p>MediaTek 전원 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0615</td> + <td>A-34259126*<br /> + M-ALPS03150278</td> + <td>높음</td> + <td>없음**</td> + <td>2017년 1월 12일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되어 있지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<p>** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="eop-in-mediatek-system-management-interrupt-driver">MediaTek 시스템 관리 중단 드라이버의 +권한 승격 취약성</h3> + +<p>MediaTek 시스템 관리 중단 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0616</td> + <td>A-34470286*<br /> + M-ALPS03149160</td> + <td>높음</td> + <td>없음**</td> + <td>2017년 1월 19일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<p>** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="eop-in-mediatek-video-driver">MediaTek 동영상 드라이버의 +권한 승격 취약성</h3> + +<p>MediaTek 동영상 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 절차에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0617</td> + <td>A-34471002*<br /> + M-ALPS03149173</td> + <td>높음</td> + <td>없음**</td> + <td>2017년 1월 19일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<p>** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="eop-in-mediatek-command-queue-driver">MediaTek 명령 대기열 드라이버의 +권한 승격 취약성</h3> + +<p>MediaTek 명령 대기열 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0618</td> + <td>A-35100728*<br /> + M-ALPS03161536</td> + <td>높음</td> + <td>없음**</td> + <td>2017년 2월 7일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<p>** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="eop-in-qualcomm-pin-controller-driver">Qualcomm 핀 컨트롤러 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm 핀 컨트롤러 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0619</td> + <td>A-35401152<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.14/commit/?id=72f67b29a9c5e6e8d3c34751600c749c5f5e13e1"> +QC-CR#826566</a></td> + <td>높음</td> + <td>Nexus 6, Android One</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-channel-manager-driver">Qualcomm Secure Channel +Manager 드라이버의 권한 승격 취약성</h3> + +<p>Qualcomm Secure Channel Manager 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0620</td> + <td>A-35401052<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=01b2c9a5d728ff6f2f1f28a5d4e927aaeabf56ed"> +QC-CR#1081711</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-codec-driver">Qualcomm 사운드 코덱 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm 사운드 코덱 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-5862</td> + <td>A-35399803<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04"> +QC-CR#1099607</a></td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-voltage-regulator-driver">커널 전압 조정기 드라이버의 +권한 승격 취약성</h3> + +<p>커널 전압 조정기 드라이버의 권한 승격 취약성으로 인해 로컬 악성 애플리케이션이 +커널 컨텍스트 내에서 임의의 코드를 실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 +침투해야만 실행 가능하므로 심각도 높음으로 +평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2014-9940</td> + <td>A-35399757<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba"> +업스트림 커널</a></td> + <td>높음</td> + <td>Nexus 6, Nexus 9, Pixel C, Android One, Nexus Player</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-camera-driver">Qualcomm 카메라 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm 카메라 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0621</td> + <td>A-35399703<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=9656e2c2b3523af20502bf1e933e35a397f5e82f"> +QC-CR#831322</a></td> + <td>높음</td> + <td>Android One</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-networking-driver">Qualcomm 네트워크 드라이버의 +권한 승격 취약성</h3> + +<p>Qualcomm 네트워크 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-5868</td> + <td>A-35392791<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c"> +QC-CR#1104431</a></td> + <td>높음</td> + <td>Nexus 5X, Pixel, Pixel XL</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-networking-subsystem">커널 네트워크 +하위 시스템의 권한 승격 취약성</h3> + +<p>커널 네트워크 하위 시스템의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-7184</td> + <td>A-36565222<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a"> +업스트림 커널</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df"> +[2]</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Android One</td> + <td>2017년 3월 23일</td> + </tr> +</tbody></table> + +<h3 id="eop-in-goodix-touchscreen-driver">Goodix 터치스크린 드라이버의 +권한 승격 취약성</h3> + +<p>Goodix 터치스크린 드라이버의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 커널 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0622</td> + <td>A-32749036<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=40efa25345003a96db34effbd23ed39530b3ac10"> +QC-CR#1098602</a></td> + <td>높음</td> + <td>Android One</td> + <td>Google 사내용</td> + </tr> +</tbody></table> + +<h3 id="eop-in-htc-bootloader">HTC 부트로더의 +권한 승격 취약성</h3> + +<p>HTC 부트로더의 권한 승격 취약성으로 인해 +로컬 악성 애플리케이션이 부트로더 컨텍스트 내에서 임의의 코드를 +실행할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 실행 +가능하므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0623</td> + <td>A-32512358*<br /> + </td> + <td>높음</td> + <td>Pixel, Pixel XL</td> + <td>Google 사내용</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm Wi-Fi 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 명시적인 사용자 권한 없이 민감한 데이터에 액세스하는 데 +사용될 수 있으므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0624</td> + <td>A-34327795*<br /> + QC-CR#2005832</td> + <td>높음</td> + <td>Nexus 5X, Pixel, Pixel XL</td> + <td>2017년 1월 16일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="id-in-mediatek-command-queue-driver">MediaTek 명령 대기열 드라이버의 +정보 공개 취약성</h3> + +<p>MediaTek 명령 대기열 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 액세스할 +수 있습니다. 이 문제는 명시적인 사용자 권한 없이 민감한 데이터에 액세스하는 데 +사용될 수 있으므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0625</td> + <td>A-35142799*<br /> + M-ALPS03161531</td> + <td>높음</td> + <td>없음**</td> + <td>2017년 2월 8일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<p>** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="id-in-qualcomm-crypto-engine-driver">Qualcomm 암호화 엔진 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm 암호화 엔진 드라이버의 정보 공개 취약성으로 인해 로컬 악성 +애플리케이션이 권한 수준을 벗어난 데이터에 액세스할 수 있습니다. 이 문제는 명시적인 +사용자 권한 없이 민감한 데이터에 액세스하는 데 사용될 수 있으므로 +심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0626</td> + <td>A-35393124<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=64551bccab9b5b933757f6256b58f9ca0544f004"> +QC-CR#1088050</a></td> + <td>높음</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="dos-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 드라이버의 +서비스 거부(Dos) 취약성</h3> + +<p>Qualcomm Wi-Fi 드라이버의 서비스 거부 취약성으로 인해 근접 공격자가 +Wi-Fi 하위 시스템에 서비스 거부를 일으킬 수 있습니다. 이 문제는 +원격 서비스 거부를 일으킬 수 있으므로 심각도 높음으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10292</td> + <td>A-34514463*<br /> + QC-CR#1065466</td> + <td>높음</td> + <td>Nexus 5X, Pixel, Pixel XL</td> + <td>2016년 12월 16일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="id-in-kernel-uvc-driver">커널 UVC 드라이버의 +정보 공개 취약성</h3> + +<p>커널 UVC 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 액세스할 수 있습니다. +이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 +실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0627</td> + <td>A-33300353*<br /> + </td> + <td>보통</td> + <td>Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td> + <td>2016년 12월 2일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="id-in-qualcomm-video-driver">Qualcomm 동영상 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm 동영상 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 먼저 +권한이 설정된 프로세스에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10293</td> + <td>A-33352393<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2469d5374745a2228f774adbca6fb95a79b9047f"> +QC-CR#1101943</a></td> + <td>보통</td> + <td>Nexus 5X, Nexus 6P, Android One</td> + <td>2016년 12월 4일</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-power-driver-(device-specific)">Qualcomm 전원 드라이버의 +정보 공개 취약성(기기별 문제)</h3> + +<p>Qualcomm 전원 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 먼저 +권한이 설정된 프로세스에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10294</td> + <td>A-33621829<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e9bc51ffb8a298f0be5befe346762cdb6e1d49c"> +QC-CR#1105481</a></td> + <td>보통</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> + <td>2016년 12월 14일</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-led-driver">Qualcomm LED 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm LED 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 액세스할 수 있습니다. +이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 +실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10295</td> + <td>A-33781694<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f11ae3df500bc2a093ddffee6ea40da859de0fa9"> +QC-CR#1109326</a></td> + <td>보통</td> + <td>Pixel, Pixel XL</td> + <td>2016년 12월 20일</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-shared-memory-driver">Qualcomm 공유 메모리 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm 공유 메모리 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 +실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-10296</td> + <td>A-33845464<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>보통</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2016년 12월 22일</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver">Qualcomm 카메라 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm 카메라 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 먼저 +권한이 설정된 프로세스에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0628</td> + <td>A-34230377<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>보통</td> + <td>Nexus 5X, Nexus 6, Pixel, Pixel XL</td> + <td>2017년 1월 10일</td> + </tr> + <tr> + <td>CVE-2017-0629</td> + <td>A-35214296<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>보통</td> + <td>Nexus 5X, Nexus 6, Pixel, Pixel XL</td> + <td>2017년 2월 8일</td> + </tr> +</tbody></table> + +<h3 id="id-in-kernel-trace-subsystem">커널 추적 하위 시스템의 +정보 공개 취약성</h3> + +<p>커널 추적 하위 시스템의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이 +권한 수준을 벗어난 데이터에 액세스할 수 있습니다. 이 문제는 먼저 +권한이 설정된 프로세스에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0630</td> + <td>A-34277115*<br /> + </td> + <td>보통</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android +One, Nexus Player</td> + <td>2017년 1월 11일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="id-in-qualcomm-sound-codec-driver">Qualcomm 사운드 코덱 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm 사운드 코덱 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 +실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-5858</td> + <td>A-35400153<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711"> +QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6"> +[2]</a></td> + <td>보통</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver-2">Qualcomm 카메라 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm 카메라 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 먼저 +권한이 설정된 프로세스에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0631</td> + <td>A-35399756<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=8236d6ebc7e26361ca7078cbeba01509f10941d8"> +QC-CR#1093232</a></td> + <td>보통</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-sound-driver">Qualcomm 사운드 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm 사운드 드라이버의 정보 공개 취약성으로 인해 로컬 악성 애플리케이션이 +권한 수준을 벗어난 데이터에 액세스할 수 있습니다. 이 문제는 먼저 +권한이 설정된 절차에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-5347</td> + <td>A-35394329<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=f14390f13e62460fc6b05fc0acde0e825374fdb6"> +QC-CR#1100878</a></td> + <td>보통</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-spcom-driver">Qualcomm SPCom 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm SPCom 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 먼저 +권한이 설정된 프로세스에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2016-5854</td> + <td>A-35392792<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=28d23d4d7999f683b27b6e0c489635265b67a4c9"> +QC-CR#1092683</a></td> + <td>보통</td> + <td>없음*</td> + <td>2017년 2월 15일</td> + </tr> + <tr> + <td>CVE-2016-5855</td> + <td>A-35393081<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a5edb54e93ba85719091fe2bc426d75fa7059834"> +QC-CR#1094143</a></td> + <td>보통</td> + <td>없음*</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<p>*** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h3 id="id-in-qualcomm-sound-codec-driver-2">Qualcomm 사운드 코덱 드라이버의 +정보 공개 취약성</h3> + +<p>Qualcomm 사운드 코덱 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 +실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0632</td> + <td>A-35392586<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=970d6933e53c1f7ca8c8b67f49147b18505c3b8f"> +QC-CR#832915</a></td> + <td>보통</td> + <td>Android One</td> + <td>2017년 2월 15일</td> + </tr> +</tbody></table> + +<h3 id="id-in-broadcom-wi-fi-driver">Broadcom Wi-Fi 드라이버의 +정보 공개 취약성</h3> + +<p>Broadcom Wi-Fi 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 구성요소가 권한 수준을 벗어난 데이터에 +액세스할 수 있습니다. 이 문제는 먼저 +권한이 설정된 프로세스에 침투해야만 실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0633</td> + <td>A-36000515*<br /> + B-RB#117131</td> + <td>보통</td> + <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td> + <td>2017년 2월 23일</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="id-in-synaptics-touchscreen-driver">Synaptics 터치스크린 +드라이버의 정보 공개 취약성</h3> + +<p>Synaptics 터치스크린 드라이버의 정보 공개 취약성으로 인해 +로컬 악성 애플리케이션이 권한 수준을 벗어난 데이터에 액세스할 +수 있습니다. 이 문제는 먼저 권한이 설정된 프로세스에 침투해야만 +실행 가능하므로 심각도 보통으로 평가됩니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2017-0634</td> + <td>A-32511682*<br /> + </td> + <td>보통</td> + <td>Pixel, Pixel XL</td> + <td>Google 사내용</td> + </tr> +</tbody></table> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<h3 id="vulnerabilities-in-qualcomm-components-2">Qualcomm 구성요소의 +취약성</h3> + +<p>Qualcomm 구성요소에 영향을 주는 다음 취약성은 2014년~2016년에 +Qualcomm AMSS 보안 게시판을 통해 배포되었습니다. 각 취약성의 +수정사항을 Android 보안 패치 수준과 연결하기 위해 이러한 +취약성이 Android 보안 게시판에 포함되었습니다.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>참조</th> + <th>심각도</th> + <th>업데이트된 Google 기기</th> + <th>신고된 날짜</th> + </tr> + <tr> + <td>CVE-2014-9923</td> + <td>A-35434045**<br /> + QC-CR#403910</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9924</td> + <td>A-35434631**<br /> + QC-CR#596102</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9925</td> + <td>A-35444657**<br /> + QC-CR#638130</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9926</td> + <td>A-35433784**<br /> + QC-CR#631527</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9927</td> + <td>A-35433785**<br /> + QC-CR#661111</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9928</td> + <td>A-35438623**<br /> + QC-CR#696972</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9929</td> + <td>A-35443954**<br /> + QC-CR#644783</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9930</td> + <td>A-35432946**<br /> + QC-CR#634637</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2015-9005</td> + <td>A-36393500**<br /> + QC-CR#741548</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2015-9006</td> + <td>A-36393450**<br /> + QC-CR#750559</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2015-9007</td> + <td>A-36393700**<br /> + QC-CR#807173</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2016-10297</td> + <td>A-36393451**<br /> + QC-CR#1061123</td> + <td>심각</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9941</td> + <td>A-36385125**<br /> + QC-CR#509915</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9942</td> + <td>A-36385319**<br /> + QC-CR#533283</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9943</td> + <td>A-36385219**<br /> + QC-CR#546527</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9944</td> + <td>A-36384534**<br /> + QC-CR#613175</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9945</td> + <td>A-36386912**<br /> + QC-CR#623452</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9946</td> + <td>A-36385281**<br /> + QC-CR#520149</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9947</td> + <td>A-36392400**<br /> + QC-CR#650540</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9948</td> + <td>A-36385126**<br /> + QC-CR#650500</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9949</td> + <td>A-36390608**<br /> + QC-CR#652426</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9950</td> + <td>A-36385321**<br /> + QC-CR#655530</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9951</td> + <td>A-36389161**<br /> + QC-CR#525043</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> + <tr> + <td>CVE-2014-9952</td> + <td>A-36387019**<br /> + QC-CR#674836</td> + <td>높음</td> + <td>없음***</td> + <td>Qualcomm 사내용</td> + </tr> +</tbody></table> + +<p>* 이 취약성의 심각도 등급은 공급업체에서 결정한 것입니다.</p> + +<p>* 이 문제를 해결하기 위한 패치는 공개되지 않습니다. 업데이트는 +<a href="https://developers.google.com/android/nexus/drivers">Google 개발자 사이트</a>에서 제공되는 Nexus 기기용 +최신 바이너리 드라이버에 + +포함되어 있습니다.</p> + +<p>*** 지원되는 Android 7.1.1 이상 Google 기기에 제공된 업데이트가 모두 설치되었다면 이러한 +취약성의 영향을 받지 않습니다.</p> + +<h2 id="common-questions-and-answers">일반적인 질문 및 답변</h2> +<p>이 섹션에서는 게시판을 읽은 뒤 제기될 수 있는 일반적인 질문에 답변을 제시합니다.</p> + +<p><strong>1. 내 기기가 업데이트되어 이 문제가 해결되었는지 어떻게 알 수 있나요? +</strong></p> + +<p>기기의 보안 패치 수준을 확인하는 방법을 알아보려면 +<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 및 Nexus 업데이트 일정</a>의 +안내를 +읽어 보세요.</p> + +<ul> +<li>2017-05-01 보안 패치 수준과 관련된 모든 문제는 2017-05-01 + 보안 패치 수준 이상에서 해결됩니다.</li> +<li>2017-05-05 보안 패치 수준 및 그 이전의 모든 패치 수준과 관련된 +모든 문제는 2017-05-05 보안 패치 수준 이상에서 해결됩니다. +</li> +</ul> + +<p>이러한 업데이트를 포함하는 기기 제조업체는 패치 문자열 수준을 +다음과 같이 설정해야 합니다.</p> +<ul> +<li>[ro.build.version.security_patch]:[2017-05-01]</li> +<li>[ro.build.version.security_patch]:[2017-05-05]</li> +</ul> + +<p><strong>2. 이 게시판에 두 가지 보안 패치 수준이 있는 이유가 무엇인가요?</strong></p> + +<p>이 게시판에서는 Android 파트너가 모든 Android 기기에서 유사하게 발생하는 +취약성 문제의 일부를 더욱 빠르고 유연하게 해결하기 위한 두 가지 보안 패치 수준이 +포함되어 있습니다. Android 파트너는 이 게시판에 언급된 문제를 모두 수정하고 +최신 보안 패치 수준을 사용하는 것이 좋습니다.</p> +<ul> +<li>2017년 5월 1일 보안 패치 수준을 사용하는 기기는 이 보안 패치 수준과 +관련된 모든 문제와 이전 보안 게시판에서 보고된 모든 문제의 수정사항을 +포함해야 합니다.</li> +<li>2017년 5월 5일 이후의 보안 패치 수준을 사용하는 기기는 +이 보안 게시판과 이전 보안 게시판에 언급된 모든 관련 패치를 +포함해야 합니다.</li> +</ul> + +<p>파트너는 해결하는 모든 문제의 수정사항을 단 한 번의 업데이트에서 번들로 묶는 것이 좋습니다.</p> + +<p><strong>3. 문제별로 영향을 받는 Google 기기는 어떻게 알 수 있나요?</strong></p> + +<p><a href="#2017-05-01-details">2017-05-01</a> 및 +<a href="#2017-05-05-details">2017-05-05</a> +보안 취약성 세부정보 섹션에 있는 각 테이블의 <em>업데이트된 Google +기기</em> 열을 확인하면 됩니다. 이 열에는 영향을 받는 Google 기기의 범위가 +문제별로 업데이트되어 표시됩니다. 이 열에는 다음과 같은 옵션이 있습니다.</p> +<ul> +<li><strong>모든 Google 기기</strong>: 문제가 모든 Google 기기 및 Pixel 기기에 +영향을 미치는 경우, 표의 <em>업데이트된 Google 기기</em> 열에 +'모두'라고 표시됩니다. '모두'에는 다음과 같은 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">지원되는 기기</a>가 포함됩니다. Nexus 5X, +Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, +Pixel C, Pixel, Pixel XL.</li> +<li><strong>일부 Google 기기</strong>: 문제가 모든 Google 기기에 영향을 미치는 것이 +아닌 경우, 영향을 받는 Google 기기가 <em>업데이트된 Google 기기</em> 열에 +표시됩니다.</li> +<li><strong>Google 기기 해당 없음</strong>: 문제가 Android 7.0을 실행하는 Google 기기에 +영향을 미치지 않는 경우, 표의 <em>업데이트된 Google 기기</em> 열에 '없음'이라고 +표시됩니다. </li> +</ul> +<p><strong>4. 참조 열의 항목이 매핑하는 대상은 무엇인가요?</strong></p> + +<p>취약성 세부정보 표의 <em>참조</em> 열에 있는 항목은 참조 값이 속한 +조직을 나타내는 접두어를 포함할 수 있습니다. 이러한 접두어는 +다음과 같이 매핑됩니다.</p> + +<table> + <tbody><tr> + <th>접두어</th> + <th>참조 문서</th> + </tr> + <tr> + <td>A-</td> + <td>Android 버그 ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm 참조 번호</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek 참조 번호</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA 참조 번호</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom 참조 번호</td> + </tr> +</tbody></table> +<h2 id="revisions">수정 내역</h2> +<ul> +<li>2017년 5월 1일: 게시판이 게시됨</li> +<li>2017년 5월 2일: 게시판이 수정되어 AOSP 링크 포함됨</li> +</ul> + +</body></html>
\ No newline at end of file diff --git a/ru/security/bulletin/2017-05-01.html b/ru/security/bulletin/2017-05-01.html new file mode 100644 index 00000000..e39cda77 --- /dev/null +++ b/ru/security/bulletin/2017-05-01.html @@ -0,0 +1,2504 @@ +<html devsite><head> + <title>Бюллетень по безопасности Android – май 2017 г.</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><em>Опубликовано 1 мая 2017 г. | Обновлено 2 мая 2017 г.</em></p> + +<p>В этом бюллетене содержится информация об уязвимостях в защите устройств Android. К его выходу мы выпустили автоматическое обновление системы безопасности для устройств Google и опубликовали образы прошивок <a href="https://developers.google.com/android/nexus/images">на сайте для разработчиков</a>. Все актуальные проблемы, перечисленные здесь, устранены в исправлении от 5 мая 2017 года или более новом. Информацию о том, как проверить обновления системы безопасности, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p> + +<p>Мы сообщили партнерам об уязвимостях 3 апреля 2017 года или ранее. Исправления уязвимостей доступны в хранилище Android Open Source Project (AOSP). +В этом бюллетене также приведены ссылки на исправления вне AOSP.</p> + +<p>Наиболее серьезная из уязвимостей имеет критический уровень и позволяет удаленно выполнять код на пораженном устройстве (например, при работе с электронной почтой, просмотре сайтов в Интернете или обработке медиафайлов MMS). <a href="/security/overview/updates-resources.html#severity">Уровень серьезности</a> зависит от того, какой ущерб будет нанесен устройству при атаке с использованием уязвимости, если средства защиты будут отключены разработчиком или взломаны.</p> + +<p>Обнаруженные уязвимости не эксплуатировались. В разделе <a href="#mitigations">Предотвращение атак</a> описывается, как <a href="/security/enhancements/index.html">платформа безопасности</a> и средства защиты сервисов, например <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>, помогают снизить вероятность атак на Android.</p> + +<p>Мы рекомендуем всем пользователям установить перечисленные в разделе обновления.</p> +<h2 id="announcements">Объявления</h2> +<ul> +<li>Мы включили в этот бюллетень сведения о двух обновлениях, чтобы помочь нашим партнерам как можно скорее устранить уязвимости, затрагивающие все устройства Android. Дополнительную информацию вы найдете в разделе <a href="#common-questions-and-answers">Часто задаваемые вопросы</a>. + <ul> + <li><strong>2017-05-01</strong>: частичное обновление системы безопасности, в котором исправлены все уязвимости уровня 2017-05-01 и более ранние.</li> + <li><strong>2017-05-05</strong>: полное обновление системы безопасности, в котором исправлены все уязвимости уровней 2017-05-01 и 2017-05-05, а также более ранние.</li> +</ul> +</li> +<li>На поддерживаемые устройства Google будет установлено единое автоматическое обновление системы безопасности от 5 мая 2017 года.</li> +</ul> + +<h2 id="mitigations">Предотвращение атак</h2> + +<p>Ниже рассказывается, как <a href="/security/enhancements/index.html">платформа безопасности</a> и средства защиты сервисов, например SafetyNet, позволяют снизить вероятность атак на Android.</p> + +<ul> +<li>Использование многих уязвимостей затрудняется в новых +версиях Android, поэтому мы рекомендуем всем пользователям +своевременно обновлять систему.</li> +<li>Команда, отвечающая за безопасность Android, активно отслеживает злоупотребления с помощью <a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">Проверки приложений и SafetyNet</a>. Эти сервисы предупреждают пользователя об установке <a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">потенциально вредоносных приложений</a>. Проверка приложений включена по умолчанию на всех устройствах с <a href="http://www.android.com/gms">мобильными сервисами Google</a>. Она особенно важна, если пользователь устанавливает ПО из сторонних источников. Хотя в Google Play инструменты для рутинга запрещены, они могут встречаться в других магазинах. Если пользователь решает установить такое приложение, Проверка предупреждает об этом. Кроме того, она пытается идентифицировать известное вредоносное ПО, использующее уязвимость для повышения привилегий, и блокировать его установку. Если подобное ПО уже есть на устройстве, система уведомит об этом пользователя и попытается удалить приложение.</li> +<li>Приложения Google Hangouts и Messenger не передают медиафайлы таким процессам, как mediaserver, автоматически.</li> +</ul> + +<h2 id="acknowledgements">Благодарности</h2> + +<p>Благодарим всех, кто помог обнаружить уязвимости:</p> +<ul> +<li>ADlab из Venustech: CVE-2017-0630</li> +<li>Ди Шэнь (<a href="https://twitter.com/returnsme">@returnsme</a>) из KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent: CVE-2016-10287</li> +<li>Экулар Сюй (徐健) из Trend Micro: CVE-2017-0599, CVE-2017-0635</li> +<li>Энь Хэ (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) и Бо Лю из <a href="http://www.ms509.com">MS509Team</a>: CVE-2017-0601</li> +<li>Итан Йонкер из <a href="https://twrp.me/">Team Win Recovery Project</a>: CVE-2017-0493</li> +<li>Гэнцзя Чэнь (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) и <a href="http://weibo.com/jfpan">pjf</a> из IceSword Lab, Qihoo 360 Technology Co. Ltd: CVE-2016-10285, CVE-2016-10288, CVE-2016-10290, CVE-2017-0624, CVE-2017-0616, CVE-2017-0617, CVE-2016-10294, CVE-2016-10295, CVE-2016-10296</li> +<li>godzheng (郑文选 <a href="https://twitter.com/virtualseekers">@VirtualSeekers</a>) из Tencent PC Manager: CVE-2017-0602</li> +<li><a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Гюлиз Серай Тунджай</a> из <a href="http://tuncay2.web.engr.illinois.edu">Иллинойсского университета в Урбане-Шампейне</a>: CVE-2017-0593</li> +<li>Хао Чэнь и Гуан Гун из Alpha Team, Qihoo 360 Technology Co. Ltd: CVE-2016-10283</li> +<li>Цзюйху Не, Ян Чэн, Нань Ли и Циу Хуан из Xiaomi Inc: CVE-2016-10276</li> +<li><a href="https://github.com/michalbednarski">Михал Беднарский</a>: CVE-2017-0598</li> +<li>Нейтан Крэнделл (<a href="https://twitter.com/natecray">@natecray</a>) из Tesla's Product Security Team: CVE-2017-0331, CVE-2017-0606</li> +<li><a href="mailto:jiych.guru@gmail.com">Niky1235</a> (<a href="https://twitter.com/jiych_guru">@jiych_guru</a>): CVE-2017-0603</li> +<li>Пэн Сяо, Чэнмин Ян, Нин Ю, Чао Ян и Ян Сун из Alibaba Mobile Security Group: CVE-2016-10281, CVE-2016-10280</li> +<li>Рои Хэй (<a href="https://twitter.com/roeehay">@roeehay</a>) из <a href="https://alephsecurity.com/">Aleph Research</a>: CVE-2016-10277</li> +<li><a href="mailto:sbauer@plzdonthack.me">Скотт Бауэр</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-10274</li> +<li><a href="mailto:segfault5514@gmail.com">Тун Линь</a>, <a href="mailto:computernik@gmail.com">Юань-Цун Ло</a> и Сюйсянь Цзян из <a href="http://c0reteam.org">C0RE Team</a>: CVE-2016-10291</li> +<li>Василий Васильев: CVE-2017-0589</li> +<li>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) из <a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">Mobile Threat Response Team</a>, <a href="http://www.trendmicro.com">Trend Micro</a>: CVE-2017-0590, CVE-2017-0587, CVE-2017-0600</li> +<li>Силин Гун из отдела безопасности платформы Tencent: CVE-2017-0597</li> +<li>Синюань Линь из 360 Marvel Team: CVE-2017-0627</li> +<li>Юн Ван (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) из Alibaba Inc: CVE-2017-0588</li> +<li>Юнган Го (<a href="https://twitter.com/guoygang">@guoygang</a>) из IceSword Lab, Qihoo 360 Technology Co. Ltd: CVE-2016-10289, CVE-2017-0465</li> +<li>Юй Пань из Vulpecker Team, Qihoo 360 Technology Co. Ltd: CVE-2016-10282, CVE-2017-0615</li> +<li>Юй Пань и Пэйдэ Чжан из Vulpecker Team, Qihoo 360 Technology Co. Ltd: CVE-2017-0618, CVE-2017-0625</li> +</ul> + +<h2 id="2017-05-01-details">Описание уязвимостей (обновление системы безопасности 2017-05-01)</h2> + +<p>В этом разделе вы найдете подробную информацию обо всех уязвимостях обновления системы безопасности 2017-05-01: описание и обоснование серьезности, таблицу с CVE, ссылками, уровнем серьезности, уязвимыми устройствами Google и версиями AOSP (при наличии), а также датой сообщения об ошибке. Где возможно, мы приведем основную ссылку на опубликованное изменение, связанное с идентификатором ошибки (например, список AOSP), и дополнительные ссылки в квадратных скобках.</p> + +<h3 id="rce-in-mediaserver">Удаленное выполнение кода через mediaserver</h3> + +<p>Уязвимость позволяет злоумышленнику нарушить целостность информации в памяти при обработке медиафайлов и данных в специально созданном файле. Проблеме присвоен критический уровень серьезности из-за возможности удаленного выполнения кода в контексте процесса mediaserver.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0587</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/a86eb798d077b9b25c8f8c77e3c02c2f287c1ce7">A-35219737</a></td> + <td>Критический</td> + <td>Все</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>4 января 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0588</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6f1d990ce0f116a205f467d9eb2082795e33872b">A-34618607</a></td> + <td>Критический</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>21 января 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0589</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/bcfc7124f6ef9f1ec128fb2e90de774a5b33d199">A-34897036</a></td> + <td>Критический</td> + <td>Все</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>1 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0590</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/45c97f878bee15cd97262fe7f57ecea71990fed7">A-35039946</a></td> + <td>Критический</td> + <td>Все</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>6 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0591</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d">A-34097672</a></td> + <td>Критический</td> + <td>Все</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Доступно только сотрудникам Google</td> + </tr> + <tr> + <td>CVE-2017-0592</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/acc192347665943ca674acf117e4f74a88436922">A-34970788</a></td> + <td>Критический</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>Доступно только сотрудникам Google</td> + </tr> +</tbody></table> + +<h3 id="eop-in-framework-apis">Повышение привилегий через Framework API</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать специальные разрешения. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость позволяет обойти защиту ОС, обеспечивающую раздельное хранение данных приложений.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0593</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/78efbc95412b8efa9a44d573f5767ae927927d48">A-34114230</a></td> + <td>Высокий</td> + <td>Все</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>5 января 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediaserver">Повышение привилегий через mediaserver</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте привилегированного процесса. Проблеме присвоен высокий уровень серьезности, поскольку с ее помощью можно получить привилегии, недоступные сторонним приложениям.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0594</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb">A-34617444</a></td> + <td>Высокий</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>22 января 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0595</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34705519</a></td> + <td>Высокий</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> + <td>24 января 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0596</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34749392</a></td> + <td>Высокий</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> + <td>24 января 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-audioserver">Повышение привилегий через audioserver</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте привилегированного процесса. Проблеме присвоен высокий уровень серьезности, поскольку с ее помощью можно получить привилегии, недоступные сторонним приложениям.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0597</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a9188f89179a7edd301abaf37d644adf5d647a04">A-34749571</a></td> + <td>Высокий</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>25 января 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-framework-apis">Раскрытие информации через Framework API</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО обходить защиту ОС, обеспечивающую раздельное хранение данных приложений. Проблеме присвоен высокий уровень серьезности, поскольку с ее помощью можно получить несанкционированный доступ к данным.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0598</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> + <td>Высокий</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>6 января 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver">Отказ в обслуживании в mediaserver</h3> + +<p>Уязвимость позволяет злоумышленнику выполнять перезагрузку или вызывать зависание устройства с помощью специально созданного файла. Проблеме присвоен высокий уровень серьезности, поскольку она приводит к отказу в обслуживании.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0599</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a1424724a00d62ac5efa0e27953eed66850d662f">A-34672748</a></td> + <td>Высокий</td> + <td>Все</td> + <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>23 января 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0600</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0">A-35269635</a></td> + <td>Высокий</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>10 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-bluetooth">Повышение привилегий через Bluetooth</h3> + +<p>Уязвимость потенциально позволяет локальному вредоносному ПО принять вредоносные файлы через Bluetooth без согласия пользователя. Проблеме присвоен средний уровень серьезности, поскольку уязвимость позволяет обойти требования к взаимодействию с пользователем. </p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0601</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/667d2cbe3eb1450f273a4f6595ccef35e1f0fe4b">A-35258579</a></td> + <td>Средний</td> + <td>Все</td> + <td>7.0, 7.1.1, 7.1.2</td> + <td>9 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-file-based-encryption">Раскрытие информации через шифрование файлов</h3> + +<p>Уязвимость позволяет злоумышленнику, в руки которого попало устройство, обходить защиту ОС для заблокированного экрана. Из-за этого проблеме присвоен средний уровень серьезности.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0493</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>]</td> + <td>Средний</td> + <td>Все</td> + <td>7.0, 7.1.1</td> + <td>9 ноября 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-bluetooth">Раскрытие информации через Bluetooth</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО обходить защиту ОС, обеспечивающую раздельное хранение данных приложений. Из-за особенностей проблемы ей присвоен средний уровень серьезности.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0602</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/a4875a49404c544134df37022ae587a4a3321647">A-34946955</a></td> + <td>Средний</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>5 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-openssl-&-boringssl">Раскрытие информации через OpenSSL и BoringSSL</h3> + +<p>Уязвимость позволяет злоумышленнику получить несанкционированный доступ к конфиденциальной информации. Из-за особенностей проблемы ей присвоен средний уровень серьезности.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-7056</td> + <td><a href="https://android.googlesource.com/platform/external/boringssl/+/13179a8e75fee98740b5ce728752aa7294b3e32d">A-33752052</a></td> + <td>Средний</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>19 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-2">Отказ в обслуживании в mediaserver</h3> + +<p>Уязвимость позволяет злоумышленнику выполнять перезагрузку или вызывать зависание устройства с помощью специально созданного файла. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует наличия нестандартной конфигурации устройства.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0603</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/36b04932bb93cc3269279282686b439a17a89920">A-35763994</a></td> + <td>Средний</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>23 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-3">Отказ в обслуживании в mediaserver</h3> + +<p>Уязвимость позволяет злоумышленнику выполнять перезагрузку или вызывать зависание устройства с помощью специально созданного файла. Из-за особенностей проблемы ей присвоен низкий уровень серьезности.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0635</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/523f6b49c1a2289161f40cf9fe80b92e592e9441">A-35467107</a></td> + <td>Низкий</td> + <td>Все</td> + <td>7.0, 7.1.1, 7.1.2</td> + <td>16 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h2 id="2017-05-05-details">Описание уязвимостей (обновление системы безопасности 2017-05-05)</h2> + +<p>В этом разделе вы найдете подробную информацию обо всех уязвимостях обновления системы безопасности 2017-05-05: описание и обоснование серьезности, таблицу с CVE, ссылками, уровнем серьезности, уязвимыми устройствами Google и версиями AOSP (при наличии), а также датой сообщения об ошибке. Где возможно, мы приведем основную ссылку на опубликованное изменение, связанное с идентификатором ошибки (например, список AOSP), и дополнительные ссылки в квадратных скобках.</p> + +<h3 id="rce-in-giflib">Удаленное выполнение кода через GIFLIB</h3> + +<p>Уязвимость позволяет злоумышленнику нарушить целостность информации в памяти при обработке медиафайлов и данных в специально созданном файле. Проблеме присвоен критический уровень серьезности из-за возможности удаленного выполнения кода в контексте процесса mediaserver.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2015-7555</td> + <td><a href="https://android.googlesource.com/platform/external/giflib/+/dc07290edccc2c3fc4062da835306f809cea1fdc">A-34697653</a></td> + <td>Критический</td> + <td>Все</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + <td>13 апреля 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-touchscreen-driver">Повышение привилегий через драйвер сенсорного экрана MediaTek</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10274</td> + <td>A-30202412*<br /> + M-ALPS02897901</td> + <td>Критический</td> + <td>Нет**</td> + <td>16 июля 2016 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<p>**Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="eop-in-qualcomm-bootloader">Повышение привилегий через загрузчик Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10275</td> + <td>A-34514954<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=1a0a15c380e11fc46f8d8706ea5ae22b752bdd0b"> +QC-CR#1009111</a></td> + <td>Критический</td> + <td>Nexus 5X, Nexus 6, Pixel, Pixel XL, Android One</td> + <td>13 сентября 2016 г.</td> + </tr> + <tr> + <td>CVE-2016-10276</td> + <td>A-32952839<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=5dac431748027e8b50a5c4079967def4ea53ad64"> +QC-CR#1094105</a></td> + <td>Критический</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> + <td>16 ноября 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-sound-subsystem">Повышение привилегий через звуковую подсистему ядра</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-9794</td> + <td>A-34068036<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=a27178e05b7c332522df40904f27674e36ee3757"> +Upstream kernel</a></td> + <td>Критический</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android One, Nexus Player</td> + <td>3 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-motorola-bootloader">Повышение привилегий через загрузчик Motorola</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте загрузчика. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10277</td> + <td>A-33840490*<br /> + </td> + <td>Критический</td> + <td>Nexus 6</td> + <td>21 декабря 2016 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="eop-in-nvidia-video-driver">Повышение привилегий через видеодрайвер NVIDIA</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0331</td> + <td>A-34113000*<br /> + N-CVE-2017-0331</td> + <td>Критический</td> + <td>Nexus 9</td> + <td>4 января 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="eop-in-qualcomm-power-driver">Повышение привилегий через драйвер питания Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0604</td> + <td>A-35392981<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6975e2dd5f37de965093ba3a8a08635a77a960f7"> +QC-CR#826589</a></td> + <td>Критический</td> + <td>Нет*</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<p>*Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="eop-in-kernel-trace-subsystem">Повышение привилегий через подсистему трассировки ядра</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Ей присвоен критический уровень серьезности, поскольку из-за нее нарушается работа системы безопасности. Возможно, для устранения проблемы потребуется переустановить ОС.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0605</td> + <td>A-35399704<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> +QC-CR#1048480</a></td> + <td>Критический</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android One, Nexus Player</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="vulnerabilities-in-qualcomm-components">Уязвимости в компонентах Qualcomm</h3> + +<p>Эти уязвимости затрагивают компоненты Qualcomm и описаны в бюллетенях по безопасности Qualcomm AMSS за август, сентябрь, октябрь и декабрь 2016 года.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10240</td> + <td>A-32578446**<br /> + QC-CR#955710</td> + <td>Критический</td> + <td>Nexus 6P</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2016-10241</td> + <td>A-35436149**<br /> + QC-CR#1068577</td> + <td>Критический</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2016-10278</td> + <td>A-31624008**<br /> + QC-CR#1043004</td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2016-10279</td> + <td>A-31624421**<br /> + QC-CR#1031821</td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> +</tbody></table> + +<p>*Уровень серьезности этих уязвимостей определяется непосредственно компанией Qualcomm.</p> + +<p>**Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<p>***Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="rce-in-libxml2">Удаленное выполнение кода через libxml2</h3> + +<p>Уязвимость позволяет злоумышленнику выполнять произвольный код в контексте непривилегированного процесса с помощью специально созданного файла. Проблеме присвоен высокий уровень серьезности из-за возможности удаленного выполнения кода в ПО, которое использует эту библиотеку.</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Обновленные версии AOSP</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-5131</td> + <td>A-32956747*</td> + <td>Высокий</td> + <td>Нет**</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> + <td>23 июля 2016 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/drivers">сайте для разработчиков</a>.</p> + +<p>**Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="eop-in-mediatek-thermal-driver">Повышение привилегий через драйвер температурного датчика MediaTek</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10280</td> + <td>A-28175767*<br /> + M-ALPS02696445</td> + <td>Высокий</td> + <td>Нет**</td> + <td>11 апреля 2016 г.</td> + </tr> + <tr> + <td>CVE-2016-10281</td> + <td>A-28175647*<br /> + M-ALPS02696475</td> + <td>Высокий</td> + <td>Нет**</td> + <td>11 апреля 2016 г.</td> + </tr> + <tr> + <td>CVE-2016-10282</td> + <td>A-33939045*<br /> + M-ALPS03149189</td> + <td>Высокий</td> + <td>Нет**</td> + <td>27 декабря 2016 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<p>**Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="eop-in-qualcomm-wi-fi-driver">Повышение привилегий через Wi-Fi-драйвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10283</td> + <td>A-32094986<br /> + <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=93863644b4547324309613361d70ad9dc91f8dfd"> +QC-CR#2002052</a></td> + <td>Высокий</td> + <td>Nexus 5X, Pixel, Pixel XL, Android One</td> + <td>11 октября 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-video-driver">Повышение привилегий через видеодрайвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10284</td> + <td>A-32402303*<br /> + QC-CR#2000664</td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>24 октября 2016 г.</td> + </tr> + <tr> + <td>CVE-2016-10285</td> + <td>A-33752702<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67dfd3a65336e0b3f55ee83d6312321dc5f2a6f9"> +QC-CR#1104899</a></td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>19 декабря 2016 г.</td> + </tr> + <tr> + <td>CVE-2016-10286</td> + <td>A-35400904<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=5d30a3d0dc04916ddfb972bfc52f8e636642f999"> +QC-CR#1090237</a></td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="eop-in-kernel-performance-subsystem">Повышение привилегий через подсистему производительности ядра</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2015-9004</td> + <td>A-34515362<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"> +Upstream kernel</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android One, Nexus Player</td> + <td>23 ноября 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-driver">Повышение привилегий через аудиодрайвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10287</td> + <td>A-33784446<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=937bc9e644180e258c68662095861803f7ba4ded"> +QC-CR#1112751</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>20 декабря 2016 г.</td> + </tr> + <tr> + <td>CVE-2017-0606</td> + <td>A-34088848<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=d3237316314c3d6f75a58192971f66e3822cd250"> +QC-CR#1116015</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>3 января 2017 г.</td> + </tr> + <tr> + <td>CVE-2016-5860</td> + <td>A-34623424<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=9f91ae0d7203714fc39ae78e1f1c4fd71ed40498"> +QC-CR#1100682</a></td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>22 января 2017 г.</td> + </tr> + <tr> + <td>CVE-2016-5867</td> + <td>A-35400602<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5"> +QC-CR#1095947</a></td> + <td>Высокий</td> + <td>Нет*</td> + <td>15 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0607</td> + <td>A-35400551<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b003c8d5407773d3aa28a48c9841e4c124da453d"> +QC-CR#1085928</a></td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>15 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0608</td> + <td>A-35400458<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b66f442dd97c781e873e8f7b248e197f86fd2980"> +QC-CR#1098363</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0609</td> + <td>A-35399801<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=38a83df036084c00e8c5a4599c8ee7880b4ee567"> +QC-CR#1090482</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2016-5859</td> + <td>A-35399758<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=97fdb441a9fb330a76245e473bc1a2155c809ebe"> +QC-CR#1096672</a></td> + <td>Высокий</td> + <td>Нет*</td> + <td>15 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0610</td> + <td>A-35399404<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=65009746a6e649779f73d665934561ea983892fe"> +QC-CR#1094852</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0611</td> + <td>A-35393841<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=1aa5df9246557a98181f03e98530ffd509b954c8"> +QC-CR#1084210</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2016-5853</td> + <td>A-35392629<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a8f3b894de319718aecfc2ce9c691514696805be"> +QC-CR#1102987</a></td> + <td>Высокий</td> + <td>Нет*</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<p>*Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="eop-in-qualcomm-led-driver">Повышение привилегий через LED-драйвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10288</td> + <td>A-33863909<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=db2cdc95204bc404f03613d5dd7002251fb33660"> +QC-CR#1109763</a></td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>23 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-crypto-driver">Повышение привилегий через драйвер шифрования Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10289</td> + <td>A-33899710<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a604e6f3889ccc343857532b63dea27603381816"> +QC-CR#1116295</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>24 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-shared-memory-driver">Повышение привилегий через драйвер разделения памяти Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10290</td> + <td>A-33898330<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> + <td>24 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-slimbus-driver">Повышение привилегий через Slimbus-драйвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10291</td> + <td>A-34030871<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a225074c0494ca8125ca0ac2f9ebc8a2bd3612de"> +QC-CR#986837</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Android One</td> + <td>31 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-adsprpc-driver">Повышение привилегий через ADSPRPC-драйвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0465</td> + <td>A-34112914<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=3823f0f8d0bbbbd675a42a54691f4051b3c7e544"> +QC-CR#1110747</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>5 января 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Повышение привилегий через драйвер Qualcomm для QSEE Communicator</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0612</td> + <td>A-34389303<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=05efafc998dc86c3b75af9803ca71255ddd7a8eb"> +QC-CR#1061845</a></td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>10 января 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0613</td> + <td>A-35400457<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b108c651cae9913da1ab163cb4e5f7f2db87b747"> +QC-CR#1086140</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0614</td> + <td>A-35399405<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=fc2ae27eb9721a0ce050c2062734fec545cda604"> +QC-CR#1080290</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-power-driver">Повышение привилегий через драйвер питания MediaTek</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0615</td> + <td>A-34259126*<br /> + M-ALPS03150278</td> + <td>Высокий</td> + <td>Нет**</td> + <td>12 января 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<p>**Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="eop-in-mediatek-system-management-interrupt-driver">Повышение привилегий через драйвер прерывания системного управления MediaTek</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0616</td> + <td>A-34470286*<br /> + M-ALPS03149160</td> + <td>Высокий</td> + <td>Нет**</td> + <td>19 января 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<p>**Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="eop-in-mediatek-video-driver">Повышение привилегий через видеодрайвер MediaTek</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0617</td> + <td>A-34471002*<br /> + M-ALPS03149173</td> + <td>Высокий</td> + <td>Нет**</td> + <td>19 января 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<p>**Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="eop-in-mediatek-command-queue-driver">Повышение привилегий через драйвер очереди команд MediaTek</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0618</td> + <td>A-35100728*<br /> + M-ALPS03161536</td> + <td>Высокий</td> + <td>Нет**</td> + <td>7 февраля 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<p>**Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="eop-in-qualcomm-pin-controller-driver">Повышение привилегий через драйвер контроллера контактов Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0619</td> + <td>A-35401152<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.14/commit/?id=72f67b29a9c5e6e8d3c34751600c749c5f5e13e1"> +QC-CR#826566</a></td> + <td>Высокий</td> + <td>Nexus 6, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-channel-manager-driver">Повышение привилегий через драйвер управления защищенным каналом Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0620</td> + <td>A-35401052<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=01b2c9a5d728ff6f2f1f28a5d4e927aaeabf56ed"> +QC-CR#1081711</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-codec-driver">Повышение привилегий через аудиодрайвер кодеков Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-5862</td> + <td>A-35399803<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04"> +QC-CR#1099607</a></td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-voltage-regulator-driver">Повышение привилегий через драйвер регулятора напряжения ядра</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2014-9940</td> + <td>A-35399757<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba"> +Upstream kernel</a></td> + <td>Высокий</td> + <td>Nexus 6, Nexus 9, Pixel C, Android One, Nexus Player</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-camera-driver">Повышение привилегий через драйвер Qualcomm для камеры</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0621</td> + <td>A-35399703<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=9656e2c2b3523af20502bf1e933e35a397f5e82f"> +QC-CR#831322</a></td> + <td>Высокий</td> + <td>Android One</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-networking-driver">Повышение привилегий через сетевой драйвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-5868</td> + <td>A-35392791<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c"> +QC-CR#1104431</a></td> + <td>Высокий</td> + <td>Nexus 5X, Pixel, Pixel XL</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-networking-subsystem">Повышение привилегий через сетевую подсистему ядра</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-7184</td> + <td>A-36565222<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a"> +Upstream kernel</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df"> +[2]</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Android One</td> + <td>23 марта 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="eop-in-goodix-touchscreen-driver">Повышение привилегий через драйвер сенсорного экрана Goodix</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте ядра. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0622</td> + <td>A-32749036<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=40efa25345003a96db34effbd23ed39530b3ac10"> +QC-CR#1098602</a></td> + <td>Высокий</td> + <td>Android One</td> + <td>Доступно только сотрудникам Google</td> + </tr> +</tbody></table> + +<h3 id="eop-in-htc-bootloader">Повышение привилегий через загрузчик HTC</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО выполнять произвольный код в контексте загрузчика. Проблеме присвоен высокий уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0623</td> + <td>A-32512358*<br /> + </td> + <td>Высокий</td> + <td>Pixel, Pixel XL</td> + <td>Доступно только сотрудникам Google</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="id-in-qualcomm-wi-fi-driver">Раскрытие информации через Wi-Fi-драйвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Из-за этого проблеме присвоен высокий уровень серьезности.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0624</td> + <td>A-34327795*<br /> + QC-CR#2005832</td> + <td>Высокий</td> + <td>Nexus 5X, Pixel, Pixel XL</td> + <td>16 января 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="id-in-mediatek-command-queue-driver">Раскрытие информации через драйвер очереди команд MediaTek</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Из-за этого проблеме присвоен высокий уровень серьезности.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0625</td> + <td>A-35142799*<br /> + M-ALPS03161531</td> + <td>Высокий</td> + <td>Нет**</td> + <td>8 февраля 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<p>**Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="id-in-qualcomm-crypto-engine-driver">Раскрытие информации через драйвер Qualcomm для шифрования</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Из-за этого проблеме присвоен высокий уровень серьезности.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0626</td> + <td>A-35393124<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=64551bccab9b5b933757f6256b58f9ca0544f004"> +QC-CR#1088050</a></td> + <td>Высокий</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="dos-in-qualcomm-wi-fi-driver">Отказ в обслуживании в Wi-Fi-драйвере Qualcomm</h3> + +<p>Уязвимость позволяет находящемуся поблизости злоумышленнику вызвать отказ в обслуживании в подсистеме Wi-Fi. Проблеме присвоен высокий уровень серьезности, поскольку она приводит к отказу в обслуживании.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10292</td> + <td>A-34514463*<br /> + QC-CR#1065466</td> + <td>Высокий</td> + <td>Nexus 5X, Pixel, Pixel XL</td> + <td>16 декабря 2016 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="id-in-kernel-uvc-driver">Раскрытие информации через UVC-драйвер ядра</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. +Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0627</td> + <td>A-33300353*<br /> + </td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td> + <td>2 декабря 2016 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="id-in-qualcomm-video-driver">Раскрытие информации через видеодрайвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10293</td> + <td>A-33352393<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2469d5374745a2228f774adbca6fb95a79b9047f"> +QC-CR#1101943</a></td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6P, Android One</td> + <td>4 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-power-driver-(device-specific)">Раскрытие информации через драйвер питания Qualcomm (уязвимость устройства)</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10294</td> + <td>A-33621829<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e9bc51ffb8a298f0be5befe346762cdb6e1d49c"> +QC-CR#1105481</a></td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL</td> + <td>14 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-led-driver">Раскрытие информации через LED-драйвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. +Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10295</td> + <td>A-33781694<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f11ae3df500bc2a093ddffee6ea40da859de0fa9"> +QC-CR#1109326</a></td> + <td>Средний</td> + <td>Pixel, Pixel XL</td> + <td>20 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-shared-memory-driver">Раскрытие информации через драйвер разделения памяти Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-10296</td> + <td>A-33845464<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>22 декабря 2016 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver">Раскрытие информации через драйвер Qualcomm для камеры</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0628</td> + <td>A-34230377<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6, Pixel, Pixel XL</td> + <td>10 января 2017 г.</td> + </tr> + <tr> + <td>CVE-2017-0629</td> + <td>A-35214296<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6, Pixel, Pixel XL</td> + <td>8 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-kernel-trace-subsystem">Раскрытие информации через подсистему трассировки ядра</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0630</td> + <td>A-34277115*<br /> + </td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Pixel, Pixel XL, Pixel C, Android One, Nexus Player</td> + <td>11 января 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="id-in-qualcomm-sound-codec-driver">Раскрытие информации через аудиодрайвер кодеков Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-5858</td> + <td>A-35400153<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711"> +QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6"> +[2]</a></td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver-2">Раскрытие информации через драйвер Qualcomm для камеры</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0631</td> + <td>A-35399756<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=8236d6ebc7e26361ca7078cbeba01509f10941d8"> +QC-CR#1093232</a></td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-sound-driver">Раскрытие информации через аудиодрайвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-5347</td> + <td>A-35394329<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=f14390f13e62460fc6b05fc0acde0e825374fdb6"> +QC-CR#1100878</a></td> + <td>Средний</td> + <td>Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Android One</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-spcom-driver">Раскрытие информации через SPCom-драйвер Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2016-5854</td> + <td>A-35392792<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=28d23d4d7999f683b27b6e0c489635265b67a4c9"> +QC-CR#1092683</a></td> + <td>Средний</td> + <td>Нет*</td> + <td>15 февраля 2017 г.</td> + </tr> + <tr> + <td>CVE-2016-5855</td> + <td>A-35393081<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a5edb54e93ba85719091fe2bc426d75fa7059834"> +QC-CR#1094143</a></td> + <td>Средний</td> + <td>Нет*</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<p>*Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h3 id="id-in-qualcomm-sound-codec-driver-2">Раскрытие информации через аудиодрайвер кодеков Qualcomm</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0632</td> + <td>A-35392586<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=970d6933e53c1f7ca8c8b67f49147b18505c3b8f"> +QC-CR#832915</a></td> + <td>Средний</td> + <td>Android One</td> + <td>15 февраля 2017 г.</td> + </tr> +</tbody></table> + +<h3 id="id-in-broadcom-wi-fi-driver">Раскрытие информации через Wi-Fi-драйвер Broadcom</h3> + +<p>Уязвимость позволяет локальному вредоносному компоненту получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0633</td> + <td>A-36000515*<br /> + B-RB#117131</td> + <td>Средний</td> + <td>Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player</td> + <td>23 февраля 2017 г.</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="id-in-synaptics-touchscreen-driver">Раскрытие информации через драйвер сенсорного экрана Synaptics</h3> + +<p>Уязвимость позволяет локальному вредоносному ПО получать несанкционированный доступ к данным. Проблеме присвоен средний уровень серьезности, поскольку уязвимость требует сначала нарушить защиту привилегированного процесса.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2017-0634</td> + <td>A-32511682*<br /> + </td> + <td>Средний</td> + <td>Pixel, Pixel XL</td> + <td>Доступно только сотрудникам Google</td> + </tr> +</tbody></table> + +<p>*Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<h3 id="vulnerabilities-in-qualcomm-components-2">Уязвимости в компонентах Qualcomm</h3> + +<p>Эти уязвимости затрагивают компоненты Qualcomm и описаны в бюллетенях по безопасности Qualcomm AMSS за 2014–2016 года. Они включены в этот бюллетень по безопасности Android, чтобы связать их исправления с обновлением системы безопасности.</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>Ссылки</th> + <th>Уровень серьезности</th> + <th>Обновленные устройства Google</th> + <th>Дата сообщения об ошибке</th> + </tr> + <tr> + <td>CVE-2014-9923</td> + <td>A-35434045**<br /> + QC-CR#403910</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9924</td> + <td>A-35434631**<br /> + QC-CR#596102</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9925</td> + <td>A-35444657**<br /> + QC-CR#638130</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9926</td> + <td>A-35433784**<br /> + QC-CR#631527</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9927</td> + <td>A-35433785**<br /> + QC-CR#661111</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9928</td> + <td>A-35438623**<br /> + QC-CR#696972</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9929</td> + <td>A-35443954**<br /> + QC-CR#644783</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9930</td> + <td>A-35432946**<br /> + QC-CR#634637</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2015-9005</td> + <td>A-36393500**<br /> + QC-CR#741548</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2015-9006</td> + <td>A-36393450**<br /> + QC-CR#750559</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2015-9007</td> + <td>A-36393700**<br /> + QC-CR#807173</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2016-10297</td> + <td>A-36393451**<br /> + QC-CR#1061123</td> + <td>Критический</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9941</td> + <td>A-36385125**<br /> + QC-CR#509915</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9942</td> + <td>A-36385319**<br /> + QC-CR#533283</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9943</td> + <td>A-36385219**<br /> + QC-CR#546527</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9944</td> + <td>A-36384534**<br /> + QC-CR#613175</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9945</td> + <td>A-36386912**<br /> + QC-CR#623452</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9946</td> + <td>A-36385281**<br /> + QC-CR#520149</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9947</td> + <td>A-36392400**<br /> + QC-CR#650540</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9948</td> + <td>A-36385126**<br /> + QC-CR#650500</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9949</td> + <td>A-36390608**<br /> + QC-CR#652426</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9950</td> + <td>A-36385321**<br /> + QC-CR#655530</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9951</td> + <td>A-36389161**<br /> + QC-CR#525043</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> + <tr> + <td>CVE-2014-9952</td> + <td>A-36387019**<br /> + QC-CR#674836</td> + <td>Высокий</td> + <td>Нет***</td> + <td>Доступно только сотрудникам Qualcomm</td> + </tr> +</tbody></table> + +<p>*Уровень серьезности этих уязвимостей определяется непосредственно компанией Qualcomm.</p> + +<p>**Исправление не опубликовано. Обновление содержится в последних бинарных драйверах для устройств Nexus, которые можно скачать на <a href="https://developers.google.com/android/nexus/drivers">сайте для разработчиков</a>.</p> + +<p>***Эта уязвимость не затрагивает поддерживаемые устройства Google с Android 7.1.1, на которых установлены все доступные обновления.</p> + +<h2 id="common-questions-and-answers">Часто задаваемые вопросы</h2> +<p>В этом разделе мы отвечаем на вопросы, которые могут возникнуть +после прочтения бюллетеня.</p> + +<p><strong>1. Как определить, установлено ли на устройство обновление, в котором устранены перечисленные проблемы? +</strong></p> + +<p>Информацию о том, как проверить обновления системы безопасности, можно найти в <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Справочном центре</a>.</p> + +<ul> +<li>В исправлении от 1 мая 2017 года или более новом устранены все проблемы, связанные с обновлением 2017-05-01.</li> +<li>В исправлении от 5 мая 2017 года или более новом устранены все проблемы, связанные с обновлением 2017-05-05. +</li> +</ul> + +<p>Производители устройств, позволяющие установить эти обновления, должны присвоить им один из этих уровней:</p> +<ul> +<li>[ro.build.version.security_patch]:[2017-05-01];</li> +<li>[ro.build.version.security_patch]:[2017-05-05].</li> +</ul> + +<p><strong>2. Почему в этом бюллетене говорится о двух обновлениях системы безопасности?</strong></p> + +<p>Мы включили в этот бюллетень сведения о двух обновлениях, чтобы помочь нашим партнерам как можно скорее устранить уязвимости, затрагивающие все устройства Android. Рекомендуем партнерам Android исправить все вышеперечисленные проблемы и установить последнее обновление системы безопасности.</p> +<ul> +<li>На устройствах с установленным обновлением от 1 мая 2017 года должны быть исправлены все проблемы, упомянутые в соответствующем разделе этого бюллетеня, а также в предыдущих выпусках.</li> +<li>На устройствах с установленным обновлением от 5 мая 2017 года или более новым должны быть исправлены все проблемы, упомянутые в этом бюллетене и предыдущих выпусках.</li> +</ul> + +<p>Рекомендуем партнерам объединить все исправления проблем в одно обновление.</p> + +<p><strong>3. Как определить, на каких устройствах Google присутствует уязвимость?</strong></p> + +<p>В каждой таблице разделов с описанием уязвимостей <a href="#2017-05-01-details">2017-05-01</a> и <a href="#2017-05-05-details">2017-05-05</a> есть столбец <em>Обновленные устройства Google</em>. В нем указано, на каких устройствах присутствует уязвимость.</p> +<ul> +<li><strong>Все устройства.</strong> Проблема возникает на<em></em> следующих <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">поддерживаемых устройствах Google</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel и Pixel XL.</li> +<li><strong>Некоторые устройства.</strong> <em></em>Перечислены устройства, на которых присутствует уязвимость.</li> +<li><strong>Нет.</strong> Проблема не возникает ни на одном устройстве Google.<em></em> </li> +</ul> +<p><strong>4. На что указывают записи в столбце "Ссылки"?</strong></p> + +<p>В таблицах с описанием уязвимостей есть столбец <em>Ссылки</em>. Каждая запись в нем может содержать префикс, указывающий на источник ссылки, а именно:</p> + +<table> + <tbody><tr> + <th>Префикс</th> + <th>Значение</th> + </tr> + <tr> + <td>A-</td> + <td>Идентификатор ошибки Android</td> + </tr> + <tr> + <td>QC-</td> + <td>Ссылочный номер Qualcomm</td> + </tr> + <tr> + <td>M-</td> + <td>Ссылочный номер MediaTek</td> + </tr> + <tr> + <td>N-</td> + <td>Ссылочный номер NVIDIA</td> + </tr> + <tr> + <td>B-</td> + <td>Ссылочный номер Broadcom</td> + </tr> +</tbody></table> +<h2 id="revisions">Версии</h2> +<ul> +<li>1 мая 2017 года. Бюллетень опубликован.</li> +<li>2 мая 2017 года. Добавлены ссылки на AOSP.</li> +</ul> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/_book.yaml b/zh-cn/_book.yaml new file mode 100644 index 00000000..30063d93 --- /dev/null +++ b/zh-cn/_book.yaml @@ -0,0 +1,753 @@ +upper_tabs: +- lower_tabs: + other: + - contents: + - section: + - path: /source/ + title: 概览 + - path: /source/code-lines + title: 代码行、分支和版本 + - path: /source/build-numbers + title: 代号、标签和版本号 + - path: /source/roles + title: 项目角色 + - path: /source/brands + title: 品牌使用准则 + - path: /source/licenses + title: 许可 + - path: /source/faqs + title: 常见问题解答 + - path: /source/site-updates + title: 网站动态 + title: 开始使用 + - section: + - path: /source/requirements + title: 概览 + - path: /source/initializing + title: 搭建编译环境 + - path: /source/downloading + title: 下载源代码 + - path: /source/building + title: 准备构建 + - path: /source/jack + title: 使用 Jack 编译 + - path: /source/devices + title: 选择设备 + - path: /source/running + title: 运行版本 + - path: /source/building-kernels + title: 构建内核 + - path: /source/known-issues + title: 已知问题 + title: 下载和构建 + - section: + - path: /source/developing + title: 概览 + - path: /source/using-repo + title: 使用 Repo + - path: /source/git-resources + title: 了解 Git + - path: /source/add-device + title: 添加新设备 + - path: /source/64-bit-builds + title: 了解 64 位版本 + title: 开发 + - section: + - path: /source/contributing + title: 概览 + - path: /source/life-of-a-patch + title: 补丁程序的生命周期 + - path: /source/submit-patches + title: 提交补丁程序 + - path: http://android-review.googlesource.com + title: 查看补丁程序 + - path: /source/life-of-a-bug + title: 错误的生命周期 + - path: /source/report-bugs + title: 报告错误 + - path: /source/read-bug-reports + title: 阅读错误报告 + - path: /source/code-style + title: 代码样式规则 + title: 做出贡献 + - path: /source/community + title: 社区 + name: 源代码 + name: 源代码 +- lower_tabs: + other: + - contents: + - path: /security/ + title: 概览 + - path: /security/overview/kernel-security + title: 内核安全性 + - path: /security/overview/app-security + title: 应用安全性 + - path: /security/overview/implement + title: 实现安全性 + - path: /security/overview/updates-resources + title: 更新和资源 + - section: + - path: /security/enhancements/ + title: 概览 + - path: /security/enhancements/enhancements70 + title: Android 7.0 + - path: /security/enhancements/enhancements60 + title: Android 6.0 + - path: /security/enhancements/enhancements50 + title: Android 5.0 + - path: /security/enhancements/enhancements44 + title: Android 4.4 + - path: /security/enhancements/enhancements43 + title: Android 4.3 + - path: /security/enhancements/enhancements42 + title: Android 4.2 + - path: /security/enhancements/enhancements41 + title: Android 4.1 + title: 增强功能 + - path: /security/overview/acknowledgements + title: 致谢 + - section: + - path: /security/bulletin/ + title: 概览 + - path: /security/advisory/ + title: 公告 + - section: + - path: /security/bulletin/2017-04-01 + title: 4 月 + - path: /security/bulletin/2017-03-01 + title: 3 月 + - path: /security/bulletin/2017-02-01 + title: 2 月 + - path: /security/bulletin/2017-01-01 + title: 1 月 + - path: /security/bulletin/2017 + title: 索引 + title: 2017 年公告 + - section: + - path: /security/bulletin/2016-12-01 + title: 12 月 + - path: /security/bulletin/2016-11-01 + title: 11 月 + - path: /security/bulletin/2016-10-01 + title: 10 月 + - path: /security/bulletin/2016-09-01 + title: 9 月 + - path: /security/bulletin/2016-08-01 + title: 8 月 + - path: /security/bulletin/2016-07-01 + title: 7 月 + - path: /security/bulletin/2016-06-01 + title: 6 月 + - path: /security/bulletin/2016-05-01 + title: 5 月 + - path: /security/bulletin/2016-04-02 + title: 4 月 + - path: /security/bulletin/2016-03-01 + title: 3 月 + - path: /security/bulletin/2016-02-01 + title: 2 月 + - path: /security/bulletin/2016-01-01 + title: 1 月 + - path: /security/bulletin/2016 + title: 索引 + title: 2016 年公告 + - section: + - path: /security/bulletin/2015-12-01 + title: 12 月 + - path: /security/bulletin/2015-11-01 + title: 11 月 + - path: /security/bulletin/2015-10-01 + title: 10 月 + - path: /security/bulletin/2015-09-01 + title: 9 月 + - path: /security/bulletin/2015-08-01 + title: 8 月 + - path: /security/bulletin/2015 + title: 索引 + title: 2015 年公告 + title: 公告 + - section: + - path: /security/apksigning/ + title: 概览 + - path: /security/apksigning/v2 + title: APK 签名架构 v2 + title: 应用签名 + - section: + - path: /security/authentication/ + title: 概览 + - path: /security/authentication/fingerprint-hal + title: 指纹 HAL + - path: /security/authentication/gatekeeper + title: Gatekeeper + title: 身份验证 + - section: + - path: /security/keystore/ + title: 概览 + - path: /security/keystore/features + title: 功能 + - path: /security/keystore/implementer-ref + title: 面向实现人员的参考资料 + title: 密钥存储区 + - section: + - path: /security/trusty/ + title: 概览 + - path: /security/trusty/trusty-ref + title: Trusty API 参考 + title: Trusty TEE + - section: + - path: /security/encryption/ + title: 概览 + - path: /security/encryption/file-based + title: 文件级加密 + - path: /security/encryption/full-disk + title: 全盘加密 + title: 加密 + - section: + - path: /security/selinux/ + title: 概览 + - path: /security/selinux/concepts + title: 概念 + - path: /security/selinux/implement + title: 实现 + - path: /security/selinux/customize + title: 自定义 + - path: /security/selinux/validate + title: 验证 + - path: /security/selinux/device-policy + title: 撰写策略 + title: SELinux + - section: + - path: /security/verifiedboot/ + title: 概览 + - path: /security/verifiedboot/verified-boot + title: 验证启动 + - path: /security/verifiedboot/dm-verity + title: 实现 dm-verity + title: 验证启动 + name: 安全性 + name: 安全性 +- lower_tabs: + other: + - contents: + - path: /devices/ + title: 概览 + - section: + - section: + - path: /devices/accessories/audio + title: 概览 + - section: + - path: /devices/accessories/headset/ + title: 概览 + - path: /devices/accessories/headset/plug-headset-spec + title: 3.5 毫米耳机规格 + - path: /devices/accessories/headset/jack-headset-spec + title: 3.5 毫米插孔规格 + - path: /devices/accessories/headset/usb-headset-spec + title: USB 耳机规格 + - path: /devices/accessories/headset/expected-behavior + title: 预期行为 + - path: /devices/accessories/headset/testing + title: 测试 + title: 耳机 + title: 音频配件 + - section: + - path: /devices/accessories/custom + title: 概览 + - section: + - path: /devices/accessories/protocol + title: 概览 + - path: /devices/accessories/aoa2 + title: AOA 2.0 + - path: /devices/accessories/aoa + title: AOA 1.0 + title: AOA + - path: /devices/accessories/stylus + title: 触控笔 + title: 自定义配件 + title: 配件 + - section: + - path: /devices/audio/ + title: 概览 + - path: /devices/audio/terminology + title: 术语 + - section: + - path: /devices/audio/implement + title: 概览 + - path: /devices/audio/implement-policy + title: 策略配置 + - path: /devices/audio/implement-shared-library + title: 共享库 + - path: /devices/audio/implement-pre-processing + title: 预处理效果 + title: 实现 + - path: /devices/audio/data_formats + title: 数据格式 + - path: /devices/audio/attributes + title: 属性 + - path: /devices/audio/warmup + title: 预热 + - section: + - path: /devices/audio/latency + title: 概览 + - path: /devices/audio/latency_contrib + title: 影响因素 + - path: /devices/audio/latency_design + title: 设计 + - path: /devices/audio/latency_measure + title: 衡量 + - path: /devices/audio/testing_circuit + title: 灯光测试电路 + - path: /devices/audio/loopback + title: 音频环回软件狗 + - path: /devices/audio/latency_measurements + title: 衡量 + - path: /devices/audio/latency_app + title: 应用 + title: 延迟 + - path: /devices/audio/avoiding_pi + title: 优先级倒置 + - path: /devices/audio/src + title: 采样率转换 + - path: /devices/audio/debugging + title: 调试 + - section: + - path: /devices/audio/midi + title: 概览 + - path: /devices/audio/midi_arch + title: MIDI 架构 + - path: /devices/audio/midi_test + title: MIDI 测试程序 + title: MIDI + - path: /devices/audio/usb + title: USB 数字音频 + - path: /devices/audio/tv + title: 电视音频 + title: 音频 + - path: /devices/automotive + title: 汽车 + - path: /devices/bluetooth + title: 蓝牙 + - section: + - path: /devices/camera/ + title: 概览 + - path: /devices/camera/camera3 + title: Camera3 + - path: /devices/camera/camera3_requests_hal + title: HAL 子系统 + - path: /devices/camera/camera3_metadata + title: 元数据和控件 + - path: /devices/camera/camera3_3Amodes + title: 3A 模式和状态 + - path: /devices/camera/camera3_crop_reprocess + title: 输出和剪裁 + - path: /devices/camera/camera3_error_stream + title: 错误和信息流 + - path: /devices/camera/camera3_requests_methods + title: 创建请求 + - path: /devices/camera/versioning + title: 版本支持 + title: 相机 + - path: /devices/drm + title: DRM + - section: + - path: /devices/graphics/ + title: 概览 + - section: + - path: /devices/graphics/architecture + title: 概览 + - path: /devices/graphics/arch-bq-gralloc + title: BufferQueue + - path: /devices/graphics/arch-sf-hwc + title: SurfaceFlinger 和 HWC + - path: /devices/graphics/arch-sh + title: Surface 和 SurfaceHolder + - path: /devices/graphics/arch-egl-opengl + title: OpenGL ES + - path: /devices/graphics/arch-vulkan + title: Vulkan + - path: /devices/graphics/arch-sv-glsv + title: SurfaceView + - path: /devices/graphics/arch-st + title: SurfaceTexture + - path: /devices/graphics/arch-tv + title: TextureView + - path: /devices/graphics/arch-gameloops + title: 游戏循环 + title: 架构 + - section: + - path: /devices/graphics/implement + title: 概览 + - path: /devices/graphics/implement-hwc + title: 硬件混合渲染器 HAL + - path: /devices/graphics/implement-vsync + title: VSYNC + - path: /devices/graphics/implement-vulkan + title: Vulkan + - path: /devices/graphics/implement-vdisplays + title: 虚拟显示屏 + title: 实现 + - section: + - path: /devices/graphics/testing + title: 概览 + - path: /devices/graphics/build-tests + title: 构建测试程序 + - path: /devices/graphics/port-tests + title: 移植测试框架 + - path: /devices/graphics/run-tests + title: 运行测试 + - path: /devices/graphics/automate-tests + title: 自动执行测试 + - path: /devices/graphics/test-groups + title: 使用特殊测试组 + - path: /devices/graphics/cts-integration + title: 与 Android CTS 集成 + title: OpenGL ES 测试 + title: 图形 + - section: + - path: /devices/input/overview + title: 概览 + - path: /devices/input/key-layout-files + title: 按键布局文件 + - path: /devices/input/key-character-map-files + title: 按键字符映射文件 + - path: /devices/input/input-device-configuration-files + title: 输入设备配置文件 + - path: /devices/input/migration-guide + title: 迁移指南 + - path: /devices/input/keyboard-devices + title: 键盘设备 + - path: /devices/input/touch-devices + title: 触摸设备 + - path: /devices/input/diagnostics + title: 诊断 + - path: /devices/input/getevent + title: Getevent + - path: /devices/input/validate-keymaps + title: 验证按键映射 + title: 输入 + - section: + - path: /devices/media/ + title: 概览 + - path: /devices/media/framework-hardening + title: 框架安全强化 + - path: /devices/media/soc + title: SoC 依赖项 + - path: /devices/media/oem + title: OEM 依赖项 + title: 媒体 + - section: + - path: /devices/sensors/ + title: 概览 + - path: /devices/sensors/sensor-stack + title: 传感器堆栈 + - path: /devices/sensors/report-modes + title: 报告模式 + - path: /devices/sensors/suspend-mode + title: 暂停模式 + - path: /devices/sensors/power-use + title: 耗电量 + - path: /devices/sensors/interaction + title: 互动 + - path: /devices/sensors/hal-interface + title: HAL 接口 + - path: /devices/sensors/batching + title: 批处理 + - path: /devices/sensors/sensor-types + title: 传感器类型 + - path: /devices/sensors/versioning + title: 版本弃用 + title: 传感器 + - section: + - path: /devices/storage/ + title: 概览 + - path: /devices/storage/traditional + title: 传统存储设备 + - path: /devices/storage/adoptable + title: 可合并的存储设备 + - path: /devices/storage/config + title: 设备配置 + - path: /devices/storage/config-example + title: 配置示例 + title: 存储设备 + - section: + - path: /devices/tv + title: 概览 + - path: /devices/tv/hdmi-cec + title: HDMI-CEC 控制服务 + - path: /devices/tv/reference-tv-app + title: 参考电视应用 + title: 电视 + name: 移植 + name: 移植 +- lower_tabs: + other: + - contents: + - path: /devices/tech/ + title: 概览 + - section: + - path: /devices/tech/dalvik + title: 概览 + - path: /devices/tech/dalvik/dalvik-bytecode + title: 字节码格式 + - path: /devices/tech/dalvik/dex-format + title: Dex 格式 + - path: /devices/tech/dalvik/instruction-formats + title: 说明格式 + - path: /devices/tech/dalvik/constraints + title: 限制 + - path: /devices/tech/dalvik/configure + title: 配置 + - path: /devices/tech/dalvik/gc-debug + title: 垃圾回收 + - path: /devices/tech/dalvik/jit-compiler + title: JIT 编译 + title: ART 和 Dalvik + - section: + - path: /devices/tech/config/ + title: 概览 + - path: /devices/tech/config/carrier + title: 运营商定制 + - path: /devices/tech/config/connect_tests + title: 网络连接测试 + - path: /devices/tech/config/filesystem + title: 文件系统 + - path: /devices/tech/config/kernel + title: 内核配置 + - path: /devices/tech/config/kernel_network_tests + title: 内核网络测试 + - path: /devices/tech/config/low-ram + title: 低内存 + - path: /devices/tech/config/namespaces_libraries + title: 库的命名空间 + - path: /devices/tech/config/renderer + title: OpenGLRenderer + - path: /devices/tech/config/runtime_perms + title: 运行时权限 + - path: /devices/tech/config/uicc + title: UICC + - path: /devices/tech/config/voicemail + title: 可视化语音信箱 + title: 配置 + - section: + - path: /devices/tech/connect/ + title: 概览 + - path: /devices/tech/connect/block-numbers + title: 屏蔽电话号码 + - path: /devices/tech/connect/call-notification + title: 来电通知 + - path: /devices/tech/connect/data-saver + title: 流量节省模式 + - path: /devices/tech/connect/emergency-affordance + title: 提供紧急呼叫 + - path: /devices/tech/connect/felica + title: FeliCa 的主机卡模拟 + - path: /devices/tech/connect/ril + title: 无线界面层 (RIL) + title: 网络连接 + - section: + - path: /devices/tech/datausage/ + title: 概览 + - path: /devices/tech/datausage/iface-overview + title: 网络接口统计信息概览 + - path: /devices/tech/datausage/excluding-network-types + title: 从流量使用情况中排除特定网络类型 + - path: /devices/tech/datausage/tethering-data + title: 网络共享流量 + - path: /devices/tech/datausage/usage-cycle-resets-dates + title: 流量统计周期重置日期 + - path: /devices/tech/datausage/kernel-overview + title: 内核概览 + - path: /devices/tech/datausage/tags-explained + title: 已说明的流量使用情况标签 + - path: /devices/tech/datausage/kernel-changes + title: 内核变化 + title: 流量使用情况 + - section: + - path: /devices/tech/debug/ + title: 概览 + - path: /devices/tech/debug/native-crash + title: 诊断原生代码崩溃问题 + - path: /devices/tech/debug/asan + title: AddressSanitizer + - path: /devices/tech/debug/dumpsys + title: Dumpsys + - path: /devices/tech/debug/native-memory + title: 本地内存使用情况 + - path: /devices/tech/debug/netstats + title: 网络使用情况 + - path: /devices/tech/debug/procstats + title: 内存使用情况 + title: 调试 + - section: + - path: /devices/tech/admin/ + title: 概览 + - path: /devices/tech/admin/implement + title: 实现 + - path: /devices/tech/admin/multi-user + title: 多用户 + - path: /devices/tech/admin/managed-profiles + title: 受管理的资料 + - path: /devices/tech/admin/provision + title: 配置 + - path: /devices/tech/admin/multiuser-apps + title: 多用户应用 + - path: /devices/tech/admin/enterprise-telephony + title: 企业电话 + - path: /devices/tech/admin/testing-provision + title: 测试设备配置 + - path: /devices/tech/admin/testing-setup + title: 测试设备管理 + title: 设备管理 + - section: + - path: /devices/tech/display/ + title: 概览 + - path: /devices/tech/display/app-shortcuts + title: 应用快捷方式 + - path: /devices/tech/display/circular-icons + title: 圆形图标 + - path: /devices/tech/display/dnd + title: 勿扰模式 + - path: /devices/tech/display/hdr + title: HDR 视频 + - path: /devices/tech/display/multi-window + title: 多窗口模式 + - path: /devices/tech/display/night-light + title: 夜间模式 + - path: /devices/tech/display/retail-mode + title: 零售演示模式 + title: 显示设置 + - path: /reference/hal/ + title: HAL 文件参考 + - section: + - path: /devices/tech/ota/ + title: 概览 + - path: /devices/tech/ota/tools + title: OTA 工具 + - path: /devices/tech/ota/block + title: 基于块的 OTA + - path: /devices/tech/ota/inside_packages + title: OTA 软件包内部 + - path: /devices/tech/ota/device_code + title: 设备专属代码 + - path: /devices/tech/ota/reduce_size + title: 减小 OTA 大小 + - path: /devices/tech/ota/sign_builds + title: 签名版本以供发布 + - path: /devices/tech/ota/ab_updates + title: A/B 系统更新 + title: OTA 更新 + - section: + - path: /devices/tech/power/ + title: 概览 + - path: /devices/tech/power/mgmt + title: 电源管理 + - path: /devices/tech/power/performance + title: 性能管理 + - path: /devices/tech/power/component + title: 组件电量消耗 + - path: /devices/tech/power/device + title: 设备电源 + - path: /devices/tech/power/values + title: 功率值 + - path: /devices/tech/power/batterystats + title: 电池使用情况 + title: 电源 + - section: + - path: /devices/tech/test_infra/tradefed/ + title: 概览 + - path: /devices/tech/test_infra/tradefed/fundamentals + title: 开始使用 + - path: /devices/tech/test_infra/tradefed/fundamentals/machine_setup + title: 机器设置 + - path: /devices/tech/test_infra/tradefed/fundamentals/devices + title: 使用设备 + - path: /devices/tech/test_infra/tradefed/fundamentals/lifecycle + title: 测试生命周期 + - path: /devices/tech/test_infra/tradefed/fundamentals/options + title: 选项处理 + - path: /devices/tech/test_infra/tradefed/full_example + title: 端到端示例 + - path: /devices/tech/test_infra/tradefed/fundamentals/vts + title: 使用 VTS 进行系统测试 + - path: /reference/tradefed/ + title: 软件包索引 + title: 测试基础架构 + name: 微调 + name: 微调 +- lower_tabs: + other: + - contents: + - path: /compatibility/ + title: 简介 + - path: /compatibility/overview + title: 计划概览 + - section: + - path: /compatibility/cdd/ + title: 概览 + - path: /compatibility/android-cdd + title: 兼容性定义文档(HTML 格式) + - path: /compatibility/android-cdd.pdf + title: 兼容性定义文档(PDF 格式) + title: 兼容性定义 + - section: + - path: /compatibility/cts/ + title: 概览 + - path: /compatibility/cts/setup + title: 设置 CTS + - path: /compatibility/cts/run + title: 运行 CTS + - section: + - path: /compatibility/cts/verifier + title: 概览 + - path: /compatibility/cts/audio-framework + title: 音频框架 + - path: /compatibility/cts/camera-hal + title: 相机 HAL 测试 + - path: /compatibility/cts/near-ultrasound + title: 近超声测试 + - path: /compatibility/cts/rotation-vector + title: 旋转矢量交叉检验 + title: 运行 CTS 验证程序 + - path: /compatibility/cts/interpret + title: 解读结果 + - path: /compatibility/cts/development + title: CTS 开发 + - path: /compatibility/cts/downloads + title: 下载内容 + title: 兼容性测试套件 + - path: /compatibility/contact-us + title: 与我们联系 + name: 兼容性 + name: 兼容性 +- lower_tabs: + other: + - contents: + - path: /reference/ + title: API 参考 + - section: + - path: /reference/hal/ + title: 概览 + - path: /reference/hal/annotated + title: 数据结构 + - path: /reference/hal/classes + title: 数据结构索引 + - path: /reference/hal/functions + title: 数据字段 + - path: /reference/hal/files + title: 文件列表 + - path: /reference/hal/globals + title: 全局类型 + - path: /reference/hal/deprecated + title: 已弃用 + style: accordion + title: 硬件抽象层 + - section: + - path: /reference/tradefed/classes + title: 类索引 + - path: /reference/tradefed/packages + title: 软件包索引 + style: accordion + title: Trade Federation + name: 参考 + name: 参考 diff --git a/zh-cn/_index.yaml b/zh-cn/_index.yaml new file mode 100644 index 00000000..f5bd1b06 --- /dev/null +++ b/zh-cn/_index.yaml @@ -0,0 +1,69 @@ +project_path: /_project.yaml +book_path: /_book.yaml +landing_page: + header: + buttons: + - label: 获取源代码 + path: /source/downloading + rows: + - items: + - heading: Android 7.1 更新! + description: > + 移植到最新的 Android 平台,打造深受用户青睐的设备。<style>.devsite-feedback-button { + display: none; + } + + </style> + buttons: + - label: 立即更新 + path: /devices/ + image_path: /images/landing_icon-porting.png + - heading: 保障 Android 安全至关重要 + description: > + 了解 Android 安全计划的运作方式,并了解如何实现最新功能。 + image_path: /images/landing_icon-security.png + buttons: + - label: 了解详情 + path: /security/ + - heading: 确保兼容性,支持各类应用 + description: >- + 提供与其他 Android 设备一致的体验,并能安装更多应用。 + image_path: /images/landing_icon-compatibility.png + buttons: + - label: 测试设备 + path: /compatibility/ + - classname: devsite-landing-row-large-headings devsite-landing-row-colored devsite-landing-row-grey + devsite-landing-row-no-image-background tf-about-row devsite-landing-row-75 + items: + - heading: Android 开放源代码项目简介 + description: | + Android 是一个支持多种移动设备的开放源代码软件堆栈以及对应的由 Google 领导的开放源代码项目。此网站和 Android 开放源代码项目 (AOSP) 代码库可为您提供所需信息和源代码,供您创建定制的 Android 堆栈版本,将设备和配件移植到 Android 平台,同时确保您的设备符合兼容性要求。 + + 此外,我们还希望确保 Android 中不存在一个集中瓶颈(意即没有任何行业参与者可一手限制或控制其他参与者的创新)。这样,我们就可以针对消费类商品打造一个完整的高品质操作系统,并支持对源代码进行定制和移植。 + image_path: /images/android_stack.png + - heading: 新闻 + items: + - heading: 网站改头换面 + description: > + 本网站全新改版,可让您更轻松地浏览、搜索和阅读日益增多的信息。您还可以看看新的标签、页脚和参考资料等。 + buttons: + - label: 2017 年 4 月 + path: /source/site-updates + - heading: 年度安全回顾 + description: > + Android 安全团队已发布其 2016 年年度回顾报告。这份内容全面的报告介绍了 Android 和 Google 为保障用户安全所采取的措施。 + buttons: + - label: 2017 年 3 月 21 日 + path: http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2016_Report_Final.pdf + - heading: 3 月 Android 安全公告 + description: > + 2017 年 3 月的 Android 安全公告已经发布,一同发布的还有相关修正程序的链接以及用于 3 月 Android 安全更新补丁的新版本号。 + buttons: + - label: 2017 年 3 月 7 日 + path: /security/bulletin/2017-03-01 + - classname: devsite-landing-row-100 tf-row-centered + items: + - buttons: + - classname: button button-primary + label: 更多动态 + path: https://android.googlesource.com/platform/docs/source.android.com/+log/master?no-merges diff --git a/zh-cn/devices/audio/terminology.html b/zh-cn/devices/audio/terminology.html new file mode 100644 index 00000000..18640bdb --- /dev/null +++ b/zh-cn/devices/audio/terminology.html @@ -0,0 +1,593 @@ +<html devsite><head> + <title>音频术语</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p> +本词汇表收录了与音频相关的术语,其中包括广泛使用的通用术语和 Android 专用术语。 +</p> + +<h2 id="genericTerm">通用术语</h2> + +<p> +与音频相关的通用术语的含义都采用其约定俗成的解释。 +</p> + +<h3 id="digitalAudioTerms">数字音频</h3> +<p> +数字音频术语涉及使用以数字格式编码的音频信号处理声音。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Digital_audio">数字音频</a>。 +</p> + +<dl> + +<dt>声学</dt> +<dd> +对声音的机械属性的研究,例如换能器(音响设备、麦克风等)在设备中的物理位置如何影响听者感知到的音频质量。 +</dd> + +<dt>衰减</dt> +<dd> +小于或等于 1.0 的乘法因数,应用于音频信号以降低信号电平。与“增益”对应。<em></em> +</dd> + +<dt>音响发烧友</dt> +<dd> +追求极致音乐欣赏体验的人,尤其是愿意为音质而在其他方面(花费、组件大小和房间设计等)做出巨大让步的人。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Audiophile">音响发烧友</a>。 +</dd> + +<dt>每样本位数或位深</dt> +<dd> +每个样本的信息位数。 +</dd> + +<dt>声道</dt> +<dd> +单个音频信息流,通常与一个录音位置或播放位置相对应。 +</dd> + +<dt>缩混</dt> +<dd> +减少声道的数量,例如从立体声到单声道或从 5.1 到立体声。缩混通过减少声道、混合声道或更高级的信号处理技术来实现。如果简单地混合声道而不进行衰减或加以限制,则可能会出现溢出或削波的情况。与“扩混”对应。<em></em> +</dd> + +<dt>DSD</dt> +<dd> +直接数字流。基于<a href="http://en.wikipedia.org/wiki/Pulse-density_modulation">脉冲密度调制</a>的专有音频编码技术。脉冲编码调制 (PCM) 可将波形编码为多位的个体音频样本序列,而 DSD 可以非常高的采样率将波形编码为位数序列(不涉及样本这一概念)。PCM 和 DSD 均代表按独立序列划分的多个声道。由于我们很难将传统的数字信号处理 (DSP) 算法应用于 DSD,因此 DSD 更适用于内容分发,而不是作为内在体现对象进行处理。DSD 可用于<a href="http://en.wikipedia.org/wiki/Super_Audio_CD">超音频 CD (SACD)</a>,以及针对 USB 的 DoP (DSD over PCM)。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Direct_Stream_Digital">直接数字流</a>。 +</dd> + +<dt>闪避</dt> +<dd> +当另一个音频流变得活跃时,暂时降低音频流的音量。例如,如果播放音乐时收到一条通知,则音乐会在通知播放时闪避。与“静音”对应。<em></em> +</dd> + +<dt>FIFO</dt> +<dd> +先进先出。用于实现数据队列<a href="http://en.wikipedia.org/wiki/FIFO">先进先出</a>的硬件模块或软件数据结构。谈到音频时,存储在队列中的数据通常是音频帧。FIFO 可通过<a href="http://en.wikipedia.org/wiki/Circular_buffer">环形缓冲区</a>来实现。 +</dd> + +<dt>帧</dt> +<dd> +某个时间点上的样本集,每个声道对应一个样本。 +</dd> + +<dt>每缓冲区帧数</dt> +<dd> +同时从一个模块传递到另一个模块的帧数。音频 HAL 接口会使用每缓冲区帧数这一概念。 +</dd> + +<dt>增益</dt> +<dd> +大于或等于 1.0 的乘法因数,应用于音频信号以提高信号电平。与“衰减”对应。<em></em> +</dd> + +<dt>HD 音频</dt> +<dd> +高清晰度音频。高解析度音频的同义词(但与 Intel 高清晰度音频不同)。 +</dd> + +<dt>Hz</dt> +<dd> +采样率或帧率的单位。 +</dd> + +<dt>高解析度音频</dt> +<dd> +与 CD(立体声 16 位 PCM,44.1 kHz)相比,代表更高的位深和采样率,且支持无损数据压缩。相当于 HD 音频。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/High-resolution_audio">高解析度音频</a>。 +</dd> + +<dt>延时</dt> +<dd> +信号通过系统时的延迟时间。 +</dd> + +<dt>无损</dt> +<dd> +可在编码和解码的过程中保持位精度的<a href="http://en.wikipedia.org/wiki/Lossless_compression">无损数据压缩算法</a>;使用这种算法时,如果对之前编码的数据进行解码,得到的结果与原始数据相当。无损音频内容分发格式包括 <a href="http://en.wikipedia.org/wiki/Compact_disc">CD</a>、<a href="http://en.wikipedia.org/wiki/WAV">WAV</a> 中的 PCM,以及 <a href="http://en.wikipedia.org/wiki/FLAC">FLAC</a> 等。创作过程可能会导致位深或采样率相较于<a href="http://en.wikipedia.org/wiki/Audio_mastering">母版</a>有所下降;可保持母版的解析度和位精确度的分发格式是高解析度音频的载体。 +</dd> + +<dt>有损</dt> +<dd> +尝试在编码和解码的过程中保留最重要媒体特征的<a href="http://en.wikipedia.org/wiki/Lossy_compression">有损数据压缩算法</a>;使用这种算法时,如果对之前编码的数据进行解码,得到的结果与原始数据看似相似,但并不完全相同。使用有损音频压缩算法的格式包括 MP3 和 AAC 等。由于模拟值来自连续的域,而数字值是离散的,因此就振幅而言,ADC 和 DAC 属于有损转换。另请参阅“透明度”。<em></em> +</dd> + +<dt>单声道</dt> +<dd> +一个声道。 +</dd> + +<dt>多声道</dt> +<dd> +请参阅环绕声。<em></em>严格来讲,立体声指多个声道,可以视为多声道;不过,由于这种用法会令人感到困惑,因此请避免使用。<em></em> +</dd> + +<dt>静音</dt> +<dd> +暂时强制将音量降为 0;独立于通常使用的音量控件。 +</dd> + +<dt>溢出</dt> +<dd> +未能在一定的时间内接受提供的数据而导致的听得到的<a href="http://en.wikipedia.org/wiki/Glitch">短时脉冲波干扰</a>。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Buffer_underrun">缓冲区欠载</a>。与“欠载”对应。<em></em> +</dd> + +<dt>平移</dt> +<dd> +将一个信号移至立体声或多声道音场中的相应位置。 +</dd> + +<dt>PCM</dt> +<dd> +脉冲编码调制。最常见的低级别数字音频编码形式。以有规律的间隔对音频信号取样(称为采样率),然后根据位深对特定范围内的离散值进行量化。例如,对于 16 位 PCM,样本值是介于 -32768 到 +32767 之间的整数值。 +</dd> + +<dt>斜坡</dt> +<dd> +逐渐提高或降低特定音频参数(如音量或某种音效的强度)的级别。音量斜坡一般用于暂停和继续播放音乐,以免出现听得到的生硬过渡。 +</dd> + +<dt>样本</dt> +<dd> +代表某个时间点上一个声道的音频值的数字。 +</dd> + +<dt>采样率或帧率</dt> +<dd> +每秒帧数。“帧率”这一用法更为准确,但业内习惯使用“采样率”来表示帧率。<em></em><em></em> +</dd> + +<dt>可听化</dt> +<dd> +使用声音表达反馈或信息,例如触摸音效和键盘音效。 +</dd> + +<dt>立体声</dt> +<dd> +两个声道。 +</dd> + +<dt>立体声展宽</dt> +<dd> +应用于立体声信号的一种音效,能使可听得到的另一立体声信号更饱满丰富。该音效也可应用于单声道信号;在单声道信号中,它属于扩混。 +</dd> + +<dt>环绕声</dt> +<dd> +增强听众感知声音位置(不仅仅是立体声的左右声道)的能力的技术。 +</dd> + +<dt>透明度</dt> +<dd> +有损数据压缩的理想效果。如果人类主体从感觉上无法区分原始音频和压缩结果,则表示有损数据转换是透明的。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Transparency_%28data_compression%29">透明度</a>。 + +</dd> + +<dt>欠载</dt> +<dd> +未能在一定的时间内提供所需数据而导致的听得到的<a href="http://en.wikipedia.org/wiki/Glitch">短时脉冲波干扰</a>。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Buffer_underrun">缓冲区欠载</a>。与“溢出”对应。<em></em> +</dd> + +<dt>扩混</dt> +<dd> +增加声道的数量,例如从单声道到立体声或从立体声到环绕声。扩混通过复制、平移或更高级的信号处理技术来实现。与“缩混”对应。<em></em> +</dd> + +<dt>虚拟音效</dt> +<dd> +尝试使音频声道空间化的音效,例如,尝试模拟更多扬声器,或给人一种声音来自某个位置的错觉。 +</dd> + +<dt>音量</dt> +<dd> +响度,音频信号的主观强度。 +</dd> + +</dl> + +<h3 id="interDeviceTerms">设备间互连</h3> + +<p> +设备间互连技术用于将各设备的音频和视频组件连接起来,用户可通过外部连接器从视觉上直观感受到这些技术。HAL 实现人员和最终用户应了解以下术语。 +</p> + +<dl> + +<dt>蓝牙</dt> +<dd> +近距离无线技术。要详细了解与音频相关的<a href="http://en.wikipedia.org/wiki/Bluetooth_profile">蓝牙规范</a>和<a href="http://en.wikipedia.org/wiki/Bluetooth_protocols">蓝牙协议</a>,请参阅 <a href="http://en.wikipedia.org/wiki/Bluetooth_profile#Advanced_Audio_Distribution_Profile_.28A2DP.29">A2DP</a> 了解音乐方面的信息、参阅 <a href="http://en.wikipedia.org/wiki/Bluetooth_protocols#Synchronous_connection-oriented_.28SCO.29_link">SCO</a> 了解电话方面的信息,以及<a href="http://en.wikipedia.org/wiki/List_of_Bluetooth_profiles#Audio.2FVideo_Remote_Control_Profile_.28AVRCP.29">音频/视频远程控制规范 (AVRCP)</a>。 +</dd> + +<dt>DisplayPort</dt> +<dd> +视频电子标准协会 (VESA) 制订的数字显示接口。 +</dd> + +<dt>外接小配件</dt> +<dd> +<a href="https://en.wikipedia.org/wiki/Dongle">外接小配件</a>是一种小工具,特指可直接插入到其他设备上的小工具。 +</dd> + +<dt>HDMI</dt> +<dd> +高清晰度多媒体接口,用于传输音频和视频数据。移动设备上会使用微型 HDMI(D 型)或 MHL 连接器。 +</dd> + +<dt>Intel HDA</dt> +<dd> +Intel 高清晰度音频(请不要与泛指的“高清晰度音频”或“高解析度音频”混淆);<em></em><em></em>一种前面板连接器规范。如需了解详情,请参阅 <a href="http://en.wikipedia.org/wiki/Intel_High_Definition_Audio">Intel 高清晰度音频</a>。 +</dd> + +<dt>接口</dt> +<dd> +<a href="https://en.wikipedia.org/wiki/Interface_(computing)">接口</a>可将信号从一种表现形式转换为另一种。常见的接口包括 USB 音频接口和 MIDI 接口。 +</dd> + +<dt>线缆电平</dt> +<dd> +<a href="http://en.wikipedia.org/wiki/Line_level">线路电平</a>是指在不同音频组件(而非换能器)之间传输的模拟音频信号的强度。 +</dd> + +<dt>MHL</dt> +<dd> +移动高清连接技术。一种移动音频/视频接口,通常通过 micro-USB 连接器进行数据传输。 +</dd> + +<dt>手机连接器</dt> +<dd> +连接设备和有线头戴式耳机、耳麦或线路电平放大器的小型或超小型组件。 +</dd> + +<dt>SlimPort</dt> +<dd> +micro-USB 转 HDMI 的适配器。 +</dd> + +<dt>S/PDIF</dt> +<dd> +Sony/Philips 数字接口格式,用于未压缩的 PCM 音频的互连。如需了解详情,请参阅 <a href="http://en.wikipedia.org/wiki/S/PDIF">S/PDIF</a>。S/PDIF 是 <a href="https://en.wikipedia.org/wiki/AES3">AES3</a> 的消费级版本。 +</dd> + +<dt>Thunderbolt</dt> +<dd> +与 USB 和 HDMI 竞争的一种多媒体接口,用于连接高端外围设备。如需了解详情,请参阅 <a href="http://en.wikipedia.org/wiki/Thunderbolt_%28interface%29">Thunderbolt</a>。 +</dd> + +<dt>TOSLINK</dt> +<dd> +<a href="https://en.wikipedia.org/wiki/TOSLINK">TOSLINK</a> 是一种配合 S/PDIF 使用的光纤音频数据线。<em></em></dd> + +<dt>USB</dt> +<dd> +通用串行总线。如需了解详情,请参阅 <a href="http://en.wikipedia.org/wiki/USB">USB</a>。 +</dd> + +</dl> + +<h3 id="intraDeviceTerms">设备内互连</h3> + +<p> +设备内互连技术用于将一台设备内的不同音频组件连接起来,如果不拆开设备,则无法从视觉上直观感受到这些技术。HAL 实现人员可能需要了解以下术语,但最终用户不需要。要详细了解设备内互连,请参阅下列文章: +</p> +<ul> +<li><a href="http://en.wikipedia.org/wiki/General-purpose_input/output">GPIO</a></li> +<li><a href="http://en.wikipedia.org/wiki/I%C2%B2C">I²C</a>,用于控制声道</li> +<li><a href="http://en.wikipedia.org/wiki/I%C2%B2S">I²S</a>,用于音频数据,比 SLIMbus 简单</li> +<li><a href="http://en.wikipedia.org/wiki/McASP">McASP</a></li> +<li><a href="http://en.wikipedia.org/wiki/SLIMbus">SLIMbus</a></li> +<li><a href="http://en.wikipedia.org/wiki/Serial_Peripheral_Interface_Bus">SPI</a></li> +<li><a href="http://en.wikipedia.org/wiki/AC%2797">AC'97</a></li> +<li><a href="http://en.wikipedia.org/wiki/Intel_High_Definition_Audio">Intel HDA</a></li> +<li><a href="http://mipi.org/specifications/soundwire">SoundWire</a></li> +</ul> + +<p> +在 <a href="http://www.alsa-project.org/main/index.php/ASoC">ALSA 系统芯片 (ASoC)</a> 中,以上统称为<a href="https://www.kernel.org/doc/Documentation/sound/alsa/soc/DAI.txt">数字音频接口</a> (DAI)。 +</p> + +<h3 id="signalTerms">音频信号路径</h3> + +<p> +音频信号路径术语涉及音频数据从应用传输到换能器(反之亦然)的信号路径。 +</p> + +<dl> + +<dt>ADC</dt> +<dd> +模拟转数字转换器。用于将模拟信号(在时间和振幅上保持连续的信号)转换为数字信号(在时间和振幅上离散的信号)的模块。从概念上讲,一个 ADC 包含一个周期性采样保持器,后跟一个量化器(尽管并不一定需要采用这种方式)。ADC 前面通常有一个低通滤波器,用来滤除通过目标采样率无法呈现的所有高频分量。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Analog-to-digital_converter">模拟转数字转换器</a>。 +</dd> + +<dt>AP</dt> +<dd> +应用处理器。移动设备上的主要通用计算系统。 +</dd> + +<dt>编解码器</dt> +<dd> +编码器和解码器,用于将音频信号从一种表现形式编码和/或解码成另一种表现形式(通常是从模拟信号到 PCM 或从 PCM 到模拟信号)。严格来讲,“编解码器”同时指编码和解码模块,但也可仅泛指其中一个。<em></em>如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Audio_codec">音频编解码器</a>。 +</dd> + +<dt>DAC</dt> +<dd> +数字转模拟转换器,用于将数字信号(在时间和振幅上离散的信号)转换为模拟信号(在时间和振幅上保持连续的信号)的模块。DAC 后面通常有一个低通滤波器,用来滤除由数字量化引入的高频分量。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Digital-to-analog_converter">数字转模拟转换器</a>。 +</dd> + +<dt>DSP</dt> +<dd> +数字信号处理器。可选组件,通常位于应用处理器之后(用于输出)或之前(用于输入)。主要用途是减轻应用处理器的负担,并以较低的功耗提供信号处理功能。 +</dd> + +<dt>PDM</dt> +<dd> +脉冲密度调制。用于按数字信号表示模拟信号的调制形式,其中相对密度 1s 和 0s 表示信号电平。通常用于数字转模拟转换器。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Pulse-density_modulation">脉冲密度调制</a>。 +</dd> + +<dt>PWM</dt> +<dd> +脉冲宽度调制。用于按数字信号表示模拟信号的调制形式,其中数字脉冲的相对宽度表示信号电平。通常用于模拟转数字转换器。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Pulse-width_modulation">脉冲宽度调制</a>。 +</dd> + +<dt>换能器</dt> +<dd> +将现实世界物理量中的变量转换为电信号。在音频中,物理量是声压,而换能器是扬声器和麦克风。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Transducer">换能器</a>。 +</dd> + +</dl> + +<h3 id="srcTerms">采样率转换</h3> +<p> +采样率转换术语涉及从一种采样率转换为另一种采样率的过程。 +</p> + +<dl> + +<dt>降采样</dt> +<dd>重新采样,其中接收器采样率 < 信号源采样率。</dd> + +<dt>奈奎斯特频率</dt> +<dd> +可由离散信号以指定采样率的一半表示的最大频率分量。例如,由于人类的听力范围可达到近 20 kHz,因此数字音频信号的采样率必须至少有 40 kHz 才能代表该范围。在实践中,44.1 kHz 和 48 kHz 的采样率比较常用,而比较常用的奈奎斯特频率则为 22.05 kHz 和 24 kHz。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Nyquist_frequency">奈奎斯特频率</a>和<a href="http://en.wikipedia.org/wiki/Hearing_range">听力范围</a>。 +</dd> + +<dt>重采样器</dt> +<dd>采样率转换器的同义词。</dd> + +<dt>重新采样</dt> +<dd>转换采样率的过程。</dd> + +<dt>采样率转换器</dt> +<dd>执行重新采样的模块。</dd> + +<dt>接收器</dt> +<dd>重采样器的输出。</dd> + +<dt>信源</dt> +<dd>重采样器的输入。</dd> + +<dt>升采样</dt> +<dd>重新采样,其中接收器采样率 > 信源采样率。</dd> + +</dl> + +<h2 id="androidSpecificTerms">Android 专用术语</h2> + +<p> +Android 专用术语包括仅在 Android 音频框架中使用的术语,以及在 Android 中具有特殊意义的通用术语。 +</p> + +<dl> + +<dt>ALSA</dt> +<dd> +高级 Linux 声音体系。Linux 的音频框架,对其他系统也有影响。要了解通用定义,请参阅 <a href="http://en.wikipedia.org/wiki/Advanced_Linux_Sound_Architecture">ALSA</a>。在 Android 中,ALSA 指的是内核音频框架和驱动程序,而不是用户模式 API。另请参阅“tinyalsa”。<em></em> +</dd> + +<dt>音频设备</dt> +<dd> +以 HAL 为基础的音频 I/O 端点。 +</dd> + +<dt>AudioEffect</dt> +<dd> +用于输出(处理后)音效与输入(处理前)音效的 API 和实现框架。该 API 在 <a href="http://developer.android.com/reference/android/media/audiofx/AudioEffect.html">android.media.audiofxAudioEffect</a> 中进行了定义。 +</dd> + +<dt>AudioFlinger</dt> +<dd> +Android 声音服务器实现用例。AudioFlinger 在 mediaserver 进程中运行。要了解通用定义,请参阅<a href="http://en.wikipedia.org/wiki/Sound_server">声音服务器</a>。 +</dd> + +<dt>音频焦点</dt> +<dd> +跨多个独立应用管理音频互动的 API 集。如需了解详情,请参阅<a href="http://developer.android.com/training/managing-audio/audio-focus.html">管理音频焦点</a>以及与焦点相关的方法和 <a href="http://developer.android.com/reference/android/media/AudioManager.html">android.media.AudioManager</a> 的常量。 +</dd> + +<dt>AudioMixer</dt> +<dd> +AudioFlinger 中的模块,负责合并多个音轨以及应用衰减(音量)和音效。要了解通用定义,请参阅<a href="http://en.wikipedia.org/wiki/Audio_mixing_(recorded_music)">混音(录制的音乐)</a>(将混合器作为一个硬件设备或软件应用而非系统中的软件模块)。 +</dd> + +<dt>音频政策</dt> +<dd> +负责所有需要先做出政策决策的操作的服务,例如打开新的 I/O 音频流、更改后重新路由,以及音频流音量管理。 +</dd> + +<dt>AudioRecord</dt> +<dd> +用于从麦克风等音频输入设备接收数据的主要低级别客户端 API。相应数据通常为 PCM 格式。该 API 在 <a href="http://developer.android.com/reference/android/media/AudioRecord.html">android.media.AudioRecord</a> 中进行了定义。 +</dd> + +<dt>AudioResampler</dt> +<dd> +AudioFlinger 中的模块,负责<a href="src.html">采样率转换</a>。 +</dd> + +<dt>音频来源</dt> +<dd> +常量的一种枚举,用于为捕获音频输入指明目标使用情形。如需了解详情,请参阅<a href="http://developer.android.com/reference/android/media/MediaRecorder.AudioSource.html">音频来源</a>。对于 21 级及以上级别的 API,建议使用<a href="attributes.html">音频属性</a>。 +</dd> + +<dt>AudioTrack</dt> +<dd> +用于向音响设备等音频输出设备发送数据的主要低级别客户端 API。相应数据通常为 PCM 格式。该 API 在 <a href="http://developer.android.com/reference/android/media/AudioTrack.html">android.media.AudioTrack</a> 中进行了定义。 +</dd> + +<dt>audio_utils</dt> +<dd> +PCM 格式转换、WAV 文件 I/O 以及<a href="avoiding_pi.html#nonBlockingAlgorithms">非阻塞 FIFO</a> 等功能的音频实用程序库,很大程度上独立于 Android 平台。 +</dd> + +<dt>客户端</dt> +<dd> +通常指一个应用或应用客户端。不过,AudioFlinger 客户端可以是一个在 mediaserver 系统进程中运行的线程,例如,播放由 MediaPlayer 对象解码的媒体内容时。 +</dd> + +<dt>HAL</dt> +<dd> +硬件抽象层。HAL 在 Android 中是通用术语;涉及音频时,它是介于 AudioFlinger 和内核设备驱动程序之间的一个层,具有一个 C 语言编写的 API(取代了 C++ libaudio)。 +</dd> + +<dt>FastCapture</dt> +<dd> +AudioFlinger 中的线程。经配置,它会向延迟时间较短的 fast track 发送音频数据,并驱动输入设备的运行,以缩短延迟时间。 +</dd> + +<dt>FastMixer</dt> +<dd> +AudioFlinger 中的线程。经配置,它会从延迟时间较短的 fast track 接收并混合音频数据,同时驱动主要输出设备的运行,以缩短延迟时间。 +</dd> + +<dt>fast track</dt> +<dd> +部分设备和路由中具有较短延迟时间但功能较少的 AudioTrack 或 AudioRecord 客户端。 +</dd> + +<dt>MediaPlayer</dt> +<dd> +比 AudioTrack 级别更高的客户端 API。播放已编码的内容或包含多媒体音频和视频音轨的内容。 +</dd> + +<dt>media.log</dt> +<dd> +仅在定制版本中提供的 AudioFlinger 调试功能。用于在环形缓冲区中记录音频事件,然后可以根据需要倒回去撤消这些活动。 +</dd> + +<dt>mediaserver</dt> +<dd> +Android 系统进程,包含 AudioFlinger 等与媒体相关的服务。 +</dd> + +<dt>NBAIO</dt> +<dd> +非阻塞音频输入/输出,AudioFlinger 端口的抽象表示。此术语有一定的歧义,因为部分 NBAIO API 实现用例支持阻塞。NBAIO 的主要实现用例适用于不同的管道类型。 +</dd> + +<dt>常规混合器</dt> +<dd> +AudioFlinger 中的线程,可用于大部分功能完善的 AudioTrack 客户端。它能直接驱动输出设备的运行,或通过管道将其子混音输入 FastMixer。 +</dd> + +<dt>OpenSL ES</dt> +<dd> +<a href="http://www.khronos.org/">Khronos 集团</a>推行的音频 API 标准。API 级别为 9 或更高级别的 Android 版本都支持原生音频 API(基于 <a href="http://www.khronos.org/opensles/">OpenSL ES 1.0.1</a> 的部分标准)。 +</dd> + +<dt>静音模式</dt> +<dd> +可由用户设置、用于将手机振铃器和通知设为静音而不会影响媒体内容播放(音乐、视频和游戏)或闹钟的功能。 +</dd> + +<dt>SoundPool</dt> +<dd> +比 AudioTrack 级别更高的客户端 API,用于播放通过采样得到的音频片段。适用于触发界面反馈、游戏音效等。该 API 在 <a href="http://developer.android.com/reference/android/media/SoundPool.html">android.media.SoundPool</a> 中进行了定义。 +</dd> + +<dt>Stagefright</dt> +<dd> +请参阅<a href="/devices/media.html">媒体</a>。 +</dd> + +<dt>StateQueue</dt> +<dd> +AudioFlinger 中的模块,负责同步线程之间的状态。NBAIO 用于传递数据,而 StateQueue 用于传递控制信息。 +</dd> + +<dt>策略</dt> +<dd> +具有类似行为的音频流类型构成的组,用于音频政策服务。 +</dd> + +<dt>音频流类型</dt> +<dd> +表示音频输出使用情形的枚举。音频政策的实现使用音频流类型以及其他参数来确定音量和路由决策。要查看音频流类型的列表,请参阅 <a href="http://developer.android.com/reference/android/media/AudioManager.html">android.media.AudioManager</a>。 +</dd> + +<dt>tee sink</dt> +<dd> +请参阅<a href="debugging.html#teeSink">音频调试</a>。 +</dd> + +<dt>tinyalsa</dt> +<dd> +ALSA 内核之上具有 BSD 许可的小型用户模式 API。建议用于实现 HAL。 +</dd> + +<dt>ToneGenerator</dt> +<dd> +比 AudioTrack 级别更高的客户端 API,用于播放双音多频 (DTMF) 信号。如需了解详情,请参阅<a href="http://en.wikipedia.org/wiki/Dual-tone_multi-frequency_signaling">双音多频信号</a>和 <a href="http://developer.android.com/reference/android/media/ToneGenerator.html">android.media.ToneGenerator</a> 中的 API 定义。 +</dd> + +<dt>音轨</dt> +<dd> +音频流。由 AudioTrack 或 AudioRecord API 控制。 +</dd> + +<dt>音量衰减曲线</dt> +<dd> +对于给定输出,音量衰减曲线指从通用音量指数到特定衰减因数的设备专属映射。 +</dd> + +<dt>音量指数</dt> +<dd> +表示某个音频流的目标相对音量的整数(没有单位)。<a href="http://developer.android.com/reference/android/media/AudioManager.html">android.media.AudioManager</a> 的与音量相关的 API 在运行时会采用音量指数(而非绝对的衰减因数)。 +</dd> + +</dl> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/legal.html b/zh-cn/legal.html new file mode 100644 index 00000000..268378c5 --- /dev/null +++ b/zh-cn/legal.html @@ -0,0 +1,48 @@ +<html devsite><head> + <title>法律声明</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<div class="wrap"> + + <div class="landing-banner"> + + <p>Android 由 Google Inc. 和<a href="http://www.openhandsetalliance.com/">开放手机联盟</a> (Open Handset Alliance) 联合开发。为了履行打造开放、自由和创新的移动环境的承诺,我们将其作为开发平台提供给您。</p> + + </div> + +<h2 id="Brands">Android 品牌</h2> + +<p>“Android”名称、<img src="/source/assets/images/sac_logo.png" alt="Android" style="margin:0;padding:0 2px;vertical-align:baseline"/> 徽标和<a href="http://www.google.com/permissions/">其他商标</a>均为 Google Inc. 的财产。</p> + +<p>要了解更多详情,请参阅<a href="/source/brands.html">品牌指南</a>。</p> + +<h2 id="WebSite">网站内容</h2> + +<p>我们非常乐意根据相应条款授权您使用本网站上的 Android 文档和示例代码,这些条款鼓励您根据需要采用、修改、重复使用、改编和混编内容。本网站上的文档内容作为 <a href="https://android.googlesource.com/">Android 开放源代码项目</a>的一部分向您提供。我们根据 <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache 2.0 许可</a>授权您使用本文档(包括其中显示的所有代码),另根据 <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> 许可授权您使用本网站上除许可文档本身以外的所有其他内容,另有说明的情况除外。 +</p> + +<p>要详细了解本网站内容的许可方式以及关于重复使用的限制,请参阅完整的<a href="license.html">内容许可</a>。</p> + +<p>使用本网站时,您需要遵循 <a href="http://www.google.com/policies/">Google 的隐私权政策和服务条款</a>。</p> + +<div> + +</div></div></body></html>
\ No newline at end of file diff --git a/zh-cn/license.html b/zh-cn/license.html new file mode 100644 index 00000000..7e9204e7 --- /dev/null +++ b/zh-cn/license.html @@ -0,0 +1,132 @@ +<html devsite><head> + <title>内容许可</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>为了方便授予许可,本网站的内容分为以下两类:</p> +<ul> + <li>文档内容,包括静态文档和从源代码模块中提取的内容,以及示例代码</li> +<li>网站上的所有其他内容</li> +</ul> + +<p>本网站上的文档内容作为 <a href="https://android.googlesource.com/">Android 开放源代码项目</a>的一部分向您提供。我们根据 <a href="https://www.apache.org/licenses/LICENSE-2.0">Apache 2.0 许可</a>(Android 开放源代码项目所有组成部分的首选许可)授权您使用本文档(包括其中显示的所有代码)。</p> + +<p>Apache 2.0 是适用于开放源代码的商业软件许可。大多数 Android 平台和文档都是根据 Apache 2.0 许可授权用户使用。尽管该项目会尽可能遵循此首选许可,但也可能存在例外情况,例如,如果文档(代码注释)的提取来源是根据 GPLv2 或其他许可授权的源代码模块。在这些情况下,源代码模块所遵循的许可将适用于从源代码模块中提取的文档。要了解用于生成文档并需要根据许可注明出处的源代码模块,请查看下文的<a href="#doclicenses">“文档许可”部分</a>。</p> + +<p>本网站的第三方组件(例如 JavaScript 库)已根据其作者指定的许可纳入 Android 开放源代码项目。要了解这些许可,请参阅 Android 开放源代码项目中的源代码文件。</p> + +<p>对于本网站上的所有其他内容(许可文档本身除外),我们均根据 <a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> 许可授权您使用,另有说明的情况除外。</p> + +<p>只要符合相应内容的特定许可(如上所述),您就可以以任何方式使用本网站的内容。对于根据 Creative Commons Attribution 3.0 许可授权您使用的内容,我们会要求您注明相应的<a href="#attribution">出处</a>。</p> + +<h2 id="terms">使用条款</h2> + +<p>我们非常乐意根据相应条款授权您使用 Android 文档和示例代码,这些条款鼓励您根据需要采用、修改、重复使用、改编或混编此类内容。您可以在自己的作品中随意使用文档内容,除非下文的<a href="#restrictions">限制</a>部分另有说明。例如,您可以在一本书中引用相应的文字,将某些部分的内容剪切并粘贴到您的博客中,将相应内容录制成有声读物供视障人士收听,甚至还可以将相应内容翻译成其他语言。</p> + +<h2 id="restrictions">限制</h2> + +<ul> +<li>尽管我们根据 Apache 2.0 许可向您提供文档本身,但请注意,该许可并未涵盖专有商标和品牌特征。</li> + +<li>该许可未涵盖 Google 的商标和其他品牌特征(包括 <img src="https://developer.android.com/images/android-logo.png" alt="Android" style="margin:0;padding:0 2px;vertical-align:baseline"/> 这种特殊样式的字体徽标)。要了解具体使用情况的相关信息,请参阅<a href="https://developer.android.com/distribute/marketing-tools/brand-guidelines.html">品牌指南</a>。</li> + +<li>在某些情况下,网页中可能会包含该许可未涵盖的内容(例如图片)。在这种情况下,我们会为未许可的内容添加标签。</li> + +<li>此外,除非特别说明,该许可一律不适用于该网站上网页中的链接所指向的内容。例如,网页上的链接可能会指向不适用于该许可的视频或幻灯片。</li> + +<li>使用 SDK 中提供(或本文档中显示)的示例源代码时,需遵循 <a href="https://www.apache.org/licenses/LICENSE-2.0">Apache 2.0 许可</a>中详述的条件。</li> +</ul> + +<h2 id="attribution">注明出处</h2> +<p>当您重复使用网页上显示的根据 Creative Commons Attribution 许可条款提供的内容或创建其修改版本时,需注明相应的出处。在该网站上,需注明出处的要求仅适用于非文档内容(如上文所述)。要了解关于注明出处的完整要求,请参阅 <a href="https://creativecommons.org/licenses/by/3.0/legalcode">Creative Commons 法律规定</a>的 4b 部分。 +</p> +<p>在实际使用情形中,我们要求您根据创作作品所用媒介的特点,尽一切可能注明出处来自 Android 开放源代码项目。此要求可能适用于以下几种典型方式:</p> +<h3>原样复制</h3> +<p> +如果您的在线作品原样复制本网站中的全部或部分文字或图片,请在网页底部附上以下这段内容:<em></em> +</p> +<p style="margin-left:20px;font-style:italic"> + 本网页的部分内容是从 <a href="https://code.google.com/p/android/">Android 开放源代码项目</a>原创及共享作品中复制的,须遵照 <a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 许可</a>所述条款付诸应用。 + +</p> +<p>此外,请提供指向原始来源网页的链接,以便用户可以参阅相应网页,了解更多信息。 +</p> +<h3>经过修改的版本</h3> +<p>如果您的在线作品会显示在本网站内容的基础上修改的文字或图片,请在您的网页底部附上以下这段内容:<em></em></p> +<p style="margin-left:20px;font-style:italic">本网页的部分内容是在 <a href="https://code.google.com/p/android/">Android 开放源代码项目</a>原创及共享作品的基础上修改而成的,须遵照 <a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 许可</a>所述条款付诸应用。 +</p> +<p>再次提醒,请提供指向原始来源网页的链接,以便用户可以参阅相应网页,了解更多信息。在对相应内容完成修改后,尤其要谨记这一点。 +</p> +<h3>其他媒体</h3> +<p>如果您要制作非超文本作品(如图书、音频或视频),我们要求您本着上述精神尽可能提供语音或文字形式的出处说明。 +</p> + +<h2 id="doclicenses">文档许可</h2> +<h3 id="icu">ICU 许可</h3> +<p>Android 公共 API 文档中包含来自下列源代码库的内容(根据 ICU 许可授权):</p> +<ul> +<li><a href="https://developer.android.com/reference/android/icu/lang/package-summary.html">android.icu.lang</a></li> +<li><a href="https://developer.android.com/reference/android/icu/math/package-summary.html">android.icu.math</a></li> +<li><a href="https://developer.android.com/reference/android/icu/text/package-summary.html">android.icu.text</a></li> +<li><a href="https://developer.android.com/reference/android/icu/util/package-summary.html">android.icu.util</a></li> +</ul> + +<div class="aside" style="overflow:scroll; height:250px;"> +<p>版权和权限声明</p> + +<p>版权所有 (c) 1995-2015 国际商业机器股份有限公司 (IBM) 及其他</p> +<p>保留所有权利。 +</p> +<p>特此向获得本软件的副本及相关文档文件(以下简称“本软件”)的所有人员免费授予不受限制地处理本软件的权限(包括但不限于使用、复制、修改、合并、发布、分发和/或销售本软件的副本的权利)以及允许获装本软件的人员进行上述处理的权限,但前提是本软件的所有副本和支持文档中均包含上述版权声明和本权限声明。 +</p> +<p>本软件按“原样”提供,不提供任何形式(明示或暗示)的保证,包括但不限于针对适销性、特定用途适合性以及不对第三方构成侵权的保证。在任何情况下,对于因使用本软件或本软件的性能造成的以及与使用本软件或本软件的性能相关的任何索赔、任何特殊的间接或继发损失,或任何因本软件无法使用、数据丢失或利润损失(无论是否已提起合同诉讼)、疏忽或其他侵权行为造成的损失,本声明中提到的版权持有者均不承担任何责任。</p> +<p>除非本声明中另有规定,否则在未事先征得版权持有者书面授权的情况下,不得在广告中使用版权持有者的名称,也不得将版权持有者的名称用于宣传本软件的销售、使用或其他处理事宜。 +</p> +</div> + +<h3 id="w3c_license">W3C 软件和文档声明及许可</h3> +<p>Android 公共 API 文档中包含来自以下源代码库的内容(根据 W3C 软件和文档声明及许可授权):</p> +<ul> +<li><a href="https://developer.android.com/reference/org/w3c/dom/package-summary.html">org.w3c.dom</a></li> +<li><a href="https://developer.android.com/reference/org/w3c/dom/ls/package-summary.html">org.w3c.dom.ls</a></li> +</ul> + +<div class="aside" style="overflow:scroll; height:250px;"> +<p>本作品目前是由版权持有者根据以下许可提供。</p> +<h5>许可</h5> +<p>获取和/或复制本作品,即表示您(被许可人)承认您已阅读、了解并同意遵守以下条款及条件。 +</p> +<p>只要您在此作品的所有副本或部分内容(包括修改内容)中满足以下要求,即授予您出于任何目的复制、修改和分发本作品的权限(无论是否修改,均免一切费用或税费):</p> +<ul> +<li>在再发行作品或衍生作品的用户可见的位置附上此声明的全文内容。 +</li> +<li>附上任何现有的知识产权免责声明、声明或条款及条件。如果没有这类内容,则应附上 W3C 软件和文档简短声明。 +</li> +<li>在针对新代码或文档的版权声明中注明所做的任何更改或修改,例如“本软件或文档中包含从 [title and URI of the W3C document] 复制的内容或根据 [title and URI of the W3C document] 得出的内容。版权所有 © [YEAR] W3C®(MIT、ERCIM、Keio、Beihang)”。 +</li> +</ul> +<h5>免责声明</h5> +<p>本作品按“原样”提供,且版权持有者不提供任何明示或暗示的声明或保证,包括但不限于针对适销性、任何特定用途适合性或使用本软件或文档不会对任何第三方专利、版权、商标或其他权利构成侵权的保证。</p> +<p>对于因使用本软件或文档造成的任何直接、间接、特殊或继发损失,版权持有者均不承担任何责任。</p> +<p>在未事先征得特定书面许可的情况下,不得在与本作品相关的广告或公共宣传内容中使用版权持有者的名称和商标。本作品包含的版权始终归版权持有者所有。 +</p> +</div> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/security/bulletin/2017-05-01.html b/zh-cn/security/bulletin/2017-05-01.html new file mode 100644 index 00000000..53582f84 --- /dev/null +++ b/zh-cn/security/bulletin/2017-05-01.html @@ -0,0 +1,2403 @@ +<html devsite><head> + <title>Android 安全公告 - 2017 年 5 月</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><em>发布时间:2017 年 5 月 1 日 | 更新时间:2017 年 5 月 2 日</em></p> + +<p>Android 安全公告详细介绍了会影响 Android 设备的安全漏洞。除了公告之外,我们还通过无线下载 (OTA) 更新的方式发布了针对 Nexus 设备的安全更新。我们还在 <a href="https://developers.google.com/android/nexus/images">Google Developers 网站</a>上发布了 Google 设备固件映像。2017 年 5 月 5 日(或之后)的安全补丁程序级别均已解决所有这些问题。请参阅 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 和 Nexus 更新时间表</a>,了解如何检查设备的安全补丁程序级别。</p> + +<p>我们的合作伙伴在 2017 年 4 月 3 日(或之前)就已收到本公告中说明的这些问题的相关通知。我们已在 Android 开放源代码项目 (AOSP) 代码库中发布了针对相关问题的源代码补丁程序,并在本公告中提供了相应链接。本公告还提供了 AOSP 之外的补丁程序的链接。</p> + +<p>这些问题中危险性最高的是一个严重程度为“严重”的安全漏洞,它可能会导致在处理媒体文件的过程中,可通过电子邮件、网页和彩信等多种方式在受影响的设备上执行远程代码。<a href="/security/overview/updates-resources.html#severity">严重程度评估</a>的依据是漏洞被利用后可能会对受影响设备造成的影响大小(假设相关平台和服务缓解措施被成功规避或出于开发目的而被停用)。</p> + +<p>我们尚未收到用户因这些新报告的问题而遭到主动攻击或这些问题遭到滥用的报告。请参阅 <a href="#mitigations">Android 和 Google 服务缓解措施</a>部分,详细了解 <a href="/security/enhancements/index.html">Android 安全平台防护</a>和服务防护功能(如 <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>);这些功能可提高 Android 平台的安全性。</p> + +<p>我们建议所有用户都在自己的设备上接受这些更新。</p> +<h2 id="announcements">公告</h2> +<ul> +<li>本公告有两个安全补丁程序级别字符串,目的是让 Android 合作伙伴能够灵活地、更快速地修复所有 Android 设备上类似的一系列漏洞。如需了解详情,请参阅<a href="#common-questions-and-answers">常见问题和解答</a>: + <ul> + <li><strong>2017-05-01</strong>:部分安全补丁程序级别字符串。此安全补丁程序级别字符串表明与 2017-05-01(以及之前的所有安全补丁程序级别字符串)相关的所有问题均已得到解决。</li> + <li><strong>2017-05-05</strong>:完整的安全补丁程序级别字符串。此安全补丁程序级别字符串表明与 2017-05-01 和 2017-05-05(以及之前的所有安全补丁程序级别字符串)相关的所有问题均已得到解决。</li> +</ul> +</li> +<li>受支持的 Google 设备将收到一项安全补丁程序级别为 2017 年 5 月 5 日的 OTA 更新。</li> +</ul> + +<h2 id="mitigations">Android 和 Google 服务缓解措施</h2> + +<p>本部分总结了 <a href="/security/enhancements/index.html">Android 安全平台</a>和服务防护功能(如 SafetyNet)提供的缓解措施。这些功能可降低 Android 上的安全漏洞被成功利用的可能性。</p> + +<ul> +<li>新版 Android 平台中的增强功能让攻击者更加难以利用 Android 上存在的许多问题。我们建议所有用户都尽可能更新到最新版 Android。</li> +<li>Android 安全团队会积极利用<a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">“验证应用”和 SafetyNet</a> 来监控滥用行为,这些功能会在发现<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">可能有害的应用</a>时向用户发出警告。在预装有 <a href="http://www.android.com/gms">Google 移动服务</a>的设备上,“验证应用”在默认情况下处于启用状态。对于安装来自 Google Play 以外的应用的用户来说,这项功能尤为重要。虽然 Google Play 中禁止提供设备 Root 应用,但用户可能会尝试安装 Root 应用,而“验证应用”会在检测到这类应用(无论应用来自何处)时向用户发出警告。另外,“验证应用”会尝试识别并阻止用户安装会利用提权漏洞的已知恶意应用。如果用户已安装此类应用,那么“验证应用”将会通知用户并尝试移除所检测到的应用。</li> +<li>由于已做了适当更新,因此 Google 环聊和 Messenger 应用不会自动将媒体内容传递给 Mediaserver 这类进程。</li> +</ul> + +<h2 id="acknowledgements">致谢</h2> + +<p>非常感谢以下研究人员做出的贡献:</p> +<ul> +<li>Venustech 的 ADlab:CVE-2017-0630</li> +<li>腾讯科恩实验室 (<a href="https://twitter.com/keen_lab">@keen_lab</a>) 的 Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2016-10287</li> +<li>趋势科技的徐健:CVE-2017-0599、CVE-2017-0635</li> +<li><a href="http://www.ms509.com">MS509Team</a> 的 En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) 和 Bo Liu:CVE-2017-0601</li> +<li><a href="https://twrp.me/">Team Win Recovery Project</a> 的 Ethan Yonker:CVE-2017-0493</li> +<li>奇虎 360 科技有限公司 IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) 和 <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-10285、CVE-2016-10288、CVE-2016-10290、CVE-2017-0624、CVE-2017-0616、CVE-2017-0617、CVE-2016-10294、CVE-2016-10295、CVE-2016-10296</li> +<li>腾讯电脑管家的郑文选 (<a href="https://twitter.com/virtualseekers">@VirtualSeekers</a>):CVE-2017-0602</li> +<li><a href="http://tuncay2.web.engr.illinois.edu">伊利诺伊大学厄巴纳-尚佩恩分校</a>的 <a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz Seray Tuncay</a>:CVE-2017-0593</li> +<li>奇虎 360 科技有限公司 Alpha 团队的 Hao Chen 和 Guang Gong:CVE-2016-10283</li> +<li>小米公司的 Juhu Nie、Yang Cheng、Nan Li 和 Qiwu Huang:CVE-2016-10276</li> +<li><a href="https://github.com/michalbednarski">Michał Bednarski</a>:CVE-2017-0598</li> +<li>特斯拉产品安全团队的 Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0331、CVE-2017-0606</li> +<li><a href="mailto:jiych.guru@gmail.com">Niky1235</a> (<a href="https://twitter.com/jiych_guru">@jiych_guru</a>):CVE-2017-0603</li> +<li>阿里巴巴移动安全团队的 Peng Xiao、Chengming Yang、Ning You、Chao Yang 和 Yang Song:CVE-2016-10281、CVE-2016-10280</li> +<li><a href="https://alephsecurity.com/">Aleph 研究团队</a>的 Roee Hay (<a href="https://twitter.com/roeehay">@roeehay</a>):CVE-2016-10277</li> +<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2016-10274</li> +<li><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:segfault5514@gmail.com">Tong Lin</a>、<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> 和 Xuxian Jiang:CVE-2016-10291</li> +<li>Vasily Vasiliev:CVE-2017-0589</li> +<li><a href="http://www.trendmicro.com">趋势科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">移动威胁响应团队</a>的 V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0590、CVE-2017-0587、CVE-2017-0600</li> +<li>腾讯安全平台部门的 Xiling Gong:CVE-2017-0597</li> +<li>360 Marvel 团队的 Xingyuan Lin:CVE-2017-0627</li> +<li>阿里巴巴的王勇 (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>):CVE-2017-0588</li> +<li>奇虎 360 科技有限公司 IceSword 实验室的 Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>):CVE-2016-10289、CVE-2017-0465</li> +<li>奇虎 360 科技有限公司 Vulpecker 团队的 Yu Pan:CVE-2016-10282、CVE-2017-0615</li> +<li>奇虎 360 科技有限公司 Vulpecker 团队的 Yu Pan 和 Peide Zhang:CVE-2017-0618、CVE-2017-0625</li> +</ul> + +<h2 id="2017-05-01-details">2017-05-01 安全补丁程序级别 - 漏洞详情</h2> + +<p>我们在下面提供了 2017-05-01 补丁程序级别涵盖的每个安全漏洞的详细信息,其中包括问题描述、严重程度阐述以及一个包含 CVE、相关参考信息、严重程度、已更新的 Google 设备、已更新的 AOSP 版本(如果适用)及报告日期的表格。在适用的情况下,我们会将 Bug ID 链接到解决相应问题的公开更改记录(如 AOSP 代码更改列表)。如果某个 Bug 有多条相关的更改记录,我们还将通过 Bug ID 后面的数字链接到更多参考信息。</p> + +<h3 id="rce-in-mediaserver">Mediaserver 中的远程代码执行漏洞</h3> + +<p>系统在处理媒体文件和数据时,Mediaserver 中的远程代码执行漏洞可让攻击者使用特制文件破坏内存。由于该漏洞可用于通过 Mediaserver 进程执行远程代码,因此我们将其严重程度评为“严重”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0587</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/a86eb798d077b9b25c8f8c77e3c02c2f287c1ce7">A-35219737</a></td> + <td>严重</td> + <td>所有</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 4 日</td> + </tr> + <tr> + <td>CVE-2017-0588</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6f1d990ce0f116a205f467d9eb2082795e33872b">A-34618607</a></td> + <td>严重</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 21 日</td> + </tr> + <tr> + <td>CVE-2017-0589</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/bcfc7124f6ef9f1ec128fb2e90de774a5b33d199">A-34897036</a></td> + <td>严重</td> + <td>所有</td> + <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 1 日</td> + </tr> + <tr> + <td>CVE-2017-0590</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/45c97f878bee15cd97262fe7f57ecea71990fed7">A-35039946</a></td> + <td>严重</td> + <td>所有</td> + <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 6 日</td> + </tr> + <tr> + <td>CVE-2017-0591</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d">A-34097672</a></td> + <td>严重</td> + <td>所有</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>Google 内部</td> + </tr> + <tr> + <td>CVE-2017-0592</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/acc192347665943ca674acf117e4f74a88436922">A-34970788</a></td> + <td>严重</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>Google 内部</td> + </tr> +</tbody></table> + +<h3 id="eop-in-framework-apis">Framework API 中的提权漏洞</h3> + +<p>Framework API 中的提权漏洞可让本地恶意应用获取自定义权限。由于该漏洞允许全面深入地绕过将应用数据与其他应用分离开来的操作系统防护功能,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0593</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/78efbc95412b8efa9a44d573f5767ae927927d48">A-34114230</a></td> + <td>高</td> + <td>所有</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 5 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediaserver">Mediaserver 中的提权漏洞</h3> + +<p>Mediaserver 中的提权漏洞可让本地恶意应用通过特许进程执行任意代码。由于该漏洞可用于获取第三方应用通常无法获取的本地特权,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0594</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb">A-34617444</a></td> + <td>高</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 22 日</td> + </tr> + <tr> + <td>CVE-2017-0595</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34705519</a></td> + <td>高</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td> + <td>2017 年 1 月 24 日</td> + </tr> + <tr> + <td>CVE-2017-0596</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34749392</a></td> + <td>高</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td> + <td>2017 年 1 月 24 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-audioserver">Audioserver 中的提权漏洞</h3> + +<p>Audioserver 中的提权漏洞可让本地恶意应用通过特许进程执行任意代码。由于该漏洞可用于获取第三方应用通常无法获取的本地特权,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0597</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a9188f89179a7edd301abaf37d644adf5d647a04">A-34749571</a></td> + <td>高</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 25 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-framework-apis">Framework API 中的信息披露漏洞</h3> + +<p>Framework API 中的信息披露漏洞可让本地恶意应用绕过将应用数据与其他应用分离开来的操作系统防护功能。由于该漏洞可用于获取相应应用无法获取的数据,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0598</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> + <td>高</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 6 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver">Mediaserver 中的拒绝服务漏洞</h3> + +<p>Mediaserver 中的远程拒绝服务漏洞可让攻击者使用特制文件挂起或重新启动设备。由于该漏洞可用于远程发起拒绝服务攻击,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0599</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a1424724a00d62ac5efa0e27953eed66850d662f">A-34672748</a></td> + <td>高</td> + <td>所有</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 23 日</td> + </tr> + <tr> + <td>CVE-2017-0600</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0">A-35269635</a></td> + <td>高</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 10 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-bluetooth">蓝牙中的提权漏洞</h3> + +<p>蓝牙中的提权漏洞可能会让本地恶意应用在未经用户许可的情况下接受通过蓝牙分享的有害文件。由于该漏洞允许在本地绕过用户互动要求,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0601</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/667d2cbe3eb1450f273a4f6595ccef35e1f0fe4b">A-35258579</a></td> + <td>中</td> + <td>所有</td> + <td>7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 9 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-file-based-encryption">文件级加密中的信息披露漏洞</h3> + +<p>文件级加密中的信息披露漏洞可让本地恶意攻击者绕过用于锁定屏幕的操作系统防护功能。由于该漏洞可能会让有心人士绕过锁定屏幕,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0493</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>]</td> + <td>中</td> + <td>所有</td> + <td>7.0、7.1.1</td> + <td>2016 年 11 月 9 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-bluetooth">蓝牙中的信息披露漏洞</h3> + +<p>蓝牙中的信息披露漏洞可让本地恶意应用绕过将应用数据与其他应用分离开来的操作系统防护功能。根据该漏洞的具体细节,我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0602</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/a4875a49404c544134df37022ae587a4a3321647">A-34946955</a></td> + <td>中</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2016 年 12 月 5 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-openssl-&-boringssl">OpenSSL 和 BoringSSL 中的信息披露漏洞</h3> + +<p>OpenSSL 和 BoringSSL 中的信息披露漏洞可让远程攻击者获取敏感信息。根据该漏洞的具体细节,我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-7056</td> + <td><a href="https://android.googlesource.com/platform/external/boringssl/+/13179a8e75fee98740b5ce728752aa7294b3e32d">A-33752052</a></td> + <td>中</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2016 年 12 月 19 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-2">Mediaserver 中的拒绝服务漏洞</h3> + +<p>Mediaserver 中的拒绝服务漏洞可让攻击者使用特制文件挂起或重新启动设备。由于该漏洞只能针对罕见的设备配置起作用,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0603</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/36b04932bb93cc3269279282686b439a17a89920">A-35763994</a></td> + <td>中</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-3">Mediaserver 中的拒绝服务漏洞</h3> + +<p>Mediaserver 中的远程拒绝服务漏洞可让攻击者使用特制文件挂起或重新启动设备。根据该漏洞的具体细节,我们将其严重程度评为“低”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0635</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/523f6b49c1a2289161f40cf9fe80b92e592e9441">A-35467107</a></td> + <td>低</td> + <td>所有</td> + <td>7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 16 日</td> + </tr> +</tbody></table> + +<h2 id="2017-05-05-details">2017-05-05 安全补丁程序级别 - 漏洞详情</h2> + +<p>我们在下面提供了 2017-05-05 补丁程序级别涵盖的每个安全漏洞的详细信息,其中包括问题描述、严重程度阐述以及一个包含 CVE、相关参考信息、严重程度、已更新的 Google 设备、已更新的 AOSP 版本(如果适用)及报告日期的表格。在适用的情况下,我们会将 Bug ID 链接到解决相应问题的公开更改记录(如 AOSP 代码更改列表)。如果某个 Bug 有多条相关的更改记录,我们还将通过 Bug ID 后面的数字链接到更多参考信息。</p> + +<h3 id="rce-in-giflib">GIFLIB 中的远程代码执行漏洞</h3> + +<p>系统在处理媒体文件和数据时,GIFLIB 中的远程代码执行漏洞可让攻击者使用特制文件破坏内存。由于该漏洞可用于通过 Mediaserver 进程执行远程代码,因此我们将其严重程度评为“严重”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2015-7555</td> + <td><a href="https://android.googlesource.com/platform/external/giflib/+/dc07290edccc2c3fc4062da835306f809cea1fdc">A-34697653</a></td> + <td>严重</td> + <td>所有</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2016 年 4 月 13 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-touchscreen-driver">MediaTek 触摸屏驱动程序中的提权漏洞</h3> + +<p>MediaTek 触摸屏驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10274</td> + <td>A-30202412*<br />M-ALPS02897901</td> + <td>严重</td> + <td>无**</td> + <td>2016 年 7 月 16 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="eop-in-qualcomm-bootloader">Qualcomm 引导加载程序中的提权漏洞</h3> + +<p>Qualcomm 引导加载程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10275</td> + <td>A-34514954<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=1a0a15c380e11fc46f8d8706ea5ae22b752bdd0b">QC-CR#1009111</a></td> + <td>严重</td> + <td>Nexus 5X、Nexus 6、Pixel、Pixel XL、Android One</td> + <td>2016 年 9 月 13 日</td> + </tr> + <tr> + <td>CVE-2016-10276</td> + <td>A-32952839<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=5dac431748027e8b50a5c4079967def4ea53ad64">QC-CR#1094105</a></td> + <td>严重</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td> + <td>2016 年 11 月 16 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-sound-subsystem">内核声音子系统中的提权漏洞</h3> + +<p>内核声音子系统中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-9794</td> + <td>A-34068036<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=a27178e05b7c332522df40904f27674e36ee3757">上游内核</a></td> + <td>严重</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2016 年 12 月 3 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-motorola-bootloader">Motorola 引导加载程序中的提权漏洞</h3> + +<p>Motorola 引导加载程序中的提权漏洞可让本地恶意应用通过引导加载程序执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10277</td> + <td>A-33840490*<br /> + </td> + <td>严重</td> + <td>Nexus 6</td> + <td>2016 年 12 月 21 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="eop-in-nvidia-video-driver">NVIDIA 视频驱动程序中的提权漏洞</h3> + +<p>NVIDIA 视频驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0331</td> + <td>A-34113000*<br />N-CVE-2017-0331</td> + <td>严重</td> + <td>Nexus 9</td> + <td>2017 年 1 月 4 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="eop-in-qualcomm-power-driver">Qualcomm 电源驱动程序中的提权漏洞</h3> + +<p>内核 Qualcomm 电源驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0604</td> + <td>A-35392981<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6975e2dd5f37de965093ba3a8a08635a77a960f7">QC-CR#826589</a></td> + <td>严重</td> + <td>无*</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="eop-in-kernel-trace-subsystem">内核跟踪子系统中的提权漏洞</h3> + +<p>内核跟踪子系统中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞有可能会对本地设备造成永久性损害,而用户可能需要通过重写操作系统来修复设备,因此我们将其严重程度评为“严重”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0605</td> + <td>A-35399704<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477">QC-CR#1048480</a></td> + <td>严重</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 组件中的漏洞</h3> + +<p>下列漏洞会影响 Qualcomm 组件;此外,2016 年 8 月、9 月、10 月和 12 月的 Qualcomm AMSS 安全公告也对这些安全漏洞进行了详细说明。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10240</td> + <td>A-32578446**<br />QC-CR#955710</td> + <td>严重</td> + <td>Nexus 6P</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2016-10241</td> + <td>A-35436149**<br />QC-CR#1068577</td> + <td>严重</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2016-10278</td> + <td>A-31624008**<br />QC-CR#1043004</td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2016-10279</td> + <td>A-31624421**<br />QC-CR#1031821</td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>Qualcomm 内部</td> + </tr> +</tbody></table> + +<p>* 这些漏洞的严重程度评级由供应商决定。</p> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>*** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="rce-in-libxml2">libxml2 中的远程代码执行漏洞</h3> + +<p>libxml2 中的远程代码执行漏洞可让攻击者使用特制文件通过非特许进程执行任意代码。由于该漏洞可用于在使用此库的应用中执行远程代码,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>已更新的 AOSP 版本</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-5131</td> + <td>A-32956747*</td> + <td>高</td> + <td>无**</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0</td> + <td>2016 年 7 月 23 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="eop-in-mediatek-thermal-driver">MediaTek 热驱动程序中的提权漏洞</h3> + +<p>MediaTek 热驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10280</td> + <td>A-28175767*<br />M-ALPS02696445</td> + <td>高</td> + <td>无**</td> + <td>2016 年 4 月 11 日</td> + </tr> + <tr> + <td>CVE-2016-10281</td> + <td>A-28175647*<br />M-ALPS02696475</td> + <td>高</td> + <td>无**</td> + <td>2016 年 4 月 11 日</td> + </tr> + <tr> + <td>CVE-2016-10282</td> + <td>A-33939045*<br />M-ALPS03149189</td> + <td>高</td> + <td>无**</td> + <td>2016 年 12 月 27 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm WLAN 驱动程序中的提权漏洞</h3> + +<p>Qualcomm WLAN 驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10283</td> + <td>A-32094986<br /> + <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=93863644b4547324309613361d70ad9dc91f8dfd">QC-CR#2002052</a></td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL、Android One</td> + <td>2016 年 10 月 11 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-video-driver">Qualcomm 视频驱动程序中的提权漏洞</h3> + +<p>Qualcomm 视频驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10284</td> + <td>A-32402303*<br />QC-CR#2000664</td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 10 月 24 日</td> + </tr> + <tr> + <td>CVE-2016-10285</td> + <td>A-33752702<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67dfd3a65336e0b3f55ee83d6312321dc5f2a6f9">QC-CR#1104899</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 12 月 19 日</td> + </tr> + <tr> + <td>CVE-2016-10286</td> + <td>A-35400904<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=5d30a3d0dc04916ddfb972bfc52f8e636642f999">QC-CR#1090237</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="eop-in-kernel-performance-subsystem">内核效能子系统中的提权漏洞</h3> + +<p>内核效能子系统中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2015-9004</td> + <td>A-34515362<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511">上游内核</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2016 年 11 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-driver">Qualcomm 声音驱动程序中的提权漏洞</h3> + +<p>Qualcomm 声音驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10287</td> + <td>A-33784446<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=937bc9e644180e258c68662095861803f7ba4ded">QC-CR#1112751</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 12 月 20 日</td> + </tr> + <tr> + <td>CVE-2017-0606</td> + <td>A-34088848<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=d3237316314c3d6f75a58192971f66e3822cd250">QC-CR#1116015</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 1 月 3 日</td> + </tr> + <tr> + <td>CVE-2016-5860</td> + <td>A-34623424<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=9f91ae0d7203714fc39ae78e1f1c4fd71ed40498">QC-CR#1100682</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 1 月 22 日</td> + </tr> + <tr> + <td>CVE-2016-5867</td> + <td>A-35400602<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5">QC-CR#1095947</a></td> + <td>高</td> + <td>无*</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0607</td> + <td>A-35400551<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b003c8d5407773d3aa28a48c9841e4c124da453d">QC-CR#1085928</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0608</td> + <td>A-35400458<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b66f442dd97c781e873e8f7b248e197f86fd2980">QC-CR#1098363</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0609</td> + <td>A-35399801<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=38a83df036084c00e8c5a4599c8ee7880b4ee567">QC-CR#1090482</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2016-5859</td> + <td>A-35399758<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=97fdb441a9fb330a76245e473bc1a2155c809ebe">QC-CR#1096672</a></td> + <td>高</td> + <td>无*</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0610</td> + <td>A-35399404<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=65009746a6e649779f73d665934561ea983892fe">QC-CR#1094852</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0611</td> + <td>A-35393841<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=1aa5df9246557a98181f03e98530ffd509b954c8">QC-CR#1084210</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2016-5853</td> + <td>A-35392629<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a8f3b894de319718aecfc2ce9c691514696805be">QC-CR#1102987</a></td> + <td>高</td> + <td>无*</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="eop-in-qualcomm-led-driver">Qualcomm LED 驱动程序中的提权漏洞</h3> + +<p>Qualcomm LED 驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10288</td> + <td>A-33863909<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=db2cdc95204bc404f03613d5dd7002251fb33660">QC-CR#1109763</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 12 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-crypto-driver">Qualcomm 加密驱动程序中的提权漏洞</h3> + +<p>Qualcomm 加密驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10289</td> + <td>A-33899710<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a604e6f3889ccc343857532b63dea27603381816">QC-CR#1116295</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 12 月 24 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-shared-memory-driver">Qualcomm 共享内存驱动程序中的提权漏洞</h3> + +<p>Qualcomm 共享内存驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10290</td> + <td>A-33898330<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49">QC-CR#1109782</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td> + <td>2016 年 12 月 24 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-slimbus-driver">Qualcomm Slimbus 驱动程序中的提权漏洞</h3> + +<p>Qualcomm Slimbus 驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10291</td> + <td>A-34030871<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a225074c0494ca8125ca0ac2f9ebc8a2bd3612de">QC-CR#986837</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Android One</td> + <td>2016 年 12 月 31 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC 驱动程序中的提权漏洞</h3> + +<p>Qualcomm ADSPRPC 驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0465</td> + <td>A-34112914<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=3823f0f8d0bbbbd675a42a54691f4051b3c7e544">QC-CR#1110747</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 1 月 5 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm 安全执行环境通讯器驱动程序中的提权漏洞</h3> + +<p>Qualcomm 安全执行环境通讯器驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0612</td> + <td>A-34389303<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=05efafc998dc86c3b75af9803ca71255ddd7a8eb">QC-CR#1061845</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 1 月 10 日</td> + </tr> + <tr> + <td>CVE-2017-0613</td> + <td>A-35400457<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b108c651cae9913da1ab163cb4e5f7f2db87b747">QC-CR#1086140</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0614</td> + <td>A-35399405<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=fc2ae27eb9721a0ce050c2062734fec545cda604">QC-CR#1080290</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-power-driver">MediaTek 电源驱动程序中的提权漏洞</h3> + +<p>MediaTek 电源驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0615</td> + <td>A-34259126*<br />M-ALPS03150278</td> + <td>高</td> + <td>无**</td> + <td>2017 年 1 月 12 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="eop-in-mediatek-system-management-interrupt-driver">MediaTek 系统管理中断驱动程序中的提权漏洞</h3> + +<p>MediaTek 系统管理中断驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0616</td> + <td>A-34470286*<br />M-ALPS03149160</td> + <td>高</td> + <td>无**</td> + <td>2017 年 1 月 19 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="eop-in-mediatek-video-driver">MediaTek 视频驱动程序中的提权漏洞</h3> + +<p>MediaTek 视频驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0617</td> + <td>A-34471002*<br />M-ALPS03149173</td> + <td>高</td> + <td>无**</td> + <td>2017 年 1 月 19 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="eop-in-mediatek-command-queue-driver">MediaTek 命令队列驱动程序中的提权漏洞</h3> + +<p>MediaTek 命令队列驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0618</td> + <td>A-35100728*<br />M-ALPS03161536</td> + <td>高</td> + <td>无**</td> + <td>2017 年 2 月 7 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="eop-in-qualcomm-pin-controller-driver">Qualcomm PIN 码控制器驱动程序中的提权漏洞</h3> + +<p>Qualcomm PIN 码控制器驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0619</td> + <td>A-35401152<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.14/commit/?id=72f67b29a9c5e6e8d3c34751600c749c5f5e13e1">QC-CR#826566</a></td> + <td>高</td> + <td>Nexus 6、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-channel-manager-driver">Qualcomm 安全通道管理器驱动程序中的提权漏洞</h3> + +<p>Qualcomm 安全通道管理器驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0620</td> + <td>A-35401052<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=01b2c9a5d728ff6f2f1f28a5d4e927aaeabf56ed">QC-CR#1081711</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-codec-driver">Qualcomm 声音编解码器驱动程序中的提权漏洞</h3> + +<p>Qualcomm 声音编解码器驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-5862</td> + <td>A-35399803<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04">QC-CR#1099607</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-voltage-regulator-driver">内核电压调节器驱动程序中的提权漏洞</h3> + +<p>内核电压调节器驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2014-9940</td> + <td>A-35399757<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba">上游内核</a></td> + <td>高</td> + <td>Nexus 6、Nexus 9、Pixel C、Android One、Nexus Player</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-camera-driver">Qualcomm 相机驱动程序中的提权漏洞</h3> + +<p>Qualcomm 相机驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0621</td> + <td>A-35399703<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=9656e2c2b3523af20502bf1e933e35a397f5e82f">QC-CR#831322</a></td> + <td>高</td> + <td>Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-networking-driver">Qualcomm 网络驱动程序中的提权漏洞</h3> + +<p>Qualcomm 网络驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-5868</td> + <td>A-35392791<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c">QC-CR#1104431</a></td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-networking-subsystem">内核网络子系统中的提权漏洞</h3> + +<p>内核网络子系统中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-7184</td> + <td>A-36565222<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a">上游内核</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df">[2]</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Android One</td> + <td>2017 年 3 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-goodix-touchscreen-driver">Goodix 触摸屏驱动程序中的提权漏洞</h3> + +<p>Goodix 触摸屏驱动程序中的提权漏洞可让本地恶意应用通过内核执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0622</td> + <td>A-32749036<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=40efa25345003a96db34effbd23ed39530b3ac10">QC-CR#1098602</a></td> + <td>高</td> + <td>Android One</td> + <td>Google 内部</td> + </tr> +</tbody></table> + +<h3 id="eop-in-htc-bootloader">HTC 引导加载程序中的提权漏洞</h3> + +<p>HTC 引导加载程序中的提权漏洞可让本地恶意应用通过引导加载程序执行任意代码。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0623</td> + <td>A-32512358*<br /> + </td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>Google 内部</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm WLAN 驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm WLAN 驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞可用于在未经用户明确许可的情况下获取敏感数据,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0624</td> + <td>A-34327795*<br />QC-CR#2005832</td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL</td> + <td>2017 年 1 月 16 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="id-in-mediatek-command-queue-driver">MediaTek 命令队列驱动程序中的信息披露漏洞</h3> + +<p>MediaTek 命令队列驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞可用于在未经用户明确许可的情况下获取敏感数据,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0625</td> + <td>A-35142799*<br />M-ALPS03161531</td> + <td>高</td> + <td>无**</td> + <td>2017 年 2 月 8 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="id-in-qualcomm-crypto-engine-driver">Qualcomm 加密引擎驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm 加密引擎驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞可用于在未经用户明确许可的情况下获取敏感数据,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0626</td> + <td>A-35393124<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=64551bccab9b5b933757f6256b58f9ca0544f004">QC-CR#1088050</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-qualcomm-wi-fi-driver">Qualcomm WLAN 驱动程序中的拒绝服务漏洞</h3> + +<p>Qualcomm WLAN 驱动程序中的拒绝服务漏洞可让邻近区域内的攻击者通过 WLAN 子系统导致拒绝服务。由于该漏洞可用于远程发起拒绝服务攻击,因此我们将其严重程度评为“高”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10292</td> + <td>A-34514463*<br />QC-CR#1065466</td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL</td> + <td>2016 年 12 月 16 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="id-in-kernel-uvc-driver">内核 UVC 驱动程序中的信息披露漏洞</h3> + +<p>内核 UVC 驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0627</td> + <td>A-33300353*<br /> + </td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Nexus 9、Pixel C、Nexus Player</td> + <td>2016 年 12 月 2 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="id-in-qualcomm-video-driver">Qualcomm 视频驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm 视频驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10293</td> + <td>A-33352393<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2469d5374745a2228f774adbca6fb95a79b9047f">QC-CR#1101943</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Android One</td> + <td>2016 年 12 月 4 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-power-driver-(device-specific)">Qualcomm 电源驱动程序中的信息披露漏洞(特定于设备)</h3> + +<p>Qualcomm 电源驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10294</td> + <td>A-33621829<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e9bc51ffb8a298f0be5befe346762cdb6e1d49c">QC-CR#1105481</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td> + <td>2016 年 12 月 14 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-led-driver">Qualcomm LED 驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm LED 驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10295</td> + <td>A-33781694<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f11ae3df500bc2a093ddffee6ea40da859de0fa9">QC-CR#1109326</a></td> + <td>中</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 12 月 20 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-shared-memory-driver">Qualcomm 共享内存驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm 共享内存驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-10296</td> + <td>A-33845464<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49">QC-CR#1109782</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 12 月 22 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver">Qualcomm 相机驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm 相机驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0628</td> + <td>A-34230377<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f">QC-CR#1086833</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Pixel、Pixel XL</td> + <td>2017 年 1 月 10 日</td> + </tr> + <tr> + <td>CVE-2017-0629</td> + <td>A-35214296<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f">QC-CR#1086833</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Pixel、Pixel XL</td> + <td>2017 年 2 月 8 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-kernel-trace-subsystem">内核跟踪子系统中的信息披露漏洞</h3> + +<p>内核跟踪子系统中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0630</td> + <td>A-34277115*<br /> + </td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2017 年 1 月 11 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="id-in-qualcomm-sound-codec-driver">Qualcomm 声音编解码器驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm 声音编解码器驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-5858</td> + <td>A-35400153<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711">QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6">[2]</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver-2">Qualcomm 相机驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm 相机驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0631</td> + <td>A-35399756<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=8236d6ebc7e26361ca7078cbeba01509f10941d8">QC-CR#1093232</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-sound-driver">Qualcomm 声音驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm 声音驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-5347</td> + <td>A-35394329<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=f14390f13e62460fc6b05fc0acde0e825374fdb6">QC-CR#1100878</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-spcom-driver">Qualcomm SPCom 驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm SPCom 驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2016-5854</td> + <td>A-35392792<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=28d23d4d7999f683b27b6e0c489635265b67a4c9">QC-CR#1092683</a></td> + <td>中</td> + <td>无*</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2016-5855</td> + <td>A-35393081<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a5edb54e93ba85719091fe2bc426d75fa7059834">QC-CR#1094143</a></td> + <td>中</td> + <td>无*</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h3 id="id-in-qualcomm-sound-codec-driver-2">Qualcomm 声音编解码器驱动程序中的信息披露漏洞</h3> + +<p>Qualcomm 声音编解码器驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0632</td> + <td>A-35392586<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=970d6933e53c1f7ca8c8b67f49147b18505c3b8f">QC-CR#832915</a></td> + <td>中</td> + <td>Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-broadcom-wi-fi-driver">Broadcom WLAN 驱动程序中的信息披露漏洞</h3> + +<p>Broadcom WLAN 驱动程序中的信息披露漏洞可让本地恶意组件获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0633</td> + <td>A-36000515*<br />B-RB#117131</td> + <td>中</td> + <td>Nexus 6、Nexus 6P、Nexus 9、Pixel C、Nexus Player</td> + <td>2017 年 2 月 23 日</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="id-in-synaptics-touchscreen-driver">Synaptics 触摸屏驱动程序中的信息披露漏洞</h3> + +<p>Synaptics 触摸屏驱动程序中的信息披露漏洞可让本地恶意应用获取超出其权限范围的数据。由于该漏洞需要先破坏特许进程,因此我们将其严重程度评为“中”。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2017-0634</td> + <td>A-32511682*<br /> + </td> + <td>中</td> + <td>Pixel、Pixel XL</td> + <td>Google 内部</td> + </tr> +</tbody></table> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<h3 id="vulnerabilities-in-qualcomm-components-2">Qualcomm 组件中的漏洞</h3> + +<p>下列影响 Qualcomm 组件的漏洞已包含在 2014-2016 年发布的 Qualcomm AMSS 安全公告内容中。此 Android 安全公告中也包含这些漏洞,旨在将其修复方案与 Android 安全补丁程序级别建立关联。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>参考信息</th> + <th>严重程度</th> + <th>已更新的 Google 设备</th> + <th>报告日期</th> + </tr> + <tr> + <td>CVE-2014-9923</td> + <td>A-35434045**<br />QC-CR#403910</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9924</td> + <td>A-35434631**<br />QC-CR#596102</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9925</td> + <td>A-35444657**<br />QC-CR#638130</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9926</td> + <td>A-35433784**<br />QC-CR#631527</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9927</td> + <td>A-35433785**<br />QC-CR#661111</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9928</td> + <td>A-35438623**<br />QC-CR#696972</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9929</td> + <td>A-35443954**<br />QC-CR#644783</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9930</td> + <td>A-35432946**<br />QC-CR#634637</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2015-9005</td> + <td>A-36393500**<br />QC-CR#741548</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2015-9006</td> + <td>A-36393450**<br />QC-CR#750559</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2015-9007</td> + <td>A-36393700**<br />QC-CR#807173</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2016-10297</td> + <td>A-36393451**<br />QC-CR#1061123</td> + <td>严重</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9941</td> + <td>A-36385125**<br />QC-CR#509915</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9942</td> + <td>A-36385319**<br />QC-CR#533283</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9943</td> + <td>A-36385219**<br />QC-CR#546527</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9944</td> + <td>A-36384534**<br />QC-CR#613175</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9945</td> + <td>A-36386912**<br />QC-CR#623452</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9946</td> + <td>A-36385281**<br />QC-CR#520149</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9947</td> + <td>A-36392400**<br />QC-CR#650540</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9948</td> + <td>A-36385126**<br />QC-CR#650500</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9949</td> + <td>A-36390608**<br />QC-CR#652426</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9950</td> + <td>A-36385321**<br />QC-CR#655530</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9951</td> + <td>A-36389161**<br />QC-CR#525043</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> + <tr> + <td>CVE-2014-9952</td> + <td>A-36387019**<br />QC-CR#674836</td> + <td>高</td> + <td>无***</td> + <td>Qualcomm 内部</td> + </tr> +</tbody></table> + +<p>* 这些漏洞的严重程度评级由供应商决定。</p> + +<p>* 针对该问题的补丁程序未公开发布。<a href="https://developers.google.com/android/nexus/drivers">Google Developers 网站</a>上提供的 Nexus 设备的最新二进制驱动程序中包含相应更新。</p> + +<p>*** 搭载 Android 7.1.1(或更高版本)且已安装所有可用更新的受支持的 Google 设备不受此漏洞的影响。</p> + +<h2 id="common-questions-and-answers">常见问题和解答</h2> +<p>本部分针对阅读本公告后可能产生的常见问题提供了相应的解答。</p> + +<p><strong>1. 如何确定我的设备是否已更新到解决了这些问题的版本? +</strong></p> + +<p>要了解如何检查设备的安全补丁程序级别,请阅读 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 和 Nexus 更新时间表</a>中的说明。</p> + +<ul> +<li>2017-05-01(或之后)的安全补丁程序级别解决了与 2017-05-01 安全补丁程序级别相关的所有问题。</li> +<li>2017-05-05(或之后)的安全补丁程序级别解决了与 2017-05-05 安全补丁程序级别以及之前的所有补丁程序级别相关的所有问题。 +</li> +</ul> + +<p>提供这些更新的设备制造商应将补丁程序字符串级别设为:</p> +<ul> +<li>[ro.build.version.security_patch]:[2017-05-01]</li> +<li>[ro.build.version.security_patch]:[2017-05-05]</li> +</ul> + +<p><strong>2. 为何此公告有 2 个安全补丁程序级别?</strong></p> + +<p>本公告有 2 个安全补丁程序级别,目的是让 Android 合作伙伴能够灵活地、更快速地修复所有 Android 设备上类似的一系列漏洞。我们建议 Android 合作伙伴修复本公告中的所有问题并使用最新的安全补丁程序级别。</p> +<ul> +<li>使用 2017 年 5 月 1 日安全补丁程序级别的设备必须包含该安全补丁程序级别对应的所有问题的修复方案,以及针对之前的安全公告中报告的所有问题的修复方案。</li> +<li>使用 2017 年 5 月 5 日或更新的安全补丁程序级别的设备必须包含此(以及之前的)安全公告中的所有适用补丁程序。</li> +</ul> + +<p>我们建议合作伙伴在一次更新中汇总要解决的所有问题的修复方案。</p> + +<p><strong>3. 如何确定各个问题都会影响哪些 Google 设备?</strong></p> + +<p>在 <a href="#2017-05-01-details">2017-05-01</a> 和 <a href="#2017-05-05-details">2017-05-05</a> 安全漏洞详情部分,每个表均包含“已更新的 Google 设备”列,其中列出了已针对每个问题更新过的受影响的 Google 设备系列。<em></em>此列有以下几种情形:</p> +<ul> +<li><strong>所有 Google 设备</strong>:如果某个问题会影响所有 Nexus 和 Pixel 设备,则相应表的“已更新的 Google 设备”列中会显示“所有”。<em></em>“所有”包含下列<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">受支持的设备</a>:Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Android One、Nexus Player、Pixel C、Pixel 和 Pixel XL。</li> +<li><strong>部分 Google 设备</strong>:如果某个问题仅会影响部分 Google 设备,则“已更新的 Google 设备”列中会列出受影响的 Google 设备。<em></em></li> +<li><strong>无 Google 设备</strong>:如果某个问题不会影响任何运行 Android 7.0 的 Google 设备,则相应表的“已更新的 Google 设备”列中会显示“无”。<em></em></li> +</ul> +<p><strong>4.“参考信息”列中的条目对应的是什么内容?</strong></p> + +<p>漏洞详情表的“参考信息”列中的条目可能包含用于标识参考值所属组织的前缀。<em></em>这些前缀的含义如下:</p> + +<table> + <tbody><tr> + <th>前缀</th> + <th>参考信息</th> + </tr> + <tr> + <td>A-</td> + <td>Android Bug ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm 参考编号</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek 参考编号</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA 参考编号</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom 参考编号</td> + </tr> +</tbody></table> +<h2 id="revisions">修订版本</h2> +<ul> +<li>2017 年 5 月 1 日:发布了本公告。</li> +<li>2017 年 5 月 2 日:修订了本公告,添加了 AOSP 链接。</li> +</ul> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/security/encryption/file-based.html b/zh-cn/security/encryption/file-based.html new file mode 100644 index 00000000..ce93f0e5 --- /dev/null +++ b/zh-cn/security/encryption/file-based.html @@ -0,0 +1,224 @@ +<html devsite><head> + <title>文件级加密</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>Android 7.0 及更高版本支持文件级加密 (FBE)。采用文件级加密时,可以使用不同的密钥对不同的文件进行加密,并且可以对这些文件进行单独解密。 +</p> +<p>本文介绍了如何在新设备上启用文件级加密,以及如何更新系统应用,以充分利用新的 Direct Boot API 并尽可能为用户提供最佳、最安全的体验。 +</p> +<h2 id="direct-boot">直接启动</h2> +<p>借助文件级加密,Android 7.0 中引入了一项称为<a href="https://developer.android.com/training/articles/direct-boot.html">直接启动</a>的新功能。该功能处于启用状态时,已加密设备在启动后将直接进入锁定屏幕。之前,在使用<a href="full-disk.html">全盘加密</a> (FDE) 的已加密设备上,用户在访问任何数据之前都需要先提供凭据,从而导致手机无法执行除最基本操作之外的所有其他操作。例如,闹钟无法运行,无障碍服务不可用,手机无法接电话,而只能进行基本的紧急拨号操作。 +</p> +<p>引入文件级加密 (FBE) 和新 API 后,便可以将应用设为加密感知型应用,这样一来,它们将能够在受限环境中运行。这些应用将可以在用户提供凭据之前运行,同时系统仍能保护私密用户信息。 +</p> +<p>在启用了 FBE 的设备上,每位用户均有两个可供应用使用的存储位置:</p> +<ul> + <li>凭据加密 (CE) 存储空间:这是默认存储位置,只有在用户解锁设备后才可用。</li> + <li>设备加密 (DE) 存储空间:在直接启动模式期间以及用户解锁设备后均可用。</li> +</ul> +<p>这种区分能够使工作资料更加安全,因为这样一来,加密不再只基于启动时密码,从而能够同时保护多位用户。 +</p> +<p>Direct Boot API 允许加密感知型应用访问上述每个区域。应用生命周期会发生一些变化,以便在用户的 CE 存储空间因用户在锁定屏幕上首次输入凭据而解锁时,或者在工作资料提供<a href="https://developer.android.com/about/versions/nougat/android-7.0.html#android_for_work">工作挑战</a>时,通知应用。<em></em>无论是否实现了 FBE,运行 Android 7.0 的设备都必须要支持这些新的 API 和生命周期。不过,如果没有 FBE,DE 和 CE 存储空间将始终处于解锁状态。 +</p> +<p>Android 开放源代码项目 (AOSP) 中提供了 EXT4 文件系统中的文件级加密的完整实现。在满足相关要求的设备上,只需启用该实现即可使用该功能。选择使用 FBE 的制造商可能想要了解根据所用系统芯片 (SoC) 优化该功能的方法。 +</p> +<p>AOSP 中的所有必要程序包均已更新为直接启动感知型程序包。不过,如果设备制造商使用的是这些应用的定制版本,则需要确保至少存在能够提供以下服务的直接启动感知型程序包:</p> + +<ul> +<li>电话服务和拨号器</li><li>用于在锁定屏幕中输入密码的输入法</li></ul> + +<h2 id="examples-and-source">示例和源代码</h2> + +<p>Android 提供了文件级加密的参考实现,其中 vold (system/vold) 负责提供用于管理 Android 上的存储设备和存储卷的功能。添加 PDE 会为 vold 提供一些新命令,以便支持对多位用户的 CE 密钥和 DE 密钥进行密钥管理。除了为使用内核中的 <a href="#kernel-support">EXT4 加密</a>功能而进行的核心更改外,许多系统程序包(包括锁定屏幕和 SystemUI)也经过了修改,以支持 FBE 和“直接启动”功能。其中包括:</p> + +<ul> +<li>AOSP 拨号器 (packages/apps/Dialer)</li><li>桌面时钟 (packages/apps/DeskClock)</li><li>LatinIME (packages/inputmethods/LatinIME)*</li><li>“设置”应用 (packages/apps/Settings)*</li><li>SystemUI (frameworks/base/packages/SystemUI)*</li></ul> +<p> +<em>*使用 <code><a href="#supporting-direct-boot-in-system-applications">defaultToDeviceProtectedStorage</a></code> 清单属性的系统应用</em> +</p> +<p>通过在 AOSP 源代码树的框架或程序包目录中运行 <code>mangrep directBootAware</code> 命令,可以找到更多加密感知型应用和服务的示例。 +</p> +<h2 id="dependencies">依赖关系</h2> +<p>要安全地使用 AOSP 提供的 FBE 实现,设备需要满足以下依赖关系:</p> + +<ul> +<li>对 EXT4 加密的<strong>内核支持</strong>(内核配置选项:EXT4_FS_ENCRYPTION)</li><li>基于 1.0 或 2.0 版 HAL 的 <strong><a href="/security/keystore/index.html">Keymaster 支持</a></strong>。不支持 Keymaster 0.3,因为它既不提供必要的功能,也不能保证为加密密钥提供充分保护。 +</li><li>必须在<a href="/security/trusty/index.html">可信执行环境</a> (TEE) 中实现 <strong>Keymaster/<a href="/security/keystore/index.html">Keystore</a> 和 Gatekeeper</strong>,以便为 DE 密钥提供保护,从而使未经授权的操作系统(刷到设备上的定制操作系统)无法直接请求 DE 密钥。 +</li><li>内核<strong>加密性能</strong>必须要在使用 AES XTS 时至少达到 50MB/s,以确保良好的用户体验。 +</li><li><strong>硬件信任根</strong>和<strong>验证启动</strong>需要绑定到 Keymaster 初始化进程,以确保未经授权的操作系统无法获取设备加密凭据。</li> +</ul> + +<p class="note"> +<strong>注意</strong>:存储政策会应用到文件夹及其所有子文件夹。对于以未加密形式存入 OTA 文件夹以及存入系统解密密钥存放文件夹的内容,制造商应加以限制。大多数内容都应存放在凭据加密存储空间(而非设备加密存储空间)内。 +</p> + +<h2 id="implementation">实现</h2> +<p>最重要的一点是,应根据<a href="https://developer.android.com/training/articles/direct-boot.html">直接启动</a>开发者文档将诸如闹钟、电话、无障碍功能等应用设为 android:directBootAware。 +</p> +<h3 id="kernel-support">内核支持</h3> +<p>AOSP 提供的文件级加密实现会用到 Linux 4.4 内核中的 EXT4 加密功能。推荐的解决方案是使用基于 4.4 或更高版本的内核。EXT4 加密还反向移植到了 Android 公共代码库内的 3.10 内核以及受支持的 Nexus 内核。 +</p> +<p>对于希望将该功能引入到其设备内核的设备制造商来说,AOSP 内核/公共 Git 代码库中的 android-3.10.y 分支可作为一个很好的着手点。不过,务必要在最新的稳定版 Linux 内核(目前是 <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/?id=refs/tags/v4.6">linux-4.6</a>)中应用 EXT4 和 JBD2 项目提供的最新补丁程序。Nexus 设备内核已经包含其中很多补丁程序。 +</p> +<table> + <tbody><tr> + <th>设备</th> + <th>内核</th> + </tr> + <tr> + <td>Android Common</td> + <td><strong>kernel/common</strong> android-3.10.y (<a href="https://android.googlesource.com/kernel/common/+/android-3.10.y">Git</a>)</td> + </tr> + <tr> + <td>Nexus 5X (bullhead)</td> + <td><strong>kernel/msm</strong> android-msm-bullhead-3.10-n-preview-2 (<a href="https://android.googlesource.com/kernel/msm/+/android-msm-bullhead-3.10-n-preview-2">Git</a>)</td> + </tr> + <tr> + <td>Nexus 6P (angler)</td> + <td><strong>kernel/msm</strong> android-msm-angler-3.10-n-preview-2 (<a href="https://android.googlesource.com/kernel/msm/+/android-msm-angler-3.10-n-preview-2">Git</a>)</td> + </tr> +</tbody></table> +<p>请注意,以上每个内核都使用了到 3.10 的反向移植。Linux 3.18 中的 EXT4 和 JBD2 驱动程序已移植到基于 3.10 的现有内核中。由于内核各个部分之间存在依赖关系,因此这种反向移植会导致系统停止支持 Nexus 设备不使用的一些功能。其中包括:</p> + +<ul> +<li>EXT3 驱动程序,不过 EXT4 仍可以装载并使用 EXT3 文件系统</li><li>全局文件系统 (GFS) 支持</li><li>EXT4 中的 ACL 支持</li> +</ul> + +<p>除了对 EXT4 加密提供功能支持外,设备制造商还可以考虑实现加密加速功能,以便加快文件级加密的速度并改善用户体验。 +</p> +<h3 id="enabling-file-based-encryption">启用文件级加密</h3> +<p>通过将不带参数的 <code>fileencryption</code> 标记添加到 <code>userdata</code> 分区最后一列的 <code>fstab</code> 行中,可以启用 FBE。要查看示例,请访问 <a href="https://android.googlesource.com/device/lge/bullhead/+/nougat-release/fstab_fbe.bullhead">https://android.googlesource.com/device/lge/bullhead/+/nougat-release/fstab_fbe.bullhead</a> +</p> +<p>测试设备上的 FBE 实现情况时,可以指定以下标记:<code>forcefdeorfbe="<path/to/metadata/partition>"</code> +</p> +<p>此标记会将设备设为使用 FDE,但允许针对开发者转换为 FBE。默认情况下,此标记的行为类似于 <code>forceencrypt</code>,会使设备进入 FDE 模式。不过,它将提供一个调试选项,以便在开发者预览中允许将设备切换到 FBE 模式。另外,还可以使用以下命令在 fastboot 中启用 FBE:</p> +<p> +<code>$ fastboot --wipe-and-use-fbe</code> +</p> +<p>此标记仅用于开发目的,可提供一个在实际 FBE 设备发布之前演示 FBE 功能的平台。此标记在将来可能会被弃用。 +</p> +<h3 id="integrating-with-keymaster">与 Keymaster 集成</h3> +<p><code>vold</code> 负责处理密钥生成和内核密钥环管理工作。AOSP 的 FBE 实现要求设备支持 1.0 或更高版本的 Keymaster HAL。更低版本的 Keymaster HAL 不受支持。</p> +<p>首次启动时,在启动过程的早期阶段会生成并安装用户 0 的密钥。到 <code>init</code> 的 <code>on-post-fs</code> 阶段完成时,Keymaster 必须已做好处理请求的准备。在 Nexus 设备上,这是通过设置一个脚本块处理的:</p> + +<ul> +<li>确保 Keymaster 在 <code>/data</code> 装载之前启动</li><li>指定文件加密算法套件:AOSP 的文件级加密实现会用到采用 XTS 模式的 AES-256 算法<p class="note"> +<strong>注意</strong>:所有加密都基于采用 XTS 模式的 AES-256 算法。XTS 的定义方式决定了它需要两个 256 位密钥;因此实际上 CE 密钥和 DE 密钥都是 512 位密钥。 +</p> +</li> +</ul> + +<h3 id="encryption-policy">加密政策</h3> +<p>EXT4 加密在目录级应用加密政策。首次创建设备的 <code>userdata</code> 分区时,会由 <code>init</code> 脚本应用基本结构和政策。这些脚本将触发创建首位用户(用户 0)的 CE 密钥和 DE 密钥,并定义要使用这些密钥加密哪些目录。创建其他用户和资料时,会生成必要的其他密钥并将其存储在密钥代码库中;接下来会创建它们的凭据和设备存储位置,并且加密政策会将这些密钥关联到相应目录。 +</p> +<p>在 AOSP 当前提供的文件级加密实现中,加密政策被硬编码到了以下位置:</p> +<p> +<code>/system/extras/ext4_utils/ext4_crypt_init_extensions.cpp</code> +</p> +<p>可以在该文件中添加例外情况,以彻底防止特定目录被加密,具体方法是将相应目录添加到 <code>directories_to_exclude</code> 列表中。如果进行了此类修改,设备制造商应添加 <a href="/security/selinux/device-policy.html">SELinux 政策</a>,以便仅向需要使用未加密目录的应用授予访问权限(应排除所有不可信的应用)。 +</p> +<p>目前唯一可接受的使用这种方法的情况是在支持旧版 OTA 功能方面。 +</p> +<h3 id="supporting-direct-boot-in-system-applications">在系统应用中支持直接启动</h3> + +<h4 id="making-applications-direct-boot-aware">将应用设为直接启动感知型应用</h4> +<p>为了实现系统应用的快速迁移,新增了两个可在应用级别设置的属性。<code>defaultToDeviceProtectedStorage</code> 属性仅适用于系统应用,<code>directBootAware</code> 属性则适用于所有应用。 +</p> + +<pre> +<application + android:directBootAware="true" + android:defaultToDeviceProtectedStorage="true"> +</pre> + +<p>应用级别的 <code>directBootAware</code> 属性的含义是将相应应用中的所有组件均标记为加密感知型组件。 +</p> +<p><code>defaultToDeviceProtectedStorage</code> 属性用于将默认的应用存储位置重定向到 DE 存储空间(而非 CE 存储空间)。使用此标记的系统应用必须要仔细审核存储在默认位置的所有数据,并将敏感数据的路径更改为使用 CE 存储空间。使用此选项的设备制造商应仔细检查要存储的数据,以确保其中不含任何个人信息。 +</p> +<p>在这种模式下运行时,以下系统 API 可在需要时用于明确管理由 CE 存储空间支持的 Context(这些 API 与设备保护存储空间适用的同类 API 相对应)。 +</p> + +<ul> +<li><code>Context.createCredentialProtectedStorageContext()</code> +</li><li><code>Context.isCredentialProtectedStorage()</code></li> +</ul> +<h4 id="supporting-multiple-users">支持多位用户</h4> +<p>多用户环境中的每位用户均会获得一个单独的加密密钥。每位用户均会获得两个密钥:一个 DE 密钥和一个 CE 密钥。用户 0 由于是特殊用户,因此必须要先登录设备。这部分适用于使用<a href="/devices/tech/admin/index.html">设备管理功能</a>的情况。 +</p> +<p>加密感知型应用按照以下方式与各用户进行互动:<code>INTERACT_ACROSS_USERS</code> 和 <code>INTERACT_ACROSS_USERS_FULL</code> 允许应用与设备上的所有用户互动。不过,这些应用只能访问已解锁用户的 CE 加密目录。 +</p> +<p>应用或许能够与各个 DE 区域自由互动,但一位用户已解锁并不意味着设备上的所有用户均已解锁。应用在尝试访问这些区域之前,应先检查该状态。 +</p> +<p>每个工作资料用户 ID 也会获得两个密钥:一个 DE 密钥和一个 CE 密钥。当满足工作挑战时,资料用户会被解锁,并且 Keymaster(在 TEE 中)可以提供资料的 TEE 密钥。 +</p> +<h3 id="handling-updates">处理更新</h3> +<p>恢复分区无法访问用户数据分区中采用 DE 保护的存储空间。强烈建议实现 FBE 的设备支持新版 OTA 机制(采用即将推出的 A/B 系统更新方式)。由于可以在正常操作期间应用 OTA 更新,因此恢复分区无需访问已加密存储卷中的数据。 +</p> +<p>如果使用旧版 OTA 解决方案(该解决方案要求恢复分区访问用户数据分区中的 OTA 文件),则需要执行以下操作:</p> + +<ul> +<li>在用户数据分区中创建一个顶级目录(例如“misc_ne”)。 +</li><li>将该顶级目录添加到加密政策例外情况中(请参阅上文中的<a href="#encryption-policy">加密政策</a>)。 +</li><li>在该目录中创建一个用于存放 OTA 更新包的目录。 +</li><li>添加 SELinux 规则和文件环境,以便控制对该文件夹及其内容的访问。应当只有接收 OTA 更新的进程或应用能够对该文件夹进行读取和写入操作。 +</li><li>任何其他应用或进程都不应具有访问该文件夹的权限。</li> +</ul> + +<p>在该文件夹中创建一个目录,以便存放 OTA 更新包。 +</p> +<h2 id="validation">验证</h2> +<p>为了确保实现的 FBE 功能版本能够按预期工作,需要部署多种 <a href="https://android.googlesource.com/platform/cts/+/nougat-cts-release/hostsidetests/appsecurity/src/android/appsecurity/cts/DirectBootHostTest.java">CTS 加密测试</a>。 +</p> +<p>可以顺利为您的主板编译内核后,请另行为 x86 编译内核并在 QEMU 下运行该内核,然后您就可以使用以下命令通过 <a hre="https://git.kernel.org/cgit/fs/ext2/xfstests-bld.git/plain/quick-start?h=META">xfstest</a> 进行测试了:</p> +<pre> +$ kvm-xfstests -c encrypt -g auto +</pre> +<p>此外,设备制造商可以在启用了 FBE 的设备上进行以下手动测试:</p> + +<ul> + <li>检查 <code>ro.crypto.state</code> 是否存在<ul> + <li>确认 <code>ro.crypto.state</code> 是否已加密</li> + </ul> + </li> + <li>检查 <code>ro.crypto.type</code> 是否存在<ul> + <li>确认 <code>ro.crypto.type</code> 是否已设为 <code>file</code></li> + </ul> + </li> +</ul> + +<p>此外,测试人员可以在主用户已设置锁定屏幕的情况下启动一个 <code>userdebug</code> 实例。然后通过 <code>adb</code> shell 命令进入设备,并使用 <code>su</code> 获得 root 权限。确认 <code>/data/data</code> 中是否包含加密的文件名;如果没有,则表示存在问题。 +</p> +<h2 id="aosp-implementation-details">AOSP 实现详情</h2> +<p>本部分详细介绍了 AOSP 的文件级加密实现,并讲解了文件级加密的运作方式。设备制造商应该无需执行任何更改,即可在其设备上使用 FBE 和“直接启动”功能。 +</p> +<h3 id="ext4-encryption">EXT4 加密</h3> +<p>AOSP 的文件级加密实现会用到内核中的 EXT4 加密功能,并配置为:</p><ul> +<li>借助采用 XTS 模式的 AES-256 算法加密文件内容</li><li>借助采用 CBC-CTS 模式的 AES-256 算法加密文件名</li></ul> +<h3 id="key-derivation">密钥派生</h3> +<p>硬盘加密密钥(512 位 AES-XTS 密钥)以加密形式存储:通过另一个存放在 TEE 中的密钥(256 位 AES-GCM 密钥)进行加密。要使用该 TEE 密钥,需要具备以下三项:</p><ul> +<li>身份验证令牌</li><li>扩展凭据</li><li>secdiscardable hash</li></ul> +<p>身份验证令牌是一个经过加密和身份验证的令牌,由 <a href="/security/authentication/gatekeeper.html">Gatekeeper</a> 在用户成功登录时生成。<em></em>除非用户提供的身份验证令牌正确无误,否则 TEE 将拒绝用户使用该密钥。如果用户没有任何凭据,则不使用也不需要使用身份验证令牌。 +</p> +<p>扩展凭据是使用 <code>scrypt</code> 算法进行加盐和扩展处理的用户凭据。<em></em>实际上,凭据在被传递到 <code>vold</code>(以便传递到 <code>scrypt</code>)之前,会在锁定设置服务中接受一次哈希处理。扩展凭据会以加密形式绑定到 TEE 中的相应密钥,并享有适用于 <code>KM_TAG_APPLICATION_ID</code> 的所有保证。如果用户没有凭据,则不使用也不需要使用扩展凭据。 +</p> +<p><code>secdiscardable hash</code> 是 16 KB 随机文件的 512 位哈希,和用于重建相应密钥的其他信息(例如种子)存储在一起。在相应密钥被删除时,该文件会一并被安全地删除,或以新的方式被加密;采用这种附加的保护措施后,攻击者要恢复相应密钥,必须要先恢复这个被安全删除的文件中的每一个位。secdiscardable hash 同样会以加密形式绑定到 TEE 中的相应密钥,并享有适用于 <code>KM_TAG_APPLICATION_ID</code> 的所有保证。请参阅<a href="/security/keystore/implementer-ref.html">面向 Keystore 实现人员的参考资料</a>。 + +</p></body></html>
\ No newline at end of file diff --git a/zh-cn/security/keystore/implementer-ref.html b/zh-cn/security/keystore/implementer-ref.html new file mode 100644 index 00000000..19fabb57 --- /dev/null +++ b/zh-cn/security/keystore/implementer-ref.html @@ -0,0 +1,706 @@ +<html devsite><head> + <title>面向实现人员的参考资料</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>本页中提供了一些对 <a href="index.html">Keymaster</a> HAL 实现人员很有帮助的详细信息,其中介绍了 HAL 中的每个标记和每个函数。</p> + +<h2 id="authorization_tags">授权标记</h2> + +<p>除非标记说明中另有注明,否则以下所有标记都是在密钥生成期间用于指定密钥特性。</p> + +<h3 id="km_tag_purpose">KM_TAG_PURPOSE</h3> + +<p>用于指定相应密钥可用于哪些目的。</p> + +<p>可能的值是通过以下枚举定义的:</p> + +<pre> +typedef enum { + KM_PURPOSE_ENCRYPT = 0, + KM_PURPOSE_DECRYPT = 1, + KM_PURPOSE_SIGN = 2, + KM_PURPOSE_VERIFY = 3, +} keymaster_purpose_t; +</pre> + +<p>此标记可重复使用。可以生成具有多个值的密钥,不过一项操作只有一个目的。当调用 <a href="#begin">begin</a> 函数来启动某项操作时,要指定操作的目的。如果为操作指定的目的未通过相应密钥授权,操作必须失败并显示 <code>KM_ERROR_INCOMPATIBLE_PURPOSE</code>。</p> + +<h3 id="km_tag_algorithm">KM_TAG_ALGORITHM</h3> + +<p>用于指定与相应密钥配合使用的加密算法。</p> + +<p>可能的值是通过以下枚举定义的:</p> + +<pre> +typedef enum { + KM_ALGORITHM_RSA = 1, + KM_ALGORITHM_EC = 3, + KM_ALGORITHM_AES = 32, + KM_ALGORITHM_HMAC = 128, +} keymaster_algorithm_t; +</pre> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_key_size">KM_TAG_KEY_SIZE</h3> + +<p>用于指定相应密钥的大小(以位数计,按适用于相应密钥算法的一般方式衡量)。例如,对于 RSA 密钥,<code>KM_TAG_KEY_SIZE</code> 用于指定公开模数的大小。对于 AES 密钥,此标记用于指定密钥私密材料的长度。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_block_mode">KM_TAG_BLOCK_MODE</h3> + +<p>用于指定可与相应密钥配合使用的分块加密模式。此标记仅与 AES 密钥有关。</p> + +<p>可能的值是通过以下枚举定义的:</p> + +<pre> +typedef enum { + KM_MODE_ECB = 1, + KM_MODE_CBC = 2, + KM_MODE_CTR = 3, + KM_MODE_GCM = 32, +} keymaster_block_mode_t; +</pre> + +<p>此标记可重复使用。对于 AES 密钥操作,必须要在 <a href="#begin">begin</a> 的 <code>additional_params</code> 参数中指定模式。如果指定的模式不在相应密钥的关联模式之列,操作必须失败并显示 <code>KM_ERROR_INCOMPATIBLE_BLOCK_MODE</code>。</p> + +<h3 id="km_tag_digest">KM_TAG_DIGEST</h3> + +<p>用于指定可与相应密钥配合使用以执行签名和验证操作的摘要算法。此标记与 RSA 密钥、ECDSA 密钥和 HMAC 密钥有关。</p> + +<p>可能的值是通过以下枚举定义的:</p> + +<pre> +typedef enum { + KM_DIGEST_NONE = 0, + KM_DIGEST_MD5 = 1, + KM_DIGEST_SHA1 = 2, + KM_DIGEST_SHA_2_224 = 3, + KM_DIGEST_SHA_2_256 = 4, + KM_DIGEST_SHA_2_384 = 5, + KM_DIGEST_SHA_2_512 = 6, +} +keymaster_digest_t; +</pre> + +<p>此标记可重复使用。对于签名和验证操作,必须要在 <a href="#begin">begin</a> 的 <code>additional_params</code> 参数中指定摘要。如果指定的摘要不在相应密钥的关联摘要之列,操作必须失败并显示 <code>KM_ERROR_INCOMPATIBLE_DIGEST</code>。</p> + +<h3 id="km_tag_padding">KM_TAG_PADDING</h3> + +<p>用于指定可与相应密钥配合使用的填充模式。此标记与 RSA 密钥和 AES 密钥有关。</p> + +<p>可能的值是通过以下枚举定义的:</p> + +<pre> +typedef enum { + KM_PAD_NONE = 1, + KM_PAD_RSA_OAEP = 2, + KM_PAD_RSA_PSS = 3, + KM_PAD_RSA_PKCS1_1_5_ENCRYPT = 4, + KM_PAD_RSA_PKCS1_1_5_SIGN = 5, + KM_PAD_PKCS7 = 64, +} keymaster_padding_t; +</pre> + +<p><code>KM_PAD_RSA_OAEP</code> 和 <code>KM_PAD_RSA_PKCS1_1_5_ENCRYPT</code> 仅用于 RSA 加密/解密密钥,分别用来指定 RSA PKCS#1v2 OAEP 填充和 RSA PKCS#1 v1.5 随机填充。<code>KM_PAD_RSA_PSS</code> 和 <code>KM_PAD_RSA_PKCS1_1_5_SIGN</code> 仅用于 RSA 签名/验证密钥,分别用来指定 RSA PKCS#1v2 PSS 填充和 RSA PKCS#1 v1.5 确定性填充。另外请注意,RSA PSS 填充模式与 <a href="#km_tag_digest">KM_DIGEST_NONE</a> 不兼容。</p> + +<p><code>KM_PAD_NONE</code> 可与 RSA 密钥或 AES 密钥配合使用。对于 AES 密钥,如果将 <code>KM_PAD_NONE</code> 与分块模式 ECB 或 CBC 配合使用,并且要加密或解密的数据的长度不是 AES 分块大小的倍数,调用 finish 必须失败并显示 <code>KM_ERROR_INVALID_INPUT_LENGTH</code>。</p> + +<p><code>KM_PAD_PKCS7</code> 只能与 AES 密钥以及 ECB 和 CBC 模式配合使用。</p> + +<p>此标记可重复使用。在调用 <a href="#begin">begin</a> 时必须指定填充模式。如果指定的模式未针对相应密钥获得授权,操作必须失败并显示 <code>KM_ERROR_INCOMPATIBLE_BLOCK_MODE</code>。</p> + +<h3 id="km_tag_caller_nonce">KM_TAG_CALLER_NONCE</h3> + +<p>用于指定调用程序可以为需要随机数的操作提供随机数。</p> + +<p>此标记为布尔值,因此可能的值为 true(如果此标记存在)和 false(如果此标记不存在)。</p> + +<p>此标记仅用于 AES 密钥,并且仅与 CBC、CTR 和 GCM 分块模式有关。如果此标记不存在,实现应拒绝执行向 <a href="#begin">begin</a> 提供 <a href="#km_tag_nonce">KM_TAG_NONCE</a> 的所有操作,并显示 <code>KM_ERROR_CALLER_NONCE_PROHIBITED</code>。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_min_mac_length">KM_TAG_MIN_MAC_LENGTH</h3> + +<p>此标记是支持 GCM 模式的 HMAC 密钥和 AES 密钥所必需的标记,用于指定可通过相应密钥请求或验证的 MAC 的最小长度。</p> + +<p>此标记的值是 MAC 的最小长度(以位数计)。这个值必须是 8 的倍数。对于 HMAC 密钥,这个值不得小于 64。对于 GCM 密钥,这个值必须介于 96 到 128 之间。</p> + +<h3 id="km_tag_rsa_public_exponent">KM_TAG_RSA_PUBLIC_EXPONENT</h3> + +<p>用于为 RSA 密钥对指定公开指数的值。此标记仅与 RSA 密钥有关,而且是所有 RSA 密钥都必需的标记。</p> + +<p>此标记的值是一个 64 位的未签名整数,并且必须符合 RSA 公开指数方面的要求。由于这个值是由调用程序指定的,因此无法由实现来选择。这个值必须是质数。Trustlet 必须要支持 2^16+1 这个值,而且最好还支持其他合理的值,尤其是 3。如果未指定指数或指定的指数不受支持,密钥生成操作必须失败并显示 <code>KM_ERROR_INVALID_ARGUMENT</code>。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_blob_usage_requirements">KM_TAG_BLOB_USAGE_REQUIREMENTS</h3> + +<p>用于指定必须满足哪些系统环境条件才能使用生成的密钥。</p> + +<p>可能的值是通过以下枚举定义的:</p> + +<pre> +typedef enum { + KM_BLOB_STANDALONE = 0, + KM_BLOB_REQUIRES_FILE_SYSTEM = 1, +} keymaster_key_blob_usage_requirements_t; +</pre> + +<p>可以在密钥生成期间指定此标记,以便要求只有在指定条件下才可以使用生成的密钥。此标记必须要和密钥特性一起返回(通过 <a href="#generate_key">generate_key</a> 和 <a href="#get_key_characteristics">get_key_characteristics</a>)。如果调用程序指定了 <code>KM_TAG_BLOB_USAGE_REQUIREMENTS</code>(值为 <code>KM_BLOB_STANDALONE</code>),Trustlet 必须返回一个可在没有文件系统支持的情况下使用的密钥 Blob。这对于具有已加密磁盘的设备至关重要:在使用 Keymaster 密钥解密磁盘之前,此类设备的文件系统可能一直无法使用。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_bootloader_only">KM_TAG_BOOTLOADER_ONLY</h3> + +<p>用于指定只有引导加载程序能够使用相应密钥。</p> + +<p>此标记为布尔值,因此可能的值为 true(如果此标记存在)和 false(如果此标记不存在)。</p> + +<p>尝试从 Android 系统使用带有 <code>KM_TAG_BOOTLOADER_ONLY</code> 标记的密钥时,操作必须失败并显示 <code>KM_ERROR_INVALID_KEY_BLOB</code>。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_active_datetime">KM_TAG_ACTIVE_DATETIME</h3> + +<p>用于指定相应密钥变为有效状态的日期和时间。在此之前,尝试使用相应密钥时,操作必须失败并显示 <code>KM_ERROR_KEY_NOT_YET_VALID</code>。</p> + +<p>此标记的值是一个 64 位的整数,表示距 1970 年 1 月 1 日的毫秒数。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_origination_expire_datetime">KM_TAG_ORIGINATION_EXPIRE_DATETIME</h3> + +<p>用于指定相应密钥无法再用于签名和加密目的的过期日期和时间。如果向 <a href="#begin">begin</a> 提供的目的是 <a href="#km_tag_purpose">KM_PURPOSE_SIGN</a> 或 <a href="#km_tag_purpose">KM_PURPOSE_ENCRYPT</a>,那么在此之后,尝试使用相应密钥时,操作必须失败并显示 <code>KM_ERROR_KEY_EXPIRED</code>。</p> + +<p>此标记的值是一个 64 位的整数,表示距 1970 年 1 月 1 日的毫秒数。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_usage_expire_datetime">KM_TAG_USAGE_EXPIRE_DATETIME</h3> + +<p>用于指定相应密钥无法再用于验证和解密目的的过期日期和时间。如果向 <a href="#begin">begin</a> 提供的目的是 <a href="#km_tag_purpose">KM_PURPOSE_VERIFY</a> 或 <a href="#km_tag_purpose">KM_PURPOSE DECRYPT</a>,那么在此之后,尝试使用相应密钥时,操作必须失败并显示 <code>KM_ERROR_KEY_EXPIRED</code>。</p> + +<p>此标记的值是一个 64 位的整数,表示距 1970 年 1 月 1 日的毫秒数。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_min_seconds_between_ops">KM_TAG_MIN_SECONDS_BETWEEN_OPS</h3> + +<p>用于指定至少必须间隔多长时间才能再次将密钥用于允许的操作。在不限制密钥使用次数可能会给暴力破解攻击以可乘之机的环境中,可以使用此标记来限制密钥的使用次数。</p> + +<p>此标记的值是一个 32 位的整数,表示允许的操作之间间隔的秒数。</p> + +<p>当有操作使用带有此标记的某个密钥时,计时器应在 <a href="#finish">finish</a> 或 <a href="#abort">abort</a> 调用期间启动。在计时器表明通过 <code>KM_TAG_MIN_SECONDS_BETWEEN_OPS</code> 指定的间隔时间已过去之前收到的所有 <a href="#begin">begin</a> 调用都必须失败并显示 <code>KM_ERROR_KEY_RATE_LIMIT_EXCEEDED</code>。这项要求意味着 Trustlet 必须要为带有此标记的密钥维护一份计时器表格。由于 Keymaster 内存的大小通常有限制,因此该表格可以具有固定的最大大小,并且当该表格被占满时,如果有操作尝试使用带有此标记的密钥,Keymaster 可以使这些操作失败。该表格必须能够容纳至少 32 个使用中的密钥,而且当密钥最小使用间隔到期时,必须主动重复使用该表格中的位置。如果某项操作因该表格已被占满而失败,Keymaster 应返回 <code>KM_ERROR_TOO_MANY_OPERATIONS</code>。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_max_uses_per_boot">KM_TAG_MAX_USES_PER_BOOT</h3> + +<p>用于指定在两次系统重启之间可以使用相应密钥的最大次数。这是另一种限制密钥使用次数的机制。</p> + +<p>此标记的值是一个 32 位的整数,表示在每次系统启动后可以使用相应密钥的次数。</p> + +<p>当有操作使用带有此标记的某个密钥时,与该密钥关联的计数器应在 <a href="#begin">begin</a> 调用期间递增。当密钥计数器超出此标记的值后,所有尝试使用该密钥的后续操作都必须失败并显示 <code>KM_ERROR_MAX_OPS_EXCEEDED</code>,直到设备重启为止。这项要求意味着 Trustlet 必须要为带有此标记的密钥维护一份使用次数计数器表格。由于 Keymaster 内存的大小通常有限制,因此该表格可以具有固定的最大大小,并且当该表格被占满时,如果有操作尝试使用带有此标记的密钥,Keymaster 可以使这些操作失败。该表格必须能够容纳至少 16 个密钥。如果某项操作因该表格已被占满而失败,Keymaster 应返回 <code>KM_ERROR_TOO_MANY_OPERATIONS</code>。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</h3> + +<p>用于指定只能在某个安全的用户身份验证状态下使用相应密钥。此标记与 <a href="#km_tag_no_auth_required">KM_TAG_NO_AUTH_REQUIRED</a> 互斥。</p> + +<p>此标记的值是一个 64 位的整数,用于指定在通过 <a href="#km_tag_auth_token">KM_TAG_AUTH_TOKEN</a> 向 <a href="#begin">begin</a> 提供的身份验证令牌中必须存在哪个身份验证政策状态值,身份验证程序才会授权使用相应密钥。如果在调用 <a href="#begin">begin</a> 时未提供身份验证令牌,或提供的身份验证令牌没有匹配的政策状态值,但所用密钥带有此标记,该调用必须失败。</p> + +<p>此标记可重复使用。如果提供的值中有任何一个与身份验证令牌中的任何政策状态值一致,身份验证程序即会授权使用相应密钥。否则,操作必须失败并显示 <code>KM_ERROR_KEY_USER_NOT_AUTHENTICATED</code>。</p> + +<h3 id="km_tag_no_auth_required">KM_TAG_NO_AUTH_REQUIRED</h3> + +<p>用于指定无需进行身份验证即可使用相应密钥。此标记与 <a href="#km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</a> 互斥。</p> + +<p>此标记为布尔值,因此可能的值为 true(如果此标记存在)和 false(如果此标记不存在)。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_user_auth_type">KM_TAG_USER_AUTH_TYPE</h3> + +<p>用于指定可以使用哪些类型的用户身份验证程序来授权使用相应密钥。请求 Keymaster 执行所用密钥带有此标记的操作时,必须要为 Keymaster 提供一个身份验证令牌,并且该令牌的 <code>authenticator_type</code> 字段必须与此标记中的值一致。准确来说就是,<code>(ntoh(token.authenticator_type) & +auth_type_tag_value) != 0</code> 必须为 true,其中 <code>ntoh</code> 是一个函数,用于将按网络字节序保存的整数转换成按主机字节序保存的整数,而 <code>auth_type_tag_value</code> 是此标记的值。</p> + +<p>此标记的值是以下枚举值的位掩码(32 位整数):</p> + +<pre> +typedef enum { + HW_AUTH_NONE = 0, + HW_AUTH_PASSWORD = 1 << 0, + HW_AUTH_FINGERPRINT = 1 << 1, + // Additional entries should be powers of 2. + HW_AUTH_ANY = UINT32_MAX, +} hw_authenticator_type_t; +</pre> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_auth_timeout">KM_TAG_AUTH_TIMEOUT</h3> + +<p>用于指定授权在多长时间内使用相应密钥(以秒数计,从通过身份验证开始算起)。如果 <a href="#km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</a> 存在而此标记不存在,那么每次使用相应密钥时都需要通过身份验证(要详细了解各项操作的身份验证流程,请参阅 <a href="#begin">begin</a>)。</p> + +<p>此标记的值是一个 32 位的整数,用于指定可在多长时间内使用相应密钥(以秒数计,从使用通过 <a href="#km_tag_mac_length">KM_TAG_USER_AUTH_TYPE</a> 指定的身份验证方法对通过 <a href="#km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</a> 指定的用户成功进行身份验证开始算起)。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_all_applications">KM_TAG_ALL_APPLICATIONS</h3> + +<p>预留标记,供将来使用。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_application_id">KM_TAG_APPLICATION_ID</h3> + +<p>当提供给 <a href="#generate_key">generate_key</a> 或 <a href="#import_key">import_key</a> 时,此标记用于指定使用相应密钥时必须要提供的数据。具体来说就是,调用 <a href="#export_key">export_key</a> 和 <a href="#get_key_characteristics">get_key_characteristics</a> 时必须要在 <code>client_id</code> 参数中提供相同的值,而调用 <a href="#begin">begin</a> 时则必须要提供此标记以及相同的相关数据(作为 <code>in_params</code> 集的一部分)。如果未收到正确的数据,函数必须返回 <code>KM_ERROR_INVALID_KEY_BLOB</code>。</p> + +<p><i></i>此标记的内容必须要以加密形式绑定到相应密钥,这意味着,如果有不轨人士有权访问安全域的所有机密内容,但无权访问此标记的内容,必须要确保他们无法解密相应密钥(在不对此标记的内容进行暴力破解攻击的情况下)。</p> + +<p>此标记的值是一个 Blob(任意长度的字节数数组)。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_application_data">KM_TAG_APPLICATION_DATA</h3> + +<p>当提供给 <a href="#generate_key">generate_key</a> 或 <a href="#import_key">import_key</a> 时,此标记用于指定使用相应密钥时必须要提供的数据。具体来说就是,调用 <a href="#export_key">export_key</a> 和 <a href="#get_key_characteristics">get_key_characteristics</a> 时必须要在 <code>client_id</code> 参数中提供相同的值,而调用 <a href="#begin">begin</a> 时则必须要提供此标记以及相同的相关数据(作为 <code>in_params</code> 集的一部分)。如果未收到正确的数据,函数必须返回 <code>KM_ERROR_INVALID_KEY_BLOB</code>。</p> + +<p><i></i>此标记的内容必须要以加密形式绑定到相应密钥,这意味着,如果有不轨人士有权访问安全域的所有机密内容,但无权访问此标记的内容,必须要确保他们无法解密相应密钥(在不对此标记的内容进行暴力破解攻击的情况下)。</p> + +<p>此标记的值是一个 Blob(任意长度的字节数数组)。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_creation_datetime">KM_TAG_CREATION_DATETIME</h3> + +<p>用于指定相应密钥的创建日期和时间(以距 1970 年 1 月 1 日的毫秒数计)。此标记为可选标记,仅供参考。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_origin">KM_TAG_ORIGIN</h3> + +<p>用于指定相应密钥是在哪里创建的(如果知道)。在生成或导入密钥期间可以不指定此标记,但此标记必须要由 Trustlet 添加到密钥特性中。</p> + +<p>可能的值是在 <code>keymaster_origin_t</code> 中定义的:</p> + +<pre> +typedef enum { + KM_ORIGIN_GENERATED = 0, + KM_ORIGIN_IMPORTED = 2, + KM_ORIGIN_UNKNOWN = 3, +} keymaster_key_origin_t +</pre> + +<p>此标记的值的完整含义不仅取决于值本身,还取决于值是位于由硬件强制执行的特性列表中,还是位于由软件强制执行的特性列表中。</p> + +<p><code>KM_ORIGIN_GENERATED</code> 表示相应密钥是由 Keymaster 生成的。如果它位于由硬件强制执行的列表中,那么相应密钥是在安全硬件中生成的,并且已永久绑定到硬件。如果它位于由软件强制执行的列表中,那么相应密钥是在 SoftKeymaster 中生成的,并且没有绑定到硬件。</p> + +<p><code>KM_ORIGIN_IMPORTED</code> 表示相应密钥是在 Keymaster 之外生成的,并且导入到了 Keymaster 中。如果它位于由硬件强制执行的列表中,那么相应密钥已永久绑定到硬件,不过可能存在位于安全硬件之外的副本。如果它位于由软件强制执行的列表中,那么相应密钥已导入到 SoftKeymaster 中,并且没有绑定到硬件。</p> + +<p><code>KM_ORIGIN_UNKNOWN</code> 应当仅出现在由硬件强制执行的列表中。它表示相应密钥已绑定到硬件,但不知道相应密钥原本就是在安全硬件中生成的,还是导入的。只有在使用 keymaster0 硬件模拟 keymaster1 服务时,才会出现这种情况。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_rollback_resistant">KM_TAG_ROLLBACK_RESISTANT</h3> + +<p>用于表明相应密钥可抗回滚,也就是说,当通过 <a href="#delete_key">delete_key</a> 或 <a href="#delete_all_keys">delete_all_keys</a> 删除相应密钥后,可保证相应密钥已被永久删除且无法再使用。如果密钥不带此标记,那么在被删除后,可能能够从备份中恢复。</p> + +<p>此标记为布尔值,因此可能的值为 true(如果此标记存在)和 false(如果此标记不存在)。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_root_of_trust">KM_TAG_ROOT_OF_TRUST</h3> + +<p>用于指定“信任根”,即经过验证的启动程序在验证操作系统是否已启动时使用的键(如果有)。在任何情况下,都不可以通过密钥特性将此标记提供给 Keymaster,也不可以通过密钥特性从 Keymaster 返回此标记。</p> + +<h3 id="km_tag_associated_data">KM_TAG_ASSOCIATED_DATA</h3> + +<p>用于提供进行 AES-GCM 加密或解密时使用的“相关数据”。可以将此标记提供给 <a href="#update">update</a>,以便指定在计算 GCM 标记时使用的未加密/解密的数据。</p> + +<p>此标记的值是一个 Blob(任意长度的字节数数组)。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_nonce">KM_TAG_NONCE</h3> + +<p>用于提供或返回进行 AES GCM、CBC 或 CTR 加密/解密时使用的随机数或初始化矢量 (IV)。在加密和解密操作期间,可以将此标记提供给 <a href="#begin">begin</a>。仅当相应密钥带有 <a href="#km_tag_caller_nonce">KM_TAG_CALLER_NONCE</a> 时,才可以将此标记提供给 <a href="#begin">begin</a>。如果调用程序未提供此标记,Keymaster 将随机生成适当的随机数或 IV 并通过 begin 将其返回。</p> + +<p>此标记的值是一个 Blob(任意长度的字节数数组)。所允许的长度取决于模式:GCM 随机数的长度为 12 个字节;CBC IV 和 CTR IV 的长度为 16 个字节。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_auth_token">KM_TAG_AUTH_TOKEN</h3> + +<p>用于向 <a href="#begin">begin</a>、<a href="#update">update</a> 或 <a href="#finish">finish</a> 提供身份验证令牌(请参阅“身份验证”页面),以便向要求用户通过身份验证的密钥操作(密钥带有 <a href="#km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</a>)证明相应用户已通过身份验证。</p> + +<p>此标记的值是一个包含 <code>hw_auth_token_t</code> 结构的 Blob。</p> + +<p>此标记不可重复使用。</p> + +<h3 id="km_tag_mac_length">KM_TAG_MAC_LENGTH</h3> + +<p>用于提供 MAC 或 GCM 身份验证标记的请求长度(以位数计)。</p> + +<p>此标记的值是 MAC 长度(以位数计)。这个值必须是 8 的倍数,并且不得小于与相应密钥关联的 <a href="#km_tag_min_mac_length">KM_TAG_MIN_MAC_LENGTH</a> 的值。</p> + +<h2 id="functions">函数</h2> + +<h3 id="deprecated_functions">已弃用的函数</h3> + +<p>虽然以下函数位于 <code>keymaster1_device_t</code> 定义中,但不应实现这些函数。这些函数的指针应设为 <code>NULL</code>:</p> + +<ul> + <li><code>generate_keypair</code> + </li><li><code>import_keypair</code> + </li><li><code>get_keypair_public</code> + </li><li><code>delete_keypair</code> + </li><li><code>delete_all</code> + </li><li><code>sign_data</code> + </li><li><code>verify_data</code> +</li></ul> + +<h3 id="general_implementation_guidelines">常规实现准则</h3> + +<p>以下准则适用于 API 中的所有函数。</p> + +<h4 id="input_pointer_parameters">输入指针参数</h4> + +<p>进行指定调用时不使用的输入指针参数可以是 <code>NULL</code>。调用程序无需提供占位符。例如,某些密钥类型和模式可能不会使用 <a href="#begin">begin</a> 的 <code>in_params</code> 参数中的任何值,因此调用程序可以将 <code>in_params</code> 设为 <code>NULL</code> 或提供一个空的参数集。调用程序也可以提供不使用的参数,而 Keymaster 方法不得发出错误。</p> + +<p>如果所需的输入参数为 NULL,Keymaster 方法应返回 <code>KM_ERROR_UNEXPECTED_NULL_POINTER</code>。</p> + +<h4 id="output_pointer_parameters">输出指针参数</h4> + +<p>与输入指针参数类似,不使用的输出指针参数可以是 <code>NULL</code>。如果某个方法需要在某个输出参数中返回数据,但发现该参数为 <code>NULL</code>,则应返回 <code>KM_ERROR_OUTPUT_PARAMETER_NULL</code>。</p> + +<h4 id="api_misuse">API 滥用</h4> + +<p>调用程序可以通过多种方式提出虽然不合理或很荒谬但技术上并没有错误的请求。在这种情况下,keymaster1 实现无需失败或发出诊断。实现不应诊断以下情况:使用过小的密钥、指定不相关的输入参数、重复使用 IV 或随机数、生成密钥时未指定目的(因此生成的密钥没有用处),以及类似情况。但必须诊断以下情况:缺少必需的参数、指定无效的必需参数,以及类似错误。</p> + +<p>应用、框架和 Android Keystore 需负责确保对 Keymaster 模块的调用是合理的,而且是有用的。</p> + +<h3 id="get_supported_algorithms">get_supported_algorithms</h3> + +<p>用于返回一个列表,其中包含 Keymaster 硬件实现支持的算法。如果是软件实现,则必须返回一个空列表;如果是混合实现,则必须返回一个仅包含硬件支持的算法的列表。</p> + +<p>keymaster1 实现必须要支持 RSA、EC、AES 和 HMAC。</p> + +<h3 id="get_supported_block_modes">get_supported_block_modes</h3> + +<p>用于返回一个列表,其中包含对于指定的算法和目的,Keymaster 硬件实现支持的 AES 分块模式。</p> + +<p>对于不是分块加密算法的 RSA、EC 和 HMAC,无论是任何有效目的,此方法都必须返回一个空列表。如果目的无效,则应导致此方法返回 <code>KM_ERROR_INVALID_PURPOSE</code>。</p> + +<p>keymaster1 实现必须要支持使用 ECB、CBC、CTR 和 GCM 进行 AES 加密和解密。</p> + +<h3 id="get_supported_padding_modes">get_supported_padding_modes</h3> + +<p>用于返回一个列表,其中包含对于指定的算法和目的,Keymaster 硬件实现支持的填充模式。</p> + +<p>HMAC 和 EC 并没有填充这一概念,因此针对所有有效目的,此方法都必须返回一个空列表。如果目的无效,则应导致此方法返回 <code>KM_ERROR_INVALID_PURPOSE</code>。</p> + +<p>对于 RSA,keymaster1 实现必须要支持:</p> + +<ul> + <li>非填充式加密、解密、签名和验证。对于非填充式加密和签名,如果消息比公开模数短,实现必须要在消息左侧填充零来补齐。对于非填充式解密和验证,输入长度必须与公开模数的大小一致。 + </li><li>PKCS#1 v1.5 加密和签名填充模式</li><li>盐最小长度为 20 的 PSS</li><li>OAEP</li></ul> + +<p>对于采用 ECB 和 CBC 模式的 AES 算法,keymaster1 实现必须要支持无填充和 PKCS#7 填充。CTR 和 GCM 模式必须仅支持无填充。</p> + +<h3 id="get_supported_digests">get_supported_digests</h3> + +<p>用于返回一个列表,其中包含对于指定的算法和目的,Keymaster 硬件实现支持的摘要模式。</p> + +<p>任何 AES 模式都不支持摘要,也不需要摘要,因此无论是任何有效目的,此方法都必须返回一个空列表。</p> + +<p>keymaster1 实现可以只实现一部分已定义的摘要,但必须要提供 SHA-256。强烈建议 keymaster1 实现提供 MD5、SHA1、SHA-224、SHA-256、SHA384 和 SHA512(完整的已定义摘要集)。</p> + +<h3 id="get_supported_import_formats">get_supported_import_formats</h3> + +<p>用于返回一个列表,其中包含指定算法的 Keymaster 硬件实现支持的导入格式。</p> + +<p>keymaster1 实现必须要支持 PKCS#8 格式(无密码保护),以便导入 RSA 密钥对和 EC 密钥对,并且必须要支持以原始格式导入 AES 密钥材料和 HMAC 密钥材料。</p> + +<h3 id="get_supported_export_formats">get_supported_export_formats</h3> + +<p>用于返回一个列表,其中包含指定算法的 Keymaster 硬件实现支持的导出格式。</p> + +<p>keymaster1 实现必须要支持 X.509 格式,以便导出 RSA 公钥和 EC 公钥。不得支持导出私钥或非对称密钥。</p> + +<h3 id="add_rng_entropy">add_rng_entropy</h3> + +<p>用于将调用程序提供的熵添加到 keymaster1 实现生成随机数(在密钥中使用)、IV 以及其他内容时使用的池中。</p> + +<p>Keymaster1 实现必须将收到的熵<strong>安全地</strong>混合到所使用的池中,该池中必须还要包含由硬件随机数生成器在内部生成的熵。混合操作必须具有以下特性:即使攻击者能够完全控制通过 <code>add_rng_entropy</code> 提供的位数或硬件生成的位数(但不能同时控制这两者),他们能够预测出通过熵池生成的位数的概率也不得超过 ½。</p> + +<p>尝试估算内部池中的熵的 keymaster1 实现必须假定通过 <code>add_rng_entropy</code> 提供的数据不包含熵。</p> + +<h3 id="generate_key">generate_key</h3> + +<p>用于生成一个新的加密密钥,同时指定将永久绑定到该密钥的关联授权。keymaster1 实现必须能够确保无法通过任何与生成密钥时指定的授权不一致的方式使用相应密钥。对于安全硬件无法强制执行的授权,安全硬件的义务仅限于确保与相应密钥关联的无法强制执行的授权不能被修改,以便每次调用 <a href="#get_key_characteristics">get_key_characteristics</a> 时都会返回原始值。此外,通过 <code>generate_key</code> 返回的特性必须将授权正确地分配到由硬件强制执行的列表和由软件强制执行的列表中。如需更多详细信息,请参阅 <a href="#get_key_characteristics">get_key_characteristics</a>。</p> + +<p>必须要向 <code>generate_key</code> 提供的参数取决于要生成的密钥的类型。这一部分将概括介绍每种类型的密钥必需的标记以及允许使用的标记。<a href="#km_tag_algorithm">KM_TAG_ALGORITHM</a> 始终为必需的标记,用于指定类型。</p> + +<h4 id="rsa_keys">RSA 密钥</h4> + +<p>以下参数是生成 RSA 密钥时必需的参数。</p> + +<ul> + <li><a href="#km_tag_key_size">KM_TAG_KEY_SIZE</a> 用于指定公开模数的大小(以位数计)。如果缺少此参数,方法必须返回 <code>KM_ERROR_UNSUPPORTED_KEY_SIZE</code>。必须要支持 1024、2048、3072 和 4096,最好还支持为 8 的倍数的所有密钥大小。 + </li><li><a href="#km_tag_rsa_public_exponent">KM_TAG_RSA_PUBLIC_EXPONENT</a> 用于指定 RSA 公开指数的值。如果缺少此参数,方法必须返回 <code>KM_ERROR_INVALID_ARGUMENT</code>。实现必须要支持 3 和 65537,最好还支持不超过 2^64 的所有质数值。 +</li></ul> + +<p>以下参数不是生成 RSA 密钥时必需的参数,但如果在缺少这些参数的情况下生成 RSA 密钥,生成的密钥将无法使用。如果缺少这些参数,<code>generate_key</code> 函数不应返回错误。</p> + +<ul> + <li><a href="#km_tag_purpose">KM_TAG_PURPOSE</a> 用于指定允许的目的。对于 RSA 密钥,必须要支持采用任意组合的所有目的。 + </li><li><a href="#km_tag_digest">KM_TAG_DIGEST</a> 用于指定可与新密钥配合使用的摘要算法。不支持任何摘要算法的实现必须要接受包含不受支持的摘要的密钥生成请求。不受支持的摘要应被放入“由软件强制执行”的列表内返回的密钥特性中。这是因为相应密钥能够与其他摘要配合使用,但添加摘要将在软件中进行。然后,将调用硬件按 <code>KM_DIGEST_NONE</code> 摘要算法执行相应操作。</li><li><a href="#km_tag_padding">KM_TAG_PADDING</a> 用于指定可与新密钥配合使用的填充模式。如果未指定任何不受支持的摘要算法,不支持任何摘要算法的实现必须将 <code>KM_PAD_RSA_PSS</code> 和 <code>KM_PAD_RSA_OAEP</code> 放入由软件强制执行的密钥特性列表中。 +</li></ul> + +<h4 id="ecdsa_keys">ECDSA 密钥</h4> + +<p>只有 <a href="#km_tag_key_size">KM_TAG_KEY_SIZE</a> 是生成 ECDSA 密钥时必需的参数。此参数用于选择 EC 组。实现必须要支持 224、256、384 和 521,这些值分别表示 NIST p-224、p-256、p-384 和 p521 曲线。</p> + +<p>为了使生成的 ECDSA 密钥可以使用,还需要 <a href="#km_tag_digest">KM_TAG_DIGEST</a>,但此参数不是生成 ECDSA 密钥时必需的参数。</p> + +<h4 id="aes_keys">AES 密钥</h4> + +<p>只有 <a href="#km_tag_key_size">KM_TAG_KEY_SIZE</a> 是生成 AES 密钥时必需的参数。如果缺少此参数,方法必须返回 <code>KM_ERROR_UNSUPPORTED_KEY_SIZE</code>。必须要支持 128 和 256。建议支持 192 位 AES 密钥。</p> + +<p>以下参数仅与 AES 密钥有关,但它们并不是生成 AES 密钥时必需的参数:</p> + +<ul> + <li><code>KM_TAG_BLOCK_MODE</code> 用于指定可与新密钥配合使用的分块模式。 + </li><li><code>KM_TAG_PADDING</code> 用于指定可以使用的填充模式。此参数仅与 ECB 和 CBC 模式有关。 +</li></ul> + +<p>如果指定的是 GCM 分块模式,则必须要提供 <a href="#km_tag_min_mac_length">KM_TAG_MIN_MAC_LENGTH</a>。如果缺少此参数,方法必须返回 <code>KM_ERROR_MISSING_MIN_MAC_LENGTH</code>。此标记的值必须是 8 的倍数,并且必须介于 96 到 128 之间。</p> + +<h4 id="hmac_keys">HMAC 密钥</h4> + +<p>以下参数是生成 HMAC 密钥时必需的参数:</p> + +<ul> + <li><a href="#km_tag_key_size">KM_TAG_KEY_SIZE</a> 用于指定密钥大小(以位数计)。不得支持小于 64 以及不是 8 的倍数的值。必须要支持介于 64 到 512 之间并且是 8 的倍数的值。可以支持更大的值。 + </li><li><a href="#km_tag_min_mac_length">KM_TAG_MIN_MAC_LENGTH</a> 用于指定可通过相应密钥生成或验证的 MAC 的最小长度。此参数的值必须是 8 的倍数,并且不得小于 64。 + </li><li><a href="#km_tag_digest">KM_TAG_DIGEST</a> 用于指定相应密钥的摘要算法。必须且只能指定一种摘要,否则返回 <code>KM_ERROR_UNSUPPORTED_DIGEST</code>。如果 Trustlet 不支持指定的摘要,则返回 <code>KM_ERROR_UNSUPPORTED_DIGEST</code>。</li></ul> + +<h4 id="key_characteristics">密钥特性</h4> + +<p>如果特性参数为非 NULL 值,<code>generate_key</code> 必须返回新生成密钥的特性(适当地划分到由硬件强制执行的列表和由软件强制执行的列表中)。要了解哪些特性会划分到哪个列表中,请参阅 <a href="#get_key_characteristics">get_key_characteristics</a>。返回的特性必须要包含为生成密钥而指定的所有参数,<a href="#km_tag_application_id">KM_TAG_APPLICATION_ID</a> 和 <a href="#km_tag_application_data">KM_TAG_APPLICATION_DATA</a> 除外。如果这两个标记包含在密钥参数中,则必须要将其从返回的特性中移除;必须要确保无法通过查看返回的密钥 Blob 找出这两个标记的值。不过,这两个标记必须要以加密形式绑定到密钥 Blob,以便在使用相应密钥时,如果未提供正确的值,使用将会失败。同样,<a href="#km_tag_root_of_trust">KM_TAG_ROOT_OF_TRUST</a> 也必须要以加密形式绑定到相应密钥,但在生成或导入密钥期间可以不指定此标记,并且在任何情况下都不得返回此标记。</p> + +<p>除了收到的标记外,Trustlet 还必须要添加 <a href="#km_tag_origin">KM_TAG_ORIGIN</a>(值为 <code>KM_ORIGIN_GENERATED</code>);如果相应密钥可抗回滚,还要添加 <a href="#km_tag_rollback_resistant">KM_TAG_ROLLBACK_RESISTANT</a>。</p> + +<h4 id="rollback_resistance">抗回滚</h4> + +<p>抗回滚意味着,相应密钥通过 <a href="#delete_key">delete_key</a> 或 <a href="#delete_all_keys">delete_all_keys</a> 被删除后,安全硬件将保证它绝对无法再使用。不采用抗回滚的实现通常会将生成或导入的密钥材料作为密钥 Blob(一种经过加密和身份验证的形式)返回给调用程序。当 Keystore 删除密钥 Blob 后,相应密钥将会消失,但之前已设法获取密钥材料的攻击者可能能够将相应密钥材料恢复到设备上。</p> + +<p>如果安全硬件保证被删除的密钥以后无法被恢复,那么相应密钥便可抗回滚。安全硬件通常是通过将额外的密钥元数据存储在攻击者无法操控的可信位置来做到这一点。在移动设备上,用于实现这一点的机制通常为 Replay Protected Memory Block (RPMB)。由于可创建的密钥数量基本上没有限制,而用于抗回滚的可信存储空间的大小可能有限制,因此即使无法为新密钥提供抗回滚功能,此方法也必须可以成功。在这种情况下,不得将 <a href="#km_tag_rollback_resistant">KM_TAG_ROLLBACK_RESISTANT</a> 添加到密钥特性中。</p> + +<h3 id="get_key_characteristics">get_key_characteristics</h3> + +<p>用于返回与收到的密钥关联的参数和授权,并且返回的参数和授权会划分为两组:一组由硬件强制执行,一组由软件强制执行。此处的说明同样适用于通过 <a href="#generate_key">generate_key</a> 和 <a href="#import_key">import_key</a> 返回的密钥特性列表。</p> + +<p>如果在密钥生成或导入期间提供了 <code>KM_TAG_APPLICATION_ID</code>,则必须要在 <code>client_id</code> 参数中为此方法提供相同的值。否则,此方法必须返回 <code>KM_ERROR_INVALID_KEY_BLOB</code>。同样,如果在生成或导入密钥期间提供了 <code>KM_TAG_APPLICATION_DATA </code>,则必须要在 <code>app_data</code> 参数中为此方法提供相同的值。</p> + +<p>此方法返回的特性完整地说明了指定密钥的类型和用法。</p> + +<p>要确定某个指定标记是属于由硬件强制执行的列表,还是属于由软件强制执行的列表,一般规则是:如果该标记的含义完全由安全硬件来保证,则属于由硬件强制执行的列表,否则属于由软件强制执行的列表。下面列出了可能无法明确确定到底属于哪个列表的具体标记:</p> + +<ul> + <li><a href="#km_tag_algorithm">KM_TAG_ALGORITHM</a>、<a href="#km_tag_key_size">KM_TAG_KEY_SIZE</a> 和 <a href="#km_tag_rsa_public_exponent">KM_TAG_RSA_PUBLIC_EXPONENT</a> 是密钥的固有属性。任何由硬件来保障安全的密钥都将位于由硬件强制执行的列表中,这是因为诸如“此 RSA 密钥材料仅用作 RSA 密钥”之类的声明由硬件强制执行,原因是硬件将不会以任何其他方式使用相应密钥,而软件无权访问密钥材料并且根本无法使用相应密钥。 + </li><li>由安全硬件支持的 <a href="#km_tag_digest">KM_TAG_DIGEST</a> 值将位于由硬件支持的列表中。不受支持的摘要则位于由软件支持的列表中。 + </li><li><a href="#km_tag_padding">KM_TAG_PADDING</a> 的值通常位于由硬件支持的列表中,但如果存在某种特定的填充模式必须要由软件来强制执行的可能性,那么这些值将位于由软件强制执行的列表中。对于允许使用不是由安全硬件支持的摘要算法进行 PSS 或 OAEP 填充的 RSA 密钥,则存在这种可能性。 + </li><li>仅当用户身份验证由硬件强制执行时,<a href="#km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</a> 和 <a href="#km_tag_mac_length">KM_TAG_USER_AUTH_TYPE</a> 才由硬件强制执行。要使用户身份验证由硬件强制执行,Keymaster Trustlet 和相关身份验证 Trustlet 都必须是安全的,并且必须共用一个用于签署和验证身份验证令牌的 HMAC 密钥。有关详情,请参阅“身份验证”页面。 + </li><li><a href="#km_tag_active_datetime">KM_TAG_ACTIVE_DATETIME</a>、<a href="#km_tag_origination_expire_datetime">KM_TAG_ORIGINATION_EXPIRE_DATETIME</a> 和 <a href="#km_tag_usage_expire_datetime">KM_TAG_USAGE_EXPIRE_DATETIME</a> 标记要求能够访问可验证的正确挂钟。大多数安全硬件将只能访问由非安全操作系统提供的时间信息,这意味着这些标记由软件强制执行。 + </li><li>对于绑定到硬件的密钥,<a href="#km_tag_origin">KM_TAG_ORIGIN</a> 始终位于硬件列表中。如果此标记出现在硬件列表中,更高的层级便可据此确定相应密钥是由硬件支持的密钥。 +</li></ul> + +<h3 id="import_key">import_key</h3> + +<p>用于将密钥材料导入到 Keymaster 硬件中。密钥定义参数和输出特性的处理方式与 <code>generate_key</code> 相同,但存在以下例外情况:</p> + +<ul> + <li><a href="#km_tag_key_size">KM_TAG_KEY_SIZE</a> 和 <a href="#km_tag_rsa_public_exponent">KM_TAG_RSA_PUBLIC_EXPONENT</a>(仅适用于 RSA 密钥)不是输入参数中必需的标记。如果未收到这两个标记,Trustlet 必须根据收到的密钥材料推导出这两个标记的值,并将适当的标记和值添加到密钥特性中。如果收到了这两个参数,Trustlet 必须根据密钥材料对其进行验证。如果收到的值与密钥材料中的值不一致,此方法必须返回 <code>KM_ERROR_IMPORT_PARAMETER_MISMATCH</code>。</li><li>返回的 <a href="#km_tag_origin">KM_TAG_ORIGIN</a> 必须要具有 <code>KM_ORIGIN_IMPORTED</code> 这个值。</li></ul> + +<h3 id="export_key">export_key</h3> + +<p>用于从 Keymaster RSA 密钥对或 EC 密钥对中导出公钥。</p> + +<p>如果在密钥生成或导入期间提供了 <code>KM_TAG_APPLICATION_ID</code>,则必须要在 <code>client_id</code> 参数中为此方法提供相同的值。否则,此方法必须返回 <code>KM_ERROR_INVALID_KEY_BLOB</code>。同样,如果在生成或导入密钥期间提供了 <code>KM_TAG_APPLICATION_DATA</code>,则必须要在 <code>app_data</code> 参数中为此方法提供相同的值。</p> + +<h3 id="delete_key">delete_key</h3> + +<p>用于删除收到的密钥。此方法为可选方法,可能只能由提供抗回滚功能的 Keymaster 模块来实现。</p> + +<h3 id="delete_all_keys">delete_all_keys</h3> + +<p>用于删除所有密钥。此方法为可选方法,可能只能由提供抗回滚功能的 Keymaster 模块来实现。</p> + +<h3 id="begin">begin</h3> + +<p>用于开始使用指定的密钥和参数(视情况而定)针对指定的目的进行加密操作,并返回与 <a href="#update">update</a> 和 <a href="#finish">finish</a> 配合使用以完成操作的操作句柄。该操作句柄还会在经过身份验证的操作中用作“质询”令牌,并且对于此类操作,该操作句柄必须包含在身份验证令牌的 <code>challenge</code> 字段中。</p> + +<p>Keymaster 实现必须要支持至少 16 个并行操作。Keystore 最多使用 15 个,留一个给 vold 用于对密码进行加密。当 Keystore 有 15 个操作正在进行(已调用 <code>begin</code>,但尚未调用 <code>finish</code> 或 <code>abort</code>)时,如果收到开始第 16 个操作的请求,它将对最近使用最少的操作调用 <code>abort</code>,以便将进行中的操作减少到 14 个,然后再调用 <code>begin</code> 来开始执行新收到的操作请求。 + +</p><p>如果在密钥生成或导入期间指定了 <a href="#km_tag_application_id">KM_TAG_APPLICATION_ID</a> 或 <a href="#km_tag_application_data">KM_TAG_APPLICATION_DATA</a>,那么调用 <code>begin</code> 时必须要包含这两个标记以及最初在此方法的 <code>in_params</code> 参数中指定的值。</p> + +<h4 id="authorization_enforcement">密钥授权强制执行</h4> + +<p>在执行此方法期间,如果实现将以下密钥授权放入到了“由硬件强制执行的”特性中,并且相应操作不是公钥操作,那么这些授权必须要由 Trustlet 来强制执行。即使不符合授权要求,也必须要允许公钥操作(即使用 RSA 或 EC 密钥进行的 <code>KM_PURPOSE_ENCRYPT</code> 和 <code>KM_PURPOSE_VERIFY</code>)成功完成。</p> + +<ul> + <li><a href="#km_tag_purpose">KM_TAG_PURPOSE</a> 要求为此方法指定的目的必须要与密钥授权中的某个目的一致,除非请求的操作是公钥操作,即密钥是 RSA 密钥或 EC 密钥,目的是 <code>KM_PURPOSE_ENCRYPT</code> 或 <code>KM_PURPOSE_VERIFY</code>。请注意,<code>KM_PURPOSE_ENCRYPT</code> 对 EC 密钥无效。在这种情况下,begin 应该返回 <code>KM_ERROR_UNSUPPORTED_PURPOSE</code>。 + </li><li><a href="#km_tag_active_datetime">KM_TAG_ACTIVE_DATETIME</a> 要求与可信 UTC 时间源进行比较。如果当前日期和时间早于此标记的值,方法必须返回 <code>KM_ERROR_KEY_NOT_YET_VALID</code>。</li><li><a href="#km_tag_origination_expire_datetime">KM_TAG_ORIGINATION_EXPIRE_DATETIME</a> 要求与可信 UTC 时间源进行比较。如果当前日期和时间晚于此标记的值,并且目的是 <code>KM_PURPOSE_ENCRYPT</code> 或 <code>KM_PURPOSE_SIGN</code>,方法必须返回 <code>KM_ERROR_KEY_EXPIRED</code>。</li><li><a href="#km_tag_usage_expire_datetime">KM_TAG_USAGE_EXPIRE_DATETIME</a> 要求与可信 UTC 时间源进行比较。如果当前日期和时间晚于此标记的值,并且目的是 <code>KM_PURPOSE_DECRYPT</code> 或 <code>KM_PURPOSE_VERIFY</code>,方法必须返回 <code>KM_ERROR_KEY_EXPIRED</code>。</li><li><a href="#km_tag_min_seconds_between_ops">KM_TAG_MIN_SECONDS_BETWEEN_OPS</a> 要求与指明相应密钥上次使用时间的可信相对计时器进行比较。如果上次使用时间加上此标记的值后小于当前时间,方法必须返回 <code>KM_ERROR_KEY_RATE_LIMIT_EXCEEDED</code>。要查看重要的实现要求,请参阅标记说明。 + </li><li><a href="#km_tag_max_uses_per_boot">KM_TAG_MAX_USES_PER_BOOT</a> 要求与用于跟踪自系统启动以来相应密钥使用次数的安全计数器进行比较。如果已使用次数超出此标记的值,方法必须返回 <code>KM_ERROR_KEY_MAX_OPS_EXCEEDED</code>。</li><li>仅当相应密钥还有 <a href="#km_tag_auth_timeout">KM_TAG_AUTH_TIMEOUT</a> 时,<a href="#km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</a> 才会由此方法强制执行。如果相应密钥同时具有这两个标记,此方法必须要已在 <code>in_params</code> 中收到 <a href="#km_tag_auth_token">KM_TAG_AUTH_TOKEN</a>,并且该令牌必须有效,也就是说,HMAC 字段可正确验证。此外,相应密钥必须要有至少一个 <a href="#km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</a> 值与令牌中至少一个安全 ID 值一致。最后,相应密钥还必须要有 <a href="#km_tag_mac_length">KM_TAG_USER_AUTH_TYPE</a>,而且此标记必须要与令牌中的身份验证类型一致。如果这些要求中有任何一个不符合,方法必须返回 <code>KM_ERROR_KEY_USER_NOT_AUTHENTICATED</code>。</li><li><a href="#km_tag_caller_nonce">KM_TAG_CALLER_NONCE</a> 允许调用程序指定随机数或初始化矢量 (IV)。如果相应密钥没有此标记,但调用程序为此方法提供了 <a href="#km_tag_nonce">KM_TAG_NONCE</a>,则必须返回 <code>KM_ERROR_CALLER_NONCE_PROHIBITED</code>。 + </li><li><a href="#km_tag_bootloader_only">KM_TAG_BOOTLOADER_ONLY</a> 用于指定相应密钥只能由引导加载程序使用。如果在引导加载程序执行完毕后调用此方法,并且提供的是仅限引导加载程序使用的密钥,则必须返回 <code>KM_ERROR_INVALID_KEY_BLOB</code>。</li></ul> + +<h4 id="rsa_keys">RSA 密钥</h4> + +<p>执行任何 RSA 密钥操作时,都必须要在 <code>in_params</code> 中指定一种且只能指定一种填充模式。如果未指定或指定了多次,方法必须返回 <code>KM_ERROR_UNSUPPORTED_PADDING_MODE</code>。</p> + +<p>RSA 签名和验证操作需要摘要,正如使用 OAEP 填充模式进行 RSA 加密和解密操作时一样。对于这些情况,调用程序必须要在 <code>in_params</code> 中指定一种且只能指定一种摘要。如果未指定或指定了多次,方法必须返回 <code>KM_ERROR_UNSUPPORTED_DIGEST</code>。</p> + +<p>私钥操作(<code>KM_PURPOSE_DECYPT</code> 和 <code>KM_PURPOSE_SIGN</code>)要求摘要和填充获得授权,也就是说,指定的值必须要在密钥授权中。否则,方法必须视情况返回 <code>KM_ERROR_INCOMPATIBLE_DIGEST</code> 或 <code>KM_ERROR_INCOMPATIBLE_PADDING</code>。公钥操作(<code>KM_PURPOSE_ENCRYPT</code> 和 <code>KM_PURPOSE_VERIFY</code>)可以使用未经授权的摘要或填充。</p> + +<p>除了 <code>KM_PAD_NONE</code> 之外,所有 RSA 填充模式都仅适用于特定目的。具体来说就是,<code>KM_PAD_RSA_PKCS1_1_5_SIGN</code> 和 <code>KM_PAD_RSA_PSS</code> 仅支持签名和验证,而 <code>KM_PAD_RSA_PKCS1_1_1_5_ENCRYPT</code> 和 <code>KM_PAD_RSA_OAEP</code> 仅支持加密和解密。如果指定的模式不支持指定的目的,方法必须返回 <code>KM_ERROR_UNSUPPORTED_PADDING_MODE</code>。</p> + +<p>填充模式与摘要之间存在以下非常重要的相互关系:</p> + +<ul> + + <li><code>KM_PAD_NONE</code> 表示将执行“原始”RSA 操作。如果是进行签名或验证,必须要指定 <code>KM_DIGEST_NONE</code> 这种摘要。如果是进行非填充式加密或解密,则不需要摘要。 + + </li><li><code>KM_PAD_RSA_PKCS1_1_5_SIGN</code> 填充需要摘要。摘要可以是 <code>KM_DIGEST_NONE</code>,在这种情况下,Keymaster 实现将无法构建适当的 PKCS#1 v1.5 签名结构,因为它无法添加 DigestInfo 结构。不过,实现必须要构建 <code>0x00 || 0x01 || PS || 0x00 || M</code>,其中 M 是收到的消息,PS 是填充字符串。RSA 密钥的大小必须要比消息至少多 11 个字节,否则方法必须返回 <code>KM_ERROR_INVALID_INPUT_LENGTH</code>。</li><li><code>KM_PAD_RSA_PKCS1_1_1_5_ENCRYPT</code> 填充不需要摘要。</li><li><code>KM_PAD_RSA_PSS</code> 填充需要摘要,并且摘要不能是 <code>KM_DIGEST_NONE</code>。如果指定的是 <code>KM_DIGEST_NONE</code>,方法必须返回 <code>KM_ERROR_INCOMPATIBLE_DIGEST</code>。此外,RSA 密钥的大小必须要比摘要的输出大小至少多 22 个字节。否则,方法必须返回 <code>KM_ERROR_INCOMPATIBLE_DIGEST</code>。</li><li><code>KM_PAD_RSA_OAEP</code> 填充需要摘要,并且摘要不能是 <code>KM_DIGEST_NONE</code>。如果指定的是 <code>KM_DIGEST_NONE</code>,方法必须返回 <code>KM_ERROR_INCOMPATIBLE_DIGEST</code>。</li></ul> + +<h4 id="ec_keys">EC 密钥</h4> + +<p>执行任何 EC 密钥操作时,都必须要在 <code>in_params</code> 中指定一种且只能指定一种填充模式。如果未指定或指定了多次,则返回 <code>KM_ERROR_UNSUPPORTED_PADDING_MODE</code>。</p> + +<p>私钥操作 (<code>KM_PURPOSE_SIGN</code>) 要求摘要获得授权,也就是说,指定的值必须要在密钥授权中。否则返回 <code>KM_ERROR_INCOMPATIBLE_DIGEST</code>。公钥操作 (<code>KM_PURPOSE_VERIFY</code>) 可以使用未经授权的摘要或填充。</p> + +<h4 id="aes_keys">AES 密钥</h4> + +<p>执行 AES 密钥操作时,必须要在 <code>in_params</code> 中指定一种且只能指定一种分块模式和填充模式。如果有任何一项未指定或指定了多次,则返回 <code>KM_ERROR_UNSUPPORTED_BLOCK_MODE</code> 或 <code>KM_ERROR_UNSUPPORTED_PADDING_MODE</code>。指定的模式必须要已通过相应密钥授权。否则,方法必须返回 <code>KM_ERROR_INCOMPATIBLE_BLOCK_MODE</code> 或 <code>KM_ERROR_INCOMPATIBLE_PADDING_MODE</code>。</p> + +<p>如果分块模式是 <code>KM_MODE_GCM</code>,则必须要在 <code>in_params</code> 中指定 <code>KM_TAG_MAC_LENGTH</code>。指定的值必须是 8 的倍数,并且不得大于 128,也不得小于密钥授权中 <code>KM_TAG_MIN_MAC_LENGTH</code> 的值。如果 MAC 长度大于 128 或不是 8 的倍数,则返回 <code>KM_ERROR_UNSUPPORTED_MAC_LENGTH</code>。如果 MAC 长度小于密钥最小长度,则返回 <code>KM_ERROR_INVALID_MAC_LENGTH</code>。</p> + +<p>如果分块模式是 <code>KM_MODE_GCM</code> 或 <code>KM_MODE_CTR</code>,那么指定的填充模式必须是 <code>KM_PAD_NONE</code>。如果分块模式是 <code>KM_MODE_ECB</code> 或 <code>KM_MODE_CBC</code>,那么指定的填充模式可以是 <code>KM_PAD_NONE</code> 或 <code>KM_PAD_PKCS7</code>。如果填充模式不符合这些要求,则返回 <code>KM_ERROR_INCOMPATIBLE_PADDING_MODE</code>。</p> + +<p>如果分块模式是 <code>KM_MODE_CBC</code>、<code>KM_MODE_CTR</code> 或 <code>KM_MODE_GCM</code>,则需要初始化矢量或随机数。在大多数情况下,调用程序都不应提供 IV 或随机数,而 Keymaster 实现必须要生成一个随机 IV 或随机数,并通过 <code>out_params</code> 中的 <a href="#km_tag_nonce">KM_TAG_NONCE</a> 将其返回。CBC IV 和 CTR IV 均为 16 个字节。GCM 随机数为 12 个字节。如果密钥授权包含 <a href="#km_tag_caller_nonce">KM_TAG_CALLER_NONCE</a>,那么调用程序可以通过 <code>in_params</code> 中的 <a href="#km_tag_nonce">KM_TAG_NONCE</a> 提供 IV/随机数。如果在 <a href="#km_tag_caller_nonce">KM_TAG_CALLER_NONCE</a> 未获得授权时提供了随机数,则返回 <code>KM_ERROR_CALLER_NONCE_PROHIBITED</code>。如果在 <a href="#km_tag_caller_nonce">KM_TAG_CALLER_NONCE</a> 获得了授权的情况下未提供随机数,则生成一个随机 IV/随机数。</p> + +<h4 id="hmac_keys">HMAC 密钥</h4> + +<p>执行 HMAC 密钥操作时,必须要在 <code>in_params</code> 中指定 <code>KM_TAG_MAC_LENGTH</code>。指定的值必须是 8 的倍数,并且不得大于摘要长度,也不得小于密钥授权中 <code>KM_TAG_MIN_MAC_LENGTH</code> 的值。如果 MAC 长度大于摘要长度或不是 8 的倍数,则返回 <code>KM_ERROR_UNSUPPORTED_MAC_LENGTH</code>。如果 MAC 长度小于密钥最小长度,则返回 <code>KM_ERROR_INVALID_MAC_LENGTH</code>。</p> + +<h3 id="update">update</h3> + +<p>用于提供要在通过 <a href="#begin">begin</a> 开始且正在进行的操作中处理的数据。操作是通过 <code>operation_handle</code> 参数指定的。</p> + +<p>为了更灵活地处理缓冲区,此方法的实现可以选择不消耗完收到的数据。调用程序负责执行循环操作,以便在后续调用中馈送其余数据。必须要在 <code>input_consumed</code> 参数中返回所消耗的输入数据量。实现必须始终消耗至少一个字节,除非相应操作无法再接受更多字节;如果收到了零个以上的字节,但消耗了零字节,调用程序会将此视为错误并中止相应操作。</p> + +<p>实现还可以选择返回多少数据(作为 update 的结果)。这仅与加密和解密操作有关,因为在调用 <a href="#finish">finish</a> 之前,签名和验证操作不会返回任何数据。建议尽早返回数据,而不是缓冲数据。</p> + +<h4 id="error_handling">错误处理</h4> + +<p>如果此方法返回除 <code>KM_ERROR_OK</code> 之外的错误代码,那么相应操作将被中止,操作句柄也必须变为无效。如果以后再将该句柄与此方法、<a href="#finish">finish</a> 或 <a href="#abort">abort</a> 配合使用,都必须返回 <code>KM_ERROR_INVALID_OPERATION_HANDLE</code>。</p> + +<h4 id="authorization_enforcement">密钥授权强制执行</h4> + +<p>密钥授权强制执行主要在 <a href="#begin">begin</a> 中进行。不过,密钥存在以下情况时例外:</p> + +<ul> + <li>有一个或多个 <a href="#km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</a>,并且</li><li>没有 <a href="#km_tag_auth_timeout">KM_TAG_AUTH_TIMEOUT</a> +</li></ul> + +<p>在这种情况下,密钥需要针对各项操作的授权,并且 update 方法必须要在 <code>in_params</code> 参数中收到 <a href="#km_tag_auth_token">KM_TAG_AUTH_TOKEN</a>。该令牌必须有效(HMAC 必须验证),必须包含匹配的安全用户 ID,必须与密钥的 <a href="#km_tag_mac_length">KM_TAG_USER_AUTH_TYPE</a> 匹配,并且必须包含质询字段中当前操作的操作句柄。如果不符合这些要求,则返回 <code>KM_ERROR_KEY_USER_NOT_AUTHENTICATED</code>。</p> + +<p>调用程序必须要在每次调用 <a href="#update">update</a> 和 <a href="#finish">finish</a> 时提供身份验证令牌。实现只需对该令牌验证一次(如果它倾向于这么做)。</p> + +<h4 id="rsa_keys">RSA 密钥</h4> + +<p>对于使用 <code>KM_DIGEST_NONE</code> 的签名和验证操作,此方法必须要在单次 update 中接受要签署或验证的整个分块。此方法不能只消耗分块的一部分。不过,如果调用程序选择在多次 update 中提供数据,此方法仍必须要在多次 update 中接受相应数据。如果调用程序提供的要签署的数据多于可以消耗的数据(数据长度超出 RSA 密钥大小),则返回 <code>KM_ERROR_INVALID_INPUT_LENGTH</code>。</p> + +<h4 id="ecdsa_keys">ECDSA 密钥</h4> + +<p>对于使用 <code>KM_DIGEST_NONE</code> 的签名和验证操作,此方法必须要在单次 update 中接受要签署或验证的整个分块。此方法不能只消耗分块的一部分。</p> + +<p>不过,如果调用程序选择在多次 update 中提供数据,此方法仍必须要在多次 update 中接受相应数据。如果调用程序提供的要签署的数据多于可以消耗的数据,则应以静默方式截断这些数据。(这与处理在类似 RSA 操作中提供的超量数据不同,因为此方法与旧版客户端兼容。)</p> + +<h4 id="aes_keys">AES 密钥</h4> + +<p>AES GCM 模式支持通过 <code>in_params</code> 参数中的 <a href="#km_tag_associated_data">KM_TAG_ASSOCIATED_DATA</a> 标记提供的“相关身份验证数据”。可以在重复调用(如果数据太大而无法在单个分块中发送,那么重复调用非常重要)中提供相关数据,但必须始终先于要加密或解密的数据提供。update 调用可以同时接收相关数据以及要加密/解密的数据,但后续 update 中不得包含相关数据。如果调用程序已在某次调用 update 时提供了要加密/解密的数据,若再次向 update 调用提供相关数据,则返回 <code>KM_ERROR_INVALID_TAG</code>。</p> + +<p>对于 GCM 加密,此标记会通过 <a href="#finish">finish</a> 附加到密文中。在解密期间,向上一次 update 调用提供的数据的最后 <code>KM_TAG_MAC_LENGTH</code> 个字节就是此标记。由于 <a href="#update">update</a> 的指定调用无法得知自己是否为最后一次调用,因此它必须处理除标记长度之外的所有数据,并缓冲可能的标记数据以便在调用 <a href="#finish">finish</a> 期间进行处理。</p> + +<h3 id="finish">finish</h3> + +<p>用于完成通过 <a href="#begin">begin</a> 开始且正在进行的操作,负责处理通过 <a href="#update">update</a> 提供的所有尚未处理的数据。</p> + +<p>此方法是操作期间调用的最后一个方法,因此必须返回所有处理后的数据。</p> + +<p>无论是成功完成还是返回错误,此方法都会结束相应操作,从而使收到的操作句柄无效。如果以后再将该句柄与此方法、<a href="#update">update</a> 或 <a href="#abort">abort</a> 配合使用,都必须返回 <code>KM_ERROR_INVALID_OPERATION_HANDLE</code>。</p> + +<p>签名操作将返回签名作为输出。验证操作将接受 <code>signature</code> 参数中的签名,并且不会返回任何输出。</p> + +<h4 id="authorization_enforcement">密钥授权强制执行</h4> + +<p>密钥授权强制执行主要在 <a href="#begin">begin</a> 中进行。不过,密钥存在以下情况时例外:</p> + +<ul> + <li>有一个或多个 <a href="#km_tag_user_secure_id">KM_TAG_USER_SECURE_ID</a>,并且</li><li>没有 <a href="#km_tag_auth_timeout">KM_TAG_AUTH_TIMEOUT</a> +</li></ul> + +<p>在这种情况下,密钥需要针对各项操作的授权,并且 update 方法必须要在 <code>in_params</code> 参数中收到 <a href="#km_tag_auth_token">KM_TAG_AUTH_TOKEN</a>。该令牌必须有效(HMAC 必须验证),必须包含匹配的安全用户 ID,必须与密钥的 <a href="#km_tag_mac_length">KM_TAG_USER_AUTH_TYPE</a> 匹配,并且必须包含质询字段中当前操作的操作句柄。如果不符合这些要求,则返回 <code>KM_ERROR_KEY_USER_NOT_AUTHENTICATED</code>。</p> + +<p>调用程序必须要在每次调用 <a href="#update">update</a> 和 <a href="#finish">finish</a> 时提供身份验证令牌。实现只需对该令牌验证一次(如果它倾向于这么做)。</p> + +<h4 id="rsa_keys">RSA 密钥</h4> + +<p>有一些附加要求,具体取决于填充模式:</p> + +<ul> + <li><strong>KM_PAD_NONE</strong>:对于非填充式签名和加密操作,如果收到的数据比密钥短,那么在签名/加密之前,必须要在数据左侧填充零来补齐。如果数据与密钥一样长度,但数值较大,则返回 <code>KM_ERROR_INVALID_ARGUMENT</code>。对于验证和解密操作,数据必须与密钥一样长。否则返回 <code>KM_ERROR_INVALID_INPUT_LENGTH.</code> + </li><li><strong>KM_PAD_RSA_PSS</strong>:对于 PSS 填充式签名操作,PSS 盐不得短于 20 个字节,并且必须是随机生成的。盐可以更长;参考实现使用的是长度最大的盐。调用 <a href="#begin">begin</a> 时在 <code>input_params</code> 中使用 <a href="#km_tag_digest">KM_TAG_DIGEST</a> 指定的摘要将用作 PSS 摘要算法,而 SHA1 将用作 MGF1 摘要算法。 + </li><li><strong>KM_PAD_RSA_OAEP</strong>:调用 <a href="#begin">begin</a> 时在 <code>input_params</code> 中使用 <a href="#km_tag_digest">KM_TAG_DIGEST</a> 指定的摘要将用作 OAEP 摘要算法,而 SHA1 将用作 MGF1 摘要算法。 +</li></ul> + +<h4 id="ecdsa_keys">ECDSA 密钥</h4> + +<p>如果为非填充式签名或验证操作提供的数据太长,则要将其截断。</p> + +<h4 id="aes_keys">AES 密钥</h4> + +<p>有一些附加要求,具体取决于分块模式:</p> + +<ul> + <li><strong>KM_MODE_ECB</strong> 或 <strong>KM_MODE_CBC</strong>:如果填充模式是 <code>KM_PAD_NONE</code>,并且数据长度不是 AES 分块大小的倍数,则返回 <code>KM_ERROR_INVALID_INPUT_LENGTH</code>。如果填充模式是 <code>KM_PAD_PKCS7</code>,则按照 PKCS#7 规范填充数据。请注意,PKCS#7 要求,如果数据长度是分块长度的倍数,则必须要添加一个额外的填充分块。 + </li><li><strong>KM_MODE_GCM</strong>:在加密期间,处理所有明文之后,会计算此标记(<a href="#km_tag_mac_length">KM_TAG_MAC_LENGTH</a> 个字节)并将其附加到返回的密文。在解密期间,会将最后 <a href="#km_tag_mac_length">KM_TAG_MAC_LENGTH</a> 个字节作为标记处理。如果标记验证失败,则返回 <code>KM_ERROR_VERIFICATION_FAILED</code>。</li></ul> + +<h3 id="abort">abort</h3> + +<p>用于中止正在进行的操作。在调用 abort 之后,如果后续再将收到的操作句柄与 <a href="#update">update</a>、<a href="#finish">finish</a> 或 <a href="#abort">abort</a> 配合使用,则返回 <code>KM_ERROR_INVALID_OPERATION_HANDLE</code>。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/security/overview/acknowledgements.html b/zh-cn/security/overview/acknowledgements.html new file mode 100644 index 00000000..a348736d --- /dev/null +++ b/zh-cn/security/overview/acknowledgements.html @@ -0,0 +1,864 @@ +<html devsite><head> + <title>Android 安全性致谢</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>Android 安全团队非常感谢以下个人和团队帮助提高 Android 安全性。他们或发现安全漏洞,并负责地通过 AOSP 错误跟踪工具<a href="https://code.google.com/p/android/issues/entry?template=Security%20bug%20report">安全错误报告</a>模板向我们报告,或提交对 Android 安全性具有积极影响的代码(包括符合<a href="https://www.google.com/about/appsecurity/patch-rewards/">补丁程序奖励</a>计划条件的代码),帮助提高了 Android 安全性。</p> + +<h2 id="2017">2017 年</h2> +<div style="LINE-HEIGHT:25px;"> + +<p>Google 动态工具团队的 Alexander Potapenko</p> + +<p>Alexandru Blanda</p> + +<p>阿里巴巴移动安全团队的 Baozeng Ding</p> + +<p>Ben Actis (<a href="https://twitter.com/ben_ra">@Ben_RA</a>)</p> + +<p>Android 安全团队的 Billy Lau</p> + +<p>百度安全实验室的包沉浮</p> + +<p>阿里巴巴移动安全团队的 Chengming Yang</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a></p> + +<p>Daniel Dakhno</p> + +<p>Copperhead Security 的 Daniel Micay</p> + +<p>腾讯玄武实验室的 Daxing Guo (<a href="https://twitter.com/freener0">@freener0</a>)</p> + +<p><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a href="https://twitter.com/derrekr6">@derrekr6</a>)</p> + +<p>腾讯科恩实验室 (<a href="https://twitter.com/keen_lab">@keen_lab</a>) 的 Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)</p> + +<p>加州大学圣巴巴拉分校 Shellphish Grill 团队的 donfos (Aravind Machiry)</p> + +<p><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a></p> + +<p><a href="http://www.ms509.com">MS509Team</a> 的 En He (<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>)</p> + +<p>索尼移动通信股份有限公司的 Fang Chen</p> + +<p>Chrome 的 Frank Liberato</p> + +<p>Project Zero 的 Gal Beniamini</p> + +<p>奇虎 360 科技有限公司 IceSword 实验室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)</p> + +<p>Google WebM 团队</p> + +<p><a href="http://www.360.com">奇虎 360 科技有限公司</a> Alpha 团队的龚广 (<a href="http://twitter.com/oldfresher">@oldfresher</a>)</p> + +<p>新加坡理工大学 (SIT) 的 Guangdong Bai</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:arnow117@gmail.com">Hanxiang Wen</a></p> + +<p>奇虎 360 科技有限公司 Alpha 团队的 Hao Chen</p> + +<p>索尼移动通信股份有限公司的 Hiroki Yamamoto</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:hlhan@bupt.edu.cn">Hongli Han</a></p> + +<p>Ian Foster (<a href="https://twitter.com/lanrat">@lanrat</a>)</p> + +<p>趋势科技的 Jack Tang</p> + +<p>Google 的 Jeff Sharkey</p> + +<p>Jeff Trim</p> + +<p><a href="https://skyeye.360safe.com">奇虎 360 天眼实验室</a>的 Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>)</p> + +<p>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)</p> + +<p>Jon Sawyer (<a href="http://twitter.com/jcase">@jcase</a>)</p> + +<p>阿里巴巴的 Jun Cheng</p> + +<p>百度安全实验室的韦韬</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a></p> + +<p>LINE Corporation 的 ma.la</p> + +<p>Google 的 Makoto Onuki</p> + +<p>Google 的 <a href="mailto:salyzyn@android.com">Mark Salyzyn</a></p> + +<p>Google 的 Max Spector:</p> + +<p>IBM X-Force 安全研究团队的 Michael Goberman</p> + +<p>特斯拉汽车公司产品安全团队的 Mike Anderson (<a href="https://twitter.com/manderbot">@manderbot</a>)</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)</p> + +<p>Monk Avel</p> + +<p>特斯拉汽车公司产品安全团队的 Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)</p> + +<p>LINE Corporation 的 Nikolay Elenkov</p> + +<p>阿里巴巴移动安全团队的 Ning You</p> + +<p>阿里巴巴移动安全团队的 Peng Xiao</p> + +<p>百度安全实验室的丁鹏飞</p> + +<p>趋势科技的 Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)</p> + +<p>奇虎 360 科技有限公司 IceSword 实验室的 <a href="http://weibo.com/jfpan">pjf</a></p> + +<p>腾讯科恩实验室的何淇丹 (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)</p> + +<p>奇虎 360 的 Qing Zhang</p> + +<p>蚂蚁金服巴斯光年安全实验室的 Quhe</p> + +<p>IBM X-Force 安全研究团队的 Roee Hay</p> + +<p>IBM X-Force 研发团队的 Sagi Kedmi</p> + +<p>DarkMatter 安全通信部门的 <a href="mailto:keun-o.park@darkmatter.ae">Sahara</a></p> + +<p>加州大学圣巴巴拉分校 Shellphish Grill 团队的 salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>)</p> + +<p>Scott Bauer (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>)</p> + +<p>Sean Beaupre (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>)</p> + +<p>趋势科技移动威胁研究团队的 Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)</p> + +<p>富士通的 Shinichi Matsumoto</p> + +<p><a href="http://www.byterev.com">ByteRev</a> 的 <a href="mailto:smarques84@gmail.com">Stéphane Marques</a></p> + +<p>Stephen Morrow</p> + +<p>Google 的 Svetoslav Ganov</p> + +<p>Tim Becker</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:segfault5514@gmail.com">Tong Lin</a></p> + +<p>Uma Sankar Pradhan (<a href="https://twitter.com/umasankar_iitd">@umasankar_iitd</a>)</p> + +<p><a href="http://www.trendmicro.com">趋势科技</a>移动威胁研究团队的 V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>)</p> + +<p>蚂蚁金服巴斯光年安全实验室的 wanchouchou</p> + +<p>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a></p> + +<p>奇虎 360 科技有限公司 Alpha 团队的 Wenlin Yang (<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>)</p> + +<p>蚂蚁金服巴斯光年安全实验室的<a href="http://www.weibo.com/wishlinux">吴潍浠</a> (<a href="https://twitter.com/wish_wu">@wish_wu</a>)</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:wisedd@gmail.com">Xiaodong Wang</a></p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 Xuxian Jiang</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:bigwyfone@gmail.com">Yanfeng Wang</a></p> + +<p>阿里巴巴移动安全团队的 Yang Song</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:yaojun8558363@gmail.com">Yao Jun</a></p> + +<p>阿里巴巴的王勇 (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>)</p> + +<p>奇虎 360 科技有限公司 IceSword 实验室的 Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>)</p> + +<p>奇虎 360 科技有限公司 Vulpecker 团队的 Yu Pan</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a></p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)</p> + +<p>腾讯安全平台部门的 Yuxiang Li (<a href="https://twitter.com/xbalien29">@Xbalien29</a>)</p> + +<p><a href="http://www.cmcm.com/">猎豹移动公司</a>安全研究实验室的 Zhanpeng Zhao(行之)(<a href="https://twitter.com/0xr0ot">@0xr0ot</a>)</p> + +<p><a href="http://www.nsfocus.com">NSFocus</a> 的 <a href="mailto:zhouzhenster@gmail.com">Zhen Zhou</a> (<a href="https://twitter.com/henices">@henices</a>)</p> + + <p><a href="http://www.nsfocus.com">NSFocus</a> 的 <a href="mailto:sundaywind2004@gmail.com">Zhixin Li</a></p> + + <p>奇虎 360 科技有限公司成都安全响应中心的 <a href="http://weibo.com/ele7enxxh">Zinuo Han</a></p> + + <p>Google 的 Zubin Mithra</p> + + </div> + +<h2 id="2016">2016 年</h2> + +<div style="LINE-HEIGHT:25px;"> + +<p>Google Chrome 安全团队的 Abhishek Arya</p> + +<p>Check Point Software Technologies Ltd. 的 Adam Donenfeld 等人</p> + +<p>Google 的 Adam Powell</p> + +<p>Context Information Security 的 Alex Chapman</p> + +<p><a href="http://www.isti.tu-berlin.de/security_in_telecommunications">Security in Telecommunications</a> 的 Altaf Shaik</p> + +<p>Andre Teixeira Rizzo</p> + +<p>Andrea Biondo</p> + +<p>Google 的 Andrei Kapishnikov</p> + +<p><a href="https://www.e2e-assure.com">e2e-assure</a> 的 Andy Tyler (<a href="https://twitter.com/ticarpi">@ticarpi</a>)</p> + +<p>CENSUS S.A. 的 Anestis Bechtsoudis (<a href="https://twitter.com/anestisb">@anestisb</a>)</p> + +<p>无声信息技术 <a href="http://www.pkav.net">PKAV</a> 的 Ao Wang (<a href="https://twitter.com/ArayzSegment">@ArayzSegment</a>)</p> +<p>腾讯安全平台部门的 Askyshang</p> + +<p>阿里巴巴移动安全团队的 Baozeng Ding</p> + +<p>Google Project Zero 的 Ben Hawkes</p> + +<p>Android 安全团队的 Billy Lau</p> + +<p>Google Telecom 团队的 Brad Ebinger</p> + +<p>Broadgate 团队</p> + +<p>Android 安全团队的 Chad Brubaker</p> + +<p>阿里巴巴移动安全团队的 Chao Yang</p> + +<p>百度安全实验室的包沉浮</p> + +<p>阿里巴巴移动安全团队的 Chengming Yang</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:zc1991@mail.ustc.edu.cn">Chi Zhang</a></p> + +<p><a href="http://www.360safe.com/">奇虎 360</a> <a href="http://c0reteam.org">C0RE 团队</a>的 Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)</p> + +<p>Christian Seel</p> + +<p>Google 的 Christopher Tate</p> + +<p>比雷埃夫斯大学的 <a href="mailto:kpatsak@unipi.gr">Constantinos Patsakis</a></p> + +<p>卡内基梅隆大学的 Cory Pruce</p> + +<p>阿姆斯特丹自由大学的 Cristiano Giuffrida</p> + +<p>Copperhead Security 的 Daniel Micay</p> + +<p>Google 的 David Benjamin</p> + +<p>Google Pixel C 团队的 David Riley</p> + +<p><a href="http://jaq.alibaba.com">阿里巴巴移动安全团队</a>的 Dawei Peng (<a href="http://weibo.com/u/5622360291">Vinc3nt4H</a>)</p> + +<p>腾讯科恩实验室 (<a href="https://twitter.com/keen_lab">@keen_lab</a>) 的 Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>)</p> + +<p>Google 的 Dianne Hackborn</p> + +<p>Google 动态工具团队的 Dmitry Vyukov</p> + +<p>布伦瑞克工业大学<a href="https://www.ibr.cs.tu-bs.de">操作系统和计算机网络学院</a>的 Dominik Schürmann</p> + +<p>加州大学河滨分校的 <a href="mailto:dshe002@ucr.edu">Dongdong She</a></p> + +<p>韩国科学技术院系统安全实验室的 Dongkwan Kim (<a href="mailto:dkay@kaist.ac.kr">dkay@kaist.ac.kr</a>)</p> + +<p>dosomder</p> + +<p>阿里巴巴移动安全团队的 dragonltx</p> + +<p>DS</p> + +<p>Dzmitry Lukyanenka (<a href="http://www.linkedin.com/in/dzima">www.linkedin.com/in/dzima</a>)</p> + +<p>趋势科技的徐健</p> + +<p>比雷埃夫斯大学的 <a href="mailto:talepis@unipi.gr">Efthimios Alepis</a></p> + +<p><a href="http://www.ms509.com">MS509Team</a> 的 En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>)</p> + +<p>Gal Beniamini(<a href="https://twitter.com/@laginimaineb">@laginimaineb</a>、<a href="http://bits-please.blogspot.com/">http://bits-please.blogspot.com</a>)</p> + +<p>奇虎 360 科技有限公司 0x031E 实验室的 Gengjia Chen (<a href="https://twitter.com/@chengjia4574">@chengjia4574</a>)</p> + +<p>腾讯科恩实验室的刘耕铭 (<a href="http://twitter.com/dmxcsnsbh">@dmxcsnsbh</a>)</p> + +<p><a href="https://www.epfl.ch">École polytechnique fédérale de Lausanne</a> 的 <a href="mailto:gpiskas@gmail.com">George Piskas</a></p> + +<p>加州大学圣巴巴拉分校的 Giovanni Vigna</p> + +<p>Google Android 团队的 Greg Kaiser</p> + +<p><a href="http://www.360.com/">奇虎 360 科技有限公司</a>的龚广 (<a href="https://twitter.com/oldfresher">@oldfresher</a>)</p> + +<p>加州大学河滨分校的 <a href="mailto:hzhan033@ucr.edu">Hang Zhang</a></p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:arnow117@gmail.com">Hanxiang Wen</a></p> + +<p>奇虎 360 科技有限公司 Vulpecker 团队的 Hao Chen</p> + +<p><a href="http://www.cmcm.com">猎豹移动公司</a>安全研究实验室的 Hao Qin</p> + +<p>阿姆斯特丹自由大学的 Herbert Bos</p> + +<p>韩国科学技术院系统安全实验室的 Hongil Kim (<a href="mailto:hongilk@kaist.ac.kr">hongilk@kaist.ac.kr</a>)</p> + +<p><a href="http://www.search-lab.hu/">Search-Lab Ltd.</a> 的 Imre Rad</p> + +<p><a href="http://www.iwobanas.com">Iwo Banas</a></p> + +<p>Mandiant(FireEye 旗下的一家公司)的 Jake Valletta</p> + +<p>Google Project Zero 的 James Forshaw</p> + +<p>Jann Horn (<a href="https://thejh.net/">https://thejh.net</a>)</p> + +<p><a href="http://keybase.io/jasonrogena">Jason Rogena</a></p> + +<p>Google 的 Jeremy C. Joslin</p> + +<p>腾讯 KEEN 实验室 (<a href="https://twitter.com/k33nteam">@K33nTeam</a>) 的 jfang</p> + +<p>奇虎 360 IceSword 实验室的 Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)</p> + +<p>Joshua Drake (<a href="https://twitter.com/jduck">@jduck</a>)</p> + +<p>Jouni Malinen PGP id EFC895FA</p> + +<p>Fortinet FortiGuard 实验室的 Kai Lu (<a href="https://twitter.com/K3vinLuSec">@K3vinLuSec</a>)</p> + +<p>Kandala Shivaram reddy</p> + +<p>阿姆斯特丹自由大学的 Kaveh Razavi</p> + +<p>Google 的 Kenny Root</p> + +<p>Google 的 Lee Campbell</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:zlbzlb815@163.com">Lubo Zhang</a></p> + +<p>Google 安全团队的 Maciej Szawłowski</p> + +<p>萨尔大学 CISPA 的 Madhu Priya Murugan</p> + +<p>Google 的 Makoto Onuki</p> + +<p>腾讯科恩实验室 (<a href="https://twitter.com/keen_lab">@keen_lab</a>) 的 Marco Grassi (<a href="https://twitter.com/marcograss">@marcograss</a>)</p> + +<p>Google 的 Marco Nelissen</p> + +<p>Google Project Zero 的 Mark Brand</p> + +<p>Google 的 Mark Renouf</p> + +<p>Google Chrome 安全团队的 Martin Barbella</p> + +<p>加州大学圣巴巴拉分校的 Martina Lindorfer</p> + +<p>Google 的 Max Spector</p> + +<p>瓶科技的 MengLuo Gou (<a href="https://twitter.com/idhyt3r">@idhyt3r</a>)</p> + +<p>Michał Bednarski (<a href="https://github.com/michalbednarski">github.com/michalbednarski</a>)</p> + +<p>Mike Maarse</p> + +<p>Android 安全团队的 Min Chong</p> + +<p><a href="http://www.360safe.com/">奇虎 360</a> <a href="http://c0reteam.org">C0RE 团队</a>的 Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)</p> + +<p>Google 的 Miriam Gershenson</p> + +<p>Vertu Corporation LTD 的 Nancy Wang</p> + +<p><a href="mailto:nasim@zamir.ca">Nasim Zamir</a></p> + +<p>特斯拉汽车公司产品安全团队的 Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)</p> + +<p>Qualcomm 产品安全计划的 Nico Golde (<a href="https://twitter.com/iamnion">@iamnion</a>)</p> + +<p>Nightwatch Cybersecurity Research (<a href="https://twitter.com/nightwatchcyber">@nightwatchcyber</a>)</p> + +<p>阿里巴巴移动安全团队的 Ning You</p> + +<p>Google 的 Oleksiy Vyalov</p> + +<p>Google Chrome 安全团队的 Oliver Chang</p> + +<p>Context Information Security 的 Paul Stone</p> + +<p>阿里巴巴移动安全团队的 Peng Xiao</p> + +<p>百度安全实验室的丁鹏飞</p> + +<p>趋势科技的 Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)</p> + +奇虎 360 IceSword 实验室的 <a href="http://weibo.com/jfpan">pjf</a><p></p> + +<p>Google 信息安全工程师团队的 Quan Nguyen</p> + +<p><a href="http://www.wooyun.org/">乌云 TangLab</a> 的 Qianwei Hu (<a href="mailto:rayxcp@gmail.com">rayxcp@gmail.com</a>)</p> + +<p>腾讯科恩实验室 (<a href="https://twitter.com/keen_lab">@keen_lab</a>) 的 Qidan He (<a href="https://twitter.com/@Flanker_hqd">@Flanker_hqd</a>)</p> + +<p>Richard Shupak</p> + +<p>Google 的 Ricky Wai</p> + +<p>Google 的 Robin Lee</p> + +<p>IBM X-Force 安全研究员 Roee Hay</p> + +<p>Roeland Krak</p> + +<p><a href="https://labs.mwrinfosecurity.com/">MWR 实验室</a>的 Romain Trouvé</p> + +<p>Lv51 团队的 Ronald L. Loor Vargas (<a href="https://twitter.com/loor_rlv">@loor_rlv</a>)</p> + +<p>IBM X-Force 安全研究员 Sagi Kedmi</p> + +<p>Google 的 Samuel Tan</p> + +<p>Google Telecom 团队的 Santos Cordon</p> + +<p><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)</p> + +<p>腾讯 KEEN 实验室 (<a href="https://twitter.com/k33nteam">@K33nTeam</a>) 的 Sen Nie (<a href="https://twitter.com/@nforest_">@nforest_</a>)</p> + +<p>卡巴斯基实验室的 Sergey Bobrov (<a href="http://twitter.com/Black2Fan">@Black2Fan</a>)</p> + +<p>趋势科技 (<a href="http://www.trendmicro.com">www.trendmicro.com</a>) 的 Seven Shen (<a href="https://twitter.com/@lingtongshen">@lingtongshen</a>)</p> + +<p>Google 的 Sharvil Nanavati</p> + +<p><a href="http://www.isti.tu-berlin.de/security_in_telecommunications">Security in Telecommunications</a> 的 Shinjo Park (<a href="https://twitter.com/ad_ili_rai">@ad_ili_rai</a>)</p> + +<p>Stuart Henderson</p> + +<p>新加坡管理大学的 Su Mon Kywe</p> + +<p>百度安全实验室的韦韬</p> + +<p>Thom Does</p> + +<p>华为公司的 Tieyan Li</p> + +<p>SentinelOne / RedNaga 的 Tim Strazzere (<a href="https://twitter.com/timstrazz">@timstrazz</a>)</p> + +<p>Google X 的 Tom Craig</p> + +<p>Tom Rootjunky</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:segfault5514@gmail.com">Tong Lin</a></p> + +<p>北京大学的 <a href="mailto:litongxin1991@gmail.com">Tongxin Li</a></p> + +<p>trotmaster (<a href="https://twitter.com/trotmaster99">@trotmaster99</a>)</p> + +<p>Vasily Vasilev</p> + +<p>Google 的 Victor Chang</p> + +<p>阿姆斯特丹自由大学的 Victor van der Veen</p> + +<p>Google 的 Vignesh Venkatasubramanian</p> + +<p>Android 安全团队的 Vishwath Mohan</p> + +<p>腾讯玄武实验室的 Wei Wei (<a href="https://twitter.com/Danny__Wei">@Danny__Wei</a>)</p> + +<p>阿里巴巴的 Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>)</p> + +<p>腾讯科恩实验室 (<a href="https://twitter.com/keen_lab">@keen_lab</a>) 的 Wen Niu (<a href="https://twitter.com/NWMonster">@NWMonster</a>)</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:vancouverdou@gmail.com">Wenke Dou</a></p> + +<p>奇虎 360 科技有限公司 Alpha 团队的 Wenlin Yang</p> + +<p>William Roberts (<a href="mailto:william.c.roberts@intel.com">william.c.roberts@intel.com</a>)</p> + +<p><a href="http://www.trendmicro.com">趋势科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">移动威胁响应团队</a>的<a href="http://weibo.com/wishlinux">吴潍浠</a> (<a href="https://twitter.com/wish_wu">@wish_wu</a>)</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:wisedd@gmail.com">Xiaodong Wang</a></p> + +<p>印第安纳大学布卢明顿分校的 <a href="mailto:xw7@indiana.edu">Xiaofeng Wang</a></p> + +<p>腾讯安全平台部门的 Xiling Gong</p> + +<p><a href="http://www.alibaba.com/">阿里巴巴</a>的何星宇 (<a href="https://twitter.com/Spid3r_">@Spid3r_</a>)</p> + +<p>北京大学的 <a href="mailto:hanxinhui@pku.edu.cn">Xinhui Han</a></p> + +<p><a href="http://www.360safe.com/">奇虎 360</a> <a href="http://c0reteam.org">C0RE 团队</a>的 Xuxian Jiang</p> + +<p>Android Bionic 团队的 Yabin Cui</p> + +<p>中国科学院软件研究所 TCA 实验室的 Yacong Gu</p> + +<p><a href="https://wwws.nightwatchcybersecurity.com">Nightwatch Cybersecurity</a> 的 Yakov Shafranovich</p> + +<p>阿里巴巴移动安全团队的 Yang Dong</p> + +<p>阿里巴巴移动安全团队的 Yang Song</p> + +<p>加州大学圣巴巴拉分校的 Yanick Fratantonio</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 <a href="mailto:yaojun8558363@gmail.com">Yao Jun</a></p> + +<p>印第安纳大学布卢明顿分校的 <a href="mailto:luc2yj@gmail.com">Yeonjoon Lee</a></p> + +<p>阿里巴巴移动安全团队的 Yi Zhang</p> + +<p>新加坡管理大学的 Yingjiu Li</p> + +<p>华为公司 SCC Eagleye 团队的 Yong Shi</p> + +<p>阿里巴巴的王勇 (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>)</p> + +<p>腾讯玄武实验室的 Yongke Wang (<a href="https://twitter.com/Rudykewang">@Rudykewang</a>)</p> + +<p>华为公司的 Yongzheng Wu</p> + +<p><a href="http://c0reteam.org">C0RE 团队</a>的 Yuan-Tsung Lo (<a href="mailto:computernik@gmail.com">computernik@gmail.com</a>)</p> + +<p>百度安全实验室的 Yulong Zhang</p> + +<p>密歇根大学安娜堡分校的 <a href="http://yurushao.info">Yuru Shao</a></p> + +<p>腾讯安全平台部门的 Yuxiang Li (<a href="https://twitter.com/xbalien29">@Xbalien29</a>)</p> + +<p>Android 安全团队的 Zach Riggle (<a href="https://twitter.com/@ebeip90">@ebeip90</a>)</p> + +<p><a href="http://www.cmcm.com">猎豹移动公司</a>安全研究实验室的 Zhanpeng Zhao(行之)(<a href="https://twitter.com/0xr0ot">@0xr0ot</a>)</p> + +<p>奇虎 360 科技有限公司成都安全响应中心的金哲</p> + +<p>加州大学河滨分校的 <a href="mailto:zhiyunq@cs.ucr.edu">Zhiyun Qian</a></p> + +<p>无声信息技术 <a href="http://www.pkav.net">PKAV</a> 的 <a href="http://weibo.com/ele7enxxh">Zinuo Han</a></p> + +<p>Google 的 Zubin Mithra</p> + +</div> + +<h2 id="2015">2015 年</h2> + +<div style="LINE-HEIGHT:25px;"> +<p>Google Chrome 安全团队的 Abhishek Arya</p> + +<p>Alex Copot</p> + +<p>Alex Eubanks</p> + +<p>Alexandru Blanda</p> + +<p>Arne Swinnen (<a href="https://www.arneswinnen.net/">www.arneswinnen.net</a>)</p> + +<p>Artem Chaykin</p> + +<p>Ben Hawkes</p> + +<p>Brennan Lautner</p> + +<p>奇虎 360 C0RE 团队的 Chiachih Wu</p> + +<p>Darmstadt (siegfried.rasthofer@gmail.com)</p> + +<p>Copperhead Security 的 Daniel Micay (daniel.micay@copperhead.co)</p> + +<p>韩国科学技术院系统安全实验室的 Dongkwan Kim (dkay@kaist.ac.kr)</p> + +<p>阿里巴巴移动安全团队的 dragonltx</p> + +<p>Gal Beniamini (<a href="http://bits-please.blogspot.com/">http://bits-please.blogspot.com</a>)</p> + +<p><a href="http://www.360.cn/">奇虎 360 科技有限公司</a>的龚广(<a href="https://twitter.com/oldfresher">@oldfresher</a>、higongguang@gmail.com)</p> + +<p>韩国科学技术院系统安全实验室的 Hongil Kim (hongilk@kaist.ac.kr)</p> + +<p>Google Project Zero 的 Ian Beer</p> + +<p>阿根廷布宜诺斯艾利斯 Dr. Manuel Sadosky 基金会 Programa STIC 的 Iván Arce (@4Dgifts)</p> + +<p>趋势科技的 Jack Tang (@jacktang310)</p> + +<p><a href="http://security.utexas.edu/">德克萨斯州大学奥斯汀分校</a>的 jgor (<a href="https://twitter.com/indiecom">@indiecom</a>)</p> + +<p>阿根廷布宜诺斯艾利斯 Dr. Manuel Sadosky 基金会 Programa STIC 的 Joaquín Rinaudo (@xeroxnir)</p> + +<p>Exodus Intelligence 的 Jordan Gruskovnjak (@jgrusko)</p> + +<p>Zimperium 的 Joshua Drake</p> + +<p>奇虎 360 C0RE 团队的 Lei Wu</p> + +<p><a href="http://k33nteam.org/">碁震安全研究团队</a> (<a href="https://twitter.com/k33nteam">@K33nTeam</a>) 的 Marco Grassi (<a href="https://twitter.com/marcograss">@marcograss</a>)</p> + +<p>EmberMitre Ltd 的 Mark Carter (<a href="https://twitter.com/hanpingchinese">@hanpingchinese</a>)</p> + +<p>Google Chrome 安全团队的 Martin Barbella</p> + +<p><a href="https://www.mitre.org/">MITRE Corporation</a> 的 Michael Peck (mpeck@mitre.org)</p> + +<p>Michał Bednarski (<a href="https://github.com/michalbednarski">https://github.com/michalbednarski</a>)</p> + +<p>上奥地利/哈根贝格应用科学大学 JR-Center u'smile 的 Michael Roland</p> + +<p>Google Project Zero 的 Natalie Silvanovich</p> + +<p>Google Chrome 安全团队的 Oliver Chang</p> + +<p>趋势科技的 Peter Pi</p> + +<p>奇虎 360 科技有限公司的 Ping Li</p> + +<p>碁震安全研究团队(@K33nTeam、<a href="http://k33nteam.org/">http://k33nteam.org/</a>)的 Qidan He (@flanker_hqd)</p> + +<p>Roee Hay 和 Or Peles</p> + +<p>趋势科技的 Seven Shen</p> + +<p>EC SPRIDE 工业大学<a href="https://blogs.uni-paderborn.de/sse/">安全软件工程团队</a>的 Siegfried Rasthofer</p> + +<p><a href="https://www.sit.fraunhofer.de/">Fraunhofer SIT</a> 移动安全测试实验室的 Stephan Huber (Stephan.Huber@sit.fraunhofer.de)</p> + +<p>Google Project Zero 的 Steven Vittitoe</p> + +<p><a href="http://tonybeltramelli.com/">tonybeltramelli.com</a> 的 Tony Beltramelli (<a href="https://twitter.com/Tbeltramelli">@Tbeltramelli</a>)</p> + +<p>Tzu-Yin (Nina) Tai</p> + +<p>百度 X-Team 的 Wangtao(neobyte)</p> + +<p>碁震安全研究团队(@K33nTeam、<a href="http://k33nteam.org/">http://k33nteam.org/</a>)的 Wen Xu (@antlr7)</p> + +<p>William Roberts (<a href="mailto:william.c.roberts@intel.com">william.c.roberts@intel.com</a>)</p> + +<p>趋势科技的吴潍浠 (@wish_wu)</p> + +<p>奇虎 360 C0RE 团队的 Xuxian Jiang</p> + +<p>奇虎 360 C0RE 团队的 Yajin Zhou</p> + +</div> + +<h2 id="2014">2014 年</h2> +<div style="LINE-HEIGHT:25px;"> + +<p><a href="https://banno.com/">Banno</a> 的 Aaron Mangel (<a href="mailto:amangel@gmail.com">amangel@gmail.com</a>)</p> + +<p>Alex Park (<a href="https://twitter.com/saintlinu">@saintlinu</a>)</p> + +<p>Alexandru Gheorghita</p> + +<p><a href="https://www.facebook.com">Facebook</a> 的 <a href="https://twitter.com/isciurus">Andrey Labunets</a></p> + +<p><a href="http://www.corkami.com">Ange Albertini</a> (<a href="https://twitter.com/angealbertini">@angealbertini</a>)</p> + +<p>Fortinet FortiGuard 实验室的 Axelle Apvrille</p> + +<p><a href="https://www.aspectsecurity.com/">Aspect Security</a> 的 <a href="http://www.linkedin.com/in/danamodio">Dan Amodio</a> (<a href="https://twitter.com/DanAmodio">@DanAmodio</a>)</p> + +<p><a href="http://davidmurdoch.com">David Murdoch</a></p> + +<p><a href="https://labs.mwrinfosecurity.com/">MWR 实验室</a>的 Henry Hoggard (<a href="https://twitter.com/henryhoggard">@HenryHoggard</a>)</p> + +<p><a href="http://www.search-lab.hu/">Search-Lab Ltd.</a> 的 Imre Rad</p> + +<p><a href="http://thejh.net/">Jann Horn</a> <a href="https://android-review.googlesource.com/#/c/98197/"><img style="vertical-align:middle;" src="../images/tiny-robot.png" alt="绿色机器人补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/> +</a></p> + +<p><a href="http://www.bluebox.com/">Bluebox Security</a> 的 Jeff Forristal</p> + +<p><a href="https://labs.mwrinfosecurity.com/">MWR 实验室</a>的 <a href="http://blog.redfern.me/">Joseph Redfern</a> <br />(<a href="https://twitter.com/JosephRedfern">@JosephRedfern</a>)</p> + +<p><a href="https://www.samsungknox.com/">三星 KNOX 安全团队</a>的 Kunal Patel (<a href="mailto:kunal.patel1@samsung.com">kunal.patel1@samsung.com</a>)</p> + +<p><a href="http://www.linkedin.com/in/luander">Luander Michel Ribeiro</a> (<a href="https://twitter.com/luanderock">@luanderock</a>)</p> + +<p>印第安纳大学布卢明顿分校的 <a href="http://homes.soic.indiana.edu/luyixing">Luyi Xing</a> (<a href="mailto:xingluyi@gmail.com">xingluyi@gmail.com</a>)</p> + +<p>Marc Blanchou (<a href="https://twitter.com/marcblanchou">@marcblanchou</a>)</p> + +<p>Mathew Solnik (<a href="https://twitter.com/msolnik">@msolnik</a>)</p> + +<p><a href="https://github.com/michalbednarski">Michał Bednarski</a></p> + +<p>犹他大学的 <a href="http://www.cs.utah.edu/~rsas/">Raimondas Sasnauskas</a></p> + +<p>美国国家安全局<a href="https://www.nsa.gov/research/ia_research/">可信系统研究团队</a>的 Robert Craig +<a href="https://android-review.googlesource.com/#/q/owner:%22Robert+Craig+%253Crpcraig%2540tycho.ncsc.mil%253E%22+status:merged"> +<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/></a></p> + +<p><a href="http://www.samsung.com">三星移动</a></p> + +<p>犹他大学的 Scotty Bauer (<a href="mailto:sbauer@eng.utah.edu">sbauer@eng.utah.edu</a>)</p> + +<p>Sebastian Brenza</p> + +<p>EC SPRIDE 达姆施塔特工业大学<a href="https://blogs.uni-paderborn.de/sse/">安全软件工程团队</a>的 Siegfried Rasthofer (<a href="mailto:siegfried.rasthofer@gmail.com">siegfried.rasthofer@gmail.com</a>)</p> + +<p><a href="http://www.sonymobile.com">索尼移动</a></p> + +<p><a href="https://www.sit.fraunhofer.de/">Fraunhofer SIT</a> 移动安全测试实验室的 Stephan Huber (<a href="mailto:Stephan.Huber@sit.fraunhofer.de">Stephan.Huber@sit.fraunhofer.de</a>)</p> + +<p>美国国家安全局<a href="https://www.nsa.gov/research/ia_research/">可信系统研究团队</a>的 Stephen Smalley +<a href="https://android-review.googlesource.com/#/q/owner:%22Stephen+Smalley+%253Csds%2540tycho.nsa.gov%253E%22+status:merged"> +<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/></a></p> + +<p>EC SPRIDE 达姆施塔特工业大学<a href="http://sseblog.ec-spride.de/">安全软件工程团队</a>的 Steven Arzt (<a href="mailto:Steven.Arzt@ec-spride.de">Steven.Arzt@ec-spride.de</a>)</p> + +<p><a href="https://www.facebook.com">Facebook</a> 的 <a href="http://www.subodh.io">Subodh Iyengar</a></p> + +<p>北京大学的 Tongxin Li (<a href="mailto:litongxin1991@gmail.com">litongxin1991@gmail.com</a>)</p> + +<p><a href="http://www.themeninthemiddle.com">The Men in the Middle</a> 的 <a href="http://www.linkedin.com/in/tonytrummer/">Tony Trummer</a> <br />(<a href="https://twitter.com/SecBro1">@SecBro1</a>)</p> + +<p><a href="https://www.linkedin.com/in/tdalvi">Tushar Dalvi</a> (<a href="https://twitter.com/tushardalvi">@tushardalvi</a>)</p> + +<p><a href="https://plus.google.com/u/0/109528607786970714118">Valera Neronov</a></p> + +<p><a href="http://xteam.baidu.com">百度 X-Team</a> 的 Wang Tao (<a href="mailto:wintao@gmail.com">wintao@gmail.com</a>)</p> + +<p><a href="http://xteam.baidu.com">百度 X-Team</a> 的 Wang Yu (<a href="https://twitter.com/xi4oyu">@xi4oyu</a>)</p> + +<p><a href="https://www.facebook.com">Facebook</a> 的 <a href="http://www.shackleton.io/">Will Shackleton</a></p> + +<p><a href="http://www.linkedin.com/in/billcroberts">William Roberts</a> (<a href="mailto:bill.c.roberts@gmail.com">bill.c.roberts@gmail.com</a>) +<a href="https://android-review.googlesource.com/#/q/owner:bill.c.roberts%2540gmail.com+status:merged"> +<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/></a></p> + +<p>印第安纳大学布卢明顿分校的 <a href="http://www.informatics.indiana.edu/xw7/">Xiaofeng Wang</a> (<a href="mailto:xw7@indiana.edu">xw7@indiana.edu</a>)</p> + +<p><a href="http://www.cs.indiana.edu/~zhou/">印第安纳大学布卢明顿分校</a>的 Xiaoyong Zhou <br />(<a href="https://twitter.com/xzhou">@xzhou</a>、<a href="mailto:zhou.xiaoyong@gmail.com">zhou.xiaoyong@gmail.com</a>)</p> + +<p>北京大学的 Xinhui Han (<a href="mailto:hanxinhui@pku.edu.cn">hanxinhui@pku.edu.cn</a>)</p> + +<p>印第安纳大学布卢明顿分校的 Yeonjoon Lee (<a href="mailto:luc2yj@gmail.com">luc2yj@gmail.com</a>)</p> + +<p><a href="http://www.androbugs.com">林禹成</a> (<a href="https://twitter.com/AndroBugs">@AndroBugs</a>)</p> + +<p><a href="http://xteam.baidu.com">百度 X-Team</a> 的 Zhang Dong Hui (<a href="http://weibo.com/shineastdh">shineastdh</a>)</p> + +</div> + +<h2 id="2013">2013 年</h2> + +<div style="LINE-HEIGHT:25px;"> + +<p><a href="http://www.ecommera.com/">eCommera</a> 的 <a href="https://tsarstva.bg/sh/">Ivaylo Marinkov</a> (<a href="mailto:ivo@tsarstva.bg">ivo@tsarstva.bg</a>)</p> + +<p><a href="http://appliedcybersecurity.com/">Applied Cybersecurity LLC</a> 的 Jon Sawyer (<a href="mailto:jon@cunninglogic.com">jon@cunninglogic.com</a>)</p> + +<p><a href="http://www.accuvant.com/">Accuvant LABS</a> 的 Joshua J. Drake (<a href="https://twitter.com/jduck">@jduck</a>) +<a href="https://android-review.googlesource.com/#/q/change:72228+OR+change:72229"> +<img style="vertical-align:middle" src="../images/patchreward.png" alt="补丁程序奖励符号" title="此人符合参加补丁程序奖励计划的条件!"/></a></p> + +<p>Kan Yuan</p> + +<p><a href="http://raonsecurity.com/">RaonSecurity</a> 的 Lucas Yang(amadoh4ck、<a href="mailto:amadoh4ck@gmail.com">amadoh4ck@gmail.com</a>)</p> + +<p>印第安纳大学布卢明顿分校的 <a href="http://homes.soic.indiana.edu/luyixing">Luyi Xing</a> (<a href="mailto:xingluyi@gmail.com">xingluyi@gmail.com</a>)</p> + +<p><a href="https://isecpartners.com/">iSEC Partners</a> 的 <a href="https://lacklustre.net/">Mike Ryan</a> +<br />(<a href="https://twitter.com/mpeg4codec">@mpeg4codec</a>、<a href="mailto:mikeryan@isecpartners.com">mikeryan@isecpartners.com</a>)</p> + +<p><a href="http://illinois.edu/">伊利诺伊大学厄巴纳-尚佩恩分校</a>的 <a href="http://cryptoonline.com/">Muhammad Naveed</a> +<br />(<a href="mailto:naveed2@illinois.edu">naveed2@illinois.edu</a>)</p> + +<p>Qualcomm 产品安全计划</p> + +<p><a href="https://securityresear.ch/">Roee Hay</a>(<a href="https://twitter.com/roeehay">@roeehay</a>、<a href="mailto:roeehay@gmail.com">roeehay@gmail.com</a>)</p> + +<p>美国国家安全局<a href="https://www.nsa.gov/research/ia_research/">可信系统研究团队</a>的 Robert Craig +<a href="https://android-review.googlesource.com/#/q/owner:%22Robert+Craig+%253Crpcraig%2540tycho.ncsc.mil%253E%22+status:merged"> +<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/></a></p> + +<p>IOActive 的 Ruben Santamarta (<a href="https://twitter.com/reversemode">@reversemode</a>)</p> + +<p>美国国家安全局<a href="https://www.nsa.gov/research/ia_research/">可信系统研究团队</a>的 Stephen Smalley +<a href="https://android-review.googlesource.com/#/q/owner:%22Stephen+Smalley+%253Csds%2540tycho.nsa.gov%253E%22+status:merged"> +<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/></a></p> + +<p><a href="http://www.linkedin.com/in/billcroberts">William Roberts</a> (<a href="mailto:bill.c.roberts@gmail.com">bill.c.roberts@gmail.com</a>) +<a href="https://android-review.googlesource.com/#/q/owner:bill.c.roberts%2540gmail.com+status:merged"> +<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/></a></p> + +<p>印第安纳大学布卢明顿分校的 Xiaorui Pan (<a href="mailto:eagle200467@gmail.com">eagle200467@gmail.com</a>)</p><p> + +</p><p>印第安纳大学布卢明顿分校的 XiaoFeng Wang (<a href="mailto:xw7@indiana.edu">xw7@indiana.edu</a>)</p> + +</div> + +<h2 id="2012">2012 年</h2> + +<div style="LINE-HEIGHT:25px;"> + +<p><a href="https://viaforensics.com/">viaForensics</a> 的 David Weinstein (<a href="https://twitter.com/insitusec">@insitusec</a>)</p> + +<p><a href="http://thejh.net/">Jann Horn</a></p> + +<p>柏林工业大学的 Ravishankar Borgaonkari (<a href="https://twitter.com/raviborgaonkar">@raviborgaonkar</a>)</p> + +<p>美国国家安全局<a href="https://www.nsa.gov/research/ia_research/">可信系统研究团队</a>的 Robert Craig +<a href="https://android-review.googlesource.com/#/q/owner:%22Robert+Craig+%253Crpcraig%2540tycho.ncsc.mil%253E%22+status:merged"> +<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/></a></p> + +<p><a href="http://roeehay.blogspot.com/">Roee Hay</a>(<a href="https://twitter.com/roeehay">@roeehay</a>、<a href="mailto:roeehay@gmail.com">roeehay@gmail.com</a>)</p> + +<p>美国国家安全局<a href="https://www.nsa.gov/research/ia_research/">可信系统研究团队</a>的 Stephen Smalley +<a href="https://android-review.googlesource.com/#/q/owner:%22Stephen+Smalley+%253Csds%2540tycho.nsa.gov%253E%22+status:merged"> +<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/></a></p> + +<p><a href="http://www.linkedin.com/in/billcroberts">William Roberts</a> (<a href="mailto:bill.c.roberts@gmail.com">bill.c.roberts@gmail.com</a>) +<a href="https://android-review.googlesource.com/#/q/owner:bill.c.roberts%2540gmail.com+status:merged"> +<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="补丁程序符号" title="此人贡献了有助于提高 Android 安全性的代码"/></a></p> + +</div> + +<h2 id="2011">2011 年</h2> + +<div style="LINE-HEIGHT:25px;"> + +<p><a href="http://www.mulliner.org/collin/academic">MUlliNER.ORG</a> 的 Collin Mulliner (<a href="https://twitter.com/collinrm">@collinrm</a>)</p> + +</div> + +<h2 id="2009">2009 年</h2> + +<div style="LINE-HEIGHT:25px;"> + +<p>Charlie Miller (<a href="https://twitter.com/0xcharlie">@0xcharlie</a>)</p> + +<p><a href="http://www.mulliner.org/collin/academic">MUlliNER.ORG</a> 的 Collin Mulliner (<a href="https://twitter.com/collinrm">@collinrm</a>)</p> + +</div> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/security/trusty/trusty-ref.html b/zh-cn/security/trusty/trusty-ref.html new file mode 100644 index 00000000..4d0277cb --- /dev/null +++ b/zh-cn/security/trusty/trusty-ref.html @@ -0,0 +1,962 @@ +<html devsite><head> + <title>Trusty API 参考</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><a href="index.html">Trusty</a> API 描述了 Trusty 进程间通信 (IPC) 系统,包括与非安全域的通信。本页中提供了相关术语的定义以及关于 API 调用的参考内容。</p> + +<h2 id="ports_and_channels">端口和通道</h2> + +<p>Trusty 应用使用端口以具名路径的形式显示客户端连接到的服务端点。这可以提供一个非常简单且采用字符串形式的服务 ID 供客户端使用。端口采用反向 DNS 式命名惯例,例如 <code>com.google.servicename</code>。</p> + +<p>当客户端连接到端口时,会收到一个用于与相应服务交互的通道。相应服务必须接受外来连接;并且在接受后,也会收到一个通道。实质上,端口会被用来查找服务,以便通过一对已连接的通道(即端口上的连接实例)进行通信。当客户端连接到端口时,客户端和服务器之间会建立一个对称的双向连接。借助这种全双工路径,客户端和服务器可以交换任意消息,直到任一方决定断开连接为止。</p> + +<p>只有安全端可信应用或 Trusty 内核模块可以创建端口。在非安全端(普通域)运行的应用只能连接到安全端发布的服务。</p> + +<p>可信应用可以同时是客户端和服务器,具体取决于相关要求。发布服务的可信应用(作为服务器)可能需要连接到其他服务(作为客户端)。</p> + +<h2 id="handle_api">Handle API</h2> + +<p>句柄是表示资源(例如端口和通道)的未签名整数,与 UNIX 中的文件描述符类似。句柄创建好后,会被放入到应用专用句柄表格中,并可供以后参考引用。</p> + +<p>调用程序可以使用 <code>set_cookie()</code> 方法将私密数据与句柄相关联。</p> + +<h3 id="methods_handle_api">Handle API 中的方法</h3> + +<p>句柄仅在应用环境中有效。除非已明确指定,否则应用不得将句柄的值传递给其他应用。只能通过与 <code>INVALID_IPC_HANDLE #define,</code>(应用可以使用它来表明句柄无效或未设置)进行比较的方式来解译句柄的值。</p> + +<h4 id="set_cookie">set_cookie()</h4> + +<p>用于将调用程序提供的私密数据与指定句柄相关联。</p> + +<pre class="prettyprint"> +long set_cookie(uint32_t handle, void *cookie) +</pre> + +<p>[输入] <code>handle</code>:其中一个 API 调用返回的任意句柄</p> + +<p>[输入] <code>cookie</code>:一个指针,指向 Trusty 应用中的任意用户空间数据</p> + +<p>[返回值]:如果操作成功了,则为 <code>NO_ERROR</code>;否则为 <code>< 0</code> 错误代码</p> + +<p>处理在句柄创建一段时间后发生的事件时,此调用非常有用。事件处理机制会将相应句柄及其 Cookie 返回给事件处理程序。</p> + +<p>通过使用 <code>wait()</code> 或 <code>wait_any()</code> 调用,可以等待句柄上发生事件。</p> + +<h4 id="wait">wait()</h4> + +<p>用于在指定时间段内等待指定句柄上发生事件。</p> + +<pre class="prettyprint"> +long wait(uint32_t handle_id, uevent_t *event, unsigned long timeout_msecs) +</pre> + +<p>[输入] <code>handle_id</code>:其中一个 API 调用返回的任意句柄</p> + +<p>[输出] <code>event</code>:一个指针,指向表示相应句柄上所发生事件的结构</p> + +<p>[输入] <code>timeout_msecs</code>:超时值(以毫秒计);-1 表示无限制超时</p> + +<p>[返回值]:如果在指定的超时间隔内发生了有效事件,则为 <code>NO_ERROR</code>;如果指定的超时时间已过,但未发生任何事件,则为 <code>ERR_TIMED_OUT</code>;如果是其他错误,则为 <code>< 0</code></p> + +<h4 id="wait_any">wait_any()</h4> + +<p>用于在指定时间段内等待应用句柄表格中的任意句柄上发生任意事件。</p> + +<pre class="prettyprint"> +long wait_any(uevent_t *event, unsigned long timeout_msecs); +</pre> + +<p>[输出] <code>event</code>:一个指针,指向表示相应句柄上所发生事件的结构</p> + +<p>[输入] <code>timeout_msecs</code>:超时值(以毫秒计)。-1 表示无限制超时</p> + +<p>[返回值]:如果在指定的超时间隔内发生了有效事件,则为 <code>NO_ERROR</code>;如果指定的超时时间已过,但未发生任何事件,则为 <code>ERR_TIMED_OUT</code>;如果是其他错误,则为 <code>< 0</code></p> + +<p>如果操作成功了 (<code>retval == NO_ERROR</code>),<code>wait()</code> 和 <code>wait_any()</code> 调用会在指定的 <code>uevent_t</code> 结构内填入与发生的事件相关的信息。</p> + +<pre class="prettyprint"> +typedef struct uevent { + uint32_t handle; /* handle this event is related to */ + uint32_t event; /* combination of IPC_HANDLE_POLL_XXX flags */ + void *cookie; /* cookie associated with this handle */ +} uevent_t; +</pre> + +<p><code>event</code> 字段中包含以下值的组合:</p> + +<pre class="prettyprint"> +enum { + IPC_HANDLE_POLL_NONE = 0x0, + IPC_HANDLE_POLL_READY = 0x1, + IPC_HANDLE_POLL_ERROR = 0x2, + IPC_HANDLE_POLL_HUP = 0x4, + IPC_HANDLE_POLL_MSG = 0x8, + IPC_HANDLE_POLL_SEND_UNBLOCKED = 0x10, + … more values[TBD] +}; +</pre> + +<p><code>IPC_HANDLE_POLL_NONE</code> - 没有任何事件实际上在等待处理,调用程序应重新开始等待</p> + +<p><code>IPC_HANDLE_POLL_ERROR</code> - 发生未指定的内部错误</p> + +<p><code>IPC_HANDLE_POLL_READY</code> - 取决于句柄类型,具体如下:</p> + +<ul> + <li>对于端口,该值表示有待处理的连接</li><li>对于通道,该值表示已建立异步连接(请参阅 <code>connect()</code>)</li></ul> + +<p>以下事件仅与通道有关:</p> + +<ul> + <li><code>IPC_HANDLE_POLL_HUP</code> - 表示某个通道已被对端关闭</li><li><code>IPC_HANDLE_POLL_MSG</code> - 表示相应通道有待处理的消息</li><li><code>IPC_HANDLE_POLL_SEND_UNBLOCKED</code> - 表示之前所发消息被屏蔽的调用程序可以尝试再次发送消息(有关详情,请参阅 <code>send_msg()</code> 的说明)</li></ul> + +<p>由于可能同时设置了多个位,因此应使事件处理程序做好准备,以处理指定事件的组合。例如,对于通道来说,可能会在有待处理的消息时,连接被对端关闭。</p> + +<p>大多数事件都是粘滞事件。只要基本条件存在,它们就会一直存在(例如,所有待处理的消息都会被接收,所有待处理的连接请求都会被处理)。<code>IPC_HANDLE_POLL_SEND_UNBLOCKED</code> 事件属于例外情况:消息一旦被读取,该事件便会被立即清除,并且应用只有一次对其进行处理的机会。</p> + +<p>通过调用 <code>close()</code> 方法,可以销毁句柄。</p> + +<h4 id="close">close()</h4> + +<p>用于销毁与指定句柄关联的资源,并将指定句柄从句柄表格中移除。</p> + +<pre class="prettyprint"> +long close(uint32_t handle_id); +</pre> + +<p>[输入] <code>handle_id</code>:要销毁的句柄</p> + +<p>[返回值]:如果操作成功了,则为 0;否则为表示错误的负数</p> + +<h2 id="server_api">Server API</h2> + +<p>服务器首先会创建一个或多个表示其服务端点的<strong>具名端口</strong>。每个端口都由一个句柄来表示。</p> + +<h3 id="methods_server_api">Server API 中的方法</h3> + +<h4 id="port_create">port_create()</h4> + +<p>用于创建具名服务端口。</p> + +<pre class="prettyprint"> +long port_create (const char *path, uint num_recv_bufs, size_t recv_buf_size, +uint32_t flags) +</pre> + +<p>[输入] <code>path</code>:端口的字符串名称(如上所述)。该名称在整个系统中必须是独一无二的;如果尝试创建重复的名称,则会失败。</p> + +<p>[输入] <code>num_recv_bufs</code>:相应端口上的通道可以预先分配的缓冲区(用于方便与客户端交换数据)的数量上限。对于双向传输的数据,缓冲区数量是单独计算的,因此如果在此处指定 1,则表示预先分配了 1 个发送缓冲区和 1 个接收缓冲区。一般情况下,所需的缓冲区数量取决于客户端和服务器之间更高级别的协议。如果是高度同步协议(发送消息,收到回复后再发送另一条消息),此数量最低可设为 1。不过,如果客户端希望在收到回复之前发送多条消息(例如,一条消息为前序,另一条为实际命令),则此数量可以设得高一些。缓冲区组是按通道分配的,因此两个单独的连接(通道)会分别有各自的缓冲区组。</p> + +<p>[输入] <code>recv_buf_size</code>:以上缓冲区组中各个缓冲区的大小上限。该值取决于具体协议,能够有效限制您可以与对端交换的消息的大小上限</p> + +<p>[输入] <code>flags</code>:标记组合,用于指定其他端口行为</p> + +<p>该值应该是以下值的组合:</p> + +<p><code>IPC_PORT_ALLOW_TA_CONNECT</code> - 允许来自其他安全应用的连接</p> + +<p><code>IPC_PORT_ALLOW_NS_CONNECT</code> - 允许来自非安全域的连接</p> + +<p>[返回值]:如果是非负数,则为所创建端口的句柄;如果是负数,则为具体错误</p> + +<p>然后,服务器会使用 <code>wait()</code> 或 <code>wait_any()</code> 调用轮询端口句柄列表,以查看是否有外来连接。收到连接请求(由 <code>uevent_t</code> 结构的 <code>event</code> 字段中设置的 <code>IPC_HANDLE_POLL_READY</code> 位来指明)时,服务器应调用 <code>accept()</code> 来完成连接建立过程,并创建一个通道(由另一个句柄表示),然后该通道即可被轮询,以查看是否有外来消息。</p> + +<h4 id="accept">accept()</h4> + +<p>用于接受外来连接,并获取通道句柄。</p> + +<pre class="prettyprint"> +long accept(uint32_t handle_id, uuid_t *peer_uuid); +</pre> + +<p>[输入] <code>handle_id</code>:一个句柄,用于表示客户端已连接到哪个端口</p> + +<p>[输出] <code>peer_uuid</code>:一个指针,指向连接中客户端应用的 UUID 将填入到的 <code>uuud_t</code> 结构。如果连接源自非安全域,该指针将被设为全零</p> + +<p>[返回值]:如果是非负数,则为一个句柄,用于表示服务器可以通过哪个通道与客户端交换消息;否则为错误代码</p> + +<h2 id="client_api">Client API</h2> + +<p>本部分介绍了 Client API 中的方法。</p> + +<h3 id="methods_client_api">Client API 中的方法</h3> + +<h4 id="connect">connect()</h4> + +<p>用于发起与通过名称指定的端口的连接。</p> + +<pre class="prettyprint"> +long connect(const char *path, uint flags); +</pre> + +<p>[输入] <code>path</code>:由 Trusty 应用发布的端口的名称</p> + +<p>[输入] <code>flags</code>:指定额外的可选行为</p> + +<p>[返回值]:一个句柄,用于表示可以通过哪个通道与服务器交换消息;如果是负数,则为错误</p> + +<p>如果未指定 <code>flags</code>(<code>flags</code> 参数设为 0),调用 <code>connect()</code> 会发起与指定端口的同步连接(如果指定端口不存在,会立即返回一个错误),并且会创建一个分块,直到服务器以其他方式接受某个连接为止。</p> + +<p>通过指定两个值的组合,可以改变这种行为,如下所述:</p> + +<pre class="prettyprint"> +enum { +IPC_CONNECT_WAIT_FOR_PORT = 0x1, +IPC_CONNECT_ASYNC = 0x2, +}; +</pre> + +<p><code>IPC_CONNECT_WAIT_FOR_PORT</code> - 如果指定的端口在连接操作执行时没有立即存在,则强制 <code>connect()</code> 调用开始等待,而不是立即使连接失败。</p> + +<p><code>IPC_CONNECT_ASYNC</code> - 如果设置了此项,则会发起异步连接。在开始正常操作之前,应用必须先针对连接完成事件(由 <code>uevent_t</code> 结构的 event 字段中设置的 <code>IPC_HANDLE_POLL_READY</code> 位来指明)轮询是否有返回的句柄(通过调用 <code>wait()</code> 或 <code>wait_any()</code>)。</p> + +<h2 id="messaging_api">Messaging API</h2> + +<p>借助 Messaging API 调用,可以通过之前建立的连接(通道)发送和读取消息。服务器和客户端的 Messaging API 调用是相同的。</p> + +<p>客户端通过发出 <code>connect()</code> 调用接收通道句柄,而服务器则通过 <code>accept()</code> 调用获取通道句柄,如上所述。</p> + +<h4 id="structure_of_a_trusty_message">Trusty 消息的结构</h4> + +<p>如下所示,通过 Trusty API 交换的消息有一个极小的结构,供服务器和客户端就实际内容的语义达成一致:</p> + +<pre class="prettyprint"> +/* + * IPC message + */ +typedef struct iovec { + void *base; + size_t len; +} iovec_t; + +typedef struct ipc_msg { + uint num_iov; /* number of iovs in this message */ + iovec_t *iov; /* pointer to iov array */ + + uint num_handles; /* reserved, currently not supported */ + handle_t *handles; /* reserved, currently not supported */ +} ipc_msg_t; +</pre> + +<p>一条消息可以由一个或多个不连续的缓冲区(由 <code>iovec_t</code> 结构数组表示)组成。Trusty 使用 <code>iov</code> 数组以“分散-收集”的方式对这些分块执行读取和写入操作。可通过 <code>iov</code> 数组描述的缓冲区中的内容完全是任意的。</p> + +<h3 id="methods_messaging_api">Messaging API 中的方法</h3> + +<h4 id="send_msg">send_msg()</h4> + +<p>用于通过指定的通道发送消息。</p> + +<pre class="prettyprint"> +long send_msg(uint32_t handle, ipc_msg_t *msg); +</pre> + +<p>[输入] <code>handle</code>:一个句柄,用于表示通过哪个通道发送消息</p> + +<p>[输入] <code>msg</code>:一个指针,指向描述消息的 <code>ipc_msg_t structure</code></p> + +<p>[返回值]:如果操作成功了,则为发送的字节总数;否则为表示错误的负数</p> + +<p>如果客户端(或服务器)尝试通过相应通道发送消息,但目标对端消息队列中没有空间,相应通道可能会进入所发消息被屏蔽的状态(对于简单的同步请求/回复协议,这种事情应该绝对不会发生,但在更复杂的情况下,则可能会发生)。如果返回 <code>ERR_NOT_ENOUGH_BUFFER</code> 错误代码,则表示相应通道进入了这种状态。在这种情况下,调用程序必须等待,直到对端通过以下方式释放其接收队列中的部分空间为止:检索处理情况并停用一些消息(由 <code>wait()</code> 或 <code>wait_any()</code> 调用返回的 <code>uevent_t</code> 结构的 <code>event</code> 字段中设置的 <code>IPC_HANDLE_POLL_SEND_UNBLOCKED</code> 位来指明)。</p> + +<h4 id="get_msg">get_msg()</h4> + +<p>用于获取指定通道的外来消息队列中下一条消息的</p> + +<p>相关元信息。</p> + +<pre class="prettyprint"> +long get_msg(uint32_t handle, ipc_msg_info_t *msg_info); +</pre> + +<p>[输入] <code>handle</code>:一个句柄,用于表示必须在哪个通道上检索新消息</p> + +<p>[输出] <code>msg_info</code>:消息的信息结构,如下所述:</p> + +<pre class="prettyprint"> +typedef struct ipc_msg_info { + size_t len; /* total message length */ + uint32_t id; /* message id */ +} ipc_msg_info_t; +</pre> + +<p>在待处理的消息集中,每条消息都分配有一个独一无二的 ID,并且每条消息的总长度均已填好。如果已进行相应配置且协议允许,特定通道可以同时有多条待处理(已打开)的消息。</p> + +<p>[返回值]:如果操作成功了,则为 <code>NO_ERROR</code>;否则为表示错误的负数</p> + +<h4 id="read_msg">read_msg()</h4> + +<p>用于从指定偏移量处开始读取具有指定 ID 的消息的内容。</p> + +<pre class="prettyprint"> +long read_msg(uint32_t handle, uint32_t msg_id, uint32_t offset, ipc_msg_t +*msg); +</pre> + +<p>[输入] <code>handle</code>:一个句柄,用于表示从哪个通道读取相应消息</p> + +<p>[输入] <code>msg_id</code>:要读取的消息的 ID</p> + +<p>[输入] <code>offset</code>:偏移量,用于表示从哪里开始读取相应消息</p> + +<p>[输入] <code>msg</code>:一个指针,指向描述一组缓冲区的 <code>ipc_msg_t</code> 结构,外来消息数据将存入到这组缓冲区中</p> + +<p>[返回值]:如果操作成功了,则为 <code>dst</code> 缓冲区中存储的字节总数;否则为表示错误的负数</p> + +<p>可以根据需要多次调用 <code>read_msg</code> 方法,以便从不同的偏移量处(不一定依序)开始读取消息。</p> + +<h4 id="put_msg">put_msg()</h4> + +<p>用于停用具有指定 ID 的消息。</p> + +<pre class="prettyprint"> +long put_msg(uint32_t handle, uint32_t msg_id); +</pre> + +<p>[输入] <code>handle</code>:一个句柄,用于表示相应消息已到达哪个通道</p> + +<p>[输入] <code>msg_id</code>:要停用的消息的 ID</p> + +<p>[返回值]:如果操作成功了,则为 <code>NO_ERROR</code>;否则为表示错误的负数</p> + +<p>消息被停用后,其中的内容将无法再访问,并且它占用的缓冲区也会被释放。</p> + +<h2 id="file_descriptor_api">File Descriptor API</h2> + +<p>File Descriptor API 包括 <code>read()</code>、<code>write()</code> 和 <code>ioctl()</code> 调用。所有这些调用都可以针对一组预定义(静态)的文件描述符(通常用一些较小的数字表示)执行相应操作。在当前的实现中,文件描述符空间与 IPC 句柄空间是分开的。Trusty 中的 File Descriptor API 与基于文件描述符的传统 API 类似。</p> + +<p>默认情况下,有 3 种预定义(标准的且广为人知的)的文件描述符:</p> + +<ul> + <li>0 - 标准输入文件。标准输入文件 <code>fd</code> 的默认实现是一个空操作(因为可信应用不应该有交互控制台),因此,如果要针对 <code>fd</code> 0 读取、写入或调用 <code>ioctl()</code>,则应返回 <code>ERR_NOT_SUPPORTED</code> 错误。 + </li><li>1 - 标准输出文件。写入到标准输出文件的数据可路由(取决于 LK 调试级别)至非安全端上的 UART 和/或内存日志,具体取决于平台和配置。非关键调试日志和消息应写入到标准输出文件。<code>read()</code> 和 <code>ioctl()</code> 方法是空操作,应返回 <code>ERR_NOT_SUPPORTED</code> 错误。 + </li><li>2 - 标准错误文件。写入到标准错误文件的数据应路由至非安全端上的 UART 或内存日志,具体取决于平台和配置。建议仅将关键消息写入到标准错误文件,这是因为该信息流很可能不受节流限制。<code>read()</code> 和 <code>ioctl()</code> 方法是空操作,应返回 <code>ERR_NOT_SUPPORTED</code> 错误。 +</li></ul> + +<p>虽然可以对这组文件描述符进行扩展,以实现更多 <code>fds</code>(从而实现平台专用扩展程序),但扩展文件描述符时需要非常谨慎。扩展文件描述符容易造成冲突,通常不建议这样做。</p> + +<h3 id="methods_file_descriptor_api">File Descriptor API 中的方法</h3> + +<h4 id="read">read()</h4> + +<p>用于尝试从指定的文件描述符读取最多 <code>count</code> 个字节的数据。</p> + +<pre class="prettyprint"> +long read(uint32_t fd, void *buf, uint32_t count); +</pre> + +<p>[输入] <code>fd</code>:一个文件描述符,用于表示从哪里读取数据</p> + +<p>[输出] <code>buf</code>:一个指针,指向要将数据存入到的缓冲区</p> + +<p>[输入] <code>count</code>:要读取的字节数上限</p> + +<p>[返回值]:返回的已读取字节数;否则为表示错误的负数</p> + +<h4 id="write">write()</h4> + +<p>用于向指定的文件描述符写入最多 <code>count</code> 个字节的数据。</p> + +<pre class="prettyprint"> +long write(uint32_t fd, void *buf, uint32_t count); +</pre> + +<p>[输入] <code>fd</code>:一个文件描述符,用于表示要将数据写入到哪里</p> + +<p>[输出] <code>buf</code>:一个指针,指向要写入的数据</p> + +<p>[输入] <code>count</code>:要写入的字节数上限</p> + +<p>[返回值]:返回的已写入字节数;否则为表示错误的负数</p> + +<h4 id="ioctl">ioctl()</h4> + +<p>用于针对指定的文件描述符调用指定的 <code>ioctl</code> 命令。</p> + +<pre class="prettyprint"> +long ioctl(uint32_t fd, uint32_t cmd, void *args); +</pre> + +<p>[输入] <code>fd</code>:一个文件描述符,用于表示针对哪个对象调用 <code>ioctl()</code></p> + +<p>[输入] <code>cmd</code>:<code>ioctl</code> 命令</p> + +<p>[in/out] <code>args</code>:一个指向 <code>ioctl()</code> 参数的指针</p> + +<h2 id="miscellaneous_api">Miscellaneous API</h2> + +<h3 id="methods_misc_api">Miscellaneous API 中的方法</h3> + +<h4 id="gettime">gettime()</h4> + +<p>用于返回当前系统时间(以纳秒计)。</p> + +<pre class="prettyprint"> +long gettime(uint32_t clock_id, uint32_t flags, uint64_t *time); +</pre> + +<p>[输入] <code>clock_id</code>:取决于平台;默认情况下,传递的值为 0</p> + +<p>[输入] <code>flags</code>:保留项,应为 0</p> + +<p>[输入] <code>time</code>:一个指针,指向要将当前时间存入到的位置对应的 <code>int64_t</code> 值</p> + +<p>[返回值]:如果操作成功了,则为 <code>NO_ERROR</code>;否则为表示错误的负数</p> + +<h4 id="nanosleep">nanosleep()</h4> + +<p>用于使调用应用的操作暂停执行指定的一段时间,并在这段时间过去之后恢复执行操作。</p> + +<pre class="prettyprint"> +long nanosleep(uint32_t clock_id, uint32_t flags, uint64_t sleep_time) +</pre> + +<p>[输入] <code>clock_id</code>:保留项,应为 0</p> + +<p>[输入] <code>flags</code>:保留项,应为 0</p> + +<p>[输入] <code>sleep_time</code>:休眠时间(以纳秒计)</p> + +<p>[返回值]:如果操作成功了,则为 <code>NO_ERROR</code>;否则为表示错误的负数</p> + +<h2 id="example_of_a_trusted_application_server">可信应用服务器示例</h2> + +<p>以下示例应用展示了上述 API 的用法。该示例会创建一项“回传”服务,该服务可处理多个外来连接,并会将从位于安全端或非安全端的客户端收到的所有消息回传给调用程序。</p> + +<pre class="prettyprint"> +#include <assert.h> +#include <err.h> +#include <stddef.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <trusty_std.h> + +#include <app/echo/uuids.h> + +#define LOG_TAG "echo_srv" + +#define TLOGE(fmt, ...) \ + fprintf(stderr, "%s: %d: " fmt, LOG_TAG, __LINE__, ## __VA_ARGS__) + +#define MAX_ECHO_MSG_SIZE 64 + +static const char *srv_name = "com.android.echo.srv.echo"; + +static uint8_t msg_buf[MAX_ECHO_MSG_SIZE]; + +/* + * Message handler + */ +static int handle_msg(handle_t chan) +{ + int rc; + iovec_t iov; + ipc_msg_t msg; + ipc_msg_info_t msg_inf; + + iov.base = msg_buf; + iov.len = sizeof(msg_buf); + + msg.num_iov = 1; + msg.iov = &iov; + msg.num_handles = 0; + msg.handles = NULL; + + /* get message info */ + rc = get_msg(chan, &msg_inf); + if (rc == ERR_NO_MSG) + return NO_ERROR; /* no new messages */ + + if (rc != NO_ERROR) { + TLOGE("failed (%d) to get_msg for chan (%d)\n", + rc, chan); + return rc; + } + + /* read msg content */ + rc = read_msg(chan, msg_inf.id, 0, &msg); + if (rc < 0) { + TLOGE("failed (%d) to read_msg for chan (%d)\n", + rc, chan); + return rc; + } + + /* update number of bytes received */ + iov.len = (size_t) rc; + + /* send message back to the caller */ + rc = send_msg(chan, &msg); + if (rc < 0) { + TLOGE("failed (%d) to send_msg for chan (%d)\n", + rc, chan); + return rc; + } + + /* retire message */ + rc = put_msg(chan, msg_inf.id); + if ( rc != NO_ERROR) { + TLOGE("failed (%d) to put_msg for chan (%d)\n", + rc, chan); + return rc; + } + + return NO_ERROR; +} + +/* + * Channel event handler + */ +static void handle_channel_event(const uevent_t *ev) +{ + int rc; + + if (ev->event & IPC_HANDLE_POLL_MSG) { + rc = handle_msg(ev->handle); + if (rc != NO_ERROR) { + /* report an error and close channel */ + TLOGE("failed (%d) to handle event on channel %d\n", + rc, ev->handle); + close(ev->handle); + } + return; + } + if (ev->event & IPC_HANDLE_POLL_HUP) { + /* closed by peer. */ + close(ev->handle); + return; + } +} + +/* + * Port event handler + */ +static void handle_port_event(const uevent_t *ev) +{ + uuid_t peer_uuid; + + if ((ev->event & IPC_HANDLE_POLL_ERROR) || + (ev->event & IPC_HANDLE_POLL_HUP) || + (ev->event & IPC_HANDLE_POLL_MSG) || + (ev->event & IPC_HANDLE_POLL_SEND_UNBLOCKED)) { + /* should never happen with port handles */ + TLOGE("error event (0x%x) for port (%d)\n", + ev->event, ev->handle); + abort(); + } + if (ev->event & IPC_HANDLE_POLL_READY) { + /* incoming connection: accept it */ + int rc = accept(ev->handle, &peer_uuid); + if (rc < 0) { + TLOGE("failed (%d) to accept on port %d\n", + rc, ev->handle); + return; + } + } +} + +/* + * Main application entry point + */ +int main(void) +{ + int rc; + handle_t port; + + /* Initialize service */ + rc = port_create(srv_name, 1, MAX_ECHO_MSG_SIZE, + IPC_PORT_ALLOW_NS_CONNECT | + IPC_PORT_ALLOW_TA_CONNECT ); + if (rc < 0) { + TLOGE("Failed (%d) to create port %s\n", + rc, srv_name); + abort(); + } + port = (handle_t)rc; + + /* enter main event loop */ + while (true) { + uevent_t ev; + + ev.handle = INVALID_IPC_HANDLE; + ev.event = 0; + ev.cookie = NULL; + + /* wait forever */ + rc = wait_any(&ev, -1); + if (rc == NO_ERROR) { + /* got an event */ + if (ev.handle == port) { + handle_port_event(&ev); + } else { + handle_channel_event(&ev); + } + } else { + TLOGE("wait_any returned (%d)\n", rc); + abort(); + } + } + return 0; +} +</pre> + +<h2 id="example_of_a_trusted_application_client">可信应用客户端示例</h2> + +<p>以下代码段展示了如何使用 Trusty Messaging API 来实现“回传”服务(请参见上述代码)的客户端。<code>sync_connect()</code> 方法显示了如何在异步 <code>connect()</code> 调用之上实现设有超时的同步连接。</p> + +<pre class="prettyprint"> +/* + * Local wrapper on top of an async connect that provides a + * synchronous connect with timeout. + */ +int sync_connect(const char *path, uint timeout) +{ + int rc; + uevent_t evt; + handle_t chan; + + rc = connect(path, IPC_CONNECT_ASYNC | IPC_CONNECT_WAIT_FOR_PORT); + if (rc >= 0) { + chan = (handle_t) rc; + rc = wait(chan, &evt, timeout); + if (rc == 0) { + rc = ERR_BAD_STATE; + if (evt.handle == chan) { + if (evt.event & IPC_HANDLE_POLL_READY) + return chan; + if (evt.event & IPC_HANDLE_POLL_HUP) + rc = ERR_CHANNEL_CLOSED; + } + } + close(chan); + } + return rc; +} +</pre> + +<p><code>run_end_to_end_msg_test()</code> 方法可向“回传”服务异步发送 10000 条消息并处理回复。</p> + +<pre class="prettyprint"> +static int run_echo_test(void) +{ + int rc; + handle_t chan; + uevent_t uevt; + uint8_t tx_buf[64]; + uint8_t rx_buf[64]; + ipc_msg_info_t inf; + ipc_msg_t tx_msg; + iovec_t tx_iov; + ipc_msg_t rx_msg; + iovec_t rx_iov; + + /* prepare tx message buffer */ + tx_iov.base = tx_buf; + tx_iov.len = sizeof(tx_buf); + tx_msg.num_iov = 1; + tx_msg.iov = &tx_iov; + tx_msg.num_handles = 0; + tx_msg.handles = NULL; + + memset (tx_buf, 0x55, sizeof(tx_buf)); + + /* prepare rx message buffer */ + rx_iov.base = rx_buf; + rx_iov.len = sizeof(rx_buf); + rx_msg.num_iov = 1; + rx_msg.iov = &rx_iov; + rx_msg.num_handles = 0; + rx_msg.handles = NULL; + + /* open connection to echo service */ + rc = sync_connect(srv_name, 1000); + if(rc < 0) + return rc; + + /* got channel */ + chan = (handle_t)rc; + + /* send/receive 10000 messages asynchronously. */ + uint tx_cnt = 10000; + uint rx_cnt = 10000; + + while (tx_cnt || rx_cnt) { + /* send messages until all buffers are full */ +while (tx_cnt) { + rc = send_msg(chan, &tx_msg); + if (rc == ERR_NOT_ENOUGH_BUFFER) + break; /* no more space */ + if (rc != 64) { + if (rc > 0) { + /* incomplete send */ + rc = ERR_NOT_VALID; +} + goto abort_test; +} + tx_cnt--; + } + + /* wait for reply msg or room */ + rc = wait(chan, &uevt, 1000); + if (rc != NO_ERROR) + goto abort_test; + + /* drain all messages */ + while (rx_cnt) { + /* get a reply */ + rc = get_msg(chan, &inf); + if (rc == ERR_NO_MSG) + break; /* no more messages */ + if (rc != NO_ERROR) +goto abort_test; + + /* read reply data */ + rc = read_msg(chan, inf.id, 0, &rx_msg); + if (rc != 64) { + /* unexpected reply length */ + rc = ERR_NOT_VALID; + goto abort_test; +} + + /* discard reply */ + rc = put_msg(chan, inf.id); + if (rc != NO_ERROR) + goto abort_test; + rx_cnt--; + } +} + +abort_test: + close(chan); + return rc; +} +</pre> + +<h2 id="non-secure_world_apis_and_applications">非安全域 API 及应用</h2> + +<p>在非安全端运行的内核和用户空间程序可访问从安全端发布且标有 <code>IPC_PORT_ALLOW_NS_CONNECT</code> 属性的一组 Trusty 服务。</p> + +<p>非安全端上的执行环境(内核和用户空间)与安全端上的执行环境截然不同。因此,这两种环境使用的不是一个库,而是使用了两组不同的 API。在内核中,Client API 由 Trusty-IPC 内核驱动程序提供,并会注册一个字符设备节点,用户空间进程可使用该节点与在安全端上运行的服务通信。</p> + +<h3 id="user_space_trusty_ipc_client_api">用户空间 Trusty IPC Client API</h3> + +<p>用户空间 Trusty IPC Client API 库是设备节点 <code>fd</code> 之上的一个薄层。</p> + +<p>通过调用 <code>tipc_connect()</code>(用于初始化与指定 Trusty 服务的连接),用户空间程序可启动通信会话。在内部,<code>tipc_connect()</code> 调用会打开一个指定的设备节点以获取文件描述符,并且会发起 <code>TIPC_IOC_CONNECT ioctl()</code> 调用,其中的 <code>argp</code> 参数指向一个字符串,该字符串中包含要连接的服务名称。</p> + +<pre class="prettyprint"> +#define TIPC_IOC_MAGIC 'r' +#define TIPC_IOC_CONNECT _IOW(TIPC_IOC_MAGIC, 0x80, char *) +</pre> + +<p>获取的文件描述符只能用于与创建该文件描述符时所针对的服务进行通信。当不再需要相应连接时,应通过调用 <code>tipc_close()</code> 关闭该文件描述符。</p> + +<p>通过 <code>tipc_connect()</code> 调用获取的文件描述符相当于典型的字符设备节点;该文件描述符符合以下条件:</p> + +<ul> + <li>可以根据需要切换到非屏蔽模式</li><li>可以在其中写入数据,以使用标准 <code>write()</code> 调用向另一端发送消息</li><li>可以像对常规文件描述符一样对其进行轮询(使用 <code>poll()</code> 调用或 <code>select()</code> 调用),以查看是否有外来消息</li><li>可以读取其中的数据,以检索外来消息</li></ul> + +<p>调用程序通过针对指定 <code>fd</code> 执行写入调用操作向 Trusty 服务发送消息。Trusty-IPC 驱动程序会将传递到上述 <code>write()</code> 调用的所有数据转换成一条消息。该消息会被传送至安全端,然后 Trusty 内核中的 IPC 子系统会对消息数据进行处理,处理后的数据将路由至适当的目的地,并作为特定通道句柄上的 <code>IPC_HANDLE_POLL_MSG</code> 事件传送至应用事件循环。根据特定的服务专用协议,Trusty 服务可能会发送一条或多条回复消息,这些消息会被传送回非安全端,并被放入到适当的通道文件描述符消息队列中,以供用户空间应用 <code>read()</code> 调用检索。</p> + +<h4 id="tipc_connect">tipc_connect()</h4> + +<p>用于打开指定的 <code>tipc</code> 设备节点并发起与指定 Trusty 服务的连接。</p> + +<pre class="prettyprint"> +int tipc_connect(const char *dev_name, const char *srv_name); +</pre> + +<p>[输入] <code>dev_name</code>:要打开的 Trusty IPC 设备节点的路径</p> + +<p>[输入] <code>srv_name</code>:要连接的已发布 Trusty 服务的名称</p> + +<p>[返回值]:如果操作成功了,则为有效的文件描述符;否则为 -1。</p> + +<h4 id="tipc_close">tipc_close()</h4> + +<p>用于终止与通过文件描述符指定的 Trusty 服务的连接。</p> + +<pre class="prettyprint"> +int tipc_close(int fd); +</pre> + +<p>[输入] <code>fd</code>:之前通过 <code>tipc_connect()</code> 调用打开的文件描述符</p> + +<h2 id="kernel_trusty_ipc_client_api">内核 Trusty IPC Client API</h2> + +<p>内核 Trusty IPC Client API 适用于内核驱动程序。用户空间 Trusty IPC API 在该 API 之上实现。</p> + +<p>一般情况下,该 API 的典型用法包括以下步骤:调用程序使用 <code>tipc_create_channel()</code> 函数创建一个 <code>struct tipc_chan</code> 对象,然后使用 <code>tipc_chan_connect()</code> 调用发起与在安全端上运行的 Trusty IPC 服务的连接。通过调用 <code>tipc_chan_shutdown()</code> 可终止与远程端的连接,随后调用 <code>tipc_chan_destroy()</code> 可清除资源。</p> + +<p>通过 <code>handle_event()</code> 回调收到已成功建立连接的通知后,调用程序会执行以下操作:</p> + +<ul> + <li>使用 <code>tipc_chan_get_txbuf_timeout()</code> 调用获取消息缓冲区</li><li>撰写消息</li><li>使用 <code>tipc_chan_queue_msg()</code> 方法将消息加入队列,以将其传送至相应通道连接的 Trusty 服务(位于安全端)</li></ul> + +<p>消息成功加入队列后,调用程序应取消保存消息缓冲区,因为在处理消息后,消息缓冲区最终会由远程端恢复为可用缓冲区池(供其他消息以后重复使用)。如果未能将此类缓冲区加入队列,或不再需要此类缓冲区,用户只需调用 <code>tipc_chan_put_txbuf()</code> 即可。</p> + +<p>通过处理 <code>handle_msg()</code> 通知回调(在 Trusty-IPC <code>rx</code> 工作队列环境中调用,用于提供一个指向 <code>rx</code> 缓冲区的指针,该缓冲区中包含要处理的外来消息),API 用户可从远程端接收消息。</p> + +<p><code>handle_msg()</code> 回调实现应返回一个指向有效 <code>struct tipc_msg_buf</code> 的指针。如果相应消息缓冲区在本地处理并且以后不再需要,那么它可以与外来消息缓冲区相同。或者,如果外来消息缓冲区已加入队列以接受进一步处理,那么相应缓冲区可以是通过 <code>tipc_chan_get_rxbuf()</code> 调用获取的新缓冲区。必须对单独的 <code>rx</code> 缓冲区进行跟踪,并在不再需要此类缓冲区时使用 <code>tipc_chan_put_rxbuf()</code> 调用最终将其释放。</p> + +<h3 id="methods_ktic_api">内核 Trusty IPC Client API 中的方法</h3> + +<h4 id="tipc_create_channel">tipc_create_channel()</h4> + +<p>用于针对特定 Trusty-IPC 设备创建并配置 Trusty IPC 通道实例。</p> + +<pre class="prettyprint"> +struct tipc_chan *tipc_create_channel(struct device *dev, + const struct tipc_chan_ops *ops, + void *cb_arg); +</pre> + +<p>[输入] <code>dev</code>:一个指针,指向创建相应设备通道时所针对的 Trusty-IPC</p> + +<p>[输入] <code>ops</code>:一个指针,指向已填入调用程序专用回调的 <code>struct tipc_chan_ops</code></p> + +<p>[输入] <code>cb_arg</code>:一个指针,指向将传递到 <code>tipc_chan_ops</code> 回调的数据</p> + +<p>[返回值]:如果操作成功了,则为指向新创建的 <code>struct tipc_chan</code> 实例的指针;否则为 <code>ERR_PTR(err)</code></p> + +<p>一般情况下,当相应活动发生时,调用程序必须提供两个异步发起的回调。</p> + +<p>发起 <code>void (*handle_event)(void *cb_arg, int event)</code> 事件,以便让调用程序知道通道状态发生的变化。</p> + +<p>[输入] <code>cb_arg</code>:一个指针,指向传递到 <code>tipc_create_channel()</code> 调用的数据</p> + +<p>[输入] <code>event</code>:可以是以下任一值的事件:</p> + +<ul> + <li><code>TIPC_CHANNEL_CONNECTED</code> - 表示成功连接到远程端</li><li><code>TIPC_CHANNEL_DISCONNECTED</code> - 表示远程端拒绝了新的连接请求或请求与之前连接的通道断开连接</li><li><code>TIPC_CHANNEL_SHUTDOWN</code> - 表示远程端正在关闭,将永久终止所有连接</li></ul> + +<p>发起 <code>struct tipc_msg_buf *(*handle_msg)(void *cb_arg, struct tipc_msg_buf *mb)</code> 回调,以便提供关于通过指定通道收到了一条新消息的通知。</p> + +<ul> + <li>[输入] <code>cb_arg</code>:一个指针,指向传递到 <code>tipc_create_channel()</code> 调用的数据</li><li>[输入] <code>mb</code>:一个指针,指向描述外来消息的 <code>struct tipc_msg_buf</code></li><li>[返回值]:回调实现应返回一个指向 <code>struct tipc_msg_buf</code> 的指针。如果相应消息在本地处理并且以后不再需要,那么该指针可以与 <code>mb</code> 参数收到的指针相同(或者,它可以是通过 <code>tipc_chan_get_rxbuf()</code> 调用获取的新缓冲区)</li></ul> + +<h4 id="tipc_chan_connect">tipc_chan_connect()</h4> + +<p>用于发起与指定 Trusty IPC 服务的连接。</p> + +<pre class="prettyprint"> +int tipc_chan_connect(struct tipc_chan *chan, const char *port); +</pre> + +<p>[输入] <code>chan</code>:一个指针,指向通过 <code>tipc_create_chan()</code> 调用返回的通道</p> + +<p>[输入] <code>port</code>:一个指针,指向包含要连接的服务名称的字符串</p> + +<p>[返回值]:如果操作成功了,则为 0;否则为表示错误的负数</p> + +<p>调用程序会在连接建立后收到通知(收到 <code>handle_event</code> 回调)。</p> + +<h4 id="tipc_chan_shutdown">tipc_chan_shutdown()</h4> + +<p>用于终止与之前通过 <code>tipc_chan_connect()</code> 调用发起的与 Trusty IPC 服务的连接。</p> + +<pre class="prettyprint"> +int tipc_chan_shutdown(struct tipc_chan *chan); +</pre> + +<p>[输入] <code>chan</code>:一个指针,指向通过 <code>tipc_create_chan()</code> 调用返回的通道</p> + +<h4 id="tipc_chan_destroy">tipc_chan_destroy()</h4> + +<p>用于销毁指定的 Trusty IPC 通道。</p> + +<pre class="prettyprint"> +void tipc_chan_destroy(struct tipc_chan *chan); +</pre> + +<p>[输入] <code>chan</code>:一个指针,指向通过 <code>tipc_create_chan()</code> 调用返回的通道</p> + +<h4 id="tipc_chan_get_txbuf_timeout">tipc_chan_get_txbuf_timeout()</h4> + +<p>用于获取通过指定通道发送数据时可以使用的消息缓冲区。如果相应缓冲区无法立即进入可用状态,调用程序可能会在指定的超时(以毫秒计)期间被屏蔽。</p> + +<pre class="prettyprint"> +struct tipc_msg_buf * +tipc_chan_get_txbuf_timeout(struct tipc_chan *chan, long timeout); +</pre> + +<p>[输入] <code>chan</code>:一个指针,指向要将消息加入到的队列所属的通道</p> + +<p>[输入] <code>chan</code>:<code>tx</code> 缓冲区可用之前等待的超时上限</p> + +<p>[返回值]:如果操作成功了,则为有效的消息缓冲区;如果出现错误,则为 <code>ERR_PTR(err)</code></p> + +<h4 id="tipc_chan_queue_msg">tipc_chan_queue_msg()</h4> + +<p>用于将要通过指定的 Trusty IPC 通道发送的消息加入到队列。</p> + +<pre class="prettyprint"> +int tipc_chan_queue_msg(struct tipc_chan *chan, struct tipc_msg_buf *mb); +</pre> + +<p>[输入] <code>chan</code>:一个指针,指向要将消息加入到的队列所属的通道</p> + +<p>[输入] <code>mb:</code> 一个通过 <code>tipc_chan_get_txbuf_timeout()</code> 调用获取的指针,指向要加入到队列的消息</p> + +<p>[返回值]:如果操作成功了,则为 0;否则为表示错误的负数</p> + +<h4 id="tipc_chan_put_txbuf">tipc_chan_put_txbuf()</h4> + +<p>用于释放之前通过 <code>tipc_chan_get_txbuf_timeout()</code> 调用获取的指定 <code>Tx</code> 消息缓冲区。</p> + +<pre class="prettyprint"> +void tipc_chan_put_txbuf(struct tipc_chan *chan, + struct tipc_msg_buf *mb); +</pre> + +<p>[输入] <code>chan</code>:一个指针,指向相应消息缓冲区所属的通道</p> + +<p>[输入] <code>mb</code>:一个指针,指向要释放的消息缓冲区</p> + +<p>[返回值]:无</p> + +<h4 id="tipc_chan_get_rxbuf">tipc_chan_get_rxbuf()</h4> + +<p>用于获取通过指定通道接收消息时可以使用的消息缓冲区。</p> + +<pre class="prettyprint"> +struct tipc_msg_buf *tipc_chan_get_rxbuf(struct tipc_chan *chan); +</pre> + +<p>[输入] <code>chan</code>:一个指针,指向相应消息缓冲区所属的通道</p> + +<p>[返回值]:如果操作成功了,则为有效的消息缓冲区;如果出现错误,则返回 <code>ERR_PTR(err)</code></p> + +<h4 id="tipc_chan_put_rxbuf">tipc_chan_put_rxbuf()</h4> + +<p>用于释放之前通过 <code>tipc_chan_get_rxbuf()</code> 调用获取的指定消息缓冲区。</p> + +<pre class="prettyprint"> +void tipc_chan_put_rxbuf(struct tipc_chan *chan, + struct tipc_msg_buf *mb); +</pre> + +<p>[输入] <code>chan</code>:一个指针,指向相应消息缓冲区所属的通道</p> + +<p>[输入] <code>mb</code>:一个指针,指向要释放的消息缓冲区</p> + +<p>[返回值]:无</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/64-bit-builds.html b/zh-cn/source/64-bit-builds.html new file mode 100644 index 00000000..7f042a08 --- /dev/null +++ b/zh-cn/source/64-bit-builds.html @@ -0,0 +1,155 @@ +<html devsite><head> + <title>了解 64 位版本</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<h2 id="overview">概览</h2> + +<p>从编译系统的角度来看,最显著的变化是现可支持在一次编译中为两种目标 CPU 架构(64 位和 32 位)编译二进制文件。这也称为“多库编译”。<em></em></p> + +<p>对于本机静态库和共享库,编译系统设置了为两种架构编译二进制文件的规则。产品配置 (<code>PRODUCT_PACKAGES</code>) 与依赖关系图共同决定了编译哪些二进制文件并安装到系统映像中。</p> + +<p>对于可执行文件和应用,编译系统默认仅编译 64 位版本,但您可以使用一个全局 <code>BoardConfig.mk</code> 变量或针对特定模块的变量来替换此设置。</p> + +<p class="caution"><strong>注意</strong>:如果某个应用向其他 32 位或 64 位的应用公开一个 API,那么该应用必须在其清单中将 <code>android:multiarch</code> 属性的值设为 <code>true</code>,以避免可能出现的错误。</p> + +<h2 id="product_configuration">产品配置</h2> + +<p>在 <code>BoardConfig.mk</code> 中,我们添加了以下变量来配置第二个 CPU 架构和 ABI:</p> + +<pre class="prettyprint"> +TARGET_2ND_ARCH +TARGET_2ND_ARCH_VARIANT +TARGET_2ND_CPU_VARIANT +TARGET_2ND_CPU_ABI +TARGET_2ND_CPU_ABI2 +</pre> + +<p>您可以在 <code>build/target/board/generic_arm64/BoardConfig.mk</code> 中查看示例。</p> + +<p>如果您希望编译系统默认编译 32 位可执行文件和应用,请设置以下变量:</p> + +<pre class="prettyprint"> +TARGET_PREFER_32_BIT := true +</pre> + +<p>不过,您可以在 <code>Android.mk</code> 中使用针对特定模块的变量来替换此设置。</p> + +<p>在多库编译中,<code>PRODUCT_PACKAGES</code> 中的模块名称同时涵盖了 32 位和 64 位二进制文件,只要这些名称是由编译系统定义的。对于通过依赖关系提取而来的库,只有在另一个 32 位库或可执行文件要求使用时,系统才会安装 32 位库。64 位库也遵循同样的规则。</p> + +<p>但是,<code>make</code> 命令行中的模块名称仅涵盖 64 位版本。例如,在运行 <code>lunch +aosp_arm64-eng</code> 之后,<code>make libc</code> 仅编译 64 位库。要编译 32 位库,您需要运行 <code>make libc_32</code>。</p> + +<h2 id="module_definition_in_android_mk">Android.mk 中的模块定义</h2> + +<p>您可以使用 <code>LOCAL_MULTILIB</code> 变量来配置您是要编译 32 位还是 64 位架构,或是同时编译二者,并可以替换全局 <code>TARGET_PREFER_32_BIT</code> 变量。</p> + +<p>将 <code>LOCAL_MULTILIB</code> 设为以下任一值:</p> + +<ul> + <li>“both”(二者):同时编译 32 位和 64 位架构。</li> + <li>“32”:仅编译 32 位架构。</li> + <li>“64”:仅编译 64 位架构。</li> + <li>“first”(第一个):仅编译第一个架构(在 32 位设备中编译 32 位架构,在 64 位设备中编译 64 位架构)。</li> + <li>“”:默认值;编译系统根据模块类和其他 <code>LOCAL_</code> 变量(如 <code>LOCAL_MODULE_TARGET_ARCH</code>、<code>LOCAL_32_BIT_ONLY</code> 等)决定要编译哪种架构。</li> +</ul> + +<p>在多库编译中,<code>ifeq $(TARGET_ARCH)</code> 等条件不再起作用。</p> + +<p>如果您想为某些特定架构编译模块,以下变量可为您提供帮助:</p> + +<ul> + <li><code>LOCAL_MODULE_TARGET_ARCH</code><br />该变量可设为一个架构列表,类似于“arm x86 arm64”。只有正在编译的架构位于该列表中,编译系统才会添加当前模块。</li> + + <li><code>LOCAL_MODULE_UNSUPPORTED_TARGET_ARCH</code><br /><code>LOCAL_MODULE_TARGET_ARCH</code> 的相反变量。只有正在编译的架构不在相应列表中,编译系统才会添加当前模块。</li> +</ul> + +<p>上述两个变量有两个小变体:</p> + +<ul> + <li><code>LOCAL_MODULE_TARGET_ARCH_WARN</code></li> + <li><code>LOCAL_MODULE_UNSUPPORTED_TARGET_ARCH_WARN</code></li> +</ul> + +<p>如果当前模块由于架构受到这两个变量的限制而被跳过,编译系统将发出警告。</p> + +<p>要设置针对特定架构的编译标记,请使用针对特定架构的 <code>LOCAL_</code> 变量。针对特定架构的 <code>LOCAL_</code> 变量由普通 <code>LOCAL_</code> 变量加架构后缀构成,例如:</p> + +<ul> + <li> <code>LOCAL_SRC_FILES_arm, LOCAL_SRC_FILES_x86,</code> + </li><li> <code>LOCAL_CFLAGS_arm, LOCAL_CFLAGS_arm64,</code> + </li><li> <code>LOCAL_LDFLAGS_arm, LOCAL_LDFLAGS_arm64,</code> +</li></ul> + +<p>只有当前正在为相应架构编译二进制文件时,才能使用这些变量。</p> + +<p>有时,根据当前正在为 32 位还是 64 位架构编译二进制文件来设置标记会更方便。在这种情况下,您可以使用带有 <code>_32</code> 或 <code>_64</code> 后缀的 <code>LOCAL_</code> 变量,例如:</p> + +<ul> + <li> <code>LOCAL_SRC_FILES_32, LOCAL_SRC_FILES_64,</code> + </li><li> <code>LOCAL_CFLAGS_32, LOCAL_CFLAGS_64,</code> + </li><li> <code>LOCAL_LDFLAGS_32, LOCAL_LDFLAGS_64,</code> +</li></ul> + +<p>请注意,并非所有 <code>LOCAL_</code> 变量都支持针对特定架构的变体。如需了解此类变量的最新列表,请参阅 <code>build/core/clear_vars.mk</code>。</p> + +<h2 id="install_path">安装路径</h2> + +<p>在过去,您可以使用 <code>LOCAL_MODULE_PATH</code> 将库安装到默认位置以外的位置。例如:<code>LOCAL_MODULE_PATH := +$(TARGET_OUT_SHARED_LIBRARIES)/hw</code>。</p> + +<p>在多库编译中,请改用 <code>LOCAL_MODULE_RELATIVE_PATH</code>:</p> + +<pre class="prettyprint"> +LOCAL_MODULE_RELATIVE_PATH := hw +</pre> + +<p>这样就可以将 64 位和 32 位库安装到正确的位置。</p> + +<p>如果您要将某个可执行文件编译为同时适用于 32 位和 64 位架构,则需要使用以下变量之一来区分安装路径:</p> + +<ul> + <li><code>LOCAL_MODULE_STEM_32, LOCAL_MODULE_STEM_64</code><br />指定已安装文件的名称。 + </li><li><code>LOCAL_MODULE_PATH_32, LOCAL_MODULE_PATH_64</code><br />指定安装路径。 +</li></ul> + +<h2 id="generated_sources">生成的源代码</h2> + +<p>在多库编译中,在 <code>$(local-intermediates-dir)</code>(或通过明确的变量在 <code>$(intermediates-dir-for) +</code> 中生成)中生成源代码文件这种方法会变得不再可靠。这是因为 32 位和 64 位版本都需要用到中间目录中生成的源代码,而 <code>$(local-intermediates-dir)</code> 仅指向两个中间目录中的一个。</p> + +<p>值得高兴的是,编译系统现在提供了一个适合多库编译的、用于生成源代码的专用中间目录。您可以调用 <code> +$(local-generated-sources-dir)</code> 或 <code>$(generated-sources-dir-for)</code> 来获取该目录的路径。它们的用法与 <code>$(local-intermediates-dir)</code> 和 <code>$(intermediates-dir-for)</code> 类似。</p> + +<p>如果源代码文件在新的专用目录中生成并由 <code>LOCAL_GENERATED_SOURCES</code> 调用,那么就意味着它在多库编译中是同时为 32 位和 64 位架构编译的。</p> + +<h2 id="prebuilts">预编译</h2> + +<p>在多库编译中,您无法使用 <code>TARGET_ARCH</code>(或加上 <code>TARGET_2ND_ARCH</code>)来告知编译系统,预编译的二进制文件是以哪种架构为目标。请改用上述 <code>LOCAL_</code> 变量 <code>LOCAL_MODULE_TARGET_ARCH</code> 或 <code>LOCAL_MODULE_UNSUPPORTED_TARGET_ARCH</code>。</p> + +<p>利用这些变量,即使编译系统目前正在进行 64 位多库编译,也可以选择对应的 32 位预编译二进制文件。</p> + +<p>如果您想使用所选的架构来计算预编译二进制文件的源路径,则可以调用<code> $(get-prebuilt-src-arch)</code>。</p> + +<h2 id="dex-preopt">Dex-preopt</h2> + +<p>对于 64 位设备,我们会默认为启动映像及任何 Java 库同时生成 32 位和 64 位 odex 文件。对于 APK,我们默认仅为主要的 64 位架构生成 odex。如果某个应用将同时在 32 位和 64 位进程中启动,请使用 <code>LOCAL_MULTILIB := both</code> 确保同时生成 32 位和 64 位 odex 文件。该标记还会指示编译系统同时添加 32 位和 64 位 JNI 库(如果应用中包含任何此类库)。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/add-device.html b/zh-cn/source/add-device.html new file mode 100644 index 00000000..4bdb2466 --- /dev/null +++ b/zh-cn/source/add-device.html @@ -0,0 +1,290 @@ +<html devsite><head> + <title>添加新设备</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>您可以参考本页中的信息为自己的设备和产品创建 Makefile。请注意,与本部分中的其他页面不同,本页中的内容仅适合在创建全新的设备类型时参考,而且仅适合公司编译和产品团队参考。</p> + +<h2 id="build-layers">了解编译层</h2> + +<p>编译层次结构包括与设备的物理结构对应的抽象层。下表中介绍了这些层。每个层都与上一层存在一对多的关系。例如,一个架构可以有多个板,一个板可以有多个产品。您可以将指定层中的某个元素定义为同一层中某个元素的特化元素,从而免去复制操作并简化维护工作。</p> + +<table> + <tbody><tr> + <th>层</th> + <th>示例</th> + <th>说明</th> + </tr> + <tr> + <td>产品</td> + <td>myProduct、myProduct_eu、myProduct_eu_fr、j2、sdk</td> + <td><p>产品层用于定义所开发的产品的功能规范,例如要编译的模块、支持的语言区域,以及针对各语言区域的配置。也就是说,这是总体产品的名称。产品特定变量在产品定义 Makefile 中进行定义。一个产品可以沿用其他产品的定义,这有助于简化维护工作。一种常用的方法是:先创建一个基础产品,其中包含会应用到所有产品的功能,然后再基于这个基础产品创建产品变体。例如,如果有两个产品只是使用的无线技术不同(分别使用 CDMA 和 GSM),那么您可以让这两个产品沿用未定义无线技术的同一个基础产品的定义。 +</p></td> + + </tr> + <tr> + <td>板/设备</td> + <td>sardine、trout、goldfish</td> + <td>设备/板层代表设备上由可塑材料组成的物理层(即设备的工业设计)。例如,在北美销售的设备可能包括 QWERTY 键盘,而在法国销售的设备则可能包括 AZERTY 键盘。该层还用于展现产品的基本架构图。这些架构图包括板上的外围设备及其配置。所使用的名称只不过是代表不同板/设备配置的代码。</td> + </tr> +<tr> + <td>架构</td> + <td>arm、x86、mips、arm64、x86_64、mips64</td> + <td>架构层用于描述板上运行的处理器配置和 ABI(应用二进制接口)。</td> + </tr> +</tbody></table> + +<h2 id="build-variants">使用编译类型</h2> + +<p>在针对特定产品进行编译时,如果能在最终发布版本的基础上进行细微修改,通常会非常有用。在模块定义中,模块可以通过 <code>LOCAL_MODULE_TAGS</code> 指定标记,这些标记可以是以下一个或多个值:<code>optional</code>(默认)、<code>debug</code>、<code>eng</code>。</p> + +<p>如果某个模块没有通过 <code>LOCAL_MODULE_TAGS</code> 指定标记,则其标记默认为 <code>optional</code>。仅当 <code>PRODUCT_PACKAGES</code> 的产品配置需要可选模块时,系统才会安装可选模块。</p><p>以下是当前已定义的编译类型:</p> + +<table border="1"> +<tbody><tr> + <td> + <code>eng<code> + </code></code></td> + <td>这是默认的编译类型。 + <ul> + <li>安装带有 <code>eng</code> 和/或 <code>debug</code> 标记的模块。 + </li><li>除了带有标记的模块之外,还会根据产品定义文件安装相应模块。</li> + <li><code>ro.secure=0</code> + </li><li><code>ro.debuggable=1</code> + </li><li><code>ro.kernel.android.checkjni=1</code> + </li><li><code>adb</code> 默认处于启用状态。 + </li></ul></td> +</tr> +<tr> + <td> + <code>user<code> + </code></code></td> + <td>这是旨在用作最终版本配置步骤的编译类型。 + <ul> + <li>安装带有 <code>user</code> 标记的模块。</li> + <li>除了带有标记的模块之外,还会根据产品定义文件安装相应模块。</li> + <li><code>ro.secure=1</code> </li> + <li><code>ro.debuggable=0</code> </li> + <li><code>adb</code> 默认处于停用状态。</li> + </ul></td> +</tr> +<tr> + <td> + <code>userdebug<code> + </code></code></td> + <td>除了以下几点之外,其余均与 <code>user</code> 相同:<ul> + <li>还会安装带有 <code>debug</code> 标记的模块。 + </li><li><code>ro.debuggable=1</code> + </li><li><code>adb</code> 默认处于启用状态。 + </li></ul></td> +</tr> +</tbody></table> + +<h2 id="use-resource-overlays">利用资源叠加层定制版本</h2> + +<p>Android 编译系统会在编译时利用资源叠加层定制产品。资源叠加层用于指定在默认文件之上应用的资源文件。要使用资源叠加层,请修改项目编译文件,将 <code>PRODUCT_PACKAGE_OVERLAYS</code> 设为相对于顶级目录的路径。当编译系统搜索资源时,该路径将成为影子根目录,系统除了在当前根目录中进行搜索外,还会一并在该路径中搜索。</p> + +<p><a href="https://android.googlesource.com/platform/frameworks/base/+/master/core/res/res/values/config.xml">frameworks/base/core/res/res/config.xml</a> 文件中包含用户最常自定义的设置。</p> + +<p>要在此文件上设置资源叠加层,请将叠加层目录添加到项目编译文件中,如下所示:</p> + +<pre> +PRODUCT_PACKAGE_OVERLAYS := device/<i>device_implementer</i>/<i>device_name</i>/overlay +</pre> + +<p>或</p> + +<pre> +PRODUCT_PACKAGE_OVERLAYS := vendor/<i>vendor_name</i>/overlay +</pre> + +<p>然后,将一个叠加层文件添加到该目录下,例如:</p> + +<pre> +vendor/foobar/overlay/frameworks/base/core/res/res/config.xml +</pre> + +<p>在叠加层 <code>config.xml</code> 文件中找到的所有字符串或字符串数组都将会替换在原始文件中找到的对应字符串或字符串数组。</p> + +<h2 id="build-a-product">编译产品</h2> + +<p>您可以通过多种方式组织设备的源文件。我们将以 Nexus 6 为例,简要介绍是如何组织其实施文件的,不过您可以按照自己认为合适的方式组织源文件并进行编译。 +</p> +<p>为 Nexus 6 实施了一个名为 <code>shamu</code> 的主设备配置。根据此设备配置创建了一个产品以及一个产品定义 Makefile,该 Makefile 用于声明关于设备的产品特定信息,例如名称和型号。您可以查看 <code>device/moto/shamu</code> 目录,了解所有相关配置的具体设置方式。 +</p> +<h3 id="makefiles">编写 Makefile</h3> +<p>以下步骤介绍了如何采用与设置 Nexus 6 产品线类似的方式设置产品 Makefile:</p> +<ol> + <li>为您的产品创建 <code>device/<company_name>/<device_name></code> 目录,例如 <code>device/moto/shamu</code>。该目录中将包含您设备的源代码以及编译这些代码所需的 Makefile。 + </li> + + <li>创建一个用于声明设备所需文件和模块的 <code>device.mk</code> Makefile。有关示例,请参阅 <code>device/moto/shamu/device.mk</code>。 + </li> + + <li>创建一个产品定义 Makefile,以便基于设备创建具体产品。以下示例 Makefile 来自于 <code>device/moto/shamu/aosp_shamu.mk</code>。请注意,该产品会通过 Makefile 沿用 <code>device/moto/shamu/device.mk</code> 和 <code>vendor/moto/shamu/device-vendor.mk</code> 文件中的内容,同时还会声明产品特定信息,例如名称、品牌和型号。 + +<pre> +# Inherit from the common Open Source product configuration +$(call inherit-product, $(SRC_TARGET_DIR)/product/aosp_base_telephony.mk) + +PRODUCT_NAME := aosp_shamu +PRODUCT_DEVICE := shamu +PRODUCT_BRAND := Android +PRODUCT_MODEL := AOSP on Shamu +PRODUCT_MANUFACTURER := motorola +PRODUCT_RESTRICT_VENDOR_FILES := true + +$(call inherit-product, device/moto/shamu/device.mk) +$(call inherit-product-if-exists, vendor/moto/shamu/device-vendor.mk) + +PRODUCT_NAME := aosp_shamu + +PRODUCT_PACKAGES += \ + Launcher3 +</pre> + + <p>要查看可添加到 Makefile 的其他产品特定变量,请参阅<a href="#prod-def">产品定义变量</a>。 + </p> + </li> + + <li>创建一个指向产品的 Makefile 的 <code>AndroidProducts.mk</code> 文件。在此示例中,仅需要产品定义 Makefile。以下示例来自于 <code>device/moto/shamu/AndroidProducts.mk</code>:<pre> +# +# This file should set PRODUCT_MAKEFILES to a list of product makefiles +# to expose to the build system. LOCAL_DIR will already be set to +# the directory containing this file. +# +# This file may not rely on the value of any variable other than +# LOCAL_DIR; do not use any conditionals, and do not look up the +# value of any variable that isn't set in this file or in a file that +# it includes. +# + +PRODUCT_MAKEFILES := \ + $(LOCAL_DIR)/aosp_shamu.mk +</pre> + </li> + + <li>创建一个包含板特定配置的 <code>BoardConfig.mk</code> Makefile。有关示例,请参阅 <code>device/moto/shamu/BoardConfig.mk</code>。 + </li> + + <li>创建一个 <code>vendorsetup.sh</code> 文件,以便将您的产品(“午餐套餐”)与<a href="#build-variants">版本变体</a>(使用短划线将两者分隔开)一起添加到编译版本中。例如:<pre> +add_lunch_combo <product_name>-userdebug +</pre> + </li> + + <li>这时,您就可以基于同一设备创建更多产品变体了。 + </li> + +</ol> +<h3 id="prod-def">设置产品定义变量</h3> +<p>产品特定变量在产品的 Makefile 中定义。在产品定义文件中维护的变量包括:</p> +<table> + <tbody> + <tr> + <th>参数</th> + <th>说明</th> + <th>示例</th> + </tr> + <tr> + <td>PRODUCT_AAPT_CONFIG</td> + <td> + 创建程序包时使用的 <code>aapt</code> 配置</td> + <td></td> + </tr> + <tr> + <td>PRODUCT_BRAND</td> + <td>对软件进行自定义所针对的品牌(如果有),例如运营商</td> + <td></td> + </tr> + <tr> + <td>PRODUCT_CHARACTERISTICS</td> + <td> + <code>aapt</code> 特性,用于允许向程序包添加变体特定资源。 + </td> + <td>tablet、nosdcard</td> + </tr> + <tr> + <td>PRODUCT_COPY_FILES</td> + <td>字词列表,例如 <code>source_path:destination_path</code>。在编译相应产品时,应将源路径下的文件复制到目标路径。config/Makefile 中定义了针对复制步骤的规则</td> + <td></td> + </tr> + <tr> + <td>PRODUCT_DEVICE</td> + <td>工业设计的名称。这也是板名称,编译系统会使用该名称查找 <code>BoardConfig.mk.</code> + </td> + <td> + <code>tuna</code> + </td> + </tr> + <tr> + <td>PRODUCT_LOCALES</td> + <td>以空格分隔的列表,用于列出由双字母语言代码和双字母国家/地区代码组成的代码对,以便说明针对用户的一些设置,例如界面语言和时间、日期以及货币格式。PRODUCT_LOCALES 中列出的第一个语言区域会被用作产品的默认语言区域。 + </td> + <td> + <code>en_GB de_DE es_ES fr_CA</code> + </td> + </tr> + <tr> + <td>PRODUCT_MANUFACTURER</td> + <td>制造商的名称</td> + <td> + <code>acme</code> + </td> + </tr> + <tr> + <td>PRODUCT_MODEL</td> + <td>最终产品的最终用户可见名称</td> + <td></td> + </tr> + <tr> + <td>PRODUCT_NAME</td> + <td>总体产品的最终用户可见名称,将显示在“设置”>“关于”屏幕中。 + </td> + <td></td> + </tr> + <tr> + <td>PRODUCT_OTA_PUBLIC_KEYS</td> + <td>产品的无线下载 (OTA) 公钥列表</td> + <td></td> + </tr> + <tr> + <td>PRODUCT_PACKAGES</td> + <td>列出要安装的 APK 和模块。 + </td> + <td> + <code>Calendar Contacts</code> + </td> + </tr> + <tr> + <td>PRODUCT_PACKAGE_OVERLAYS</td> + <td>指明是使用默认资源还是添加任何产品特定叠加层</td> + <td> + <code>vendor/acme/overlay</code> + </td> + </tr> + <tr> + <td>PRODUCT_PROPERTY_OVERRIDES</td> + <td>系统属性分配(采用“key=value”格式)列表</td> + <td></td> + </tr> + </tbody> +</table> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/brands.html b/zh-cn/source/brands.html new file mode 100644 index 00000000..0aed859e --- /dev/null +++ b/zh-cn/source/brands.html @@ -0,0 +1,104 @@ +<html devsite><head> + <title>品牌使用准则</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>“Android”名称、<img src="/source/assets/images/sac_logo.png" alt="Android" style="margin:0;padding:0 2px;vertical-align:baseline"/> 徽标、“Google Play”品牌以及其他商标均为 Google Inc. 的资产,不属于通过 Android 开放源代码项目提供的资源。</p> + +<p>如果您有意使用这些品牌,以表明它们与您的设备之间有所关联,请遵循本文中的使用准则。这些使用准则与 <a href="https://developer.android.com/distribute/tools/promote/brand.html">Android 应用开发者品牌使用准则</a>和 <a href="https://www.google.com/permissions/">Google 品牌权限</a>是相辅相成的关系。</p> + +<h2 id="brand-android">Android</h2> + +<p>以下是关于 Android 品牌和相关资产的制造商使用准则。</p> + +<h3 id="text-android" style="clear:right">在文本中使用 Android</h3> +<ul> + <li>Android™ 首次出现在创意素材中时应标注商标符号。</li> + <li>“Android”应始终采用首字母大写形式,且一律不得使用复数或所有格形式。 + </li> + <li>若要在设备的硬件、包装或营销材料中使用“Android”,则只有<a href="/compatibility/index.html">与 Android 兼容</a>的设备才能这样做。</li> + <li>不得在产品名称中使用“Android”,也不得将其用作包装或设备上的主要或明显的标记。</li> + <li>“Android”一词只能用于指明您设备的操作系统。如果您不确定自己的用法是否符合我们的使用准则,请通过以下简单的测试来加以验证:如果您可以将“Android”替换为“Android 平台”且文本内容仍然有意义,那么您可以使用“Android”一词。 + <ul> + <li><span style="color:red">不正确</span>:Android XBrand 手机</li> + <li><span style="color:green">正确</span>:采用 Android 的 XBrand 手机</li> + </ul> + </li> + <li>您可以将“with Android”(搭载 Android)(以纯黑色文本显示)与您的徽标一起使用。如果与您的徽标一起使用,则“with Android”(搭载 Android)不应超过徽标大小的 90%。首次或着重以这种形式使用时,后面应标注 ™ 符号。</li> + <li>只有后跟一个合适的通称时,Android 才可用作描述词。<em></em>不得将“Android”用作您设备的产品名称或品牌的一部分。 + <ul> + <li><span style="color:red">不正确</span>:Android XBrand 手机</li> + <li><span style="color:green">正确</span>:Android 移动设备</li> + </ul> + <p><strong>无论在任何情况下使用 Android 名称,都必须在您的资料中包含以下归属信息</strong>:</p> + <blockquote><em>Android 是 Google Inc. 的商标。</em></blockquote><p></p> + </li> +</ul> + +<h4>可接受的使用情形示例</h4> +<img src="images/JB-TM-example.png" alt="Jelly Bean 商标示例"/> +<img src="images/8100-TM-example.png" alt="8100 系列商标示例"/> + +<h4>不可接受的使用情形示例</h4> +<img src="images/XBrand-TM-example.jpg" alt="XBrand 商标示例"/> + +<h3 id="logo-android">Android 徽标</h3> +<p>除非经 Google 书面协议明确授权,否则任何人都不得使用 Android 徽标及其专用字体(无论是否包含 Android 机器人)。</p> +<img alt="无徽标" src="images/android_logo_new_crossed_out.png"/> +<img alt="无徽标" src="https://developer.android.com/images/brand/android_logo_no.png"/> + +<h3 id="robot-android">Android 机器人</h3> + +<div class="wrap"> +<div class="col-4"> + <img alt="android-robot" style="float:left;margin-right:10px" src="/source/images/Android_Robot_100.png"/> + <p style="padding-top:20px"> + <a href="https://developer.android.com/images/brand/Android_Robot_100.png">100x118</a><br /> + <a href="https://developer.android.com/images/brand/Android_Robot_200.png">200x237</a><br /> + <a href="https://developer.android.com/downloads/brand/Android_Robot_outlined.ai">Illustrator</a> + </p> +</div> +<div class="col-8"> +<p style="padding-top:20px">在注明适当归属信息的情况下,您可以在营销资料中自由使用、重制和修改 Android 机器人。如需了解详情,请参阅<a href="https://developer.android.com/distribute/tools/promote/brand.html">应用开发者品牌使用准则</a>和 <a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons 许可</a>。</p> +</div> +</div> + +<div class="wrap" style="padding-top:20px"> +<div class="col-4" style="align:center"> +<img alt="no-peace-robot" style="width:30%;height:30%" src="images/No_PeaceBot_200.jpg"/> +</div> +<div class="col-8"> +<p style="padding-top:20px">合作伙伴的营销材料中不得使用 Android Peace 机器人或其任何变体形式(例如带 Peace 标记的 Android 机器人)。</p> +</div> +</div> + +<div style="clear:both"></div> +<h2 id="brand-google_play">Google Play</h2> + +<p>若要在硬件包装、硬件的营销材料或硬件本身上使用“Google Play”名称和 Google Play 商店图标,则只有<a href="/source/faqs.html#if-my-device-is-compatible-does-it-automatically-have-access-to-google-play-and-branding">获得使用 Google Play 的许可</a>的设备才能这样做。如需查看获得使用 Google Play 的许可的设备列表,请参阅<a href="https://support.google.com/googleplay/answer/1727131">支持的设备</a>。</p> + +<h2>其他品牌</h2> +<p><a href="https://www.android.com/auto/">Android Auto</a>、<a href="https://www.android.com/tv/">Android TV</a> 和 <a href="https://www.android.com/wear/">Android Wear</a> 是 Google 所拥有的品牌。这些品牌要求使用 Google 专有软件,此类软件在 Android 平台上运行且只能在获得 Google 授予的许可后使用。要了解如何申请许可,请参阅<a href="/compatibility/contact-us.html">与我们联系</a>。 + +</p><h2 id="Questions">问题</h2> + +<p>如需了解更多品牌使用信息,请通过提交<a href="https://support.google.com/googleplay/contact/brand_developer">合作伙伴品牌咨询表单</a>与 Android 合作伙伴营销团队联系。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/build-numbers.html b/zh-cn/source/build-numbers.html new file mode 100644 index 00000000..883954b1 --- /dev/null +++ b/zh-cn/source/build-numbers.html @@ -0,0 +1,1737 @@ +<html devsite><head> + <title>代号、标记和细分版本 (Build) 号</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>简要来说,Android 的开发是围绕着版本系列进行的,这些版本使用美味的点心名字(按字母顺序)作为代号。</p> + +<h2 id="platform-code-names-versions-api-levels-and-ndk-releases">平台代号、版本、API 级别和 NDK 版本</h2> +<p>为方便起见,代号与以下版本号、API 级别和 NDK 版本相对应:</p> +<table> +<thead> +<tr> +<th>代号</th> +<th>版本</th> +<th>API 级别</th> +</tr> +</thead> +<tbody> +<tr> +<td>Nougat</td> +<td>7.1</td> +<td>API 级别 25</td> +</tr> +<tr> +<td>Nougat</td> +<td>7.0</td> +<td>API 级别 24</td> +</tr> +<tr> +<td>Marshmallow</td> +<td>6.0</td> +<td>API 级别 23</td> +</tr> +<tr> +<td>Lollipop</td> +<td>5.1</td> +<td>API 级别 22</td> +</tr> +<tr> +<td>Lollipop</td> +<td>5.0</td> +<td>API 级别 21</td> +</tr> +<tr> +<td>KitKat</td> +<td>4.4-4.4.4</td> +<td>API 级别 19</td> +</tr> +<tr> +<td>Jelly Bean</td> +<td>4.3.x</td> +<td>API 级别 18</td> +</tr> +<tr> +<td>Jelly Bean</td> +<td>4.2.x</td> +<td>API 级别 17</td> +</tr> +<tr> +<td>Jelly Bean</td> +<td>4.1.x</td> +<td>API 级别 16</td> +</tr> +<tr> +<td>Ice Cream Sandwich</td> +<td>4.0.3-4.0.4</td> +<td>API 级别 15,NDK 8</td> +</tr> +<tr> +<td>Ice Cream Sandwich</td> +<td>4.0.1-4.0.2</td> +<td>API 级别 14,NDK 7</td> +</tr> +<tr> +<td>Honeycomb</td> +<td>3.2.x</td> +<td>API 级别 13</td> +</tr> +<tr> +<td>Honeycomb</td> +<td>3.1</td> +<td>API 级别 12,NDK 6</td> +</tr> +<tr> +<td>Honeycomb</td> +<td>3.0</td> +<td>API 级别 11</td> +</tr> +<tr> +<td>Gingerbread</td> +<td>2.3.3-2.3.7</td> +<td>API 级别 10</td> +</tr> +<tr> +<td>Gingerbread</td> +<td>2.3-2.3.2</td> +<td>API 级别 9,NDK 5</td> +</tr> +<tr> +<td>Froyo</td> +<td>2.2.x</td> +<td>API 级别 8,NDK 4</td> +</tr> +<tr> +<td>Eclair</td> +<td>2.1</td> +<td>API 级别 7,NDK 3</td> +</tr> +<tr> +<td>Eclair</td> +<td>2.0.1</td> +<td>API 级别 6</td> +</tr> +<tr> +<td>Eclair</td> +<td>2.0</td> +<td>API 级别 5</td> +</tr> +<tr> +<td>Donut</td> +<td>1.6</td> +<td>API 级别 4,NDK 2</td> +</tr> +<tr> +<td>Cupcake</td> +<td>1.5</td> +<td>API 级别 3,NDK 1</td> +</tr> +<tr> +<td>(无代号)</td> +<td>1.1</td> +<td>API 级别 2</td> +</tr> +<tr> +<td>(无代号)</td> +<td>1.0</td> +<td>API 级别 1</td> +</tr> +</tbody> +</table> +<p>从 Cupcake 开始,每个细分细分版本均有一个简短的细分版本代码,以作区分,例如 FRF85B。</p> +<p>第一个字母代表相应版本系列的代号,例如 F 表示 Froyo。</p> +<p>第二个字母是分支代码,Google 用它来表示细分版本所属的确切代号分支。按照惯例,R 表示主要版本分支。</p> +<p>接下来的字母和两个数字是日期代码。字母表示季度,其中 A 表示 2009 年第 1 季度。因此,F 表示 2010 年第 2 季度。两个数字表示相应季度内的第某天,因此 F85 表示 2010 年 6 月 24 日。</p> +<p>最后,末尾字母表示具有相同日期代码的不同版本,从 A 开始;但 A 实际上并不会显示,通常会为了简洁而省略。</p> +<p>日期代码并不一定是某个细分版本的确切构建日期,Google 常常会在现有细分版本中增加细微的更改,并在新细分版本中重复使用与现有细分版本相同的日期代码。</p> + +<h2 id="source-code-tags-and-builds">源代码标记和细分版本</h2> +<p>下表完整列出了从 Donut 开始的细分版本和标记。您可以从以下网址下载 Nexus 设备的出厂映像和二进制文件:</p> +<p><a href="https://developers.google.com/android/nexus/images">https://developers.google.com/android/nexus/images</a></p> +<p><a href="https://developers.google.com/android/nexus/drivers">https://developers.google.com/android/nexus/drivers</a></p> +<table> + <thead> + <tr> + <th>细分版本</th> + <th>分支</th> + <th>版本</th> + <th>支持的设备</th> + </tr> + </thead> + <tbody> + <tr> + <td>N6F26U</td> + <td>android-7.1.1_r28</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>NUF26N</td> + <td>android-7.1.1_r27</td> + <td>Nougat</td> + <td>Nexus 6P</td> + </tr> + <tr> + <td>NOF27C</td> + <td>android-7.1.1_r26</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NOF27B</td> + <td>android-7.1.1_r25</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>N4F26T</td> + <td>android-7.1.1_r24</td> + <td>Nougat</td> + <td>Nexus 5X、Nexus 6P、Nexus 9 (volantis/volantisg)、Pixel C</td> + </tr> + <tr> + <td>NMF27D</td> + <td>android-7.1.1_r23</td> + <td>Nougat</td> + <td>Nexus Player</td> + </tr> + <tr> + <td>NMF26X</td> + <td>android-7.1.1_r22</td> + <td>Nougat</td> + <td>Nexus Player</td> + </tr> + <tr> + <td>NOF26W</td> + <td>android-7.1.1_r21</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NOF26V</td> + <td>android-7.1.1_r20</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>N6F26R</td> + <td>android-7.1.1_r17</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>NUF26K</td> + <td>android-7.1.1_r16</td> + <td>Nougat</td> + <td>Nexus 6P</td> + </tr> + <tr> + <td>N4F26Q</td> + <td>android-7.1.1_r15</td> + <td>Nougat</td> + <td>Nexus 9 (volantis/volantisg)</td> + </tr> + <tr> + <td>N4F26O</td> + <td>android-7.1.1_r14</td> + <td>Nougat</td> + <td>Nexus 5X、Nexus 6P、Pixel C</td> + </tr> + <tr> + <td>N6F26Q</td> + <td>android-7.1.1_r13</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>N4F26M</td> + <td>android-7.1.1_r12</td> + <td>Nougat</td> + <td>Nexus 9 (volantis)</td> + </tr> + <tr> + <td>N4F26J</td> + <td>android-7.1.1_r11</td> + <td>Nougat</td> + <td>Nexus 5X、Nexus 6P</td> + </tr> + <tr> + <td>N4F26I</td> + <td>android-7.1.1_r10</td> + <td>Nougat</td> + <td>Nexus 5X、Nexus 6P、Pixel C</td> + </tr> + <tr> + <td>NMF26V</td> + <td>android-7.1.1_r9</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NMF26U</td> + <td>android-7.1.1_r8</td> + <td>Nougat</td> + <td>Pixel XL、Pixel </td> + </tr> + <tr> + <td>NMF26R</td> + <td>android-7.1.1_r7</td> + <td>Nougat</td> + <td>Nexus Player</td> + </tr> + <tr> + <td>NMF26Q</td> + <td>android-7.1.1_r6</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NMF26O</td> + <td>android-7.1.1_r4</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NMF26J</td> + <td>android-7.1.1_r3</td> + <td>Nougat</td> + <td>Nexus Player</td> + </tr> + <tr> + <td>NMF26H</td> + <td>android-7.1.1_r2</td> + <td>Nougat</td> + <td>Pixel C</td> + </tr> + <tr> + <td>NMF26F</td> + <td>android-7.1.1_r1</td> + <td>Nougat</td> + <td>Nexus 5X、Nexus 6P、Nexus 9 (volantis/volantisg)</td> + </tr> + <tr> + <td>NDE63X</td> + <td>android-7.1.0_r7</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NDE63V</td> + <td>android-7.1.0_r6</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NDE63U</td> + <td>android-7.1.0_r5</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NDE63P</td> + <td>android-7.1.0_r4</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NDE63L</td> + <td>android-7.1.0_r2</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NDE63H</td> + <td>android-7.1.0_r1</td> + <td>Nougat</td> + <td>Pixel XL、Pixel</td> + </tr> + <tr> + <td>NBD92E</td> + <td>android-7.0.0_r31</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr><tr> + </tr><tr> + <td>NBD92D</td> + <td>android-7.0.0_r30</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr><tr> + <td>NBD91Z</td> + <td>android-7.0.0_r29</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr><tr> + <td>NBD91Y</td> + <td>android-7.0.0_r28</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>NBD91X</td> + <td>android-7.0.0_r27</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>NBD91U</td> + <td>android-7.0.0_r24</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>N5D91L</td> + <td>android-7.0.0_r21</td> + <td>Nougat</td> + <td>Nexus 5X</td> + </tr> + <tr> + <td>NBD91P</td> + <td>android-7.0.0_r19</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>NRD91K</td> + <td>android-7.0.0_r17</td> + <td>Nougat</td> + <td>Nexus 6P</td> + </tr> + <tr> + <td>NRD91N</td> + <td>android-7.0.0_r15</td> + <td>Nougat</td> + <td>Nexus 5X、Pixel C、Nexus Player、Nexus 9 (volantis/volantisg)</td> + </tr> + <tr> + <td>NBD90Z</td> + <td>android-7.0.0_r14</td> + <td>Nougat</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>NBD90X</td> + <td>android-7.0.0_r13</td> + <td>Nougat</td> + <td>Nexus 6P</td> + </tr> + <tr> + <td>NBD90W</td> + <td>android-7.0.0_r12</td> + <td>Nougat</td> + <td>Nexus 5X</td> + </tr> + <tr> + <td>NRD91D</td> + <td>android-7.0.0_r7</td> + <td>Nougat</td> + <td>Pixel C、Nexus Player、Nexus 9 (WLAN)</td> + </tr> + <tr> + <td>NRD90U</td> + <td>android-7.0.0_r6</td> + <td>Nougat</td> + <td>Nexus 6P</td> + </tr> + <tr> + <td>NRD90T</td> + <td>android-7.0.0_r5</td> + <td>Nougat</td> + <td>Nexus 6P</td> + </tr> + <tr> + <td>NRD90S</td> + <td>android-7.0.0_r4</td> + <td>Nougat</td> + <td>Nexus 5X</td> + </tr> + <tr> + <td>NRD90R</td> + <td>android-7.0.0_r3</td> + <td>Nougat</td> + <td>Nexus 5X、Nexus 9 (volantis)、Nexus Player、Pixel C</td> + </tr> + <tr> + <td>NRD90M</td> + <td>android-7.0.0_r1</td> + <td>Nougat</td> + <td>Nexus 5X、Nexus 9 (volantis)、Nexus Player、Pixel C</td> + </tr> + <tr> + <td>MOB31T</td> + <td>android-6.0.1_r79</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>MOB31S</td> + <td>android-6.0.1_r78</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>M4B30Z</td> + <td>android-6.0.1_r77</td> + <td>Marshmallow</td> + <td>Nexus 5</td> + </tr> + <tr> + <td>MOB31K</td> + <td>android-6.0.1_r74</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>MMB31C</td> + <td>android-6.0.1_r73</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>M4B30X</td> + <td>android-6.0.1_r72</td> + <td>Marshmallow</td> + <td>Nexus 5</td> + </tr> + <tr> + <td>MOB31H</td> + <td>android-6.0.1_r70</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>MMB30Y</td> + <td>android-6.0.1_r69</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>MTC20K</td> + <td>android-6.0.1_r67</td> + <td>Marshmallow</td> + <td>Nexus 5X</td> + </tr> + <tr> + <td>MOB31E</td> + <td>android-6.0.1_r66</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 6、Nexus 9 (volantis)</td> + </tr> + <tr> + <td>MMB30W</td> + <td>android-6.0.1_r65</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>MXC89L</td> + <td>android-6.0.1_r63</td> + <td>Marshmallow</td> + <td>Pixel C</td> + </tr> + <tr> + <td>MTC20F</td> + <td>android-6.0.1_r62</td> + <td>Marshmallow</td> + <td>Nexus 5X、Nexus 6P</td> + </tr> + <tr> + <td>MOB30Y</td> + <td>android-6.0.1_r60</td> + <td>Marshmallow</td> + <td>Nexus 5</td> + </tr> + <tr> + <td>MOB30X</td> + <td>android-6.0.1_r59</td> + <td>Marshmallow</td> + <td>Nexus 7 (flo/deb)</td> + </tr> + <tr> + <td>MOB30W</td> + <td>android-6.0.1_r58</td> + <td>Marshmallow</td> + <td>Nexus 6、Nexus 9 (volantis/volantisg)、Nexus Player</td> + </tr> + <tr> + <td>MMB30S</td> + <td>android-6.0.1_r57</td> + <td>Marshmallow</td> + <td>Nexus 7 (deb)</td> + </tr> + <tr> + <td>MMB30R</td> + <td>android-6.0.1_r56</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>MXC89K</td> + <td>android-6.0.1_r55</td> + <td>Marshmallow</td> + <td>Pixel C</td> + </tr> + <tr> + <td>MTC19Z</td> + <td>android-6.0.1_r54</td> + <td>Marshmallow</td> + <td>Nexus 5X</td> + </tr> + <tr> + <td>MTC19X</td> + <td>android-6.0.1_r53</td> + <td>Marshmallow</td> + <td>Nexus 6P</td> + </tr> + <tr> + <td>MOB30P</td> + <td>android-6.0.1_r50</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 7 (flo/deb)、Nexus 9 (volantis/volantisg)、Nexus Player</td> + </tr> + <tr> + <td>MOB30O</td> + <td>android-6.0.1_r49</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>MMB30M</td> + <td>android-6.0.1_r48</td> + <td>Marshmallow</td> + <td>Nexus 7 (deb)</td> + </tr> + <tr> + <td>MMB30K</td> + <td>android-6.0.1_r47</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>MOB30M</td> + <td>android-6.0.1_r46</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 6、Nexus 7 (flo/deb)、Nexus 9 (volantis/volantisg)、Nexus Player</td> + </tr> + <tr> + <td>MTC19V</td> + <td>android-6.0.1_r45</td> + <td>Marshmallow</td> + <td>Nexus 5X、Nexus 6P</td> + </tr> + <tr> + <td>MOB30J</td> + <td>android-6.0.1_r43</td> + <td>Marshmallow</td> + <td>Nexus 7 (flo/deb)</td> + </tr> + <tr> + <td>MOB30I</td> + <td>android-6.0.1_r42</td> + <td>Marshmallow</td> + <td>Nexus 6</td> + </tr> + <tr> + <td>MOB30H</td> + <td>android-6.0.1_r41</td> + <td>Marshmallow</td> + <td>Nexus 5</td> + </tr> + <tr> + <td>MOB30G</td> + <td>android-6.0.1_r40</td> + <td>Marshmallow</td> + <td>Nexus 9 (volantis/volantisg)、Nexus Player</td> + </tr> + <tr> + <td>MXC89H</td> + <td>android-6.0.1_r33</td> + <td>Marshmallow</td> + <td>Pixel C</td> + </tr> + <tr> + <td>MXC89F</td> + <td>android-6.0.1_r32</td> + <td>Marshmallow</td> + <td>Pixel C</td> + </tr> + <tr> + <td>MMB30J</td> + <td>android-6.0.1_r28</td> + <td>Marshmallow</td> + <td>Nexus 6、Nexus 7 (deb)</td> + </tr> + <tr> + <td>MTC19T</td> + <td>android-6.0.1_r25</td> + <td>Marshmallow</td> + <td>Nexus 5X、Nexus 6P</td> + </tr> +<tr> + <td>M5C14J</td> + <td>android-6.0.1_r31</td> + <td>Marshmallow</td> + <td>Pixel C</td> +</tr> +<tr> + <td>MOB30D</td> + <td>android-6.0.1_r30</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 6、Nexus 7 (flo/deb)、Nexus 9 (volantis/volantisg)、Nexus Player</td> +</tr> +<tr> + <td>MHC19Q</td> + <td>android-6.0.1_r24</td> + <td>Marshmallow</td> + <td>Nexus 5X、Nexus 6P</td> +</tr> +<tr> + <td>MHC19J</td> + <td>android-6.0.1_r22</td> + <td>Marshmallow</td> + <td>Nexus 5X</td> +</tr> +<tr> + <td>MHC19I</td> + <td>android-6.0.1_r21</td> + <td>Marshmallow</td> + <td>Nexus 6P</td> +</tr> +<tr> + <td>MMB29X</td> + <td>android-6.0.1_r20</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 6、Nexus 7 (deb)、Nexus 9 (volantisg)</td> +</tr> +<tr> + <td>MXC14G</td> + <td>android-6.0.1_r18</td> + <td>Marshmallow</td> + <td>Pixel C</td> +</tr> +<tr> + <td>MMB29V</td> + <td>android-6.0.1_r17</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 5X、Nexus 6、Nexus 6P、Nexus 7 (flo/deb)、Nexus 9 (volantis/volantisg)</td> +</tr> +<tr> + <td>MXB48T</td> + <td>android-6.0.1_r16</td> + <td>Marshmallow</td> + <td>Pixel C</td> +</tr> +<tr> + <td>MMB29U</td> + <td>android-6.0.1_r13</td> + <td>Marshmallow</td> + <td>Nexus Player</td> +</tr> +<tr> + <td>MMB29R</td> + <td>android-6.0.1_r12</td> + <td>Marshmallow</td> + <td>Nexus 9 (volantis/volantisg)</td> +</tr> +<tr> + <td>MMB29Q</td> + <td>android-6.0.1_r11</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 5X、Nexus 6、Nexus 6P、Nexus 7 (flo/deb)</td> +</tr> +<tr> + <td>MMB29T</td> + <td>android-6.0.1_r10</td> + <td>Marshmallow</td> + <td>Nexus Player</td> +</tr> +<tr> + <td>MMB29S</td> + <td>android-6.0.1_r9</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 6、Nexus 9 (volantis/volantisg)</td> +</tr> +<tr> + <td>MMB29P</td> + <td>android-6.0.1_r8</td> + <td>Marshmallow</td> + <td>Nexus 5X、Nexus 6P</td> +</tr> +<tr> + <td>MMB29O</td> + <td>android-6.0.1_r7</td> + <td>Marshmallow</td> + <td>Nexus 7 (flo/deb)</td> +</tr> +<tr> + <td>MXB48K</td> + <td>android-6.0.1_r5</td> + <td>Marshmallow</td> + <td>Pixel C</td> +</tr> +<tr> + <td>MXB48J</td> + <td>android-6.0.1_r4</td> + <td>Marshmallow</td> + <td>Pixel C</td> +</tr> +<tr> + <td>MMB29M</td> + <td>android-6.0.1_r3</td> + <td>Marshmallow</td> + <td>Nexus 6P、Nexus Player</td> +</tr> +<tr> + <td>MMB29K</td> + <td>android-6.0.1_r1</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 5X、Nexus 6、Nexus 7 (flo/deb)、Nexus 9 (volantis/volantisg)</td> +</tr> +<tr> + <td>MMB29N</td> + <td>android-6.0.0_r41</td> + <td>Marshmallow</td> + <td>Nexus 6P</td> +</tr> +<tr> + <td>MDB08M</td> + <td>android-6.0.0_r26</td> + <td>Marshmallow</td> + <td>Nexus 5X、Nexus 6P</td> +</tr> +<tr> + <td>MDB08L</td> + <td>android-6.0.0_r25</td> + <td>Marshmallow</td> + <td>Nexus 5X、Nexus 6P</td> +</tr> +<tr> + <td>MDB08K</td> + <td>android-6.0.0_r24</td> + <td>Marshmallow</td> + <td>Nexus 6P</td> +</tr> +<tr> + <td>MDB08I</td> + <td>android-6.0.0_r23</td> + <td>Marshmallow</td> + <td>Nexus 5X</td> +</tr> +<tr> + <td>MDA89E</td> + <td>android-6.0.0_r12</td> + <td>Marshmallow</td> + <td>Nexus 5X</td> +</tr> +<tr> + <td>MDA89D</td> + <td>android-6.0.0_r11</td> + <td>Marshmallow</td> + <td>Nexus 6P</td> +</tr> +<tr> + <td>MRA59B</td> + <td>android-6.0.0_r7</td> + <td>Marshmallow</td> + <td>Nexus 7 (deb)</td> +</tr> +<tr> + <td>MRA58X</td> + <td>android-6.0.0_r6</td> + <td>Marshmallow</td> + <td>Nexus 6</td> +</tr> +<tr> + <td>MRA58V</td> + <td>android-6.0.0_r5</td> + <td>Marshmallow</td> + <td>Nexus 7 (flo/deb)</td> +</tr> +<tr> + <td>MRA58U</td> + <td>android-6.0.0_r4</td> + <td>Marshmallow</td> + <td>Nexus 7 (flo)</td> +</tr> +<tr> + <td>MRA58N</td> + <td>android-6.0.0_r2</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 6、Nexus 7 (flo/deb)、Nexus 9 (volantis/volantisg)、Nexus Player</td> +</tr> +<tr> + <td>MRA58K</td> + <td>android-6.0.0_r1</td> + <td>Marshmallow</td> + <td>Nexus 5、Nexus 6、Nexus 7 (flo/deb)、Nexus 9 (volantis/volantisg)、Nexus Player</td> +</tr> +<tr> + <td>LMY49M</td> + <td>android-5.1.1_r38</td> + <td>Lollipop</td> + <td>Nexus 10</td> +</tr> +<tr> + <td>LMY49J</td> + <td>android-5.1.1_r37</td> + <td>Lollipop</td> + <td>Nexus 10</td> +</tr> +<tr> + <td>LMY49I</td> + <td>android-5.1.1_r36</td> + <td>Lollipop</td> + <td>Nexus 10</td> +</tr> +<tr> + <td>LMY49H</td> + <td>android-5.1.1_r35</td> + <td>Lollipop</td> + <td>Nexus 10</td> +</tr> +<tr> + <td>LMY49G</td> + <td>android-5.1.1_r34</td> + <td>Lollipop</td> + <td>Nexus 10</td> +</tr> +<tr> + <td>LMY49F</td> + <td>android-5.1.1_r33</td> + <td>Lollipop</td> + <td>Nexus 9 (volantisg)、Nexus 10</td> +</tr> +<tr> + <td>LMY48Z</td> + <td>android-5.1.1_r30</td> + <td>Lollipop</td> + <td>Nexus 6、Nexus 7 (deb)、Nexus 9 (volantisg)、Nexus 10</td> +</tr> +<tr> + <td>LYZ28N</td> + <td>android-5.1.1_r28</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 T-Mobile)</td> +</tr> +<tr> + <td>LMY48Y</td> + <td>android-5.1.1_r26</td> + <td>Lollipop</td> + <td>Nexus 6</td> +</tr> +<tr> + <td>LMY48X</td> + <td>android-5.1.1_r25</td> + <td>Lollipop</td> + <td>Nexus 6、Nexus 7 (deb)、Nexus 9 (volantisg)、Nexus 10</td> +</tr> +<tr> + <td>LMY48W</td> + <td>android-5.1.1_r24</td> + <td>Lollipop</td> + <td>Nexus 6</td> +</tr> +<tr> + <td>LVY48H</td> + <td>android-5.1.1_r23</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 Project Fi)</td> +</tr> +<tr> + <td>LYZ28M</td> + <td>android-5.1.1_r22</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 T-Mobile)</td> +</tr> +<tr> + <td>LMY48U</td> + <td>android-5.1.1_r20</td> + <td>Lollipop</td> + <td>Nexus 7 (deb)</td> +</tr> +<tr> + <td>LMY48T</td> + <td>android-5.1.1_r19</td> + <td>Lollipop</td> + <td>Nexus 4、Nexus 6、Nexus 9 (volantis/volantisg)、Nexus 10</td> +</tr> +<tr> + <td>LVY48F</td> + <td>android-5.1.1_r18</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 Project Fi)</td> +</tr> +<tr> + <td>LYZ28K</td> + <td>android-5.1.1_r17</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 T-Mobile)</td> +</tr> +<tr> + <td>LMY48P</td> + <td>android-5.1.1_r16</td> + <td>Lollipop</td> + <td>Nexus 7 (deb)</td> +</tr> +<tr> + <td>LMY48N</td> + <td>android-5.1.1_r15</td> + <td>Lollipop</td> + <td>Nexus Player</td> +</tr> +<tr> + <td>LMY48M</td> + <td>android-5.1.1_r14</td> + <td>Lollipop</td> + <td>Nexus 4、Nexus 5、Nexus 6、Nexus 7 (flo)、Nexus 9 (volantis/volantisg)、Nexus 10</td> +</tr> +<tr> + <td>LVY48E</td> + <td>android-5.1.1_r13</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 Project Fi)</td> +</tr> +<tr> + <td>LYZ28J</td> + <td>android-5.1.1_r12</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 T-Mobile)</td> +</tr> +<tr> + <td>LMY48J</td> + <td>android-5.1.1_r10</td> + <td>Lollipop</td> + <td>Nexus Player</td> +</tr> +<tr> + <td>LMY48I</td> + <td>android-5.1.1_r9</td> + <td>Lollipop</td> + <td>Nexus 4、Nexus 5、Nexus 6、Nexus 7 (flo)、Nexus 9 (volantis/volantisg)、Nexus 10</td> +</tr> +<tr> + <td>LVY48C</td> + <td>android-5.1.1_r8</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 Project Fi)</td> +</tr> +<tr> + <td>LMY48G</td> + <td>android-5.1.1_r6</td> + <td>Lollipop</td> + <td>Nexus 7 (flo)</td> +</tr> +<tr> + <td>LYZ28E</td> + <td>android-5.1.1_r5</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 T-Mobile)</td> +</tr> +<tr> + <td>LMY47Z</td> + <td>android-5.1.1_r4</td> + <td>Lollipop</td> + <td>Nexus 6(面向除 T-Mobile(美国)之外的所有运营商)</td> +</tr> +<tr> + <td>LMY48B</td> + <td>android-5.1.1_r3</td> + <td>Lollipop</td> + <td>Nexus 5</td> +</tr> +<tr> + <td>LMY47X</td> + <td>android-5.1.1_r2</td> + <td>Lollipop</td> + <td>Nexus 9 (volantis)</td> +</tr> +<tr> + <td>LMY47V</td> + <td>android-5.1.1_r1</td> + <td>Lollipop</td> + <td>Nexus 7 (flo/grouper)、Nexus 10、Nexus Player</td> +</tr> +<tr> + <td>LMY47O</td> + <td>android-5.1.0_r5</td> + <td>Lollipop</td> + <td>Nexus 4、Nexus 7 (flo/deb)</td> +</tr> +<tr> + <td>LMY47M</td> + <td>android-5.1.0_r4</td> + <td>Lollipop</td> + <td>Nexus 6(仅面向 T-Mobile)</td> +</tr> +<tr> + <td>LMY47I</td> + <td>android-5.1.0_r3</td> + <td>Lollipop</td> + <td>Nexus 5、Nexus 6</td> +</tr> +<tr> + <td>LMY47E</td> + <td>android-5.1.0_r2</td> + <td>Lollipop</td> + <td>Nexus 6</td> +</tr> +<tr> + <td>LMY47D</td> + <td>android-5.1.0_r1</td> + <td>Lollipop</td> + <td>Nexus 5、Nexus 6、Nexus 7 (grouper/tilapia)、Nexus 10、Nexus Player</td> +</tr> +<tr> + <td>LRX22L</td> + <td>android-5.0.2_r3</td> + <td>Lollipop</td> + <td>Nexus 9 (volantis/volantisg)</td> +</tr> +<tr> + <td>LRX22G</td> + <td>android-5.0.2_r1</td> + <td>Lollipop</td> + <td>Nexus 7 (flo/deb/grouper/tilapia)、Nexus 10</td> +</tr> +<tr> + <td>LRX22C</td> + <td>android-5.0.1_r1</td> + <td>Lollipop</td> + <td>Nexus 4、Nexus 5、Nexus 6 (shamu)、Nexus 7 (flo)、Nexus 9 (volantis/volantisg)、Nexus 10</td> +</tr> +<tr> + <td>LRX21V</td> + <td>android-5.0.0_r7.0.1</td> + <td>Lollipop</td> + <td>Nexus Player (fugu)</td> +</tr> +<tr> + <td>LRX21T</td> + <td>android-5.0.0_r6.0.1</td> + <td>Lollipop</td> + <td>Nexus 4</td> +</tr> +<tr> + <td>LRX21R</td> + <td>android-5.0.0_r5.1.0.1</td> + <td>Lollipop</td> + <td>Nexus 9 (volantis)</td> +</tr> +<tr> + <td>LRX21Q</td> + <td>android-5.0.0_r5.0.1</td> + <td>Lollipop</td> + <td>Nexus 9 (volantis)</td> +</tr> +<tr> + <td>LRX21P</td> + <td>android-5.0.0_r4.0.1</td> + <td>Lollipop</td> + <td>Nexus 7 (flo/grouper)、Nexus 10</td> +</tr> +<tr> + <td>LRX21O</td> + <td>android-5.0.0_r3.0.1</td> + <td>Lollipop</td> + <td>Nexus 5 (hammerhead)、Nexus 6 (shamu)</td> +</tr> +<tr> + <td>LRX21M</td> + <td>android-5.0.0_r2.0.1</td> + <td>Lollipop</td> + <td>Nexus Player (fugu)</td> +</tr> +<tr> + <td>LRX21L</td> + <td>android-5.0.0_r1.0.1</td> + <td>Lollipop</td> + <td>Nexus 9 (volantis)</td> +</tr> +<tr> + <td>KTU84Q</td> + <td>android-4.4.4_r2</td> + <td>KitKat</td> + <td>Nexus 5 (hammerhead)(仅面向新西兰的 2Degrees、澳大利亚的 Telstra 和印度)</td> +</tr> +<tr> + <td>KTU84P</td> + <td>android-4.4.4_r1</td> + <td>KitKat</td> + <td>Nexus 5、Nexus 7 (flo/deb/grouper/tilapia)、Nexus 4、Nexus 10</td> +</tr> +<tr> + <td>KTU84M</td> + <td>android-4.4.3_r1.1</td> + <td>KitKat</td> + <td>Nexus 5 (hammerhead)</td> +</tr> +<tr> + <td>KTU84L</td> + <td>android-4.4.3_r1</td> + <td>KitKat</td> + <td>Nexus 7 (flo/deb/grouper/tilapia)、Nexus 4、Nexus 1</td> +</tr> +<tr> + <td>KVT49L</td> + <td>android-4.4.2_r2</td> + <td>KitKat</td> + <td>Nexus 7 (deb Verizon)</td> +</tr> +<tr> + <td>KOT49H</td> + <td>android-4.4.2_r1</td> + <td>KitKat</td> + <td>Nexus 5、Nexus 7 (flo/deb/grouper/tilapia)、Nexus 4、Nexus 10</td> +</tr> +<tr> + <td>KOT49E</td> + <td>android-4.4.1_r1</td> + <td>KitKat</td> + <td>Nexus 5、Nexus 7 (flo/deb/grouper/tilapia)、Nexus 4、Nexus 10</td> +</tr> +<tr> + <td>KRT16S</td> + <td>android-4.4_r1.2</td> + <td>KitKat</td> + <td>Nexus 7 (flo/deb/grouper/tilapia)、Nexus 4、Nexus 1</td> +</tr> +<tr> + <td>KRT16M</td> + <td>android-4.4_r1</td> + <td>KitKat</td> + <td>Nexus 5 (hammerhead)</td> +</tr> +<tr> + <td>JLS36I</td> + <td>android-4.3.1_r1</td> + <td>Jelly Bean</td> + <td>Nexus 7 (deb)</td> +</tr> +<tr> + <td>JLS36C</td> + <td>android-4.3_r3</td> + <td>Jelly Bean</td> + <td>Nexus 7 (deb)</td> +</tr> +<tr> + <td>JSS15R</td> + <td>android-4.3_r2.3</td> + <td>Jelly Bean</td> + <td>Nexus 7 (flo)</td> +</tr> +<tr> + <td>JSS15Q</td> + <td>android-4.3_r2.2</td> + <td>Jelly Bean</td> + <td>Nexus 7 (flo)</td> +</tr> +<tr> + <td>JSS15J</td> + <td>android-4.3_r2.1</td> + <td>Jelly Bean</td> + <td>Nexus 7 (flo/deb)</td> +</tr> +<tr> + <td>JSR78D</td> + <td>android-4.3_r2</td> + <td>Jelly Bean</td> + <td>Nexus 7 (deb)</td> +</tr> +<tr> + <td>JWR66Y</td> + <td>android-4.3_r1.1</td> + <td>Jelly Bean</td> + <td>Galaxy Nexus、Nexus 7 (grouper/tilapia)、Nexus 4、Nexus 10</td> +</tr> +<tr> + <td>JWR66V</td> + <td>android-4.3_r1</td> + <td>Jelly Bean</td> + <td>Galaxy Nexus、Nexus 7 (grouper/tilapia)、Nexus 4、Nexus 10</td> +</tr> +<tr> + <td>JWR66N</td> + <td>android-4.3_r0.9.1</td> + <td>Jelly Bean</td> + <td>Galaxy Nexus、Nexus 7 (grouper/tilapia/flo)、Nexus 4、Nexus 10</td> +</tr> +<tr> + <td>JWR66L</td> + <td>android-4.3_r0.9</td> + <td>Jelly Bean</td> + <td>Nexus 7</td> +</tr> +<tr> + <td>JDQ39E</td> + <td>android-4.2.2_r1.2</td> + <td>Jelly Bean</td> + <td>Nexus 4</td> +</tr> +<tr> + <td>JDQ39B</td> + <td>android-4.2.2_r1.1</td> + <td>Jelly Bean</td> + <td>Nexus 7</td> +</tr> +<tr> + <td>JDQ39</td> + <td>android-4.2.2_r1</td> + <td>Jelly Bean</td> + <td>Galaxy Nexus、Nexus 7、Nexus 4、Nexus 10</td> +</tr> +<tr> + <td>JOP40G</td> + <td>android-4.2.1_r1.2</td> + <td>Jelly Bean</td> + <td>Nexus 4</td> +</tr> +<tr> + <td>JOP40F</td> + <td>android-4.2.1_r1.1</td> + <td>Jelly Bean</td> + <td>Nexus 10</td> +</tr> +<tr> + <td>JOP40D</td> + <td>android-4.2.1_r1</td> + <td>Jelly Bean</td> + <td>Galaxy Nexus、Nexus 7、Nexus 4、Nexus 10</td> +</tr> +<tr> + <td>JOP40C</td> + <td>android-4.2_r1</td> + <td>Jelly Bean</td> + <td>Galaxy Nexus、Nexus 7、Nexus 4、Nexus 10</td> +</tr> +<tr> + <td>JZO54M</td> + <td>android-4.1.2_r2.1</td> + <td>Jelly Bean</td> + <td></td> +</tr> +<tr> + <td>JZO54L</td> + <td>android-4.1.2_r2</td> + <td>Jelly Bean</td> + <td></td> +</tr> +<tr> + <td>JZO54K</td> + <td>android-4.1.2_r1</td> + <td>Jelly Bean</td> + <td>Nexus S、Galaxy Nexus、Nexus 7</td> +</tr> +<tr> + <td>JRO03S</td> + <td>android-4.1.1_r6.1</td> + <td>Jelly Bean</td> + <td>Nexus 7</td> +</tr> +<tr> + <td>JRO03R</td> + <td>android-4.1.1_r6</td> + <td>Jelly Bean</td> + <td>Nexus S 4G</td> +</tr> +<tr> + <td>JRO03O</td> + <td>android-4.1.1_r5</td> + <td>Jelly Bean</td> + <td>Galaxy Nexus</td> +</tr> +<tr> + <td>JRO03L</td> + <td>android-4.1.1_r4</td> + <td>Jelly Bean</td> + <td>Nexus S</td> +</tr> +<tr> + <td>JRO03H</td> + <td>android-4.1.1_r3</td> + <td>Jelly Bean</td> + <td></td> +</tr> +<tr> + <td>JRO03E</td> + <td>android-4.1.1_r2</td> + <td>Jelly Bean</td> + <td>Nexus S</td> +</tr> +<tr> + <td>JRO03D</td> + <td>android-4.1.1_r1.1</td> + <td>Jelly Bean</td> + <td>Nexus 7</td> +</tr> +<tr> + <td>JRO03C</td> + <td>android-4.1.1_r1</td> + <td>Jelly Bean</td> + <td>Galaxy Nexus</td> +</tr> +<tr> + <td>IMM76L</td> + <td>android-4.0.4_r2.1</td> + <td>Ice Cream Sandwich</td> + <td> </td> +</tr> +<tr> + <td>IMM76K</td> + <td>android-4.0.4_r2</td> + <td>Ice Cream Sandwich</td> + <td>Galaxy Nexus</td> +</tr> +<tr> + <td>IMM76I</td> + <td>android-4.0.4_r1.2</td> + <td>Ice Cream Sandwich</td> + <td>Galaxy Nexus</td> +</tr> +<tr> + <td>IMM76D</td> + <td>android-4.0.4_r1.1</td> + <td>Ice Cream Sandwich</td> + <td>Nexus S、Nexus S 4G、Galaxy Nexus</td> +</tr> +<tr> + <td>IMM76</td> + <td>android-4.0.4_r1</td> + <td>Ice Cream Sandwich</td> + <td></td> +</tr> +<tr> + <td>IML77</td> + <td>android-4.0.3_r1.1</td> + <td>Ice Cream Sandwich</td> + <td></td> +</tr> +<tr> + <td>IML74K</td> + <td>android-4.0.3_r1</td> + <td>Ice Cream Sandwich</td> + <td>Nexus S</td> +</tr> +<tr> + <td>ICL53F</td> + <td>android-4.0.2_r1</td> + <td>Ice Cream Sandwich</td> + <td>Galaxy Nexus</td> +</tr> +<tr> + <td>ITL41F</td> + <td>android-4.0.1_r1.2</td> + <td>Ice Cream Sandwich</td> + <td>Galaxy Nexus</td> +</tr> +<tr> + <td>ITL41D</td> + <td>android-4.0.1_r1.1</td> + <td>Ice Cream Sandwich</td> + <td>Galaxy Nexus</td> +</tr> +<tr> + <td>ITL41D</td> + <td>android-4.0.1_r1</td> + <td>Ice Cream Sandwich</td> + <td>Galaxy Nexus</td> +</tr> +<tr> + <td>GWK74</td> + <td>android-2.3.7_r1</td> + <td>Gingerbread</td> + <td>Nexus S 4G</td> +</tr> +<tr> + <td>GRK39F</td> + <td>android-2.3.6_r1</td> + <td>Gingerbread</td> + <td>Nexus One、Nexus S</td> +</tr> +<tr> + <td>GRK39C</td> + <td>android-2.3.6_r0.9</td> + <td>Gingerbread</td> + <td>Nexus S</td> +</tr> +<tr> + <td>GRJ90</td> + <td>android-2.3.5_r1</td> + <td>Gingerbread</td> + <td>Nexus S 4G</td> +</tr> +<tr> + <td>GRJ22</td> + <td>android-2.3.4_r1</td> + <td>Gingerbread</td> + <td>Nexus One、Nexus S、Nexus S 4G</td> +</tr> +<tr> + <td>GRJ06D</td> + <td>android-2.3.4_r0.9</td> + <td>Gingerbread</td> + <td>Nexus S 4G</td> +</tr> +<tr> + <td>GRI54</td> + <td>android-2.3.3_r1.1</td> + <td>Gingerbread</td> + <td>Nexus S</td> +</tr> +<tr> + <td>GRI40</td> + <td>android-2.3.3_r1</td> + <td>Gingerbread</td> + <td>Nexus One、Nexus S</td> +</tr> +<tr> + <td>GRH78C</td> + <td>android-2.3.2_r1</td> + <td>Gingerbread</td> + <td>Nexus S</td> +</tr> +<tr> + <td>GRH78</td> + <td>android-2.3.1_r1</td> + <td>Gingerbread</td> + <td>Nexus S</td> +</tr> +<tr> + <td>GRH55</td> + <td>android-2.3_r1</td> + <td>Gingerbread</td> + <td>使用 Gingerbread 最早期版本的设备、Nexus S</td> +</tr> +<tr> + <td>FRK76C</td> + <td>android-2.2.3_r2</td> + <td>Froyo</td> + <td> </td> +</tr> +<tr> + <td>FRK76</td> + <td>android-2.2.3_r1</td> + <td>Froyo</td> + <td></td> +</tr> +<tr> + <td>FRG83G</td> + <td>android-2.2.2_r1</td> + <td>Froyo</td> + <td>Nexus One</td> +</tr> +<tr> + <td>FRG83D</td> + <td>android-2.2.1_r2</td> + <td>Froyo</td> + <td>Nexus One</td> +</tr> +<tr> + <td>FRG83</td> + <td>android-2.2.1_r1</td> + <td>Froyo</td> + <td>Nexus One</td> +</tr> +<tr> + <td>FRG22D</td> + <td>android-2.2_r1.3</td> + <td>Froyo</td> + <td></td> +</tr> +<tr> + <td>FRG01B</td> + <td>android-2.2_r1.2</td> + <td>Froyo</td> + <td></td> +</tr> +<tr> + <td>FRF91</td> + <td>android-2.2_r1.1</td> + <td>Froyo</td> + <td>Nexus One</td> +</tr> +<tr> + <td>FRF85B</td> + <td>android-2.2_r1</td> + <td>Froyo</td> + <td>Nexus One</td> +</tr> +<tr> + <td>EPF21B</td> + <td>android-2.1_r2.1p2</td> + <td>Eclair</td> + <td> </td> +</tr> +<tr> + <td>ESE81</td> + <td>android-2.1_r2.1s</td> + <td>Eclair</td> + <td></td> +</tr> +<tr> + <td>EPE54B</td> + <td>android-2.1_r2.1p</td> + <td>Eclair</td> + <td>Nexus One</td> +</tr> +<tr> + <td>ERE27</td> + <td>android-2.1_r2</td> + <td>Eclair</td> + <td>Nexus One</td> +</tr> +<tr> + <td>ERD79</td> + <td>android-2.1_r1</td> + <td>Eclair</td> + <td>Nexus One</td> +</tr> +<tr> + <td>ESD56</td> + <td>android-2.0.1_r1</td> + <td>Eclair</td> + <td></td> +</tr> +<tr> + <td>ESD20</td> + <td>android-2.0_r1</td> + <td>Eclair</td> + <td> </td> +</tr> +<tr> + <td>DMD64</td> + <td>android-1.6_r1.5</td> + <td>Donut</td> + <td> </td> +</tr> +<tr> + <td>DRD20</td> + <td>android-1.6_r1.4</td> + <td></td> + <td></td> +</tr> +<tr> + <td>DRD08</td> + <td>android-1.6_r1.3</td> + <td></td> + <td></td> +</tr> +<tr> + <td>DRC92</td> + <td>android-1.6_r1.2</td> + <td></td> + <td></td> +</tr> +</tbody> +</table> +<p>froyo、gingerbread、ics-mr0、ics-mr1、jb-dev、jb-mr1-dev、jb-mr1.1-dev、jb-mr2-dev 和 kitkat-dev 等分支代表与经过 Google 测试的配置不完全一致的开发分支。除官方命名的版本之外,它们可能还包含尚未经过全面测试的各种更改。</p> + +<p>要区分各个版本,您可以发出以下命令并指定两个分支标记,以获取与每个项目相关联的更改列表:</p> + +<pre><code>$ repo forall -pc 'git log --no-merges --oneline branch-1..branch-2'</code></pre> + +<p>例如:</p> + +<pre><code>$ repo forall -pc 'git log --no-merges --oneline android-4.4.2_r2..android-4.4.2_r1'</code></pre> + +<p>要输出到文本文件,请运行以下命令:</p> + +<pre><code>repo forall -pc 'git log --no-merges --oneline android-4.4.2_r2..android-4.4.2_r1' > /tmp/android-4.4.2_r2-android-4.4.2_r1-diff.txt</code></pre> + +<h2 id="honeycomb-gpl-modules">Honeycomb GPL 模块</h2> +<p>Honeycomb 的整个平台源代码未对外公开。不过,遵循 GPL 和 LGPL 许可的某些 Honeycomb 模块已对外公开,对应于如下的标记:</p> + +<table> +<thead> +<tr> +<th>细分版本</th> +<th>标记</th> +<th>备注</th> +</tr> +</thead> +<tbody> +<tr> +<td>HRI39</td> +<td>android-3.0_r1</td> +<td>Honeycomb 最早期版本</td> +</tr> +<tr> +<td>HRI66</td> +<td>android-3.0_r1.1</td> +<td></td> +</tr> +<tr> +<td>HWI69</td> +<td>android-3.0_r1.2</td> +<td></td> +</tr> +<tr> +<td>HRI83</td> +<td>android-3.0_r1.3</td> +<td></td> +</tr> +<tr> +<td>HMJ37</td> +<td>android-3.1_r1</td> +<td></td> +</tr> +<tr> +<td>HTJ85B</td> +<td>android-3.2_r1</td> +<td></td> +</tr> +<tr> +<td>HTK55D</td> +<td>android-3.2.1_r1</td> +<td></td> +</tr> +<tr> +<td>HTK75D</td> +<td>android-3.2.1_r2</td> +<td></td> +</tr> +<tr> +<td>HLK75C</td> +<td>android-3.2.2_r1</td> +<td></td> +</tr> +<tr> +<td>HLK75D</td> +<td>android-3.2.2_r2</td> +<td></td> +</tr> +<tr> +<td>HLK75F</td> +<td>android-3.2.4_r1</td> +<td></td> +</tr> +<tr> +<td>HLK75H</td> +<td>android-3.2.6_r1</td> +<td>Honeycomb 的最新版本</td> +</tr> +</tbody> +</table> +<p>请注意,我们未提供刚好包含以上模块的清单。不过,我们提供的有些清单允许构建这些组件。以下命令适用于 3.0_r1.1,您可以通过切换 git checkout 参数来使用其他版本,还可以在必要时使用 repo init 中的 -m 参数。对于非 GPL 项目,git checkout 命令会返回错误,因为它找不到相应的标记。</p> +<pre><code>$ repo init -b master -m base-for-3.0-gpl.xml +$ repo sync +$ repo forall -c git checkout android-3.0_r1.1 +</code></pre> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/building-kernels.html b/zh-cn/source/building-kernels.html new file mode 100644 index 00000000..a9644ab9 --- /dev/null +++ b/zh-cn/source/building-kernels.html @@ -0,0 +1,243 @@ +<html devsite><head> + <title>编译内核</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>本页详细介绍了如何仅编译内核。以下说明假设您尚未下载整个 AOSP;如果您已完成下载,则可以跳过 <code>git clone</code> 对应的步骤,但下载内核源代码的步骤除外。</p> + +<p>本部分中的所有示例均使用 <a href="/source/devices.html#hikey-boards">hikey</a> 内核。</p> + +<h2 id="figuring-out-which-kernel-to-build">选择内核</h2> +<p>此表列出了内核源代码和二进制文件的名称及所在位置:<table> + <tbody><tr> + <th>设备</th> + <th>二进制文件所在的位置</th> + <th>源代码所在的位置</th> + <th>编译配置</th> + </tr> + <tr> + <td>marlin</td> + <td>device/google/marlin-kernel</td> + <td>kernel/msm</td> + <td>marlin_defconfig</td> + </tr> + <tr> + <td>sailfish</td> + <td>device/google/marlin-kernel</td> + <td>kernel/msm</td> + <td>marlin_defconfig</td> + </tr> + <tr> + <td>hikey</td> + <td>device/linaro/hikey-kernel</td> + <td>kernel/hikey-linaro</td> + <td>hikey_defconfig</td> + </tr> + <tr> + <td>angler</td> + <td>device/huawei/angler-kernel</td> + <td>kernel/msm</td> + <td>angler_defconfig</td> + </tr> + <tr> + <td>bullhead</td> + <td>device/lge/bullhead-kernel</td> + <td>kernel/msm</td> + <td>bullhead_defconfig</td> + </tr> + <tr> + <td>shamu</td> + <td>device/moto/shamu-kernel</td> + <td>kernel/msm</td> + <td>shamu_defconfig</td> + </tr> + <tr> + <td>fugu</td> + <td>device/asus/fugu-kernel</td> + <td>kernel/x86_64</td> + <td>fugu_defconfig</td> + </tr> + <tr> + <td>volantis</td> + <td>device/htc/flounder-kernel</td> + <td>kernel/tegra</td> + <td>flounder_defconfig</td> + </tr> + <tr> + <td>hammerhead</td> + <td>device/lge/hammerhead-kernel</td> + <td>kernel/msm</td> + <td>hammerhead_defconfig</td> + </tr> + <tr> + <td>flo</td> + <td>device/asus/flo-kernel/kernel</td> + <td>kernel/msm</td> + <td>flo_defconfig</td> + </tr> + <tr> + <td>deb</td> + <td>device/asus/flo-kernel/kernel</td> + <td>kernel/msm</td> + <td>flo_defconfig</td> + </tr> + <tr> + <td>manta</td> + <td>device/samsung/manta/kernel</td> + <td>kernel/exynos</td> + <td>manta_defconfig</td> + </tr> + <tr> + <td>mako</td> + <td>device/lge/mako-kernel/kernel</td> + <td>kernel/msm</td> + <td>mako_defconfig</td> + </tr> + <tr> + <td>grouper</td> + <td>device/asus/grouper/kernel</td> + <td>kernel/tegra</td> + <td>tegra3_android_defconfig</td> + </tr> + <tr> + <td>tilapia</td> + <td>device/asus/grouper/kernel</td> + <td>kernel/tegra</td> + <td>tegra3_android_defconfig</td> + </tr> + <tr> + <td>maguro</td> + <td>device/samsung/tuna/kernel</td> + <td>kernel/omap</td> + <td>tuna_defconfig</td> + </tr> + <tr> + <td>toro</td> + <td>device/samsung/tuna/kernel</td> + <td>kernel/omap</td> + <td>tuna_defconfig</td> + </tr> + <tr> + <td>panda</td> + <td>device/ti/panda/kernel</td> + <td>kernel/omap</td> + <td>panda_defconfig</td> + </tr> + <tr> + <td>stingray</td> + <td>device/moto/wingray/kernel</td> + <td>kernel/tegra</td> + <td>stingray_defconfig</td> + </tr> + <tr> + <td>wingray</td> + <td>device/moto/wingray/kernel</td> + <td>kernel/tegra</td> + <td>stingray_defconfig</td> + </tr> + <tr> + <td>crespo</td> + <td>device/samsung/crespo/kernel</td> + <td>kernel/samsung</td> + <td>herring_defconfig</td> + </tr> + <tr> + <td>crespo4g</td> + <td>device/samsung/crespo/kernel</td> + <td>kernel/samsung</td> + <td>herring_defconfig</td> + </tr> +</tbody></table> + +</p><p>确定要使用的设备项目之后,请查看内核二进制文件的 Git 日志。设备项目采用 <code>device/<vendor>/<name></code> 形式。</p> + +<pre><code>$ git clone https://android.googlesource.com/kernel/hikey-linaro +$ cd hikey-linaro +$ git log --max-count=1 kernel +</code></pre> + +<p>内核二进制文件的提交消息中包含用于编译二进制文件的内核源代码的部分 Git 日志。该日志中的第一个条目是最新内容(也即用于编译内核的条目)。请记下提交消息,因为您在后续步骤中会用得到该消息。</p> + +<h2 id="id-version">确定内核版本</h2> + +<p>要确定系统映像中使用的内核版本,请对内核文件运行以下命令:</p> + +<pre><code>$ dd if=kernel bs=1 skip=$(LC_ALL=C grep -a -b -o $'\x1f\x8b\x08\x00\x00\x00\x00\x00' kernel | cut -d ':' -f 1) | zgrep -a 'Linux version' +</code></pre> + +<p>对于 Nexus 5 (hammerhead),请运行以下命令:</p> +<pre><code>$ dd if=zImage-dtb bs=1 skip=$(LC_ALL=C od -Ad -x -w2 zImage-dtb | grep 8b1f | cut -d ' ' -f1 | head -1) | zgrep -a 'Linux version' +</code></pre> + +<h2 id="downloading-sources">下载源代码</h2> +<p>使用适当的 <code>git clone</code> 命令为您要编译的内核下载源代码:</p> + +<pre><code>$ git clone https://android.googlesource.com/kernel/common.git +$ git clone https://android.googlesource.com/kernel/hikey-linaro +$ git clone https://android.googlesource.com/kernel/x86_64.git +$ git clone https://android.googlesource.com/kernel/exynos.git +$ git clone https://android.googlesource.com/kernel/goldfish.git +$ git clone https://android.googlesource.com/kernel/msm.git +$ git clone https://android.googlesource.com/kernel/omap.git +$ git clone https://android.googlesource.com/kernel/samsung.git +$ git clone https://android.googlesource.com/kernel/tegra.git +</code></pre> + +<ul> +<li><code>goldfish</code> 项目包含适用于所模拟的平台的内核源代码。</li> +<li><code>msm</code> 项目包含适用于 ADP1、ADP2、Nexus One、Nexus 4、Nexus 5、Nexus 6、Nexus 5X、Nexus 6P、Nexus 7 (2013)、Pixel 和 Pixel XL 的源代码,可用作使用 Qualcomm MSM 芯片组的起点。</li> +<li><code>omap</code> 项目用于 PandaBoard 和 Galaxy Nexus,可用作使用 TI OMAP 芯片组的起点。</li> +<li><code>samsung</code> 项目用于 Nexus S,可用作使用 Samsung Hummingbird 芯片组的起点。</li> +<li><code>tegra</code> 项目用于 Xoom、Nexus 7 (2012)、Nexus 9,可用作使用 NVIDIA Tegra 芯片组的起点。</li> +<li><code>exynos</code> 项目包含适用于 Nexus 10 的内核源代码,可用作使用 Samsung Exynos 芯片组的起点。</li> +<li><code>x86_64</code> 项目包含适用于 Nexus Player 的内核源代码,可用作使用 Intel x86_64 芯片组的起点。</li> +<li><code>hikey-linaro</code> 项目用于 HiKey 参考板,可用作使用 HiSilicon 620 芯片组的起点。</li> +</ul> + +<h2 id="downloading-a-prebuilt-gcc">下载预编译 gcc</h2> +<p>确保预编译工具链位于您的以下路径中:</p> +<pre>$ export PATH=$(pwd)/prebuilts/gcc/linux-x86/arm/arm-eabi-4.6/bin:$PATH</pre> +<p>或</p> +<pre>$ export PATH=$(pwd)/prebuilts/gcc/darwin-x86/arm/arm-eabi-4.6/bin:$PATH</pre> + +<p>在 Linux 主机上,如果您没有 Android 源代码树,则可以从以下路径下载预编译工具链:</p><pre>$ git clone https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/arm/arm-eabi-4.6</pre> + +<h2 id="building">编译内核</h2> +<p>当您了解了内核的最后一条提交消息并已成功下载内核源代码和预编译的 gcc 后,就可以编译内核了。以下编译命令使用了 hikey 内核:</p> +<pre><code>$ export ARCH=arm64 +$ export CROSS_COMPILE=aarch64-linux-android- +$ cd hikey-linaro +$ git checkout -b android-hikey-linaro-4.1 origin/android-hikey-linaro-4.1 +$ make hikey_defconfig +$ make +</code></pre> + +<p>要编译不同的内核,只需将 <code>hikey-linaro</code> 替换为您要编译的内核的名称即可。</p> + +<p>映像会输出到 <code>arch/arm64/boot/Image</code> 目录;内核二进制文件会输出到 <code>arch/arm64/boot/dts/hisilicon/hi6220-hikey.dtb</code> 文件。请将 <code>Image</code> 目录和 <code>hi6220-hikey.dtb</code> 文件复制到 <code>hikey-kernel</code> 目录。</p> + +<p>或者,您可以在使用 <code>make bootimage</code>(或编译启动映像的任何其他 <code>make</code> 命令行)时添加 <code>TARGET_PREBUILT_KERNEL</code> 变量。所有设备均支持该变量,因为它是通过 <code>device/common/populate-new-device.sh</code> 进行设置的。例如:</p> + +<pre><code>$ export TARGET_PREBUILT_KERNEL=$your_kernel_path/arch/arm/boot/zImage-dtb +</code></pre> + +<p class="note"><strong>注意</strong>:内核名称因设备而异。要找到内核的正确文件名,请参阅内核源代码中的 <code>device/<vendor>/<name></code>。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/building.html b/zh-cn/source/building.html new file mode 100644 index 00000000..cbca024a --- /dev/null +++ b/zh-cn/source/building.html @@ -0,0 +1,164 @@ +<html devsite><head> + <title>编译准备工作</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>以下关于编译 Android 源代码树的说明适用于所有分支,包括 <code>master</code>。编译命令的基本顺序如下:</p> + +<p class="note"><strong>注意</strong>:如果您要编译 Android 6.0 或更高版本,请参阅<a href="jack.html">使用 Jack 编译</a>,了解这种新的默认工具链。</p> + +<h2 id="obtaining-proprietary-binaries">下载专有二进制文件</h2> + +<p>您不能仅通过纯源代码来使用 AOSP,要运行 AOSP,还需要与硬件相关的其他专有库,例如用于硬件图形加速的专有库。如需其他资源的下载链接和<a href="requirements.html#binaries">设备二进制文件要求</a>,请参阅以下各部分。</p> + +<h3 id="downloading-proprietary-binaries">下载专有二进制文件</h3> + +<p>对于运行带标记的 AOSP 版本分支的受支持设备,您可以从 <a href="https://developers.google.com/android/nexus/drivers">Google 的 Nexus 驱动程序页面</a>下载相关的官方二进制文件。有了这些二进制文件,您将有权使用采用非开放源代码的其他硬件功能。要编译 AOSP 的 master 分支,请使用 <a href="https://developers.google.com/android/nexus/blobs-preview">Nexus 设备的二进制文件预览</a>。在针对某种设备编译 master 分支时,请使用适用于<a href="/source/build-numbers.html">最新编号版本</a>的二进制文件或具有最新日期的二进制文件。</p> + +<h3 id="extracting-proprietary-binaries">解压专有二进制文件</h3> + +<p>每组二进制文件都是压缩包中的一个自解压脚本。解压每个压缩包,从源代码树的根目录运行附带的自解压脚本,然后确认您同意附带的许可协议的条款。二进制文件及其对应的 Makefile 将会安装在源代码树的 <code>vendor/</code> 层次结构中。</p> + +<h3 id="cleaning-up">清理</h3> + +<p>为了确保新安装的二进制文件在解压后会被适当考虑在内,请使用以下命令删除所有以前编译操作的已有输出:</p> +<pre><code>$ make clobber +</code></pre> + +<h2 id="initialize">设置环境</h2> +<p>使用 <code>envsetup.sh</code> 脚本初始化环境。请注意,将 <code>source</code> 替换成 <code>.</code>(一个点)可以省去一些字符,这种简写形式在文档中更为常用。</p> +<pre><code>$ source build/envsetup.sh +</code></pre> +<p>或</p> +<pre><code>$ . build/envsetup.sh +</code></pre> + +<h2 id="choose-a-target">选择目标</h2> +<p>使用 <code>lunch</code> 选择要编译的目标。确切的配置可作为参数进行传递。例如以下命令:</p> +<pre><code>$ lunch aosp_arm-eng +</code></pre> +<p>该命令表示针对模拟器进行完整编译,并且所有调试功能均处于启用状态。</p> +<p>如果您没有提供任何参数就运行命令,<code>lunch</code> 将提示您从菜单中选择一个目标。</p> +<p>所有编译目标都采用 <code>BUILD-BUILDTYPE</code> 形式,其中 <code>BUILD</code> 是表示特定功能组合的代号。</p> + +<p>BUILDTYPE 是以下类型之一:</p> +<table> +<thead> +<tr> +<th>编译类型</th> +<th>使用情况</th> +</tr> +</thead> +<tbody> +<tr> +<td>user</td> +<td>权限受限;适用于生产环境</td> +</tr> +<tr> +<td>userdebug</td> +<td>与“user”类似,但具有 root 权限和可调试性;是进行调试时的首选编译类型</td> +</tr> +<tr> +<td>eng</td> +<td>具有额外调试工具的开发配置</td> +</tr> +</tbody> +</table> +<p>要详细了解如何针对实际硬件进行编译以及如何在实际硬件上运行版本,请参阅<a href="running.html">运行版本</a>。</p> + +<h2 id="build-the-code">编译代码</h2> + +<p>请注意,本部分只是一个摘要,用于确保设置已完成。如需关于编译 Android 的详细说明,请参阅<a href="running.html">运行编译系统</a>。</p> + +<p>您可以使用 <code>make</code> 编译任何代码。GNU Make 可以借助 <code>-jN</code> 参数处理并行任务,通常使用的任务数 N 介于编译时所用计算机上硬件线程数的 1-2 倍之间。例如,在一台双核 E5520 计算机(2 个 CPU,每个 CPU 4 个内核,每个内核 2 个线程)上,要实现最快的编译速度,可以使用介于 <code>make -j16</code> 到 <code>make -j32</code> 之间的命令。</p> + +<pre> +$ make -j4 +</pre> + +<h2 id="run-it">开始运行!</h2> + +<p>您可以在模拟器上运行自己的版本,也可以将其刷到设备上。请注意,因为您之前已使用 <code>lunch</code> 选择编译目标,因此很可能无法在编译目标之外的目标上运行您的版本。</p> + +<p class="note"><strong>注意</strong>:请记得<a href="#obtaining-proprietary-binaries">下载专有二进制文件</a>,否则您的版本将无法在目标硬件上成功启动。如果您在此时下载二进制 Blob,则需要将其解压、<code>make clobber</code> 并重新编译。</p> + +<h3 id="flash-a-device">使用 fastboot 刷机</h3> + +<p>要对设备进行刷机,您需要使用 <code>fastboot</code>(编译成功后,它应该会包含在您的路径中)。如需相关说明,请参阅<a href="running.html#flashing-a-device">对设备进行刷机</a>。</p> + +<h3 id="emulate-an-android-device">模拟 Android 设备</h3> + +<p>编译流程会自动将模拟器添加到您的路径中。要运行模拟器,请输入以下命令:</p> + +<pre> +$ emulator +</pre> + +<h2 id="troubleshooting-common-build-errors">排查常见编译错误</h2> + +<h3 id="wrong-java-version">Java 版本不正确</h3> + +<p>如果您尝试编译的 Android 版本与您的 Java 版本不一致,<code>make</code> 将会终止并显示诸如以下消息:</p> +<pre> +************************************************************ +You are attempting to build with the incorrect version +of java. + +Your version is: WRONG_VERSION. +The correct version is: RIGHT_VERSION. + +Please follow the machine setup instructions at + https://source.android.com/source/initializing.html +************************************************************ +</pre> + +<p>这可能是由以下原因引起的:</p> + +<ul> +<li>未能安装 <a href="requirements.html#jdk">JDK 要求</a>中指定的正确 JDK。</li> +<li>之前安装的另一个 JDK 出现在您的路径中。将正确的 JDK 附加到路径开头,或者移除有问题的 JDK。</li> +</ul> + +<h3 id="python-version-3">Python 版本 3</h3> + +<p>Repo 是基于 Python 2.x 中的特定功能构建的,但遗憾的是与 Python 3 不兼容。要使用 Repo,请安装 Python 2.x:</p> + +<pre> +$ apt-get install python +</pre> + +<h3 id="case-insensitive-filesystem">不区分大小写的文件系统</h3> + +<p>您在 Mac OS 中的 HFS 文件系统上进行编译时,可能会遇到诸如以下错误:</p> +<pre> +************************************************************ +You are building on a case-insensitive filesystem. +Please move your source tree to a case-sensitive filesystem. +************************************************************ +</pre> +<p>请按照<a href="initializing.html">初始化编译环境</a>中的相关说明创建区分大小写的磁盘映像。</p> + +<h3 id="no-usb-permission">没有 USB 权限</h3> + +<p>在大多数 Linux 系统中,无特权的用户默认情况下无法使用 USB 端口。如果您看到权限遭拒错误,请按照<a href="initializing.html">初始化编译环境</a>中的相关说明配置 USB 使用权限。</p> + +<p>如果 adb 已在运行,并且在这些规则设置完成后无法连接到设备,您可以使用 <code>adb kill-server</code> 将其终止。这将使 adb 采用新的配置重启。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/code-lines.html b/zh-cn/source/code-lines.html new file mode 100644 index 00000000..0e0648e2 --- /dev/null +++ b/zh-cn/source/code-lines.html @@ -0,0 +1,109 @@ +<html devsite><head> + <title>代码流水线、分支和版本</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p> +Android 开放源代码项目 (AOSP) 维护着一个全面的软件堆栈,原始设备制造商 (OEM) 和其他设备实现者可移植并在自己的硬件上运行该堆栈。为了维持 Android 项目的质量,Google 分派了全职工程师、产品经理、界面设计师、质量保证测试人员以及更多相关人员(将新型设备推向市场所需的所有其他角色)来负责相关工作。 +</p> + +<p> +相应地,我们还维护着多个“代码流水线”,以便明确区分当前稳定版 Android 与不稳定的实验性版本。我们将 Android 代码流水线的开放源代码管理和维护工作纳入到了更大的产品开发周期中。 +</p> + +<p> +下图从概念层面显示了 AOSP 如何管理代码和版本。我们将它们称为“代码流水线”而不是“分支”,只是因为在任何特定时刻,特定“代码流水线”都可能有多个分支。例如,当某个版本定型时,它可能会(也可能不会)根据当前需要变为新的分支。 +</p> +<ol> + <li> + <p>在任何特定时刻,Android 平台都有一个当前最新版本。该版本通常作为树中的一个分支。 + </p> + </li> + <li> + <p>设备制造商和贡献者会以当前最新版本为基础来修复错误、发布新设备、试验新功能等。 + </p> + </li> + <li> + <p>与此同时,Google 会根据产品的需求和目标,在内部开发下一版 Android 平台和框架。开发下一版 Android 时,我们会与设备合作伙伴协作,在旗舰设备上推出新版 Android,旗舰设备的规格经过深思熟虑,旨在推动 Android 朝着我们希望的方向发展。 + </p> + </li> + <li> + <p>当第“n+1”版准备就绪时,它就会发布到公开源代码树,并成为新的最新版本。 + </p> + </li> +</ol> + <img src="/images/code-lines.png" alt="code-line diagram" id="figure1"/> +<p class="img-caption"> + <strong>图 1.</strong> AOSP 代码和版本</p> +<h2 id="terms-and-caveats">条款和注意事项</h2> +<ul> + <li> + <p><em></em>一个版本对应一个正式版 Android 平台,如 1.5、2.1 等等。一般来说,一个平台版本对应于 AndroidManifest.xml 文件 <code>SdkVersion</code> 字段中的版本(如源代码树的 <code>frameworks/base/api</code> 中所定义)。 + </p> + </li> + <li> + <p><em></em>上游项目是指 Android 堆栈从中提取代码的开放源代码项目。这包括一些著名的项目,如 Linux 内核和 WebKit。随着发展,我们也在引入一些半自主性 Android 项目(如 ART、Android SDK 工具、Bionic 等)作为“上游”项目进行开发。一般情况下,这些项目完全是在公开树中开发的。对于某些上游项目,开发是通过直接为上游项目本身做贡献来完成的。如需了解详情,请参阅<a href="submit-patches.html#upstream-projects">上游项目</a>。在这两种情况下,快照会定期纳入版本中。 + </p> + </li> + <li> + <p>在任何时候,版本代码流水线(实际上可能由 Git 中的多个真实存在的分支组成)都被视为给定 Android 平台版本的唯一规范源代码。原始设备制造商 (OEM) 和开发设备的其他组织应该仅从版本分支中获取源代码。 + </p> + </li> + <li> + <p>“实验性”代码流水线是为了收集社区带来的更改,从而在保持稳定性的基础上反复进行改进。 + </p> + </li> + <li> + <p>被认定为稳定的更改最终会提取到版本分支中。请注意,这仅适用于错误修复、应用改进和不影响平台 API 的其他更改。 + </p> + </li> + <li> + <p>在必要时,更改将从上游项目(包括 Android“上游”项目)提取到版本分支中。 + </p> + </li> + <li> + <p>第“n+1”版(即框架和平台 API 的下一个重大版本)将由 Google 在内部开发。如需了解详情,请参阅<a href="#about-private-code-lines">私密代码流水线简介</a>。 + </p> + </li> + <li> + <p>在必要时,更改将从上游、版本和实验性分支提取到 Google 的私密分支。 + </p> + </li> + <li> + <p>当下一版本的平台 API 已经稳定并经过全面测试后,Google 会针对下一版平台定型一个版本。(具体来说,这指的是一个新的 <code>SdkVersion</code>。)这个版本也将对应于作为公开版本分支的内部代码流水线和新的当前平台代码流水线。 + </p> + </li> + <li> + <p>当某个新的平台版本定型时,Google 会同时创建相应的实验性代码流水线。 + </p> + </li> +</ul> + +<h2 id="about-private-code-lines">不公开代码流水线简介</h2> +<p>上述源代码管理策略谈到了 Google 会维护一个不公开的代码流水线。这样做是为了将注意力集中在 Android 的当前公开版本上。 +</p> +<p>原始设备制造商 (OEM) 和其他设备制造商自然希望发布搭载最新版 Android 的设备。同样,如非必要,应用开发者也不希望处理更多个平台版本。与此同时,Google 要负责把握 Android 作为平台和产品的战略方向。我们的方法侧重于在少量旗舰设备上推进功能的演化,同时确保与 Android 相关的知识产权得到妥善保护。 +</p> +<p>如此一来,Google 经常掌握有来自第三方的机密信息。在确保采取适当的保护措施之前,我们必须避免泄露敏感功能。此外,同时存在太多平台版本会给平台带来真正的风险。考虑到这些因素,我们构建了开放源代码项目(包含第三方贡献的内容),以专注于目前公开的稳定版 Android。下一版平台的“深度开发”将会私下进行,直到一切就绪,最终成为正式版本。 +</p> +<p>我们意识到,许多贡献者不同意这种做法。我们尊重其他人可能有不同的观点;但这是我们认为的最佳方式,我们也选择这种方法来进行实现。 +</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/code-style.html b/zh-cn/source/code-style.html new file mode 100644 index 00000000..1460d3f4 --- /dev/null +++ b/zh-cn/source/code-style.html @@ -0,0 +1,461 @@ +<html devsite><head> + <title>面向贡献者的代码样式指南</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>以下代码样式都是应严格遵守的规则(而非指南或建议)。如果所贡献的 Android 代码没有遵守以下规则,我们通常不会接受此类代码。<em></em>我们知道,并非所有的现有代码都遵守了这些规则,但我们希望所有新代码都能遵守这些规则。</p> + +<h2 id="java-language-rules">Java 语言规则</h2> +<p>Android 遵循标准 Java 编码规范以及下文所述的其他规则。</p> + +<h3 id="dont-ignore-exceptions">请勿忽略异常</h3> +<p>开发者可能会倾向于编写完全忽略异常的代码,例如:</p> +<pre><code>void setServerPort(String value) { + try { + serverPort = Integer.parseInt(value); + } catch (NumberFormatException e) { } +} +</code></pre> +<p>千万不要这样做。虽然您可能认为自己的代码永远不会遇到这种错误,或者无需费心处理这种错误,但像上例那样忽略异常会在您的代码中埋下隐患,这种错误总有一天会被他人触发。您必须有原则地处理代码中的每个异常;具体处理方式因情况而异。</p> +<p><em>无论何时,只要遇到空的 catch 子句,就应该保持警惕。当然,在某些时候,空的 catch 语句确实没什么问题,但至少你得想一想。在 Java 中,你怎么小心都不为过。</em>-<a href="http://www.artima.com/intv/solid4.html">James Gosling</a></p> +<p>可接受的替代方案(按优先顺序排列)包括:</p> +<ul> +<li>将异常抛给方法调用者。 +<pre><code>void setServerPort(String value) throws NumberFormatException { + serverPort = Integer.parseInt(value); +} +</code></pre> +</li> +<li>抛出一个适合您的抽象级别的新异常。 +<pre><code>void setServerPort(String value) throws ConfigurationException { + try { + serverPort = Integer.parseInt(value); + } catch (NumberFormatException e) { + throw new ConfigurationException("Port " + value + " is not valid."); + } +} +</code></pre> +</li> +<li>妥善处理错误,并替换 catch {} 块中的相应值。 +<pre><code>/** Set port. If value is not a valid number, 80 is substituted. */ + +void setServerPort(String value) { + try { + serverPort = Integer.parseInt(value); + } catch (NumberFormatException e) { + serverPort = 80; // default port for server + } +} +</code></pre> +</li> +<li>捕获异常并抛出一个新的 <code>RuntimeException</code>。这样做比较危险,因此请仅在下述情况下采用这种方案:您确定,如果发生此错误,最适当的处理方式就是让应用崩溃。 +<pre><code>/** Set port. If value is not a valid number, die. */ + +void setServerPort(String value) { + try { + serverPort = Integer.parseInt(value); + } catch (NumberFormatException e) { + throw new RuntimeException("port " + value " is invalid, ", e); + } +} +</code></pre> +<p class="note"><strong>注意</strong>:原始异常会传递到 RuntimeException 的构造函数。如果您的代码必须采用 Java 1.3 进行编译,则必须忽略表示原因的异常。</p> +</li> +<li>最后一种方案:如果您确信忽略异常是合适的处理方式,那么您可以忽略异常,但您必须添加备注以充分说明理由:<pre><code>/** If value is not a valid number, original port number is used. */ +void setServerPort(String value) { + try { + serverPort = Integer.parseInt(value); + } catch (NumberFormatException e) { + // Method is documented to just ignore invalid user input. + // serverPort will just be unchanged. + } +} +</code></pre> +</li> +</ul> + +<h3 id="dont-catch-generic-exception">请勿捕获常规异常</h3> +<p>在捕获异常时,开发者可能会为了偷懒而倾向于采用以下处理方式:</p> +<pre><code>try { + someComplicatedIOFunction(); // may throw IOException + someComplicatedParsingFunction(); // may throw ParsingException + someComplicatedSecurityFunction(); // may throw SecurityException + // phew, made it all the way +} catch (Exception e) { // I'll just catch all exceptions + handleError(); // with one generic handler! +} +</code></pre> +<p>千万不要这样做。几乎所有情况下都不适合捕获常规异常或 Throwable(最好不要捕获 Throwable,因为它包含 Error 异常)。这样做非常危险,因为这意味着系统会在处理应用级错误期间捕获到您从未预料到的异常(包括 ClassCastException 之类的 RuntimeException)。它掩盖了代码的故障处理属性,也就是说,如果有人在您所调用的代码中添加了一种新类型的异常,编译器不会帮助您意识到您需要采取不同的方式来处理该错误。在大多数情况下,您不应以相同的方式处理不同类型的异常。</p> +<p>这条规则的特例是:在测试代码和顶级代码中,您希望捕获所有类型的错误(以防它们显示在界面中或者以便一直进行批处理作业)。在这些情况下,您可以捕获常规异常(或 Throwable)并适当地处理错误。但在这样做之前,请务必三思,然后添加备注以说明为何在此处执行这类操作是安全之举。</p> +<p>捕获常规异常的替代方案:</p> +<ul> +<li> +<p>在单个 try 之后将每个异常作为单独的 catch 块分别进行捕获。这样做可能显得比较笨拙,但仍比捕获所有异常更可取。请注意,不要在 catch 块中过多地重复使用代码。</p></li><p></p> + +<li> +<p>通过多个 try 块重构您的代码,使得错误处理过程更精细。从解析中分离出 IO,然后分别处理每种情况下的错误。</p> +</li> +<li> +<p>重新抛出异常。很多时候,您无需在该级别捕获异常,只需让相应方法抛出异常即可。</p> +</li> +</ul> +<p>请谨记:异常是您的朋友!当编译器抱怨您没有捕获异常时,别闷闷不乐!您应该微笑:因为编译器让您能够更加轻松地捕获代码中的运行时错误。</p> +<h3 id="dont-use-finalizers">请勿使用终结器</h3> +<p>终结器可以在对象被垃圾回收器回收时执行一段代码。虽然终结器非常便于进行资源清理(尤其是外部资源),但并不能保证终结器何时被调用(甚至根本不会被调用)。</p> +<p>Android 不使用终结器。在大多数情况下,您可以通过良好的异常处理流程实现终结器功能。如果您的确需要终结器,请定义一个 close() 方法(或类似方法),并注明需要调用该方法的确切时间(有关示例,请参阅 InputStream)。这种情况下,可以(但并非必须)在终结器中输出简短的日志消息,前提是不会输出大量日志消息。</p> + +<h3 id="fully-qualify-imports">完全合格的导入</h3> +<p>当您想要使用 foo 包中的 Bar 类时,可以使用以下两种方式导入:</p> +<ul> +<li><code>import foo.*;</code> +<p>可能会减少 import 语句的数量。</p></li> +<li><code>import foo.Bar;</code> +<p>明确指出实际使用了哪些类,而且代码对于维护者来说更易读。</p></li></ul> +<p>使用 <code>import foo.Bar;</code> 导入所有 Android 代码。在 Java 标准库(<code>java.util.*</code>、<code>java.io.*</code> 等)和单元测试代码 (<code>junit.framework.*</code>) 中创建显式异常。</p> + +<h2 id="java-library-rules">Java 库规则</h2> +<p>使用 Android 的 Java 库和工具需要遵守相关规范。在某些情况下,具体规范发生了一些重大变化,旧代码可能使用的是已弃用的模式或库。使用此类代码时,可以继续遵循现有样式。不过,在创建新组件时,请不要再使用已弃用的库。</p> + +<h2 id="java-style-rules">Java 样式规则</h2> + +<h3 id="use-javadoc-standard-comments">使用 Javadoc 标准备注</h3> +<p>每个文件都应该在顶部放置版权声明,其后是 package 和 import 语句(各个块之间用空行分隔),最后是类或接口声明。在 Javadoc 备注中说明类或接口的作用。</p> +<pre><code>/* + * Copyright (C) 2015 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.android.internal.foo; + +import android.os.Blah; +import android.view.Yada; + +import java.sql.ResultSet; +import java.sql.SQLException; + +/** + * Does X and Y and provides an abstraction for Z. + */ + +public class Foo { + ... +} +</code></pre> +<p><em></em>您编写的每个类和重要的公开方法都必须包含 Javadoc 备注,至少用一句话说明类或方法的用途。句式应以第三人称描述性动词开头。</p> +<p>示例:</p> +<pre><code>/** Returns the correctly rounded positive square root of a double value. */ +static double sqrt(double a) { + ... +} +</code></pre> +<p>或</p> +<pre><code>/** + * Constructs a new String by converting the specified array of + * bytes using the platform's default character encoding. + */ +public String(byte[] bytes) { + ... +} +</code></pre> +<p>对于普通的 get 和 set 方法(如 <code>setFoo()</code>),您无需编写 Javadoc,要写也不过是“设置 Foo”。如果该方法执行更复杂的操作(例如强制实施约束条件或具有重大副作用),那么您必须添加备注。如果属性“Foo”的意思不明确,您也应该添加备注。 +</p><p>您所编写的每一种方法(无论是公开方法还是其他方法)都将受益于 Javadoc。公开方法是 API 的一部分,因此需要 Javadoc。Android 目前并不强制要求采用特定样式来编写 Javadoc 备注,但建议您参照<a href="http://www.oracle.com/technetwork/java/javase/documentation/index-137868.html">如何为 Javadoc 工具编写文档备注</a>中的说明。</p> + +<h3 id="write-short-methods">编写简短方法</h3> +<p>在可行的情况下,尽量编写短小精炼的方法。我们了解,有些情况下较长的方法是恰当的,因此对方法的代码长度没有做出硬性限制。如果某个方法的代码超出 40 行,请考虑是否可以在不破坏程序结构的前提下对其拆解。</p> + +<h3 id="define-fields-in-standard-places">在标准位置定义字段</h3> +<p>在文件的顶部或者在使用它们的方法之前定义字段。</p> + +<h3 id="limit-variable-scope">限制变量的作用域</h3> +<p>尽可能缩小局部变量的作用域。这样做有助于提高代码的可读性和可维护性,并降低出错的可能性。每个变量应该在包含变量所有使用场合的最内层的块中进行声明。</p> +<p>局部变量应该在首次使用时声明。几乎每个局部变量声明都应该包含一个初始化程序。如果您还没有足够的信息来合理地初始化某个变量,请推迟到信息充足时再进行声明。</p> +<p>try-catch 语句是例外情况。如果通过一个会抛出受检异常的方法的返回值来初始化变量,则必须在 try 块中进行初始化。如果该值必须在 try 块之外使用,那么您必须在 try 块之前对其进行声明,因为它在 try 块中尚无法合理地初始化:</p> +<pre><code>// Instantiate class cl, which represents some sort of Set +Set s = null; +try { + s = (Set) cl.newInstance(); +} catch(IllegalAccessException e) { + throw new IllegalArgumentException(cl + " not accessible"); +} catch(InstantiationException e) { + throw new IllegalArgumentException(cl + " not instantiable"); +} + +// Exercise the set +s.addAll(Arrays.asList(args)); +</code></pre> +<p>不过,即使是这种情况,也可以通过将 try-catch 块封装在某个方法中来避免:</p> +<pre><code>Set createSet(Class cl) { + // Instantiate class cl, which represents some sort of Set + try { + return (Set) cl.newInstance(); + } catch(IllegalAccessException e) { + throw new IllegalArgumentException(cl + " not accessible"); + } catch(InstantiationException e) { + throw new IllegalArgumentException(cl + " not instantiable"); + } +} + +... + +// Exercise the set +Set s = createSet(cl); +s.addAll(Arrays.asList(args)); +</code></pre> +<p>循环变量应该在 for 语句本身中进行声明,除非有令人信服的理由不这么做:</p> +<pre><code>for (int i = 0; i < n; i++) { + doSomething(i); +} +</code></pre> +<p>和</p> +<pre><code>for (Iterator i = c.iterator(); i.hasNext(); ) { + doSomethingElse(i.next()); +} +</code></pre> + +<h3 id="order-import-statements">为 import 语句排序</h3> +<p>import 语句的顺序为:</p> +<ol> +<li> +<p>导入 Android 包</p> +</li> +<li> +<p>导入第三方包(<code>com</code>、<code>junit</code>、<code>net</code>、<code>org</code>)</p> +</li> +<li> +<p><code>java</code> 和 <code>javax</code></p> +</li> +</ol> +<p>要完全符合 IDE 设置,导入顺序应为:</p> +<ul> +<li> +<p>每个分组内按字母顺序排序,其中大写字母开头的语句位于小写字母开头的语句前面(例如 Z 在 a 前面)。</p> +</li> +<li> +<p>每个主要分组(<code>android</code>、<code>com</code>、<code>junit</code>、<code>net</code>、<code>org</code>、<code>java</code>、<code>javax</code>)之间用空行隔开。</p> +</li> +</ul> +<p>最初对于语句顺序并没有样式要求,这意味着 IDE 经常会改变顺序,或者 IDE 开发者必须停用自动导入管理功能并手动维护导入语句。这样相当不方便。当提及 Java 样式时,开发者们喜欢的样式五花八门,最终针对 Android 简单归结为“选择一种兼容一致的排序方式”。因此我们选择了一种样式,更新了样式指南,并让 IDE 遵循该指南。我们希望 IDE 用户在编写代码时,系统对所有软件包的导入都符合此模式,无需再进行额外的工程处理。</p> +<p>这种样式是按以下原则选取的:</p> +<ul> +<li> +<p>用户希望先看到的导入往往位于顶部 (<code>android</code>)。</p> +</li> +<li> +<p>用户最不希望看到的导入往往位于底部 (<code>java</code>)。</p> +</li> +<li> +<p>用户可以轻松遵循的样式。</p> +</li> +<li> +<p>IDE 可以遵循的样式。</p> +</li> +</ul> +<p>静态导入的使用和位置一直都存在争议。有些人希望静态导入穿插在其他导入语句之间,而有些人更希望其位于其他所有导入语句的上方或下方。此外,我们还没有确定如何让所有 IDE 都使用同一种顺序。由于许多人认为这个问题不太重要,因此您只需在保持一致的前提下自行决定即可。</p> + +<h3 id="use-spaces-for-indentation">使用空格缩进</h3> +<p>我们使用四 (4) 个空格来缩进块,而不要使用制表符。如果您有疑问,请与周围的代码保持一致。</p> +<p>我们使用八 (8) 个空格来缩进自动换行,包括函数调用和赋值。正确示例如下:</p> +<pre><code>Instrument i = + someLongExpression(that, wouldNotFit, on, one, line); +</code></pre> +<p>错误示例如下:</p> +<pre><code>Instrument i = + someLongExpression(that, wouldNotFit, on, one, line); +</code></pre> + +<h3 id="follow-field-naming-conventions">遵循字段命名规范</h3> +<ul> +<li> +<p>非公开且非静态字段的名称以 m 开头。</p> +</li> +<li> +<p>静态字段的名称以 s 开头。</p> +</li> +<li> +<p>其他字段以小写字母开头。</p> +</li> +<li> +<p>公开静态 final 字段(常量)为全部大写并用下划线连接 (ALL_CAPS_WITH_UNDERSCORES)。</p> +</li> +</ul> +<p>例如:</p> +<pre><code>public class MyClass { + public static final int SOME_CONSTANT = 42; + public int publicField; + private static MyClass sSingleton; + int mPackagePrivate; + private int mPrivate; + protected int mProtected; +} +</code></pre> +<h3 id="use-standard-brace-style">使用标准大括号样式</h3> +<p>左大括号不单独占一行,与其前面的代码位于同一行:</p> +<pre><code>class MyClass { + int func() { + if (something) { + // ... + } else if (somethingElse) { + // ... + } else { + // ... + } + } +} +</code></pre> +<p>我们需要在条件语句周围添加大括号。例外情况:如果整个条件语句(条件和主体)适合放在同一行,那么您可以(但不是必须)将其全部放在一行上。例如,我们接受以下样式:</p> +<pre><code>if (condition) { + body(); +} +</code></pre> +<p>同样也接受以下样式:</p> +<pre><code>if (condition) body(); +</code></pre> +<p>但不接受以下样式:</p> +<pre><code>if (condition) + body(); // bad! +</code></pre> + +<h3 id="limit-line-length">限制代码行长度</h3> +<p>您的代码中每一行文本的长度都应该不超过 100 个字符。<em></em>虽然关于此规则存在很多争论,但最终决定仍是以 100 个字符为上限,不过存在以下例外情况:</p> +<ul> +<li>如果备注行包含长度超过 100 个字符的示例命令或文字网址,那么为了便于剪切和粘贴,该行可以超过 100 个字符。</li> +<li>导入语句行可以超出此限制,因为用户很少会看到它们(这也简化了工具编写流程)。</li> +</ul> + +<h3 id="use-standard-java-annotations">使用标准 Java 注释</h3> +<p>注释应该位于同一语言元素的其他修饰符之前。简单的标记注释(例如 @Override)可以与语言元素列在同一行。如果有多个注释或参数化注释,则应各占一行并按字母顺序排列。</p> +<p>Java 中 3 个预定义注释的 Android 标准做法如下:</p> +<ul> +<li><code>@Deprecated</code>:在不建议使用注释元素时,必须使用 @Deprecated 注释。如果您使用 @Deprecated 注释,则还必须为其添加 @deprecated Javadoc 标记,并且该标记应该指定一个替代实现方案。另外请注意,@Deprecated 方法应该仍然可以使用。<em></em>如果您看到带有 @deprecated Javadoc 标记的旧代码,请添加 @Deprecated 注释。 +</li> +<li><code>@Override</code>:当某个方法替换了超类中的声明或实现时,必须使用 @Override 注释。例如,如果您使用 @inheritdocs Javadoc 标记,并且派生于某个类(而非接口),则必须再为方法添加 @Override 注释,说明该方法替换了父类的方法。</li> +<li><code>@SuppressWarnings</code>:@SuppressWarnings 注释应该仅在无法消除警告的情况下使用。<em></em>如果某个警告通过了“无法消除”测试,则必须使用 @SuppressWarnings 注释,以确保所有警告都会反映出代码中的实际问题。 +<p>当需要 @SuppressWarnings 注释时,必须在前面添加一个 TODO 备注,用于说明“无法消除”情况。这通常会标识出是哪个违规类使用了糟糕的接口。例如:</p> +<pre><code>// TODO: The third-party class com.third.useful.Utility.rotate() needs generics +@SuppressWarnings("generic-cast") +List<String> blix = Utility.rotate(blax); +</code></pre> +<p>当需要 @SuppressWarnings 注释时,您应该重构代码以分离出需要使用该注释的软件元素。</p> +</li> +</ul> + +<h3 id="treat-acronyms-as-words">将首字母缩写词视为字词</h3> +<p>在为变量、方法和类命名时,请将首字母缩写词和缩写形式视为字词,使名称更具可读性:</p> +<table> +<thead> +<tr> +<th>良好</th> +<th>不佳</th> +</tr> +</thead> +<tbody> +<tr> +<td>XmlHttpRequest</td> +<td>XMLHTTPRequest</td> +</tr> +<tr> +<td>getCustomerId</td> +<td>getCustomerID</td> +</tr> +<tr> +<td>class Html</td> +<td>class HTML</td> +</tr> +<tr> +<td>String url</td> +<td>String URL</td> +</tr> +<tr> +<td>long id</td> +<td>long ID</td> +</tr> +</tbody> +</table> +<p>由于 JDK 和 Android 代码库在首字母缩写词上非常不一致,几乎也不可能与周围的代码保持一致。因此,请务必将首字母缩写词视为字词。</p> + +<h3 id="use-todo-comments">使用 TODO 备注</h3> +<p>为代码使用 TODO 备注是短期的临时解决方案,或者说足够好但并不完美。TODO 备注应该以全部大写的字符串 TODO 开头,后跟一个冒号:</p> +<pre><code>// TODO: Remove this code after the UrlTable2 has been checked in. +</code></pre> +<p>和</p> +<pre><code>// TODO: Change this to use a flag instead of a constant. +</code></pre> +<p>如果您的 TODO 采用“在未来的某个日期做某事”的形式,请确保在其中包含一个非常具体的日期(“在 2005 年 11 月前修复”)或者一个非常具体的事件(“在所有生产环境合成器都可处理 V7 协议后移除此代码”)。</p> + +<h3 id="log-sparingly">谨慎使用日志记录</h3> +<p>虽然日志记录非常有必要,但对性能却有明显的负面影响,如果不能保持一定程度的简洁性,就会迅速失去其实用性。日志记录工具提供以下 5 种不同级别的日志记录:</p> +<ul> +<li><code>ERROR</code>:在出现极其严重的情况时使用。例如,某些事件会导致用户可见的后果,如果不明确删除某些数据、卸载应用、清除数据分区或重写整个设备(或更糟),则无法恢复。系统一直会记录此级别的日志。一般情况下,最好向统计信息收集服务器报告能够说明 ERROR 级别的一些日志记录情况的问题。</li> +<li><code>WARNING</code>:在出现比较严重和意外的情况时使用。例如,某些事件会导致用户可见的后果,但是通过执行某些明确的操作(从等待或重启应用,一直到重新下载新版应用或重新启动设备)可在不丢失数据的情况下恢复。系统一直会记录此级别的日志。可以考虑向统计信息收集服务器报告能够说明 WARNING 级别的一些日志记录情况的问题。</li> +<li><code>INFORMATIVE:</code>用于记录大多数人感兴趣的信息。例如,当检测到某种情况会造成广泛的影响时,尽管不一定是错误,系统也会记录下来。这种情况应该仅由一个被视为该领域最具权威性的模块来记录(避免由非权威组件重复记录)。系统一直会记录此级别的日志。 +</li> +<li><code>DEBUG</code>:用于进一步记录设备上发生的可能与调查和调试意外行为相关的情况。您应该只记录收集有关组件的足够信息所需的信息。如果您的调试日志是主要日志,那么您可能应采用 VERBOSE 级别的日志记录。 +<p>系统会记录此级别的日志(即使在发布版本中),并且周围要有 <code>if (LOCAL_LOG)</code> 或 <code>if (LOCAL_LOGD)</code> 块,其中 <code>LOCAL_LOG[D]</code> 在您的类或子组件中定义。这样一来,系统有可能停用所有此类日志记录。因此,<code>if (LOCAL_LOG)</code> 块中不得包含有效逻辑。为日志编译的所有字符串也需要放在 <code>if +(LOCAL_LOG)</code> 块中。如果日志记录调用会导致字符串编译在 <code>if (LOCAL_LOG)</code> 块之外发生,则不应将其重构为方法调用。</p> +<p>有些代码仍然在使用 <code>if (localLOGV)</code>。虽然名称并不规范,但也可接受。</p> +</li> +<li><code>VERBOSE</code>:用于记录其他所有信息。系统仅针对调试版本记录此级别的日志,并且周围要有 <code>if (LOCAL_LOGV)</code> 块(或同类块),以便能够默认编译。所有字符串编译都将从发布版本中删除,并且需要在 <code>if (LOCAL_LOGV)</code> 块中显示。 +</li> +</ul> +<p><em>注意事项:</em> </p> +<ul> +<li>在指定模块中,除了 VERBOSE 级别之外,一个错误应该只报告一次(如果可能的话)。在模块内的单个函数调用链中,只有最内层的函数应当返回错误,同一模块中的调用者只能添加一些明显有助于隔离问题的日志记录。</li> +<li>在一个模块链中,除了 VERBOSE 级别之外,当较低级别的模块检测到来自较高级别模块的无效数据时,低级模块应该只在 DEBUG 日志中记录该情况,并且仅当该日志提供的信息对调用者来说无法获取时进行记录。具体来说,当抛出异常(异常中应该会包含所有相关信息)或者所记录的所有信息都包含在错误代码中时,则不需要记录此类情况。这在框架和应用之间的交互中尤为重要,而且由第三方应用造成的情况经过框架妥善处理后,不应该触发高于 DEBUG 级别的日志记录。应该触发 INFORMATIVE 级别或更高级别日志记录的唯一情况是,模块或应用在其自身级别或更低级别检测到错误。</li> +<li>当事实证明某些日志记录可能会发生多次时,最好实施一种频率限制机制来防止出现具有相同(或非常相似)信息的大量重复日志副本。</li> +<li>失去网络连接属于完全在预期之内的常见情况,没必要记录下来。如果失去网络连接后导致在应用内出现某种后果,则应该记录为 DEBUG 或 VERBOSE 级别(具体取决于后果是否足够严重以及足够意外,足以记录在发布版本中)。</li> +<li>如果在第三方应用可访问或代表第三方应用的文件系统上拥有完整的文件系统,则不应该记录高于 INFORMATIVE 级别的日志。</li> +<li>来自任何不受信任来源(包括共享存储空间中的任何文件或通过任何网络连接获取的数据)的无效数据被视为符合预期,在被检测到无效时不应触发高于 DEBUG 级别的任何日志记录(甚至应该尽可能地限制日志记录)。</li> +<li>请注意,在对 String 使用 <code>+</code> 运算符时,它会隐式创建一个具有默认缓冲区(大小为 16 个字符)的 <code>StringBuilder</code>,还可能会创建其他临时 String 对象。例如,显式创建 StringBuilder 并不比依赖默认的“+”运算符成本更高(实际上可能更高效)。请注意,即使没有读取日志信息,调用 <code>Log.v()</code> 的代码也会在发布版本中进行编译和执行,包括编译字符串。</li> +<li>任何供其他人阅读并且在发布版本中提供的日志记录都应当简洁明了、合理易懂。这包括一直到 DEBUG 级别的所有日志记录。</li> +<li>在内容有意义的情况下尽可能使日志记录在一行之内。一行长度在 80 到 100 个字符内是完全可以接受的,应当尽可能避免长度超过 130 或 160 个字符(包括标记的长度)。</li> +<li>绝不能使用高于 VERBOSE 级别的日志记录报告成功事件。</li> +<li>用于诊断难以重现的问题的临时日志记录应采用 DEBUG 或 VERBOSE 级别,并且应当包裹在 if 块中,以便在编译期间将其完全停用。</li> +<li>请务必谨慎,避免在日志中泄露安全方面的信息。应避免提供个人信息,且必须避免提供有关受保护内容的信息。这在编写框架代码时尤为重要,因为事先无法轻易得知哪些是个人信息或受保护的内容,哪些不是。</li> +<li>请勿使用 <code>System.out.println()</code>(或针对原生代码使用 <code>printf()</code>)。System.out 和 System.err 会重定向到 /dev/null,因此您的 print 语句不会产生可见效果。不过,为这些调用编译的所有字符串仍会得以执行。</li> +<li><em>日志记录的黄金法则是,您的日志不一定要将其他日志排挤出缓冲区,正如其他日志不会这样对您的日志一样。</em></li> +</ul> + +<h3 id="be-consistent">保持一致</h3> +<p>总而言之:保持一致。如果您正在修改代码,请花几分钟时间看一下周围的代码并确定其样式。如果该代码在 if 语句周围使用空格,那么您也应该这样做。如果代码备注的周围是用星号组成的小方框,您也应该将备注放在这样的小方框内。</p> +<p>制定样式规范的目的是整理出通用的编码词汇表,以便人们可以专注于您所说的内容,而不是您表达的方式。我们在此提出整体样式规则,让用户都知道这一词汇表,但局部样式也很重要。如果您添加到文件的代码看起来与其周围的现有代码明显不同,那么当读者读到此处时,这些代码会打乱他们的节奏。请尽量避免这种情况。</p> + +<h2 id="javatests-style-rules">Javatests 样式规则</h2> +<p>请遵循测试方法的命名规范,并使用下划线将被测试的内容与被测试的具体情况区分开来。这种样式可让您更容易看出正在测试的情况。例如:</p> +<pre><code>testMethod_specificCase1 testMethod_specificCase2 + +void testIsDistinguishable_protanopia() { + ColorMatcher colorMatcher = new ColorMatcher(PROTANOPIA) + assertFalse(colorMatcher.isDistinguishable(Color.RED, Color.BLACK)) + assertTrue(colorMatcher.isDistinguishable(Color.X, Color.Y)) +} +</code></pre> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/community.html b/zh-cn/source/community.html new file mode 100644 index 00000000..deb48422 --- /dev/null +++ b/zh-cn/source/community.html @@ -0,0 +1,235 @@ +<html devsite><head> + <title>Android 社区</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>我们诚邀您加入 Android 社区!</p> + +<p>任何社区取得成功的关键都是良好的沟通。和大多数项目一样,Android 项目也是通过论坛进行沟通。由于 Android 是一个非常大的项目,包含很多组件,因此我们开设了许多论坛,而且每个论坛所侧重的主题都各不相同。您可以查看我们开设的<a href="#open-source-project-discussions">网上论坛</a>,并可以加入任何您感兴趣的论坛。您还可以在 <a href="#android-on-irc">IRC</a> 上讨论 Android。</p> + +<p>如果您需要 Android 界面或 Android 设备方面的帮助、想要详细了解 Android 更新或安全问题,或想要了解如何构建适用于 Android 平台的应用,请参阅下文中列出的<a href="#resources">资源</a>。</p> + +<h2 id="resources">资源</h2> + +<p>本网站中介绍了如何创建自定义 Android 堆栈、如何为设备和配件移植 Android,以及如何满足兼容性要求。Android 操作系统是用于存储文件的 Git 存储库,而不是可供下载的单个文件(.zip、.tar、.exe 等)。您可以按照<a href="downloading.html">下载源代码</a>页面中的说明开始进行 Android 源代码方面的事情。如需关于 Android 的其他信息,请参阅以下资源。</p> + +<table class="columns"> + +<tbody><tr><td> +<h4>使用 Android</h4> + +<h5>帮助中心</h5> +<a href="https://support.google.com/android/">概述</a><br /> +<a href="https://support.google.com/pixelphone/">Pixel 手机</a><br /> +<a href="https://support.google.com/nexus/">Nexus 手机/平板电脑</a><br /> +<a href="https://support.google.com/playedition">Google Play 版</a><br /> +<a href="https://support.google.com/androidauto/">Auto</a><br /> +<a href="https://support.google.com/androidtv/">TV</a><br /> +<a href="https://support.google.com/androidwear/">Wear</a><br /> +<a href="https://support.google.com/android/answer/3123680">应用</a> +<p></p> + +<h5>社区</h5> +<a href="#open-source-project-discussions">AOSP 社区</a><br /> +<a href="http://developer.android.com/support.html">开发者社区</a> +<p></p> + +<h5>发送反馈</h5> +<a href="/source/report-bugs.html">报告 AOSP 错误</a><br /> +<a href="https://code.google.com/p/android/issues/entry?template=Feature%20request">提出功能建议</a> +<p></p> + +</td> +<td> + +<h4>更新和安全</h4> + +<h5>Android 版本</h5> +<a href="https://www.android.com/history/#/marshmallow">Android 发展历程</a><br /> +<a href="https://www.android.com/versions/nougat-7-0/">当前版本</a> +<p></p> + +<h5>设备图片</h5> +<a href="https://developers.google.com/android/images">Nexus 和 Pixel 设备</a><br /> +<a href="https://support.google.com/android/answer/3094742">其他设备</a> +<p></p> + +<h5>安全方面的帮助</h5> +<a href="https://www.google.com/safetycenter/everyone/start/">Google 安全中心</a><br /> +<a href="https://support.google.com/android/answer/6215472">针对用户的提示</a><br /> +<a href="http://developer.android.com/training/articles/security-tips.html">针对开发者的提示</a><br /> +<a href="/security/index.html">平台安全</a> +<p></p> + +<h5>安全公告</h5> +<a href="/security/enhancements/index.html">版本增强功能</a><br /> +<a href="/security/bulletin/index.html">公告</a> +<p></p> + +</td> +<td> + +<h4>参与其中</h4> + +<h5>开发者资源</h5> +<a href="http://developer.android.com/">Developer.android.com</a><br /> +<a href="http://developer.android.com/support.html">开发者支持</a><br /> +<a href="http://android-developers.blogspot.com/">Android 开发者博客</a><br /> +<a href="https://developers.google.com/groups/">Google Developer Groups (GDG)</a><br /> +<a href="https://www.android.com/gms/">Google 移动服务 (GMS)</a> +<p></p> + +<h5>培训</h5> +<a href="https://developer.android.com/training/index.html">Google</a><br /> +<a href="https://www.udacity.com/google">Udacity</a> + +</td></tr><tr> +</tr></tbody></table> + +<h2 id="open-source-project-discussions">开放源代码项目论坛</h2> +<ul> +<li> +<p><em></em>android-platform:此论坛用于围绕 Android 开放源代码项目或平台技术进行一般讨论。</p> +<ul> +<li>通过 Google 网上论坛订阅:<a href="https://groups.google.com/forum/?fromgroups#!forum/android-platform">android-platform</a></li> +<li>通过电子邮件订阅:<a href="mailto:android-platform+subscribe@googlegroups.com">android-platform</a></li> +</ul> +</li> +<li> +<p><em></em>android-building:订阅此论坛后,您可以获取/提供编译 Android 源代码以及 Android 编译系统方面的讨论内容和帮助。如果您刚刚校验了源代码,并对如何将其转换为二进制文件有疑问,那就从这里开始吧!</p> +<ul> +<li>通过 Google 网上论坛订阅:<a href="https://groups.google.com/forum/?fromgroups#!forum/android-building">android-building</a></li> +<li>通过电子邮件订阅:<a href="mailto:android-building+subscribe@googlegroups.com">android-building</a></li> +</ul> +</li> +<li> +<p><em></em>android-porting:此论坛适合希望将 Android 移植到新设备的开发者。如果您想知道如何将 Android 源代码与硬件结合起来,该论坛非常适合您。您可以在此处讨论将 Android 移植到各种设备的细节,例如获取工具链、合并内核驱动程序、根据您的具体配置来设置或修改应用,等等。</p> +<ul> +<li>通过 Google 网上论坛订阅:<a href="https://groups.google.com/forum/?fromgroups#!forum/android-porting">android-porting</a></li> +<li>通过电子邮件订阅:<a href="mailto:android-porting+subscribe@googlegroups.com">android-porting</a> +</li> +</ul> +</li> +<li> +<p><em></em>android-contrib:此论坛适合想要为 Android 贡献代码的开发者。这是一个工作论坛,不适合进行一般讨论。要进行一般讨论,请前往 android-platform(有关为 Android 内核做贡献方面的讨论,请前往 android-kernel)。</p> +<ul> +<li>通过 Google 网上论坛订阅:<a href="https://groups.google.com/forum/?fromgroups#!forum/android-contrib">android-contrib</a></li> +<li>通过电子邮件订阅:<a href="mailto:android-contrib+subscribe@googlegroups.com">android-contrib</a> +</li> +</ul> +</li> +<li> +<p><em></em>android-kernel:此论坛适合想要为 Android 设备使用的 Linux 内核做贡献的开发者。如果您已下载内核代码,知道如何对其进行编译,并希望编写内核代码来支持 Android,这里非常适合您。<em></em>此论坛不适合讨论用户空间方面的主题(请参阅 android-platform);如果您在这里询问用户空间方面的问题,其他人将会制止您,让您不要再捣乱。</p> +<ul> +<li>通过 Google 网上论坛订阅:<a href="https://groups.google.com/forum/?fromgroups#!forum/android-kernel">android-kernel</a></li> +<li>通过电子邮件订阅:<a href="mailto:android-kernel+subscribe@googlegroups.com">android-kernel</a> +</li> +</ul> +</li><li> +<p><em></em>android-ota:此论坛适合研究 Android OTA 系统(生成 OTA 的恢复映像和脚本)的开发者。</p> +<ul> +<li>通过 Google 网上论坛订阅:<a href="https://groups.google.com/forum/?fromgroups#!forum/android-ota">android-ota</a></li> +<li>通过电子邮件订阅:<a href="mailto:android-ota+subscribe@googlegroups.com">android-ota</a></li> +</ul> +</li> +</ul> + +<h3 id="audience">受众群体</h3> +<p>这些论坛适合使用 Android 平台的开发者。我们欢迎每个人加入论坛,但前提是要遵守下述社区政策。我们的用户会互相帮助,包括“开放手机联盟”(Open Handset Alliance) 成员在内的很多专家也会在这些论坛中发帖。</p> +<p>只要主题在某种程度上与 Android 相关,我们都不会加以限制。不过,由于这些论坛非常繁忙,因此在发帖提问之前请先在归档内容中搜索一下,您也许会发现自己的问题已经有人解答过了。</p> + +<h3 id="getting-the-most-from-our-lists">充分利用我们的论坛</h3> +<p>在我们的论坛中发帖之前,请注意以下事项:</p> +<ul> +<li> +<p><em>阅读<a href="#mailing">我们的论坛章程</a>。</em> 该章程阐述了我们社区为数不多的规则和指南。</p> +</li> +<li> +<p><em>在论坛归档内容中搜索一下,看看您的问题是不是已经讨论过了。</em> 这有助于避免耗时的重复讨论。</p> +</li> +<li> +<p><em>使用明确、相关的内容主题。</em> 这对每个人都会有所帮助,包括那些尝试回答您问题的人,以及可能在日后查找相关信息的人。</p> +</li> +<li> +<p><em>在您的帖子中提供充足的详细信息。</em> 提供代码或日志片段、屏幕截图提示以及类似的详细信息有助于获得更理想的结果,并能促成更有效的讨论。要获得关于提问时如何措辞的实用指导,请参阅<a href="http://www.catb.org/%7Eesr/faqs/smart-questions.html">提问的智慧</a>。</p> +</li> +</ul> + +<h3 id="mailing">论坛规则</h3> +<p>我们喜欢简单,讨厌各种限制,因此我们的政策极其简要。以下规则说明了我们对 Android 论坛订阅者的要求。 + +</p><ul> +<li><em></em>请保持友善的态度:对他人保持礼貌和尊重是 Android 文化的重要组成部分,我们希望参与 Android 社区的每个人都和我们一样毫无保留地接受这一点。保持礼貌并不意味着我们彼此之间不能以具有建设性的方式表达异议,但我们在表达异议时必须要有礼貌。无论出于任何原因,都不能敌视或轻视任何人;如果您认为自己有这种情绪,那么在发帖之前请三思。移动开发是一项非常严肃的业务,但也有很多乐趣。让我们保持这种状态,努力打造最友善的开放源代码社区之一。 +</li> +<li><em></em>允许讨论的主题:我们的大多数论坛都用于讨论 Android 方面的技术内容或方便用户互相帮助。一般情况下,我们不会对在论坛中讨论的主题进行严格限制:只要主题在某种程度上与 Android 相关,都可以在我们的论坛中进行讨论。我们欢迎大家公布和讨论与 Android 相关的产品、库、出版物和其他有趣的新闻,但请不要同时在多个论坛中发帖。请仅在与您的内容最相关的论坛中发帖。我们甚至欢迎讨论批判 Android 的文章和想法(但请保持礼貌!)- 毕竟,如果我们不听取意见,就无法改进。 +</li> +<li><em></em>工作论坛:我们的某些论坛被视为“工作论坛”(即旨在用于支持完成特定任务的论坛)。在这些论坛中,我们不欢迎与主题无关的讨论。如果您要进行一般讨论,我们通常会要求您使用其他论坛。由于人们会利用这些论坛来尝试完成相关工作,因此我们会采取积极的举措来减少无关的内容。我们希望您能够尊重贡献者们的宝贵时间,并使用适当的论坛进行一般讨论。 +</li> +<li><em></em>垃圾内容:我们非常讨厌垃圾内容,这种心情正如我们崇尚礼貌和尊重一样强烈,因此我们保留限制垃圾讨论内容的权利。如果有人发布纯属垃圾的内容,我们会立即并永久禁止发布者使用相应论坛。 +</li> +</ul> +<p>友善是最重要的规则。请谨记:在任何情况下,我们的社区都不欢迎不尊重他人和粗鲁的行为。我们没有制定正式的政策来对付捣乱者,也希望永远都不需要制定这样的政策。也就是说,我们承诺会尽最大努力保证公平,并且我们始终会先尝试警告对方,警告无果后再禁止其使用相应论坛。</p> + +<h3 id="contacting">与管理员联系</h3> +<p>如果您发现有人言行粗鲁,请制止他们。您也是相应论坛的一份子,因此您不必因为他人的无礼行为不是针对您而予以容忍。切记要有礼有节!请勿火上浇油。</p> +<p>不过,如果您发现难以容忍的违规行为,想要举报垃圾内容,对某些事物有强烈情绪或只是想聊天,请与论坛所有者联系。这是我们的职责所在!</p> + +<h3 id="using-email-with-google-groups">使用电子邮件参与 Google 网上论坛</h3> +<p>您可以使用选择的电子邮件客户端参与论坛,而不是使用 <a href="https://groups.google.com/">Google 网上论坛</a>网站。要在不使用 Google 网上论坛网站的情况下订阅某个论坛,请使用上述论坛中“通过电子邮件订阅”后的链接。</p> +<p>要设置如何通过电子邮件接收论坛帖子,请执行以下操作:</p> +<ol> +<li> +<p>通过 Google 网上论坛网站登录到相应论坛。例如,对于 android-platform 论坛,请使用 <a href="https://groups.google.com/forum/?fromgroups#!forum/android-platform">https://groups.google.com/forum/?fromgroups#!forum/android-platform</a>。</p> +</li> +<li> +<p>点击右侧的“我的成员资格”。</p> +</li> +<li> +<p>在“How do you want to read this group?”(您想如何阅读该论坛)下选择一个电子邮件选项。</p> +</li> +</ol> +<h2 id="android-on-irc">IRC 上的 Android</h2> +<p>Android 在 <a href="http://freenode.net/">freenode</a> 上有 IRC 频道。我们在 <a href="irc://irc.freenode.net/">irc.freenode.net</a> 上维护着两个官方 IRC 频道(通过该网站的 <a href="http://webchat.freenode.net/">freenode webchat</a> 部分访问)</p> +<ul> +<li> +<p><a href="irc://irc.freenode.net/android">#android</a> - 专门用于进行一般 Android 讨论以及讨论移植问题</p> +</li> +<li> +<p><a href="irc://irc.freenode.net/android-dev">#android-dev</a> - 专门用于讨论编写 Android 应用方面的问题</p> +</li> +</ul> +<p><em></em>该社区还使用了几个未进行正式管理的非官方频道。“开放手机联盟”不为非官方频道背书,并且我们不提供任何明示或暗示的保证,因此使用这些频道时您要自行承担风险。下面列出了几个非官方频道(可能还有更多):</p> + +<ul> +<li> +<p><a href="irc://irc.freenode.net/android-firehose">#android-firehose</a> - 实时显示提交到 Android 开放源代码项目的内容</p> +</li> +<li> +<p><a href="irc://irc.freenode.net/android-fr">#android-fr</a> - pour discuter d'Android en français</p> +</li> +<li> +<p><a href="irc://irc.freenode.net/android-offtopic">#android-offtopic</a> - 用于进行题外话讨论</p> +</li> +<li> +<p><a href="irc://irc.freenode.net/android-root">#android-root</a> - 用于讨论与超出说明书范围使用硬件有关的问题</p> +</li> +</ul> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/contributing.html b/zh-cn/source/contributing.html new file mode 100644 index 00000000..5a10f4e6 --- /dev/null +++ b/zh-cn/source/contributing.html @@ -0,0 +1,39 @@ +<html devsite><head> + <title>做出贡献</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>感谢您对 Android 的关注!您可以通过以下几种方式进入 Android 的世界并帮助我们改进 Android。如需了解 Android 项目的背景和我们的目标,请查看<a href="/source/index.html">概览</a>页面。</p> +<h2 id="report-bugs">报告错误</h2> + +<p>您可以帮助我们改进 Android 的最简单和最有效的方式之一是提交错误。如需了解详情,请访问<a href="report-bugs.html">报告错误</a>页面。</p> +<p>请注意,我们无法保证会在任何特定版本中修复任何特定错误。要了解在您报告错误之后会出现什么情况,请阅读<a href="life-of-a-bug.html">错误的生命周期</a>。</p> + +<h2 id="develop-apps">开发应用</h2> +<p>我们构建 Android 的一个目标就是方便所有开发者通过一个开放的平台向用户分发应用。您可以帮助 Android 的最佳方式之一就是编写用户喜欢的超酷应用!</p> + +<p>要开始开发应用,请访问 <a href="https://developer.android.com">developer.android.com</a>。该网站为您提供了使用 SDK 编写适用于 Android 兼容设备的应用所需的信息和工具。</p> + +<h2 id="contribute-to-the-code">贡献代码</h2> +<p>代码是一切的基础。我们很乐意审核您提交的任何更改,因此请检查我们的源代码,找出错误或功能方面的可改进之处,然后开始编码。请注意,您提交的补丁程序越小、越有针对性,就越方便我们进行审核。</p> + +<p>要开始帮助改进 Android,您可以通过左侧的链接了解<a href="life-of-a-patch.html">补丁程序的生命周期</a>、<code>git</code>、<code>repo</code> 以及其他工具。您还可以在我们的 <a href="https://android-review.googlesource.com/">Gerrit 服务器</a>上查看所有贡献的动态。如果您在此过程中需要帮助,可以加入我们的<a href="/source/community.html">论坛</a>。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/developing.html b/zh-cn/source/developing.html new file mode 100644 index 00000000..cf146cc0 --- /dev/null +++ b/zh-cn/source/developing.html @@ -0,0 +1,153 @@ +<html devsite><head> + <title>开发</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>要处理 Android 代码,您需要同时使用 Git 和 Repo。在大多数情况下,您可以仅使用 Git(不必使用 Repo),或结合使用 Repo 和 Git 命令以组成复杂的命令。不过,使用 Repo 执行基本的跨网络操作可大大简化您的工作。</p> +<p><strong>Git</strong> 是一个开放源代码的版本控制系统,专用于处理分布在多个代码库上的大型项目。在 Android 环境中,我们会使用 Git 执行本地操作,例如建立本地分支、提交、查看更改、修改。打造 Android 项目所面临的挑战之一就是确定如何最好地支持外部社区 - 从业余爱好者社区到生产大众消费类设备的大型原始设备制造商 (OEM)。我们希望组件可以替换,并希望有趣的组件能够在 Android 之外自行发展。我们最初决定使用一种分布式修订版本控制系统,经过筛选,最后选中了 Git。</p> +<p><strong>Repo</strong> 是我们以 Git 为基础构建的代码库管理工具。Repo 可以在必要时整合多个 Git 代码库,将相关内容上传到我们的<a href="https://android-review.googlesource.com/">修订版本控制系统</a>,并自动执行 Android 开发工作流程的部分环节。Repo 并非用来取代 Git,只是为了让您在 Android 环境中更轻松地使用 Git。Repo 命令是一段可执行的 Python 脚本,您可以将其放在路径中的任何位置。使用 Android 源代码文件时,您可以使用 Repo 执行跨网络操作。例如,您可以借助单个 Repo 命令,将文件从多个代码库下载到本地工作目录。</p> +<p><strong>Gerrit</strong> 是一个基于网页的代码审核系统,适用于使用 Git 的项目。Gerrit 允许所有授权用户提交更改(如果通过代码审核,这些更改会自动纳入项目中),以此鼓励他们更集中地使用 Git。此外,Gerrit 可以在浏览器中并排显示更改,并支持代码内注释,使得审核工作变得更轻松。</p> +<p><strong>Android Studio</strong> 是用于开发 Android 应用的官方集成开发环境 (IDE)。如需了解详情,请参阅 <a href="http://developer.android.com/tools/studio/index.html">Android Studio 概览</a>。 + +</p><h2 id="basic-workflow">基本工作流程</h2> +<div class="attempt-right" style="width:200px"> + <img src="/images/submit-patches-0.png" alt="基本工作流程示意图" height="153px"/> + <p class="img-caption"> + <strong>图 1.</strong> Android 基本工作流程</p> +</div> + +<p>与代码库进行交互的基本模式如下:</p> +<ol> +<li> +<p>使用 <code>repo start</code> 新建一个主题分支。</p> +</li> +<li> +<p>修改文件。</p> +</li> +<li> +<p>使用 <code>git add</code> 暂存更改。</p> +</li> +<li> +<p>使用 <code>git commit</code> 提交更改。</p> +</li> +<li> +<p>使用 <code>repo upload</code> 将更改上传到审核服务器。</p> +</li> +</ol> +<h2 id="task-reference">任务参考</h2> +<p>以下任务列表简要总结了如何执行常见的 Repo 和 Git 任务。要了解如何使用 Repo 下载源代码,请参阅<a href="/source/downloading.html">下载源代码</a>和<a href="/source/using-repo.html">使用 Repo</a>。</p> +<h2 id="synchronizing-your-client">同步客户端</h2> +<p>要同步所有可用项目的文件,请运行以下命令:</p> +<pre><code>$ repo sync +</code></pre> +<p>要同步所选项目的文件,请运行以下命令:</p> +<pre><code>$ repo sync PROJECT0 PROJECT1 PROJECT2 ... +</code></pre> +<h2 id="creating-topic-branches">创建主题分支</h2> +<p>当您开始进行更改(例如当您开始处理错误或使用新功能)时,请在本地工作环境中新建一个主题分支。主题分支不是原始文件的副本;它代表着特定提交。这样一来,您可以轻松创建本地分支并在这些分支之间切换。通过使用分支,您可以将工作的某个方面与其他方面分隔开来。请参阅<a href="http://www.kernel.org/pub/software/scm/git/docs/howto/separating-topic-branches.txt">分隔主题分支</a>(一篇有关使用主题分支的趣味文章)。</p> +<p>要使用 Repo 新建一个主题分支,请转到要修改的项目并运行以下命令:</p> +<pre><code>$ repo start BRANCH_NAME . +</code></pre> +<p>请注意,句点代表当前工作目录中的项目。要验证您的新分支是否已创建,请运行以下命令:</p> +<pre><code>$ repo status . +</code></pre> +<h2 id="using-topic-branches">使用主题分支</h2> +<p>要将分支分配给特定项目,请运行以下命令:</p> +<pre><code>$ repo start BRANCH_NAME PROJECT_NAME +</code></pre> +<p>要查看所有项目的列表,请访问 <a href="https://android.googlesource.com/">android.googlesource.com</a>。再次提醒,如果您已转到特定的项目目录,可以简单地使用一个句点来表示当前项目。</p> + +<p>要切换到您已在本地工作环境中创建的另一个分支,请运行以下命令:</p> +<pre><code>$ git checkout BRANCH_NAME +</code></pre> +<p>要查看现有分支的列表,请运行以下命令:</p> +<pre><code>$ git branch +</code></pre> +<p>或</p> +<pre><code>$ repo branches +</code></pre> +<p>当前分支的名称前面将标注星号。</p> +<p class="note"><strong>注意</strong>:错误可能会导致 <code>repo sync</code> 重置本地主题分支。如果在您运行 <code>repo sync</code> 之后,<code>git branch</code> 显示 *(无分支),请再次运行 <code>git checkout</code>。</p> +<h2 id="staging-files">暂存文件</h2> +<p>默认情况下,Git 会检测到您在项目中所做的更改,但不会跟踪这些更改。要让 Git 保存您的更改,您必须将更改标记为包含在提交中。这也称为“暂存”。</p> +<p>您可以通过运行以下命令来暂存更改:</p> +<pre><code>git add +</code></pre> +<p>对于此命令,项目目录中的任何文件或目录都可作为参数。<code>git add</code> 并不像其名称表示的这样只是简单地将文件添加到 Git 代码库,它还可以用于暂存文件的修改和删除的内容。</p> +<h2 id="viewing-client-status">查看客户端状态</h2> +<p>要列出文件的状态,请运行以下命令:</p> +<pre><code>$ repo status +</code></pre> +<p>要查看未提交的修改,请运行以下命令:</p> +<pre><code>$ repo diff +</code></pre> +<p>如果您准备立即提交,运行 <code>repo diff</code> 命令可让系统显示您所做的不会包含在提交中的每一项本地更改。<em></em>如果您准备立即提交,要查看将包含在提交中的每一项更改,您需要运行 Git 命令 <code>git diff</code>。在运行该命令之前,请确保您已转到项目目录下:</p> +<pre><code>$ cd ~/WORKING_DIRECTORY/PROJECT +$ git diff --cached +</code></pre> +<h2 id="committing-changes">提交更改</h2> +<p>在 Git 中,提交是修订版本控制的基本单位,包含目录结构的快照以及整个项目的文件内容。在 Git 中创建提交很简单,只需输入以下命令即可:</p> +<pre><code>git commit +</code></pre> +<p>系统会提示您使用惯用的编辑器提供一条提交消息;请为您提交到 AOSP 的所有更改都提供一条会有帮助作用的消息。如果您没有添加日志消息,提交将会终止。</p> +<h2 id="uploading-changes-to-gerrit">将更改上传到 Gerrit</h2> +<p>上传之前,请先更新为最新修订版本:</p> +<pre><code>repo sync +</code></pre> +<p>然后运行以下命令:</p> +<pre><code>repo upload +</code></pre> +<p>运行此命令后,系统会随即列出您已提交的更改,并提示您选择要上传到审核服务器的分支。如果只有一个分支,您会看到一个简单的 <code>y/n</code> 提示符。</p> +<h2 id="recovering-sync-conflicts">恢复同步冲突</h2> +<p>如果 <code>repo sync</code> 显示同步冲突,请执行以下操作:</p> +<ul> +<li>查看未合并的文件(状态代码 = U)。</li> +<li>根据需要修改存在冲突的地方。</li> +<li> +<p>在相关项目目录中进行更改,为相关文件运行 <code>git add</code> 和 <code>git commit</code>,然后对这些更改执行“衍合”(rebase) 命令。例如:</p> +<pre><code>$ git add . +$ git commit +$ git rebase --continue +</code></pre> +</li> +<li> +<p>当衍合完成后,再一次开始整个同步过程:</p> +<pre><code>$ repo sync PROJECT0 PROJECT1 ... PROJECTN +</code></pre> +</li> +</ul> +<h2 id="cleaning-up-your-client-files">清理您的客户端文件</h2> +<p>要在更改合并到 Gerrit 中后更新您的本地工作目录,请运行以下命令:</p> +<pre><code>$ repo sync +</code></pre> +<p>要安全移除已过时的主题分支,请运行以下命令:</p> +<pre><code>$ repo prune +</code></pre> +<h2 id="deleting-a-client">删除客户端</h2> +<p>由于所有状态信息都会存储在客户端中,您只需从文件系统中删除相应目录即可:</p> +<pre><code>$ rm -rf WORKING_DIRECTORY +</code></pre> +<p><em></em>删除客户端将永久删除您尚未上传以供审核的任何更改。</p> +<h2 id="git-and-repo-cheatsheet">Git 和 Repo 快速参考表</h2> +<img src="/images/git-repo-1.png" alt="基本 Git 和 Repo 命令列表" id="figure2"/> +<p class="img-caption"> + <strong>图 2.</strong> 基本 Git 和 Repo 命令</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/devices.html b/zh-cn/source/devices.html new file mode 100644 index 00000000..d796fa3e --- /dev/null +++ b/zh-cn/source/devices.html @@ -0,0 +1,113 @@ +<html devsite><head> + <title>选择设备</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>您可以使用 Android 开放源代码项目 (AOSP) 版本和针对特定硬件的相关二进制文件来开发适用于 Nexus 设备的版本。要查看可用的 Android 版本和针对的 Nexus 设备,请参阅<a href="/source/build-numbers.html#source-code-tags-and-builds">源代码、标记和版本</a>。</p> + +<p class="note"><b>注意</b>:由于硬件差异,切勿在原本搭载 Android 4.1.2 或更高版本销售的 Nexus 7 上使用 Android 4.1.1。</p> + +<p>您也可以开发适用于 <a href="https://android.googlesource.com/device/linaro/hikey/">HiKey</a> Android 参考开发板(如下所述)的版本。参考开发板旨在协助非 Nexus 组件供应商开发驱动程序并将其移植到各 Android 版本。使用参考开发板可以简化升级工作,缩短将新 Android 设备推向市场所需的时间,降低设备成本(因为使用参考开发板时,原始设计制造商 (ODM)/原始设备制造商 (OEM) 可以从更多兼容组件中进行选择),并加快组件供应商的创新速度。</p> + +<h2 id="hikey-boards">HiKey 开发板</h2> + +<p>Google 支持使用 <a href="https://www.96boards.org/products/ce/hikey/">HiKey</a>(经认证的 <a href="http://www.96boards.org/">96Board</a>)作为 Android 参考开发板。AOSP 可为 HiKey 提供内核源代码和开发板支持,让开发者能够轻松开发和调试新的及现有的外围设备驱动程序,进行内核开发,并以更少的原始设备制造商 (OEM) 费用执行其他任务。</p> + +<p>HiKey 开发板由 <a href="http://www.lenovator.com">Lenovator</a> 提供,有 <a href="http://www.lenovator.com/product/86.html">1GB RAM</a> 和 <a href="http://www.lenovator.com/product/90.html">2GB RAM</a> 配置可供选择:</p> + +<img src="images/hikey-board.png" alt="HiKey 开发板图片"/> +<p class="img-caption"><strong>图 1.</strong> Lenovator 提供的 HiKey 开发板</p> + +<p>其他资源:</p> +<ul> +<li> +<a href="https://www.96boards.org/wp-content/uploads/2015/02/96Boards-Hikey-Rev-A1.pdf">HiKey 示意图</a></li> +<li> +<a href="https://www.96boards.org/wp-content/uploads/2015/02/HiKey_User_Guide_Rev0.2.pdf">HiKey 用户指南</a></li> +<li> +<a href="https://github.com/96boards/documentation/wiki/HiKey-Home">HiKey Wiki</a></li> +</ul> + +<h2 id="running-android-hikey">在 HiKey 上运行 Android</h2> + +<p>您可以使用以下命令下载、编译 Android 并在 HiKey 开发板上运行 Android。</p> + +<h3 id="compiling-userspace">编译用户空间</h3> +<ol> +<li>下载 Android 源代码树:<br /> +<pre><code>$ repo init -u <a href="https://android.googlesource.com/platform/manifest">https://android.googlesource.com/platform/manifest</a> -b master<br /> +$ repo sync -j24</code></pre></li> +<li>下载 HDMI 二进制文件,并将其解压到 Android 源代码树中:<br /> +<pre><code>$ wget <a href="https://dl.google.com/dl/android/aosp/linaro-hikey-20160226-67c37b1a.tgz">https://dl.google.com/dl/android/aosp/linaro-hikey-20160226-67c37b1a.tgz</a><br /> +$ tar xzf linaro-hikey-20160226-67c37b1a.tgz<br /> +$ ./extract-linaro-hikey.sh</code></pre></li> +<li>安装 mcopy 实用工具:<br /> +<pre><code>$ apt-get install mtools</code></pre></li> +<li>编译:<br /> +<pre><code>$ . ./build/envsetup.sh<br /> +$ lunch hikey-userdebug<br /> +$ make -j32</code></pre></li> +</ol> + +<p class="note"><b>注意</b>:如果是 4GB eMMC,请不要使用 <code>$ make -j32</code>,而是要使用 <code>$ make -j32 TARGET_USERDATAIMAGE_4GB=true</code>。</p> + +<h3 id="installing-fastboot-ptable">安装初始 fastboot 和 ptable</h3> +<ol> +<li>连接 J15 1-2 和 3-4 引脚,从而选择特殊的引导加载程序模式(有关详情,请参阅 <a href="https://www.96boards.org/wp-content/uploads/2015/02/HiKey_User_Guide_Rev0.2.pdf">HiKey 用户指南</a>)。</li> +<li>将 USB 连接到 PC,以获取 ttyUSB 设备(例如:<code>/dev/ttyUSB1</code>)。</li> +<li>为开发板接通电源:<br /> +<pre><code>$ cd device/linaro/hikey/installer/hikey<br /> +$ ./flash-all.sh /dev/ttyUSB1 [4g]</code></pre></li> +<li>取下跳线 3-4,并为开发板接通电源。</li> +</ol> + +<h3 id="flashing-images">将映像刷到设备上</h3> +<ol> +<li>连接 J15 1-2 和 5-6 引脚,从而进入 fastboot 模式。</li> +<li>运行以下命令:<br /> +<pre><code>$ fastboot flash boot out/target/product/hikey/boot.img<br /> +$ fastboot flash -w system out/target/product/hikey/system.img</code></pre></li> +<li>取下跳线 5-6,并为开发板接通电源。</li> +</ol> + +<h3 id="building-kernel">编译内核</h3> +<ol> +<li>运行以下命令:<br /> +<pre><code>$ git clone <a href="https://android.googlesource.com/kernel/hikey-linaro">https://android.googlesource.com/kernel/hikey-linaro</a><br /> +$ cd hikey-linaro<br /> +$ git checkout -b android-hikey-linaro-4.9 origin/android-hikey-linaro-4.9<br /> +$ make ARCH=arm64 hikey_defconfig<br /> +$ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-android- -j24</code></pre></li> +<li>将输出复制到 HiKey 内核目录 (<code>/kernel/hikey-linaro</code>):<ol style="list-style-type:lower-alpha"> +<li>将 hi6220-hikey.dtb (<code>arch/arm64/boot/dts/hisilicon/hi6220-hikey.dtb</code>) 复制到 HiKey 内核目录,并将其重命名为 hi6220-hikey.dtb-4.9。</li> +<li>将映像文件 <code>(arch/arm64/boot/Image-dtb</code>) 复制到 HiKey 内核目录,并将其重命名为 Image-dtb-4.9。</li></ol> +</li><li>制作启动映像:<pre> +$ make bootimage -j24 +</pre> +</li> +</ol> + +<h3 id="setting-resolution">设置显示器分辨率</h3> +<p>修改 <code>device/linaro/hikey/hikey/BoardConfig.mk</code> 参数 <code>BOARD_KERNEL_CMDLINE</code>,并配置 <code>video</code> 设置。以下是 24 英寸显示器的示例设置:<code>video=HDMI-A-1:1280x800@60</code>。</p> + +<h3 id="configuring-output">配置内核串行输出 (uart3)</h3> +<p>将 J2 低速扩展连接器设为 1 - Gnd、11 - Rx、13 - Tx。有关详情,请参阅 <a href="https://www.96boards.org/wp-content/uploads/2015/02/HiKey_User_Guide_Rev0.2.pdf">HiKey 用户指南</a>。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/downloading.html b/zh-cn/source/downloading.html new file mode 100644 index 00000000..ca66a612 --- /dev/null +++ b/zh-cn/source/downloading.html @@ -0,0 +1,187 @@ +<html devsite><head> + <title>下载源代码</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>Android 源代码树位于由 Google 托管的 Git 代码库中。Git 代码库中包含 Android 源代码的元数据,其中包括与对源代码进行的更改以及更改日期相关的元数据。本文档介绍了如何下载特定 Android 代码流水线的源代码树。 +</p> +<p>要从特定设备的出厂映像开始,请参阅<a href="running.html#selecting-device-build">选择设备版本</a>。 +</p> +<h2 id="installing-repo">安装 Repo</h2> +<p>Repo 是一款工具,可让您在 Android 环境中更轻松地使用 Git。要详细了解 Repo,请参阅<a href="developing.html">开发</a>部分。 +</p> +<p>要安装 Repo,请执行以下操作:</p> +<ol> + <li> + <p>确保主目录下有一个 bin/ 目录,并且该目录包含在路径中:</p> + <pre> +<code>$ mkdir ~/bin +$ PATH=~/bin:$PATH +</code> +</pre> + </li> + <li> + <p>下载 Repo 工具,并确保它可执行:</p> + <pre> +$ curl https://storage.googleapis.com/git-repo-downloads/repo > ~/bin/repo +$ chmod a+x ~/bin/repo +</pre> + </li> +</ol> +<p>对于 1.21 版,Repo 的 SHA-1 校验和为 b8bd1804f432ecf1bab730949c82b93b0fc5fede</p> +<p>对于 1.22 版,Repo 的 SHA-1 校验和为 da0514e484f74648a890c0467d61ca415379f791</p> +<p>对于 1.23 版,Repo 的 SHA-1 校验和为 ac9d646f6d699f6822a6bc787d3e7338ae7ab6ed</p> +<h2 id="initializing-a-repo-client">初始化 Repo 客户端</h2> +<p>安装 Repo 后,设置您的客户端以访问 Android 源代码代码库:</p> +<ol> + <li> + <p>创建一个空目录来存放您的工作文件。如果您使用的是 MacOS,必须在区分大小写的文件系统中创建该目录。为其指定一个您喜欢的任意名称:</p> +<pre> +$ mkdir WORKING_DIRECTORY +$ cd WORKING_DIRECTORY +</pre> + </li> + <li> + <p>使用您的真实姓名和电子邮件地址配置 Git。要使用 Gerrit 代码审核工具,您需要一个与<a href="https://www.google.com/accounts">已注册的 Google 帐号</a>关联的电子邮件地址。确保这是您可以接收邮件的有效地址。您在此处提供的姓名将显示在您提交的代码的提供方信息中。 + </p> +<pre> +$ git config --global user.name "Your Name" +$ git config --global user.email "you@example.com" +</pre> + </li> + + <li> + <p>运行 <code>repo init</code> 以获取最新版本的 Repo 及其最近的所有错误更正内容。您必须为清单指定一个网址,该网址用于指定 Android 源代码中包含的各个代码库将位于工作目录中的什么位置。 + </p> +<pre> +$ repo init -u https://android.googlesource.com/platform/manifest +</pre> + <p>要对“master”以外的分支进行校验,请使用 <code>-b</code> 来指定相应分支。要查看分支列表,请参阅<a href="build-numbers.html#source-code-tags-and-builds">源代码标记和版本</a>。 + </p> +<pre> +$ repo init -u https://android.googlesource.com/platform/manifest -b android-4.0.1_r1 +</pre> + </li> +</ol> +<p>初始化成功后,系统将显示一条消息,告诉您 Repo 已在工作目录中完成初始化。客户端目录中现在应包含一个 <code>.repo</code> 目录,清单等文件将保存在该目录下。 +</p> +<h2 id="getting-the-files">下载 Android 源代码树</h2> +<p>要将 Android 源代码树从默认清单中指定的代码库下载到工作目录,请运行以下命令:</p> +<pre>$ repo sync</pre> +<p>Android 源代码文件将位于工作目录中对应的项目名称下。初始同步操作将需要 1 个小时或更长时间才能完成。要详细了解 <code>repo + sync</code> 和其他 Repo 命令,请参阅<a href="developing.html">开发</a>部分。 +</p> +<h2 id="using-authentication">使用身份验证</h2> +<p>默认情况下,访问 Android 源代码均为匿名操作。为了防止服务器被过度使用,每个 IP 地址都有一个相关联的配额。 +</p> +<p>当与其他用户共用一个 IP 地址时(例如,在越过 NAT 防火墙访问源代码代码库时),系统甚至会针对常规使用模式(例如,许多用户在短时间内从同一个 IP 地址同步新客户端)触发配额。 +</p> +<p>在这种情况下,可以使用进行身份验证的访问方式,此类访问方式会对每位用户使用单独的配额,而不考虑 IP 地址。 +</p> +<p>第一步是使用<a href="https://android.googlesource.com/new-password">密码生成器</a>生成密码,然后按照密码生成器页面中的说明进行操作。 +</p> +<p>第二步是通过使用以下清单 URI,强制使用进行身份验证的访问方式:<code>https://android.googlesource.com/a/platform/manifest</code>。请注意 <code>/a/</code> 目录前缀如何触发强制性身份验证。您可以通过以下命令将现有客户端转换为使用强制性身份验证:</p> +<pre> +$ repo init -u https://android.googlesource.com/a/platform/manifest +</pre> +<h2 id="troubleshooting-network-issues">排查网络问题</h2> +<p>在使用代理的情况下下载内容(在一些企业环境中很常见)时,您可能需要明确指定 Repo 随后使用的代理:</p> +<pre> +$ export HTTP_PROXY=http://<proxy_user_id>:<proxy_password>@<proxy_server>:<proxy_port> +$ export HTTPS_PROXY=http://<proxy_user_id>:<proxy_password>@<proxy_server>:<proxy_port> +</pre> +<p>一种比较少见的情况是,Linux 客户端遇到连接问题,在下载期间(通常是在“正在接收对象”期间)被卡住。有人曾报告称,调整 TCP/IP 堆栈的设置并使用非并行命令可以改善这种情况。您需要拥有 root 权限才能修改 TCP 设置:</p> +<pre> +$ sudo sysctl -w net.ipv4.tcp_window_scaling=0 +$ repo sync -j1 +</pre> +<h2 id="using-a-local-mirror">使用本地镜像</h2> +<p>当您使用多个客户端时(尤其是在带宽不足的情况下),最好为所有服务器内容创建一个本地镜像,并从该镜像同步客户端(不需要访问网络)。一个完整镜像的下载文件比两个客户端的下载文件要小一些,而且包含更多信息。 +</p> +<p>以下说明假定在 <code>/usr/local/aosp/mirror</code> 中创建镜像。第一步是创建并同步镜像本身。请注意 <code>--mirror</code> 标志,该标志只能在创建新客户端时指定:</p> +<pre> +$ mkdir -p /usr/local/aosp/mirror +$ cd /usr/local/aosp/mirror +$ repo init -u https://android.googlesource.com/mirror/manifest --mirror +$ repo sync +</pre> +<p>同步镜像后,您就可以从镜像创建新客户端了。请注意,务必要指定一个绝对路径:</p> +<pre>$ mkdir -p /usr/local/aosp/master +$ cd /usr/local/aosp/master +$ repo init -u /usr/local/aosp/mirror/platform/manifest.git +$ repo sync +</pre> +<p>最后,要将客户端与服务器同步,您需要将镜像与服务器同步,然后再将客户端与镜像同步:</p> +<pre> +$ cd /usr/local/aosp/mirror +$ repo sync +$ cd /usr/local/aosp/master +$ repo sync +</pre> +<p>您可以将镜像存储在 LAN 服务器上,然后通过 NFS、SSH 或 Git 访问它。您还可以将其存储在移动存储盘上,并在用户之间或计算机之间传用该存储盘。 +</p> +<h2 id="verifying-git-tags">验证 Git 标记</h2> +<p>将以下公钥加载到您的 GnuPG 密钥数据库中。该密钥用于签署代表各版本的带批注标记。 +</p> +<pre> +$ gpg --import +</pre> +<p>复制并粘贴以下密钥,然后输入 EOF (Ctrl-D) 以结束输入并处理密钥。 +</p> +<pre> +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.2.2 (GNU/Linux) + +mQGiBEnnWD4RBACt9/h4v9xnnGDou13y3dvOx6/t43LPPIxeJ8eX9WB+8LLuROSV +lFhpHawsVAcFlmi7f7jdSRF+OvtZL9ShPKdLfwBJMNkU66/TZmPewS4m782ndtw7 +8tR1cXb197Ob8kOfQB3A9yk2XZ4ei4ZC3i6wVdqHLRxABdncwu5hOF9KXwCgkxMD +u4PVgChaAJzTYJ1EG+UYBIUEAJmfearb0qRAN7dEoff0FeXsEaUA6U90sEoVks0Z +wNj96SA8BL+a1OoEUUfpMhiHyLuQSftxisJxTh+2QclzDviDyaTrkANjdYY7p2cq +/HMdOY7LJlHaqtXmZxXjjtw5Uc2QG8UY8aziU3IE9nTjSwCXeJnuyvoizl9/I1S5 +jU5SA/9WwIps4SC84ielIXiGWEqq6i6/sk4I9q1YemZF2XVVKnmI1F4iCMtNKsR4 +MGSa1gA8s4iQbsKNWPgp7M3a51JCVCu6l/8zTpA+uUGapw4tWCp4o0dpIvDPBEa9 +b/aF/ygcR8mh5hgUfpF9IpXdknOsbKCvM9lSSfRciETykZc4wrRCVGhlIEFuZHJv +aWQgT3BlbiBTb3VyY2UgUHJvamVjdCA8aW5pdGlhbC1jb250cmlidXRpb25AYW5k +cm9pZC5jb20+iGAEExECACAFAknnWD4CGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIX +gAAKCRDorT+BmrEOeNr+AJ42Xy6tEW7r3KzrJxnRX8mij9z8tgCdFfQYiHpYngkI +2t09Ed+9Bm4gmEO5Ag0ESedYRBAIAKVW1JcMBWvV/0Bo9WiByJ9WJ5swMN36/vAl +QN4mWRhfzDOk/Rosdb0csAO/l8Kz0gKQPOfObtyYjvI8JMC3rmi+LIvSUT9806Up +hisyEmmHv6U8gUb/xHLIanXGxwhYzjgeuAXVCsv+EvoPIHbY4L/KvP5x+oCJIDbk +C2b1TvVk9PryzmE4BPIQL/NtgR1oLWm/uWR9zRUFtBnE411aMAN3qnAHBBMZzKMX +LWBGWE0znfRrnczI5p49i2YZJAjyX1P2WzmScK49CV82dzLo71MnrF6fj+Udtb5+ +OgTg7Cow+8PRaTkJEW5Y2JIZpnRUq0CYxAmHYX79EMKHDSThf/8AAwUIAJPWsB/M +pK+KMs/s3r6nJrnYLTfdZhtmQXimpoDMJg1zxmL8UfNUKiQZ6esoAWtDgpqt7Y7s +KZ8laHRARonte394hidZzM5nb6hQvpPjt2OlPRsyqVxw4c/KsjADtAuKW9/d8phb +N8bTyOJo856qg4oOEzKG9eeF7oaZTYBy33BTL0408sEBxiMior6b8LrZrAhkqDjA +vUXRwm/fFKgpsOysxC6xi553CxBUCH2omNV6Ka1LNMwzSp9ILz8jEGqmUtkBszwo +G1S8fXgE0Lq3cdDM/GJ4QXP/p6LiwNF99faDMTV3+2SAOGvytOX6KjKVzKOSsfJQ +hN0DlsIw8hqJc0WISQQYEQIACQUCSedYRAIbDAAKCRDorT+BmrEOeCUOAJ9qmR0l +EXzeoxcdoafxqf6gZlJZlACgkWF7wi2YLW3Oa+jv2QSTlrx4KLM= +=Wi5D +-----END PGP PUBLIC KEY BLOCK----- +</pre> +<p>导入密钥后,您可以通过以下命令验证任何标记:</p> +<pre> +$ git tag -v TAG_NAME +</pre> +<p>如果您尚未<a href="initializing.html#ccache">设置 ccache</a>,现在是设置它的最佳时机。 +</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/faqs.html b/zh-cn/source/faqs.html new file mode 100644 index 00000000..4b23549d --- /dev/null +++ b/zh-cn/source/faqs.html @@ -0,0 +1,126 @@ +<html devsite><head> + <title>常见问题解答</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<a name="top"></a> +<p>要查看关于其他常见问题的解答,请参阅 developer.android.com 上的 <a href="http://developer.android.com/guide/faq/index.html">Android 常见问题解答</a>。 + +</p><h2 id="open-source">开放源代码</h2> +<h3 id="what-is-the-android-open-source-project">Android 开放源代码项目是什么?</h3> +<p>我们使用“Android 开放源代码项目”或“AOSP”来表示 Android 涉及的人员、流程和源代码。</p> +<p>人员负责监督该项目并开发实际的源代码。流程指我们为了管理该软件的开发而使用的工具和程序。该项目的最终结果是您可以用来打造手机和其他设备的源代码。</p> +<h3 id="why-did-we-open-the-android-source-code">我们为什么开放了 Android 源代码?</h3> +<p>根据我们自己在发布移动应用方面的经验,Google 启动了 Android 项目。我们希望确保始终有开放的平台可供运营商、原始设备制造商 (OEM) 和开发者使用,以便他们将创新的想法变为现实。我们还希望确保不存在任何集中瓶颈,这样的话,就没有任何行业参与者可以一手限制或控制任何其他参与者开展创新。Android 开放源代码项目 (AOSP) 有一个最重要的目标,就是确保尽可能广泛、尽可能兼容地实施 Android 开放源代码软件,使每个人都能从中受益。</p> +<h3 id="what-kind-of-open-source-project-is-android">Android 是哪种开放源代码项目?</h3> +<p>Google 负责监督 Android 开放源代码平台核心部分的开发工作,并致力于打造卓越的开发者和用户社区。在大多数情况下,Android 源代码都是根据宽松的 Apache Software License 2.0(而非“Copyleft”许可)授权用户使用。这主要是因为我们最重要的目标是让用户广泛采用该软件,而我们认为 ASL2.0 许可有助于最好地实现这一目标。</p> +<p>您可以在我们的<a href="/source/licenses.html">许可</a>页面中找到关于此主题的更多信息。</p> +<h3 id="why-is-google-in-charge-of-android">为什么由 Google 主管 Android 项目?</h3> +<p>发布软件平台非常复杂。开放性对于平台长期取得成功至关重要,这是因为要吸引开发者投入到其中并确保公平的竞争环境,必须具备开放性。不过,平台本身也必须是对用户极具吸引力的产品。</p> +<p>正是因为这个原因,Google 调配了必需的专业工程资源,以确保 Android 是具备充分竞争力的软件平台。Google 将 Android 项目视为一个全方位的产品开发运营项目,并致力于实现必要的业务交易,以确保运行 Android 的卓越设备能够确确实实地将其推向市场。</p> +<p>通过确保 Android 在用户那里获得成功,我们可以帮助确保 Android 作为平台和开放源代码项目的活力。毕竟,谁不希望 Android 源代码成为一款成功的产品呢?</p> +<p>Google 的目标是确保围绕 Android 打造一个成功的生态系统。当然,没有哪个人必须参与其中。我们开放了 Android 源代码,以便任何人都可以修改和分发该软件来满足自己的需求。</p> +<h3 id="what-is-googles-overall-strategy-for-android-product-development">Google 在 Android 产品开发方面的总体策略是什么?</h3> +<p>我们致力于向竞争激烈的市场推出卓越的设备。有鉴于此,我们会将开发的创新技术和增强功能纳入到下一版本的核心平台中。</p> +<p>在实践中,这意味着 Android 工程团队通常只侧重于少数“旗舰”设备,并负责开发下一版 Android 软件来为这些产品的发布提供支持。这些旗舰设备可以消化很多产品风险,并为广泛的原始设备制造商 (OEM) 社区开辟新的道路,让他们接下来能够推出更多充分利用新功能的设备。通过这种方式,我们可以确保 Android 平台能够根据现实设备的实际需求不断发展完善。</p> +<h3 id="how-is-the-android-software-developed">Android 软件的开发方式是怎样的?</h3> +<p>Android 的每个平台版本(例如 1.5、1.6 等)在开放源代码树中都有对应的分支。在任何指定的时刻,最新的此类分支将被视为“当前稳定”的分支版本。这个当前稳定的分支是制造商移植到其设备的分支。该分支会始终保持适合发布的状态。</p> +<p>同时,每个版本还有一个“当前实验性”分支,开发者可以在其中开发实验性贡献内容,例如大量的下一代功能。在适当情况下,实验性分支中的错误更正内容和其他贡献内容可以纳入到当前稳定分支中。</p> +<p>最后,Google 会在开发旗舰设备的同时致力于研究下一版 Android 平台。在适当情况下,该分支将纳入实验性分支和稳定分支中的更改。</p> +<p>您可以在我们的<a href="/source/code-lines.html">代码行、分支和版本</a>页面中找到关于此主题的更多信息。</p> +<h3 id="why-are-parts-of-android-developed-in-private">为什么 Android 的部分内容是在私下开发的?</h3> +<p>将一款设备推向市场通常需要超过一年的时间。设备制造商无疑希望植入他们可以植入的最新 Android 软件。与此同时,开发者也不希望在编写应用时还要不断追用该平台的新版本。制造商和开发者都会面临及时推出自家产品与追用最新版本难以两全的状况。</p> +<p>为了解决这个问题,下一版 Android 的部分内容(包括核心平台 API)会在私有分支中进行开发。这些 API 将纳入到下一版 Android 中。我们的目标是,在我们开发下一版平台的同时,让其他人将注意力放在当前稳定版 Android 源代码上。这样一来,开发者和原始设备制造商 (OEM) 便可以使用单个版本,而无需为了跟上 Android 开发步伐而追用尚不完善的未来版本。不过,Android 系统中与应用兼容性无关的其他部分是在开放环境中开发的。我们打算逐渐将其中更多的部分转移到开放的开发环境中。</p> +<h3 id="when-are-source-code-releases-made">何时发布源代码?</h3> +<p>当源代码准备就绪时发布。发布源代码是一个相当复杂的过程。Android 的某些部分是在开放环境中开发的,因此相应的源代码始终可用。还有一些部分最初是在私有树中开发的,并且相应的源代码会在下一个平台版本准备就绪时发布。</p> +<p>对于某些版本,核心平台 API 会提前足够长的时间准备就绪,这样我们就可以在设备发布之前推出源代码,以便提前了解一下相关情况;不过,对于另外一些版本,我们无法做到这一点。在所有情况下,当我们认为相应版本已足够稳定并且开发流程允许时,我们就会发布平台源代码。</p> +<h3 id="what-is-involved-in-releasing-the-source-code-for-a-new-android-version">发布新版 Android 的源代码涉及哪些流程?</h3> +<p>发布新版 Android 平台的源代码是一个非常重要的过程。首先,该软件要移植到设备的系统映像中,并通过各种形式的认证,包括手机销售区域的政府监管机构认证。另外,该软件还需要通过运营商测试。这是发布过程的一个重要阶段,因为这项测试有助于发现大量的软件错误。</p><p></p> +<p>在发布事宜得到监管机构和运营商的批准后,制造商将开始大批量生产设备,并且我们将着手发布源代码。</p> +<p>在制造商大批量生产设备的同时,Google 团队将开始为发布开放源代码做一些准备工作。这些准备工作包括进行最终的 API 更改、更新文档(例如,反映在合格性测试期间进行的任何修改)、为新版本准备 SDK,以及发布平台兼容性信息。</p> +<p>此外,准备工作还包括一项最终法定签核程序,以同意将代码发布到开放源代码中。正如开放源代码贡献者需要签署《贡献者许可协议》来证明其拥有所贡献内容的知识产权一样,Google 也必须证明自己在做贡献。</p> +<p>从制造商开始大批量生产设备算起,软件发布过程通常需要大约一个月的时间。这样一来,源代码的发布时间与设备到达用户手中的时间通常差不多。</p> +<h3 id="how-does-the-aosp-relate-to-the-android-compatibility-program">AOSP 与 Android 兼容性计划有何关联?</h3> +<p>Android 开放源代码项目旨在维护 Android 软件以及开发新版本。由于是开放源代码,因此该软件可用于任何用途,包括开发与基于同一源代码的其他设备不兼容的设备。</p> +<p>Android 兼容性计划旨在为 Android 制定与开发者编写的第三方应用兼容的基准实施方式。“与 Android 兼容”的设备可以参与 Android 生态系统,包括 Google Play;不符合兼容性要求的设备将无法参与该生态系统。</p> +<p>也就是说,Android 兼容性计划规定了我们如何区分“与 Android 兼容的设备”与只是运行 Android 源代码衍生品的设备。我们欢迎各种 Android 源代码使用方式,但只有与 Android 兼容的设备(符合 Android 兼容性计划的定义并通过该计划的测试)才可以参与 Android 生态系统。</p> +<h3 id="how-can-i-contribute-to-android">如何为 Android 做贡献?</h3> +<p>您可以通过多种方式为 Android 做贡献。您可以报告错误、编写适用于 Android 平台的应用,或者为 Android 开放源代码项目贡献源代码。</p> +<p>关于我们愿意或能够接受哪些类型的代码贡献内容,有一些限制。例如,有人可能想要贡献替代应用 API,比如完全基于 C++- 的环境。我们会拒绝这种贡献内容,因为 Android 鼓励开发在 ART 运行时中运行的应用。同样,我们也不会接受与我们的许可目标不符的贡献内容(例如 GPL 或 LGPL 库)。</p> +<p>如果您有意贡献源代码,我们建议您在开始任何相关工作前先通过 <a href="/source/community.html">Android 社区</a>页面中列出的方式与我们联系。您可以在<a href="/source/contributing.html">贡献</a>页面中找到关于此主题的更多信息。</p> +<h3 id="how-do-i-become-an-android-committer">如何成为 Android 代码提交者?</h3> +<p>Android 开放源代码项目其实并没有“提交者”这一概念。所有贡献内容(包括由 Google 员工创作的内容)都是通过一个称为“Gerrit”的基于网页的系统提交的,该系统是 Android 工程流程的一部分。该系统与 Git 源代码管理系统协同工作,以便明晰地管理源代码贡献内容。</p> +<p>提交之后,相应更改需要获得指定审批者的批准。审批者通常是 Google 员工,但这些审批者还要负责所有提交内容,不论其来源为何。</p> +<p>您可以在<a href="submit-patches.html">提交补丁程序</a>页面中找到关于此主题的更多信息。</p> +<a href="#top">返回页首</a> +<h2 id="compatibility">兼容性</h2> +<h3 id="what-does-compatibility-mean">“兼容性”是什么意思?</h3> +<p>我们将“与 Android 兼容的设备”定义为可以运行由第三方开发者使用 Android SDK 和 NDK 编写的任何应用的设备。我们将此作为过滤条件来区分可以参与和无法参与 Android 应用生态系统的设备。与 Android 妥善兼容的设备可以请求获准使用 Android 商标。不兼容的设备只不过是 Android 源代码的衍生产品,不能使用 Android 商标。</p> +<p>也就是说,兼容性是参与 Android 应用生态系统的前提条件。我们欢迎任何人使用 Android 源代码。但如果设备与 Android 不兼容,则不会被视为 Android 生态系统的一部分。</p> +<h3 id="what-is-the-role-of-google-play-in-compatibility">Google Play 在兼容性方面发挥什么作用?</h3> +<p>与 Android 兼容的设备可以请求获得 Google Play 客户端软件使用许可。获得该许可后,这些设备便成为了 Android 应用生态系统的一部分,其用户将能够从所有与 Android 兼容的设备共享的目录中下载开发者的应用。与 Android 不兼容的设备无法获得该许可。</p> +<h3 id="what-kinds-of-devices-can-be-android-compatible">哪些类型的设备可与 Android 兼容?</h3> +<p>Android 软件可以移植到许多不同类型的设备上,包括第三方应用无法在其中正常运行的某些设备。<a href="/compatibility/index.html">Android 兼容性定义文档</a> (CDD) 中详细说明了将被视为与 Android 兼容的具体设备配置。</p> +<p>例如,虽然可以将 Android 源代码移植到没有摄像头的手机上,但兼容性定义文档要求所有手机都要有摄像头。该要求使得开发者在编写应用时可以采用一系列一致的功能。</p> +<p>兼容性定义文档将会不时进行修订,以反映市场实际情况。例如,1.6 版兼容性定义文档仅支持手机。但 2.1 版兼容性定义文档允许设备不包含电话硬件,这使得平板式音乐播放器等非手机设备也可以是兼容的设备。在修订兼容性定义文档的同时,我们还将改进 Google Play,以便开发者可以控制在哪些地区提供其应用。让我们继续以电话为例,某个用于管理短信的应用在媒体播放器上并没有什么用处,因此 Google Play 允许开发者将该应用限制为专用于手机设备。</p> +<h3 id="if-my-device-is-compatible-does-it-automatically-have-access-to-google-play-and-branding">如果我的设备与 Android 兼容,它是否会自动获得 Google Play 和品牌标识的使用权限?</h3> +<p>Google Play 是由 Google 运营的服务。实现兼容性是获得 Google Play 软件和品牌标识使用权限的前提条件。要获得 Google Play 使用权限,设备制造商应发送电子邮件至 <a href="mailto:android-partnerships@google.com">android-partnerships@google.com</a> 与我们联系。虽然我们会阅读发送到该地址的所有电子邮件,但我们无法一一进行回复。请注意,如果我们可以为您提供帮助,将会与您联系。</p> +<h3 id="if-i-am-not-a-manufacturer-how-can-i-get-google-play">如果我不是制造商,如何获得 Google Play 使用权限?</h3> +<p>我们只会向在设备中植入 Android 的手机制造商授予 Google Play 使用许可。如有关于具体情况方面的问题,请发送电子邮件至 <a href="mailto:android-partnerships@google.com">android-partnerships@google.com</a> 与我们联系。</p> +<h3 id="how-can-i-get-access-to-the-google-apps-for-android-such-as-maps">如何获得 Android 版 Google 应用(例如 Google 地图)使用权限?</h3> +<p>Android 版 Google 应用(例如 YouTube、Google 地图、Gmail 等)属于 Google 产品和服务,并不是 Android 的一部分,需要单独授予许可。如有关于这些应用方面的问题,请发送电子邮件至 <a href="mailto:android-partnerships@google.com">android-partnerships@google.com</a> 与我们联系。</p> +<h3 id="is-compatibility-mandatory">兼容性是否为强制要求?</h3> +<p>不是,您可以自行选择是否参与 Android 兼容性计划。由于 Android 源代码是开放源代码,因此任何人都可以使用它来打造任何类型的设备。不过,如果制造商希望在其产品中使用 Android 名称,或希望获得 Google Play 使用权限,则必须要先证明其设备与 Android 兼容。</p> +<h3 id="how-much-does-compatibility-certification-cost">兼容性认证的费用是多少?</h3> +<p>设备的 Android 兼容性认证无需任何费用。兼容性测试套件为开放源代码,可供任何人用于设备测试。</p> +<h3 id="how-long-does-compatibility-take">兼容性认证需要多长时间?</h3> +<p>该过程是自动进行的。兼容性测试套件会生成一份报告,您可以将该报告提供给 Google 来证明兼容性。我们终归打算提供一些用于将这些报告上传到公共数据库的自助服务工具。</p> +<h3 id="who-determines-what-will-be-part-of-the-compatibility-definition">谁负责决定兼容性定义的内容?</h3> +<p>由于 Google 负责把握 Android 作为平台和产品的总体发展方向,因此 Google 会为每个版本维护兼容性定义文档。在为 Android 新版本起草兼容性定义文档时,我们会咨询各种原始设备制造商 (OEM),他们将为该文档的内容提供建议。</p> +<h3 id="how-long-will-each-android-version-be-supported-for-new-devices">各 Android 版本可用于开发新设备的时间有多长?</h3> +<p>由于 Android 的代码为开放源代码,因此我们无法阻止任何人使用旧版本来推出设备。不过,Google 将不会授予在被视为已过时的版本上使用 Google Play 客户端软件的许可。这样一来,虽然任何人都可以继续植入旧版 Android,但这些设备将不能使用 Android 名称,并且无法参与 Android 应用生态系统,这同设备与 Android 不兼容的情况类似。</p> +<h3 id="can-a-device-have-a-different-user-interface-and-still-be-compatible">设备是否可以采用不同的界面但仍保持与 Android 兼容?</h3> +<p>Android 兼容性计划旨在决定某种设备是否可以运行第三方应用。设备附带的界面组件(例如主屏幕、拨号器、配色方案等)一般对第三方应用的影响不大。因此,设备制造商可以根据自己的喜好随意定制界面。兼容性定义文档确实规定了原始设备制造商 (OEM) 可在多大程度内更改系统界面中会影响第三方应用的区域。</p> +<h3 id="when-are-compatibility-definitions-released-for-new-android-versions">何时发布 Android 新版本的兼容性定义?</h3> +<p>我们的目标是,一旦相应的 Android 平台版本已涵盖足够多的内容,允许发布新版 Android 兼容性定义文档,我们就会进行发布。虽然我们无法在植入相应 Android 软件的首款旗舰设备之前发布该软件版本的兼容性定义文档终稿,但我们一定会在这一首款设备之后发布兼容性定义文档终稿。不过,无论实际情况如何,我们都将提供兼容性定义文档的草稿版本。</p> +<h3 id="how-are-device-manufacturers-compatibility-claims-validated">如何验证设备制造商的兼容性声明?</h3> +<p>我们并没有针对 Android 设备兼容性的验证流程。不过,如果相应设备要添加 Google Play,Google 通常会先验证设备的兼容性,设备通过验证后,才会同意为其授予 Google Play 客户端软件使用许可。</p> +<h3 id="what-happens-if-a-device-that-claims-compatibility-is-later-found-to-have-compatibility-problems">如果之后发现声称兼容的设备存在兼容性问题,会怎样?</h3> +<p>通常情况下,Google 与 Google Play 被许可人之间保持着良好的关系,这使得我们可以要求他们发布更新后解决了相关问题的系统映像。</p> +<a href="#top">返回页首</a> +<h2 id="compatibility-test-suite">兼容性测试套件</h2> +<h3 id="what-is-the-purpose-of-the-cts">兼容性测试套件的用途是什么?</h3> +<p>兼容性测试套件是一种工具,设备制造商可以借助该工具来确保其设备与 Android 兼容,以及报告测试结果供 Google 验证。原始设备制造商 (OEM) 应在整个工程流程中频繁运行兼容性测试套件,以便尽早发现兼容性问题。</p> +<h3 id="what-kinds-of-things-does-the-cts-test">兼容性测试套件会测试哪些类型的内容?</h3> +<p>目前,兼容性测试套件会测试所有受支持的 Android 强类型 API 是否存在以及行为是否正常。此外,它还会测试其他非 API 系统行为,例如应用生命周期和性能。我们计划在未来的兼容性测试套件版本中扩大支持范围,以便同时测试 Intent 等“软”API。</p> +<h3 id="will-the-cts-reports-be-made-public">兼容性测试套件报告会公开吗?</h3> +<p>会。虽然目前尚未实施,但 Google 打算为原始设备制造商 (OEM) 提供基于网络的自助服务工具来发布兼容性测试套件报告,以供任何人查看。制造商可在任意范围内分享兼容性测试套件报告。</p> +<h3 id="how-is-the-cts-licensed">兼容性测试套件采用哪种许可方式?</h3> +<p>兼容性测试套件是根据大多数 Android 使用的 Apache Software License 2.0 授权用户使用。</p> +<h3 id="does-the-cts-accept-contributions">兼容性测试套件接受贡献内容吗?</h3> +<p>接受,而且非常欢迎!Android 开放源代码项目接受贡献内容,以便采用与任何其他组件相同的方式来改进兼容性测试套件。事实上,提高兼容性测试套件测试案例的覆盖范围和质量是协助 Android 的最佳方式之一。</p> +<h3 id="can-anyone-use-the-cts-on-existing-devices">任何人都可以在现有设备上使用兼容性测试套件吗?</h3> +<p>兼容性定义文档要求与 Android 兼容的设备实施“adb”调试实用工具。这意味着,任何与 Android 兼容的设备(包括零售的设备)都必须能够运行兼容性测试套件测试。</p> +<h3 id="are-codecs-verified">编解码器需要通过兼容性测试套件验证吗?</h3> +<p>需要。所有必需的编解码器都要通过兼容性测试套件验证。</p> + +<a href="#top">返回页首</a> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/git-resources.html b/zh-cn/source/git-resources.html new file mode 100644 index 00000000..c69a5ca2 --- /dev/null +++ b/zh-cn/source/git-resources.html @@ -0,0 +1,42 @@ +<html devsite><head> + <title>了解 Git</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>如需关于 Git 的更多信息,请参阅以下非常实用的站外资源:</p> +<ul> +<li> +<p><a href="https://training.github.com/">GitHub 培训</a></p> +</li> +<li> +<p><a href="http://book.git-scm.com">Git Community Book</a>(由 Scott Chacon 维护)</p> +</li> +<li> +<p><a href="http://git.or.cz/gitwiki/FrontPage">Git Wiki</a></p> +</li> +<li> +<p><a href="http://www.kernel.org/pub/software/scm/git/docs">Git 手册页面</a> </p> +</li> +<li> +<p><a href="https://www.youtube.com/playlist?list=PLttwD7NyH3omQLyVtan0CFOX_UWItX_yG">GitCasts</a>(Git 教程视频)</p> +</li> +</ul> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/index.html b/zh-cn/source/index.html new file mode 100644 index 00000000..1c95cd12 --- /dev/null +++ b/zh-cn/source/index.html @@ -0,0 +1,44 @@ +<html devsite><head> + <title>Android 源代码</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>Android 是一个针对多种不同设备类型打造的开放源代码软件堆栈。Android 的主要目的是为运营商、原始设备制造商 (OEM) 和开发者创造一个开放的软件平台,使他们能够将创新理念变为现实,并推出能够卓有成效地改善用户移动体验的真实产品。 +</p> + +<p>此外,我们还希望确保 Android 平台不存在一个集中瓶颈(意即没有任何行业参与者可一手限制或控制其他参与者的创新)。这样,我们不但可以打造功能完善的高品质消费类产品,而且可以完全开放源代码,供第三方自由定制和移植。 +</p> + +<div style="width:700px"> + <img src="/images/android_framework_details.png" alt="Android 框架详情" height="483px"/> + <p class="img-caption"> + <strong>图 1.</strong> Android 堆栈</p> +</div> + +<h2 id="governance-philosophy">管理理念</h2> +<p>Android 源自于 Google 牵头并联合众多企业成立的“开放手机联盟”(Open Handset Alliance,以下简称 OHA)。如今,许多企业(包括 OHA 的创始成员以及其他企业)都在 Android 上投入了大量资金和人力。这些企业投入了大量工程资源来改进 Android,使用户能够享用搭载 Android 的出色设备。 +</p> +<p>出于对 Android 本身的认同,这些企业才投入了资金和人力,因为我们都相信有必要打造一个开放的平台。我们的用意是将 Android 打造成一个开放源代码(而非免费软件)平台,显然,Android 也确实做到了这一点;众多志同道合的组织投入了大量的资源,携手打造了一个共用的平台。Android 的首要理念是务实。目标是打造一个每个贡献者都可以调整和定制的共用产品。</p> + +<p>不受约束的定制必然会导致不兼容。为了避免这种情况,Android 开放源代码项目还推出了 <a href="/compatibility/index.html">Android 兼容性计划</a>,该计划制定了有关“Android 兼容性”的规范以及设备制造商实现兼容性需要满足的要求。任何人都能够(并且会)将 Android 源代码用于任何用途,我们欢迎一切合法的使用。不过,要参与我们正在围绕 Android 构建的共通应用生态系统,设备制造商必须加入 Android 兼容性计划。</p> + +<p>作为 Android 开放源代码项目的主导者,Google 负责着 Android 的维护和后续开发工作。虽然 Android 由多个子项目组成,但严格意义上,这只是出于项目管理的需要。我们将 Android 整体视为一个软件产品(而不是可更换部件的“发行版”、规范或集合),并依此原则进行管理。我们希望设备制造商要做的只是将 Android 移植到其设备上,而无需实现一个规范或构建一个“发行版”。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/initializing.html b/zh-cn/source/initializing.html new file mode 100644 index 00000000..93f615ef --- /dev/null +++ b/zh-cn/source/initializing.html @@ -0,0 +1,364 @@ +<html devsite><head> + <title>搭建编译环境</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>本部分介绍了如何设置本地工作环境来编译 Android 源文件。您需要使用 Linux 或 Mac OS。目前不支持在 Windows 环境下进行编译。</p> +<p>要简要了解代码审核和代码更新的整个过程,请参阅<a href="life-of-a-patch.html">补丁程序的生命周期</a>。</p> +<h2 id="choosing-a-branch">选择分支</h2> +<p>针对编译环境的某些要求是由您打算编译的源代码的版本决定的。要查看您可以选择的分支的完整列表,请参阅<a href="build-numbers.html">版本号</a>。您还可以选择下载并编译最新的源代码(称为 <code>master</code>)。如果您选择这么做,请在初始化存储库时直接忽略分支规范。</p> +<p>选择分支后,请按照下面的相应说明来设置编译环境。</p> +<h2 id="setting-up-a-linux-build-environment">设置 Linux 编译环境</h2> +<p>以下说明适用于所有分支(包括 <code>master</code>)。</p> +<p>我们会定期在最近推出的一些 Ubuntu LTS (14.04) 版本中对 Android 编译过程进行内部测试,但大多数 Ubuntu 分发版本都应该有所需的编译工具。欢迎向我们报告在其他分发版本中的测试结果(无论结果是成功还是失败)。</p> +<p>如果是 Gingerbread (2.3.x) 及更高版本(包括 <code>master</code> 分支),需要使用 64 位环境。如果是较低的版本,则可以在 32 位系统中进行编译。</p> +<p class="note"><strong>注意</strong>:要查看完整的硬件和软件要求列表,请参阅相关<a href="requirements.html">要求</a>。然后,请按照下方适用于 Ubuntu 和 Mac OS 的详细说明进行操作。</p> + +<h3 id="installing-the-jdk">安装 JDK</h3> +<p><a href="https://android.googlesource.com/">Android 开放源代码项目 (AOSP)</a> 中 Android 的 <code>master</code> 分支需要使用 Java 8。在 Ubuntu 中则需要使用 <a href="http://openjdk.java.net/install/">OpenJDK</a>。</p> +<p>对于较低的版本,请参阅 <a href="requirements.html#jdk">JDK 要求</a>。</p> + +<h4 id="for-ubuntu-15-04">如果 Ubuntu >= 15.04</h4> +<p>请运行以下命令:</p> +<pre> +$ sudo apt-get update +$ sudo apt-get install openjdk-8-jdk +</pre> + +<h4 id="for-ubuntu-14-04">如果是 Ubuntu LTS 14.04</h4> +<p>目前没有适用于 Ubuntu 14.04 的受支持 OpenJDK 8 程序包。<strong>Ubuntu 15.04 OpenJDK 8</strong> 程序包能够在 Ubuntu 14.04 中成功使用。<em>我们发现,按照以下说明操作时,更高的程序包版本(例如适合 15.10、16.04 的版本)在 Ubuntu 14.04 中无法正常工作。</em></p> +<ol> +<li> +<p>从 <a href="http://archive.ubuntu.com/ubuntu/pool/universe/o/openjdk-8/">archive.ubuntu.com</a> 下载适合 64 位架构的 <code>.deb</code> 程序包:</p> +<ul> +<li><a href="http://archive.ubuntu.com/ubuntu/pool/universe/o/openjdk-8/openjdk-8-jre-headless_8u45-b14-1_amd64.deb">openjdk-8-jre-headless_8u45-b14-1_amd64.deb</a> +(SHA256:<code>0f5aba8db39088283b51e00054813063173a4d8809f70033976f83e214ab56c0</code>)</li> +<li><a href="http://archive.ubuntu.com/ubuntu/pool/universe/o/openjdk-8/openjdk-8-jre_8u45-b14-1_amd64.deb">openjdk-8-jre_8u45-b14-1_amd64.deb</a> +(SHA256:<code>9ef76c4562d39432b69baf6c18f199707c5c56a5b4566847df908b7d74e15849</code>)</li> +<li><a href="http://archive.ubuntu.com/ubuntu/pool/universe/o/openjdk-8/openjdk-8-jdk_8u45-b14-1_amd64.deb">openjdk-8-jdk_8u45-b14-1_amd64.deb</a> +(SHA256:<code>6e47215cf6205aa829e6a0a64985075bd29d1f428a4006a80c9db371c2fc3c4c</code>)</li> +</ul> +</li> +<li> +<p>(可选)对照随以上每个程序包列出的 SHA256 字符串,确认已下载文件的校验和。</p> +<p>例如,使用 <code>sha256sum</code> 工具:</p> +<pre> +$ sha256sum {downloaded.deb file} +</pre> +</li> +<li> +<p>安装程序包:</p> +<pre> +$ sudo apt-get update +</pre> +<p>为下载的每个 .deb 文件运行 <code>dpkg</code>。运行过程中可能会因缺少依赖项而出现错误:</p> +<pre> +$ sudo dpkg -i {downloaded.deb file} +</pre> +<p>解决缺少依赖项的问题:</p> +<pre> +$ sudo apt-get -f install +</pre> +</li> +</ol> + +<h4 id="default-java-version">更新默认的 Java 版本 - 可选</h4> + +<p>(可选)对于以上 Ubuntu 版本,您可以通过运行以下命令来更新默认的 Java 版本:</p> +<pre> +$ sudo update-alternatives --config java +$ sudo update-alternatives --config javac +</pre> + +<p>在编译过程中,如果您遇到 Java 版本错误,请按照<a href="building.html#wrong-java-version">错误的 Java 版本</a>部分中的说明设置其路径。</p> + +<h3 id="installing-required-packages-ubuntu-1404">安装所需的程序包 (Ubuntu 14.04)</h3> + +<p>您将需要 64 位版本的 Ubuntu。建议您使用 Ubuntu 14.04。</p> + +<pre> +$ sudo apt-get install git-core gnupg flex bison gperf build-essential \ + zip curl zlib1g-dev gcc-multilib g++-multilib libc6-dev-i386 \ + lib32ncurses5-dev x11proto-core-dev libx11-dev lib32z-dev ccache \ + libgl1-mesa-dev libxml2-utils xsltproc unzip +</pre> + +<p class="note"><strong>注意</strong>:要使用 SELinux 工具进行政策分析,您还需要安装 <code>python-networkx</code> 程序包。</p> + +<p class="note"><strong>注意</strong>:如果您使用 LDAP 并且希望运行 ART 主机测试,则还需要安装 <code>libnss-sss:i386</code> 程序包。</p> + +<h3 id="installing-required-packages-ubuntu-1204">安装所需的程序包 (Ubuntu 12.04)</h3> + +<p>您可以使用 Ubuntu 12.04 来编译较低版本的 Android。master 或最近推出的一些版本不支持 Ubuntu 12.04。</p> + +<pre> +$ sudo apt-get install git gnupg flex bison gperf build-essential \ + zip curl libc6-dev libncurses5-dev:i386 x11proto-core-dev \ + libx11-dev:i386 libreadline6-dev:i386 libgl1-mesa-glx:i386 \ + libgl1-mesa-dev g++-multilib mingw32 tofrodos \ + python-markdown libxml2-utils xsltproc zlib1g-dev:i386 +$ sudo ln -s /usr/lib/i386-linux-gnu/mesa/libGL.so.1 /usr/lib/i386-linux-gnu/libGL.so +</pre> + +<h3 id="installing-required-packages-ubuntu-1004-1110">安装所需的程序包 (Ubuntu 10.04 - 11.10)</h3> +<p>不再支持在 Ubuntu 10.04-11.10 中进行编译,但它们仍可用来编译较低版本的 AOSP。</p> + +<pre> +$ sudo apt-get install git gnupg flex bison gperf build-essential \ + zip curl zlib1g-dev libc6-dev lib32ncurses5-dev ia32-libs \ + x11proto-core-dev libx11-dev lib32readline5-dev lib32z-dev \ + libgl1-mesa-dev g++-multilib mingw32 tofrodos python-markdown \ + libxml2-utils xsltproc +</pre> + +<p>在 Ubuntu 10.10 中,请运行以下命令:</p> + +<pre> +$ sudo ln -s /usr/lib32/mesa/libGL.so.1 /usr/lib32/mesa/libGL.so +</pre> + +<p>在 Ubuntu 11.10 中,请运行以下命令:</p> + +<pre> +$ sudo apt-get install libx11-dev:i386 +</pre> + +<h3 id="configuring-usb-access">配置 USB 使用权限</h3> + +<p>在 GNU/Linux 系统中,尤其是在 Ubuntu 系统中,默认情况下普通用户无法直接使用 USB 设备。您需要对系统进行配置以允许使用此类设备。</p> +<p>建议您以 root 用户的身份在 <code>/etc/udev/rules.d/51-android.rules</code> 下创建一个文件。</p> + +<p>为此,请运行以下命令来下载本网站附带的 <a href="51-android.txt">51-android.txt</a> 文件,对其进行修改以包含您的用户名,然后将其放到正确位置:</p> + +<pre> +$ wget -S -O - http://source.android.com/source/51-android.txt | sed "s/<username>/$USER/" | sudo tee >/dev/null /etc/udev/rules.d/51-android.rules; sudo udevadm control --reload-rules +</pre> + +<p>这些新规则会在下次插入设备时生效。因此,您可能需要先拔下设备,然后再将其插到计算机上。</p> + +<h3 id="using-a-separate-output-directory">使用单独的输出目录</h3> + +<p>默认情况下,每次编译的输出都会存储在相应源代码树的 <code>out/</code> 子目录下。</p> + +<p>在一些拥有多个存储设备的计算机上,如果将源文件和输出存储在单独的存储卷中,编译速度会更快。若要进一步提高编译速度,可以将输出存储在已针对速度(而非崩溃稳定性)进行优化的文件系统中,这是因为在文件系统损坏时可以重新生成所有文件。</p> + +<p>要进行这项设置,请导出 <code>OUT_DIR_COMMON_BASE</code> 变量,使其指向将存储输出目录的位置。</p> + +<pre> +$ export OUT_DIR_COMMON_BASE=<path-to-your-out-directory> +</pre> + +<p>对于每个单独的源代码树,其输出目录都将以其存放目录命名。</p> + +<p>例如,如果您有源代码树 <code>/source/master1</code> 和 <code>/source/master2</code>,并且 <code>OUT_DIR_COMMON_BASE</code> 设为了 <code>/output</code>,那么输出目录将为 <code>/output/master1</code> 和 <code>/output/master2</code>。</p> + +<p>在这种情况下,切勿将多个源代码树存储在具有相同名称的目录下,否则会导致输出目录共享终止,并且会出现不可预知的结果。</p> + +<p>只有 Jelly Bean (4.1) 及更高版本(包括 <code>master</code> 分支)支持这种做法。</p> + +<h2 id="setting-up-a-mac-os-x-build-environment">设置 Mac OS 编译环境</h2> + +<p>在默认安装过程中,Mac OS 会在一个保留大小写但不区分大小写的文件系统中运行。Git 并不支持此类文件系统,而且此类文件系统会导致某些 Git 命令(例如 <code>git status</code>)的行为出现异常。因此,我们建议您始终在区分大小写的文件系统中对 AOSP 源文件进行操作。使用下文中介绍的磁盘映像可以非常轻松地做到这一点。</p> + +<p>有了适当的文件系统,在新型 Mac OS 环境中编译 <code>master</code> 分支就会变得非常简单。要编译较低版本的分支,则需要一些额外的工具和 SDK。</p> + +<h3 id="creating-a-case-sensitive-disk-image">创建区分大小写的磁盘映像</h3> + +<p>您可以使用磁盘映像在现有的 Mac OS 环境中创建区分大小写的文件系统。要创建磁盘映像,请启动磁盘工具,然后选择“新建映像”。完成编译至少需要 25GB 空间;更大的空间能够更好地满足未来的需求。使用稀疏映像有助于节省空间,而且以后可以随着需求的增加进行扩展。请务必选择“Case sensitive, Journaled”存储卷格式。</p> + +<p>您也可以通过 shell 使用以下命令创建磁盘映像:</p> +<pre> +# hdiutil create -type SPARSE -fs 'Case-sensitive Journaled HFS+' -size 40g ~/android.dmg +</pre> + +<p>这将创建一个 <code>.dmg</code>(也可能是 <code>.dmg.sparseimage</code>)文件,该文件在装载后可用作具有 Android 开发所需格式的存储卷。</p> + +<p>如果您以后需要更大的存储卷,还可以使用以下命令来调整稀疏映像的大小:</p> + +<pre> +# hdiutil resize -size <new-size-you-want>g ~/android.dmg.sparseimage +</pre> + +<p>对于存储在主目录下的名为 <code>android.dmg</code> 的磁盘映像,您可以向 <code>~/.bash_profile</code> 中添加辅助函数:</p> + +<ul> +<li>要在执行 <code>mountAndroid</code> 时装载磁盘映像,请运行以下命令:<p></p> + +<pre> +# mount the android file image +function mountAndroid { hdiutil attach ~/android.dmg -mountpoint /Volumes/android; } +</pre> + +<p class="note"><strong>注意</strong>:如果系统创建的是 <code>.dmg.sparseimage</code> 文件,请将 <code>~/android.dmg</code> 替换成 <code>~/android.dmg.sparseimage</code>。</p> +</li> + +<li> +<p>要在执行 <code>umountAndroid</code> 时卸载磁盘映像,请运行以下命令:</p> +<pre> +# unmount the android file image +function umountAndroid() { hdiutil detach /Volumes/android; } +</pre> +</li> +</ul> + +<p>装载 <code>android</code> 存储卷后,您将在其中开展所有工作。您可以像对待外接式存储盘一样将其弹出(卸载)。</p> + +<h3 id="installing-the-mac-jdk">安装 JDK</h3> + +<p>要查看在开发各种 Android 版本时要使用的 Java 版本,请参阅相关<a href="requirements.html">要求</a>。</p> + +<h4 id="installing-required-packages">安装所需的程序包</h4> + +<ol> +<li> +<p>使用以下命令安装 Xcode 命令行工具:</p><pre> +$ xcode-select --install +</pre> + +<p>对于较低版本的 Mac OS(10.8 或更低版本),您需要通过 <a href="http://developer.apple.com/">Apple 开发者网站</a>安装 Xcode。如果您尚未注册成为 Apple 开发者,则需要创建一个 Apple ID 才能下载。</p> +</li> + +<li> +<p>通过 <a href="http://www.macports.org/install.php">macports.org</a> 安装 MacPorts。</p> + +<p class="note"><strong>注意</strong>:请确保在路径中 <code>/opt/local/bin</code> 显示在 <code>/usr/bin</code> <strong>之前</strong>。否则,请将以下内容添加到 <code>~/.bash_profile</code> 文件中:</p> + +<pre> +<code>export PATH=/opt/local/bin:$PATH</code> +</pre> + +<p class="note"><strong>注意</strong>:如果主目录中没有 <code>.bash_profile</code> 文件,请创建一个。</p> +</li> + +<li> +<p>通过 MacPorts 获取 Make、Git 和 GPG 程序包:</p> + +<pre> +$ POSIXLY_CORRECT=1 sudo port install gmake libsdl git gnupg +</pre> + +<p>如果您使用 Mac OS X v10.4,还需要安装 bison:</p> +<pre> +$ POSIXLY_CORRECT=1 sudo port install bison +</pre> +</li> +</ol> + +<h4 id="reverting-from-make-382">将 make 3.82 还原到较低版本</h4> + +<p>在 Android 4.0.x (Ice Cream Sandwich) 及更低版本中,gmake 3.82 中存在一个会导致 Android 无法编译的错误。您可以按照以下步骤使用 MacPorts 来安装 3.81 版:</p> + +<ol> +<li> +<p>修改 <code>/opt/local/etc/macports/sources.conf</code>,在 rsync 行上方添加下面这行内容:</p> +<pre> +file:///Users/Shared/dports +</pre> + +<p>然后创建该目录:</p> +<pre> +$ mkdir /Users/Shared/dports +</pre> +</li> + +<li> +<p>在新的 <code>dports</code> 目录下,运行以下命令:</p> +<pre> +$ svn co --revision 50980 http://svn.macports.org/repository/macports/trunk/dports/devel/gmake/ devel/gmake/ +</pre> +</li> + +<li> +<p>为新的本地存储库创建一个端口索引:</p> + +<pre> +$ portindex /Users/Shared/dports +</pre> +</li> + +<li> +<p>使用以下命令安装旧版 gmake:</p> +<pre> +$ sudo port install gmake @3.81 +</pre> +</li> +</ol> + +<h4 id="setting-a-file-descriptor-limit">设置文件描述符数量上限</h4> + +<p>在 Mac OS 中,可同时打开的文件描述符的默认数量上限太低,在高度并行的编译流程中,可能会超出此上限。</p> + +<p>要提高此上限,请将下列行添加到 <code>~/.bash_profile</code> 中:</p> +<pre> +# set the number of open files to be 1024 +ulimit -S -n 1024 +</pre> + +<h2 id="optimizing-a-build-environment">优化编译环境(可选)</h2> + +<h3 id="setting-up-ccache">设置 ccache</h3> + +<p>您可以视需要指示编译过程使用 ccache 编译工具,ccache 是适用于 C 和 C++ 的编译器缓存,有助于提高编译速度。这对于编译服务器和其他高容量生产环境来说尤其有用。ccache 可用作用于加快重新编译速度的编译器缓存。如果您经常使用 <code>make clean</code>,或者经常在不同的编译产品之间切换,则非常适合使用 ccache。</p> + +<p class="note"><strong>注意</strong>:如果您是在执行增量编译(例如个人开发者而非编译服务器),ccache 可能会让您为缓存未命中埋单,从而减慢您的编译速度。</p> + +<p>要使用 ccache,请在源代码树的根目录下执行以下命令:</p> + +<pre> +$ export USE_CCACHE=1 +$ export CCACHE_DIR=/<path_of_your_choice>/.ccache +$ prebuilts/misc/linux-x86/ccache/ccache -M 50G +</pre> + +<p>建议的缓存大小为 50G 到 100G。</p> + +<p>请将以下内容添加到 <code>.bashrc</code>(或等同文件)中:</p> + +<pre> +export USE_CCACHE=1 +</pre> + +<p>默认情况下,缓存将存储在 <code>~/.ccache</code> 下。如果主目录位于 NFS 或一些其他的非本地文件系统中,您还需要在 <code>.bashrc</code> 文件中指定目录。</p> + +<p>在 Mac OS 中,您应将 <code>linux-x86</code> 替换成 <code>darwin-x86</code>:</p> + +<pre> +prebuilts/misc/darwin-x86/ccache/ccache -M 50G +</pre> + +<p>在编译 Ice Cream Sandwich (4.0.x) 或更低版本时,ccache 位于其他位置:</p> + +<pre> +prebuilt/linux-x86/ccache/ccache -M 50G +</pre> + +<p>该设置会存储在 CCACHE_DIR 中,并且为永久设置。</p> + +<p>在 Linux 中,您可以运行以下命令来观看使用 ccache 时的情况:</p> + +<pre> +$ watch -n1 -d prebuilts/misc/linux-x86/ccache/ccache -s +</pre> + +<h2 id="next-download-the-source">下一篇:下载源代码</h2> + +<p>编译环境已准备就绪!接下来您就可以<a href="downloading.html">下载源代码</a>了。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/jack.html b/zh-cn/source/jack.html new file mode 100644 index 00000000..261efadf --- /dev/null +++ b/zh-cn/source/jack.html @@ -0,0 +1,303 @@ +<html devsite><head> + <title>使用 Jack 编译</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<h2 id="the_jack_toolchain">Jack 工具链</h2> + +<p class="warning"> + 根据<a href="https://android-developers.googleblog.com/2017/03/future-of-java-8-language-feature.html">此公告</a>,<b>Jack 工具链已被弃用</b>。不过,在我们提供替代工具之前,您可以继续使用它<a href="https://developer.android.com/preview/j8-jack.html">启用 Java 8 语言功能</a>。 +</p> + +<p>Jack 是一种新型 Android 工具链,用于将 Java 源代码编译成 Android dex 字节码。它取代了之前由 javac、ProGuard、jarjar 和 dx 等多种工具组成的 Android 工具链。</p> + +<p>Jack 工具链具有以下优势:</p> + +<ul> + <li> <strong>完全开放源代码</strong><br /> +它是在 AOSP 中提供的;并且欢迎用户贡献资源。 + </li><li> <strong>提高编译速度</strong><br /> + +Jack 提供以下具体支持来减少编译时间:dex 预处理、增量编译和 Jack 编译服务器。 + </li><li> <strong>支持压缩、混淆、重新打包和多 dex 处理</strong><br /> +不再需要使用单独的软件包(如 ProGuard) +</li></ul> + +<p class="note">请注意,从 Android 7.0 (N) 开始,Jack 支持使用 JaCoCo 衡量代码覆盖率。如需了解详情,请参阅<a href="https://android.googlesource.com/platform/prebuilts/sdk/+/master/tools/README-jack-code-coverage.md">使用 JaCoCo 衡量代码覆盖率</a>和 <a href="https://developer.android.com/preview/j8-jack.html">Java 8 语言功能</a>。</p> + +<img src="/images/jack-overview.png" height="75%" width="75%" alt="Jack 概览"/> +<p class="img-caption"><strong>图 1. </strong>Jack 概览</p> + +<h2 id="the_jack_library_format">.jack 库格式</h2> + +<p>Jack 具有自己的 .jack 文件格式,其中包含相应库的预编译 dex 代码,可实现更快速的编译 (dex 预处理)。</p> + +<img src="/images/jack-library-file.png" height="75%" width="75%" alt="Jack 库文件内容"/> +<p class="img-caption"><strong>图 2. </strong>Jack 库文件内容</p> + +<h2 id="jill">Jill</h2> + +<p>Jill 工具可将现有的 .jar 库转换为新的库格式,如下图所示。</p> + +<img src="/images/jill.png" alt="使用 Jill 导入现有的 .jar 库"/> +<p class="img-caption"><strong>图 3. </strong>导入现有 .jar 库的工作流程</p> + +<h2 id="using_jack_in_your_android_build">使用 Jack 进行 Android 编译</h2> + +<div class="note">如需了解在 Android 7.0 (N) 及更高版本中使用 Jack 的说明,请参阅 <a href="https://android.googlesource.com/platform/prebuilts/sdk/+/master/tools/README-jack-server.md">Jack 服务器文档</a>。对于 Android 6.0 (M),请使用本部分中的说明。</div> + +<p>要使用 Jack,您只需使用标准的 Makefile 命令来编译树或您的项目即可,无需进行任何其他操作。Jack 是适合 M 的默认 Android 编译工具链。</p> + +<p>首次使用 Jack 时,它会在您的计算机上启动一个本地 Jack 编译服务器:</p> + +<ul> + <li>该服务器能够让 Jack 实现内在加速,因为它可以避免在每次编译时启动新的主机 JRE JVM、加载 Jack 代码、初始化 Jack 以及准备 JIT。此外,它还会在小规模编译期间(例如增量模式下)尽可能优化编译所需时间。 + </li><li>该服务器还是在短时间内控制并行 Jack 编译数量的解决方案,因此可以避免计算机过载(内存或磁盘问题),因为它会限制并行编译的数量。 +</li></ul> + +<p>如果没有任何编译工作,在空闲一段时间之后,Jack 服务器会自行关闭。它使用了 localhost 接口上的两个 TCP 端口,因此无法从外部访问。您可以通过修改<code> $HOME/.jack</code> 文件来修改所有这些参数(并行编译的数量、超时、端口号等)。</p> + +<h3 id="$home_jack_file">$HOME/.jack 文件</h3> + +<p><code>$HOME/.jack</code> 文件包含 Jack 服务器变量的设置,采用纯 bash 语法编写。</p> + +<p>以下是可用设置及其定义和默认值:</p> + +<ul> + <li> <strong><code>SERVER=true</code></strong><code> </code>:启用 Jack 的服务器功能。 + </li><li> <strong><code>SERVER_PORT_SERVICE=8072</code> +</strong>设置服务器的用于编译的 TCP 端口号。 + </li><li> <strong><code>SERVER_PORT_ADMIN=8073</code></strong>: +设置服务器的用于管理的 TCP 端口号。 + </li><li> <strong><code>SERVER_COUNT=1</code></strong>: +目前未使用。 + </li><li> <strong><code>SERVER_NB_COMPILE=4</code></strong>: +允许的最大并行编译数量。 + </li><li> <strong><code>SERVER_TIMEOUT=60</code></strong>: +无编译工作时服务器在自行关闭之前必须等待的空闲秒数。 + </li><li> <strong><code>SERVER_LOG=${SERVER_LOG:=$SERVER_DIR/jack-$SERVER_PORT_SERVICE.log}</code></strong>: +在其中写入服务器日志的文件。默认情况下,此变量可被环境变量重载。 + </li><li> <strong><code>JACK_VM_COMMAND=${JACK_VM_COMMAND:=java}</code></strong>: +用于在主机上启动 JVM 的默认命令。默认情况下,此变量可被环境变量重载。 +</li></ul> + +<h3 id="jack_troubleshooting">Jack 问题排查</h3> + +<p><strong>如果您的计算机在编译期间无响应,或者如果 Jack 编译因“Out of memory error”(内存不足错误)而失败</strong></p> + +<p>您可以通过修改<code> $HOME/.jack</code> 并将<code> SERVER_NB_COMPILE</code> 改为较低的值来减少同时进行的 Jack 编译的数量,以针对所遇到的问题予以改善。</p> + +<p><strong>如果您的编译因“Cannot launch background server”(无法启动后台服务器)而失败</strong></p> + +<p>最可能的原因是您的计算机上的 TCP 端口都被占用了。请尝试通过修改 <code>$HOME/.jack </code>(<code>SERVER_PORT_SERVICE</code> 和 <code>SERVER_PORT_ADMIN</code> 变量)进行更改。</p> + +<p>如果问题没有解决,请报告此问题并附上您的编译日志和 Jack 服务器日志(请参阅下文中的“查找 Jack 日志”,了解从何处找到服务器日志文件)。要解决这种情况,请通过修改 <code>$HOME/.jack</code> 并将 <code>SERVER</code> 更改为 false 来停用 jack 编译服务器。遗憾的是,这将大大减慢您的编译速度,并可能强制您使用加载控制(<code>make</code> 的选项“<code>-l</code>”)启动 <code>make -j</code>。</p> + +<p><strong>如果您的编译卡住了,没有任何进展</strong></p> + +<p>请报告此问题,并向我们提供以下附加信息(如果可能的话):</p> + +<ul> + <li>卡住时所在的命令行。 + </li><li>此命令行的输出。 + </li><li>运行 <code>jack-admin server-stat</code> 的结果。 + </li><li><code>$HOME/.jack</code> 文件。 + </li><li>服务器日志(已转储服务器状态)的内容。要获取日志内容,请执行以下操作:<ul> + <li>通过运行 <code>jack-admin list-server</code> 查找 Jack 后台服务器进程。 + </li><li>向此服务器发送 <code>kill -3</code> 命令,将其状态转储到日志文件中。 + </li><li>要找到该服务器日志文件,请参阅下文中的“查找 Jack 日志”。 + </li></ul> + </li><li>运行 <code>ls -lR $TMPDIR/jack-$USER.</code> 的结果。 + </li><li>运行 <code>ps j -U $USER.</code> 的结果。 +</li></ul> + +<p>您应该能够通过停止 Jack 后台服务器(使用 <code>jack-admin kill-server</code>),然后移除临时目录(<code>/tmp</code> 或 <code>$TMPDIR</code>)的 <code>jack-$USER</code> 中包含的临时目录来解决卡住的情况。</p> + +<p><strong>如果您有任何其他问题</strong></p> + +<p>要报告错误或请求功能,请使用我们的公开问题跟踪工具(位于 <a href="http://b.android.com">http://b.android.com</a> 上),以及 <a href="https://code.google.com/p/android/issues/entry?template=Jack%20bug%20report">Jack 工具错误报告</a>或 <a href="https://code.google.com/p/android/issues/entry?template=Jack%20feature%20request">Jack 工具功能请求</a>模板。请在错误报告中附上 Jack 日志。</p> +<table> + <tbody><tr> + <td><strong>查找 Jack 日志</strong> +<ul> + <li>如果您曾使用 dist 目标运行了 Make 命令,则 Jack 日志位于 <code>$ANDROID_BUILD_TOP/out/dist/logs/jack-server.log</code> + </li><li>如果没有,则您可以通过运行 <code>jack-admin server-log</code> 找到该日志 +</li></ul> +</td> + </tr> +</tbody></table> + +<p>对于可重现的 Jack 错误,您可以通过设置一个变量来获取更详细的日志,如下所示:</p> + +<pre class="prettyprint"> +$ export ANDROID_JACK_EXTRA_ARGS="--verbose debug --sanity-checks on -D +sched.runner=single-threaded" +</pre> + +<p>然后使用标准 Makefile 命令编译树或您的项目,并附上其标准输出和错误。</p> + +<p>要移除详细的编译日志,请使用以下命令:</p> + +<pre class="prettyprint"> +$ unset ANDROID_JACK_EXTRA_ARGS +</pre> + +<h3 id="jack_limitations">Jack 的使用限制</h3> + +<ul> + <li>Jack 服务器默认为单用户模式,因此一台计算机上只能有一位用户使用。如果有多个用户要使用,请为每位用户选择不同的端口号,并相应调整 SERVER_NB_COMPILE。您还可以通过在 $HOME/.jack 中设置 SERVER=false 来停用 Jack 服务器。 + </li><li>当前的 vm-tests-tf 集成方案会导致 CTS 编译速度较慢。 + </li><li>不支持 JaCoCo 等字节码处理工具。 +</li></ul> + +<h2 id="using_jack_features">使用 Jack 功能</h2> + +<p>Jack 支持 Java 编程语言 1.7,并集成了下面列出的额外功能。</p> + +<h3 id="predexing">dex 预处理</h3> + +<p>在生成 Jack 库文件时,系统也会生成该库的 .dex 文件并将其作为 dex 预处理文件存储在 .jack 库文件中。在进行编译时,Jack 会重复使用每个库的 dex 预处理文件。</p> + +<p>所有库均经过 dex 预处理。</p> + +<img src="/images/pre-dex.png" height="75%" width="75%" alt="包含 dex 预处理文件的 Jack 库"/> +<p class="img-caption"><strong>图 4. </strong>包含 dex 预处理文件的 Jack 库</p> + +<h4 id="limitations">使用限制</h4> + +<p>目前,如果在编译过程中使用了压缩/混淆/重新打包功能,则 Jack 不会重复使用库的 dex 预处理文件。</p> + +<h3 id="incremental_compilation">增量编译</h3> + +<p>增量编译指的是,仅重新编译自上次编译后出现过更改的组件及其依赖项。当只有少数组件出现过更改时,进行增量编译可能比完整编译快得多。</p> + +<h4 id="limitations">使用限制</h4> + +<p>当压缩、混淆、重新打包或对旧版 multi-dex 启用后,增量编译会被停用。 + +Benny: 如何理解 multi-dex legacy</p> + +<h4 id="enabling_incremental_builds">启用增量编译</h4> + +<p>目前,增量编译默认处于未启用状态。要启用增量编译,请将以下行内容添加到您要进行增量编译的项目的 Android.mk 文件中:</p> + +<pre class="prettyprint"> +LOCAL_JACK_ENABLED := incremental +</pre> + +<p class="note"><strong>注意</strong>:首次使用 Jack 编译项目时,如果某些依赖项未编译,请使用 <code>mma</code> 进行编译,之后您可以使用标准编译命令。</p> + +<h3 id="shrinking_and_obfuscation">压缩和混淆</h3> + +<p>Jack 支持压缩和混淆,并使用 proguard 配置文件来实现压缩和混淆功能。以下是支持的选项和忽略的选项:</p> + +<h4 id="supported_common_options">支持的常用选项</h4> + +<p>常用选项包括:</p> + +<ul> + <li> <code>@</code> + </li><li> <code>-include</code> + </li><li> <code>-basedirectory</code> + </li><li> <code>-injars</code> + </li><li> <code>-outjars // only 1 output jar supported</code> + </li><li> <code>-libraryjars</code> + </li><li> <code>-keep</code> + </li><li> <code>-keepclassmembers</code> + </li><li> <code>-keepclasseswithmembers</code> + </li><li> <code>-keepnames</code> + </li><li> <code>-keepclassmembernames</code> + </li><li> <code>-keepclasseswithmembernames</code> + </li><li> <code>-printseeds</code> +</li></ul> + +<h4 id="supported_shrinking_options">支持的压缩选项</h4> + +<p>压缩选项包括:</p> + +<ul> + <li> <code>-dontshrink</code> +</li></ul> + +<h4 id="supported_obfuscation_options">支持的混淆选项</h4> + +<p>混淆选项包括:</p> + +<ul> + <li> <code>-dontobfuscate</code> + </li><li> <code>-printmapping</code> + </li><li> <code>-applymapping</code> + </li><li> <code>-obfuscationdictionary</code> + </li><li> <code>-classobfuscationdictionary</code> + </li><li> <code>-packageobfuscationdictionary</code> + </li><li> <code>-useuniqueclassmembernames</code> + </li><li> <code>-dontusemixedcaseclassnames</code> + </li><li> <code>-keeppackagenames</code> + </li><li> <code>-flattenpackagehierarchy</code> + </li><li> <code>-repackageclasses</code> + </li><li> <code>-keepattributes</code> + </li><li> <code>-adaptclassstrings</code> +</li></ul> + +<h4 id="ignored_options">忽略的选项</h4> + +<p>忽略的选项包括:</p> + +<ul> + <li> <code>-dontoptimize // Jack does not optimize</code> + </li><li> <code>-dontpreverify // Jack does not preverify</code> + </li><li> <code>-skipnonpubliclibraryclasses</code> + </li><li> <code>-dontskipnonpubliclibraryclasses</code> + </li><li> <code>-dontskipnonpubliclibraryclassmembers</code> + </li><li> <code>-keepdirectories</code> + </li><li> <code>-target</code> + </li><li> <code>-forceprocessing</code> + </li><li> <code>-printusage</code> + </li><li> <code>-whyareyoukeeping</code> + </li><li> <code>-optimizations</code> + </li><li> <code>-optimizationpasses</code> + </li><li> <code>-assumenosideeffects</code> + </li><li> <code>-allowaccessmodification</code> + </li><li> <code>-mergeinterfacesaggressively</code> + </li><li> <code>-overloadaggressively</code> + </li><li> <code>-microedition</code> + </li><li> <code>-verbose</code> + </li><li> <code>-dontnote</code> + </li><li> <code>-dontwarn</code> + </li><li> <code>-ignorewarnings</code> + </li><li> <code>-printconfiguration</code> + </li><li> <code>-dump</code> +</li></ul> + +<p class="note"><strong>注意</strong>:其他选项会引发错误。</p> + +<h3 id="repackaging">重新打包</h3> + +<p>Jack 使用 jarjar 配置文件进行重新打包。</p> + +<p class="note"><strong>注意</strong>:Jack 与“rule”规则类型兼容,但与“zap”或“keep”规则类型不兼容。如果您需要使用“zap”或“keep”规则类型,请提交一项功能请求,并在其中说明您在应用中如何使用该功能。</p> + +<h3 id="multidex_support">多 dex 支持</h3> + +<p>由于 dex 文件的方法数上限为 65K,因此方法数超过 65K 的应用必须拆分成多个 dex 文件(要详细了解多 dex,请参阅<a href="http://developer.android.com/tools/building/multidex.html">构建方法数超过 65K 的应用</a>)。</p> + +<p>Jack 支持本地多 dex 和旧版多 dex。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/known-issues.html b/zh-cn/source/known-issues.html new file mode 100644 index 00000000..865a64af --- /dev/null +++ b/zh-cn/source/known-issues.html @@ -0,0 +1,119 @@ +<html devsite><head> + <title>已知问题</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>尽管我们一直万分谨慎,但 Android 源代码有时还是会出现一些小问题。本页记录了使用 Android 源代码方面的已知问题。</p> + +<h2 id="build-issues">编译问题</h2> + +<h3 id="missing-cellbroadcastreceiver">在针对 toro 进行编译时缺少 CellBroadcastReceiver</h3> +<p><strong>症状</strong></p>在针对 toro 进行 AOSP 编译时(最高为 Jelly Bean 4.2.1),CellBroadcastReceiver 无法添加到系统中。<p></p> + +<p><strong>原因:</strong></p><code>vendor/samsung/toro/device-partial.mk</code> 中存在拼写错误,<code>PRODUCT_PACKAGES</code> 将其中的 K 替换成了 H。<p><strong>解决方法</strong>:使用适用于 4.2.2 的最新程序包,或手动更正该拼写错误。</p> + +<h3 id="missing-cts-native-xml-generator">缺少 CTS 本机 XML 生成器</h3> +<p><strong>症状</strong>:在对 IceCreamSandwich 及更高版本进行的一些编译中,编译初期显示以下警告:<code>/bin/bash: line 0: cd: cts/tools/cts-native-xml-generator/src/res: No +such file or directory</code></p> +<p><strong>原因</strong>:有些 Makefile 引用该路径,但该路径并不存在。</p> +<p><strong>解决方法</strong>:无。这是一个无害的警告。</p> +<h3 id="black-gingerbread-emulator">黑屏 Gingerbread 模拟器</h3> +<p><strong>症状</strong>:从 Gingerbread 分支直接编译的模拟器无法启动,一直卡在黑屏状态。</p> +<p><strong>原因</strong>:Gingerbread 分支使用的是 R7 版本的模拟器,该模拟器并不具备运行最近推出的一些 Gingerbread 版本所需的所有功能。</p> +<p><strong>解决方法</strong>:使用 R12 版本的模拟器,以及与这些工具匹配的较新内核。无需进行清除编译。</p> +<pre><code>$ repo forall platform/external/qemu -c git checkout aosp/tools_r12 +$ make +$ emulator -kernel prebuilt/android-arm/kernel/kernel-qemu-armv7 +</code></pre> +<h3 id="emulator-built-on-macos-107-lion-doesnt-work">在 MacOS 10.7 Lion 中编译的模拟器无法正常工作。</h3> +<p><strong>症状</strong>:在 MacOS 10.7 Lion 和/或 XCode 4.x 中编译的模拟器(所有版本)无法启动。</p> +<p><strong>原因</strong>:在开发环境中进行的某些更改导致系统在对模拟器进行编译时,采用的方式使模拟器无法正常工作。</p> +<p><strong>解决方法</strong>:使用 SDK 中的模拟器二进制文件,该文件是通过 XCode 3 在 MacOS 10.6 中编译的,可在 MacOS 10.7 中正常工作。</p> + +<h3 id="partial-and-emulator-builds"><code>WITH_DEXPREOPT=true</code> 和模拟器编译。</h3> +<p><strong>症状</strong>:在模拟器编译期间进行部分编译或同步(使系统没有任何依赖关系)时,生成的版本无法正常工作。</p> +<p><strong>原因</strong>:默认情况下,所有模拟器编译操作现在都会在编译时运行 Dex 优化,这就需要遵循所有依赖关系,以便在框架每次发生更改时都重新优化应用。</p> +<p><strong>解决方法</strong>:通过 <code>export WITH_DEXPREOPT=false</code> 在本地停用 Dex 优化,通过 <code>make installclean</code> 删除现有的已优化版本,然后运行完整编译以重新生成未优化的版本。完成上述操作后,部分编译将会正常工作。</p> +<h3 id="permission-denied-during-builds">编译期间提示“权限遭拒”。</h3> +<p><strong>症状</strong>:所有编译都会失败,并且系统会提示“权限遭拒”,可能还会显示防病毒警告。</p> +<p><strong>原因</strong>:某些防病毒程序将 Android 源代码树中的一些源文件错误地识别为包含病毒的文件。</p> +<p><strong>解决方法</strong>:确认实际上并未包含病毒之后,在 Android 树中停用防病毒程序。这还有助于减少编译次数。</p> +<h3 id="build-errors-related-to-using-the-wrong-compiler">与使用错误编译器相关的编译错误。</h3> +<p><strong>症状</strong>:编译会失败,而且症状各式各样。其中一种症状是 <code>cc1: error: unrecognized command line option "-m32"</code></p> +<p><strong>原因</strong>:Android 编译系统使用路径中的默认编译器,并假设它是用于生成在主机上运行的二进制文件的合适编译器。其他情况(例如:使用 Android NDK,或编译内核)导致默认编译器不是主机编译器。</p> +<p><strong>解决方法</strong>:使用一个“干净的”shell,其中没有任何先前操作可能更换了默认编译器。</p> +<h3 id="build-errors-caused-by-non-default-tool-settings">由非默认工具设置导致的编译错误。</h3> +<p><strong>症状</strong>:编译会失败,而且症状各式各样,并且系统可能会提示缺少文件或文件格式不正确。其中一种症状是 <code>member [...] in archive is not an object</code>。</p> +<p><strong>原因</strong>:Android 编译系统倾向于使用多种主机工具并依赖其默认行为。有些设置会更改这些工具的行为,导致其行为方式干扰编译系统。导致此类问题的已知变量是 <code>CDPATH</code> 和 <code>GREP_OPTIONS</code>。</p> +<p><strong>解决方法</strong>:在自定义设置尽可能少的环境中编译 Android。</p> +<h3 id="build-error-with-40x-and-earlier-on-macos-107">在 MacOS 10.7 中编译 4.0.x 及更低版本时出现的错误。</h3> +<p><strong>症状</strong>:在 MacOS 10.7 中编译 IceCreamSandwich 4.0.x(及更低版本)时会失败,并显示类似以下的错误:<code>Undefined symbols for architecture i386: "_SDL_Init"</code></p> +<p><strong>原因</strong>:4.0.x 与 MacOS 10.7 不兼容。</p> +<p><strong>解决方法</strong>:改用 MacOS 10.6,或使用可在 MacOS 10.7 中编译的 master 分支。</p> +<pre><code>$ repo init -b master +$ repo sync +</code></pre> +<h3 id="build-error-on-macos-with-xcode-43">在 MacOS 中使用 XCode 4.3 进行编译时出现的错误。</h3> +<p><strong>症状</strong>:使用 XCode 4.3 时,所有编译都会失败。</p> +<p><strong>原因</strong>:XCode 4.3 将默认编译器从 gcc 切换成了 llvm,而 llvm 拒绝接受之前 gcc 会接受的代码。</p> +<p><strong>解决方法</strong>:使用 XCode 4.2。</p> +<h3 id="build-error-with-40x-and-earlier-on-ubuntu-1110">在 Ubuntu 11.10 中编译 4.0.x 及更低版本时出现的错误。</h3> +<p><strong>症状</strong>:在 Ubuntu 11.10 及更高版本中编译 IceCreamSandwich 4.0.x(及更低版本)时会失败,并显示类似以下的错误:<code><command-line>:0:0: warning: "_FORTIFY_SOURCE" redefined [enabled by default]</code></p> +<p><strong>原因</strong>:Ubuntu 11.10 使用的 gcc 版本中默认已定义该符号,而 Android 也会定义该符号,从而导致冲突。</p> +<p><strong>解决方法</strong>:改用 Ubuntu 10.04,或使用可在 Ubuntu 11.10 及更高版本中编译的 master 分支。</p> +<pre><code>$ repo init -b master +$ repo sync +</code></pre> + +<h2 id="source-sync">源代码同步问题</h2><h2> + +</h2><h3 id="difficulties-syncing-the-source-code-proxy-issues">同步源代码时遇到的问题(代理问题)。</h3> +<p><strong>症状</strong>:<code>repo init</code> 或 <code>repo sync</code> 失败,并显示 HTTP 错误,通常为 403 或 500。</p> +<p><strong>原因</strong>:有很多可能的原因,大多数情况下都与 HTTP 代理有关,这些代理无法顺利传输大量数据。</p> +<p><strong>解决方法</strong>:虽然还没有通用的解决方法,但有人报告说使用 Python 2.7 以及明确使用 <code>repo sync -j1</code> 可以改善某些用户的情况。</p> +<h3 id="difficulties-syncing-the-source-tree-virtualbox-ethernet-issues">同步源代码树时遇到的问题(VirtualBox 以太网问题)。</h3> +<p><strong>症状</strong>:在某些 VirtualBox 安装过程中运行 <code>repo sync</code> 时,进程挂起或失败,而且症状各式各样。其中一种症状是 <code>DownloadError: HTTP 500 (Internal Server Error: Server got itself in trouble)</code>。</p> +<p><strong>原因</strong>:VirtualBox 的默认网络行为是使用 NAT(网络地址转换)将客户系统连接到网络。在执行 repo sync 时的大量网络活动会触发 NAT 代码中的某些临界情况。</p> +<p><strong>解决方法</strong>:将 VirtualBox 配置为使用桥接网络,而非 NAT。</p> +<h3 id="difficulties-syncing-the-source-tree-dns-issues">同步源代码树时遇到的问题(DNS 问题)。</h3> +<p><strong>症状</strong>:在运行 <code>repo sync</code> 时进程失败,并显示与无法识别主机名相关的各种错误。其中一种错误是 <code><urlopen error [Errno -2] Name or service not known></code>。</p> +<p><strong>原因</strong>:有些 DNS 系统难以应对同步源代码树时涉及的大量查询(在最糟糕的情况下,可能会有数百条查询请求)。</p> +<p><strong>解决方法</strong>:手动解析相关主机名,并在本地对解析结果进行硬编码。</p> +<p>您可以使用 <code>nslookup</code> 命令解析主机名,该命令将为每个主机名指定一个数字 IP 地址(通常是在输出的“Address”(地址)部分)。</p> +<pre><code>$ nslookup googlesource.com +$ nslookup android.googlesource.com +</code></pre> +<p>然后,您可以在本地对它们进行硬编码,方法是修改 <code>/etc/hosts</code>,在该文件中添加两行内容,形式如下:</p> +<pre><code>aaa.bbb.ccc.ddd googlesource.com +eee.fff.ggg.hhh android.googlesource.com +</code></pre> +<p>请注意,这种方法只适用于服务器的地址不会更改的情况;如果服务器的地址发生更改,导致您无法连接,那么您必须重新解析这些主机名,并相应地修改 <code>etc/hosts</code>。</p> +<h3 id="difficulties-syncing-the-source-tree-tcp-issues">同步源代码树时遇到的问题(TCP 问题)。</h3> +<p><strong>症状</strong>:在同步时 <code>repo sync</code> 挂起,通常是在同步操作完成 99% 时出现这种情况。</p> +<p><strong>原因</strong>:TCP/IP 堆栈中的某些设置在有些网络环境中会导致出现问题,使得 <code>repo sync</code> 既无法完成,也不会失败。</p> +<p><strong>解决方法</strong>:在 Linux 中,请运行 <code>sysctl -w net.ipv4.tcp_window_scaling=0</code>。在 MacOS 中,请在网络设置部分停用 rfc1323 扩展程序。</p> + +<h2 id="runtime-issues">运行时问题</h2> +<h3 id="camera-and-gps-dont-work-on-galaxy-nexus">摄像头和 GPS 在 Galaxy Nexus 上无法正常工作。</h3> +<p><strong>症状</strong>:摄像头和 GPS 在 Galaxy Nexus 上无法正常工作。比如,摄像头应用一启动便会崩溃。</p> +<p><strong>原因</strong>:Android 开放源代码项目中未提供这些硬件外围设备所需的专有库。</p> +<p><strong>解决方法</strong>:无。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/licenses.html b/zh-cn/source/licenses.html new file mode 100644 index 00000000..81cb166c --- /dev/null +++ b/zh-cn/source/licenses.html @@ -0,0 +1,47 @@ +<html devsite><head> + <title>内容许可</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>在 Android 开放源代码项目中,我们的软件使用<a href="http://www.opensource.org/">开放源代码促进会</a>批准的一些开放源代码许可。</p> +<h2 id="android-open-source-project-license">Android 开放源代码项目许可</h2> +<p>Android 开放源代码项目的首选许可是 <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache Software License 2.0 版</a>(“Apache 2.0”),Android 软件的大部分内容都是根据 Apache 2.0 授权用户使用。尽管该项目将尽可能遵循此首选许可,但也可能存在将根据具体情况处理的例外情况。例如,与系统使用的许可不同,Linux 内核补丁程序使用的是 GPLv2 许可,您可以在 <a href="http://www.kernel.org/pub/linux/kernel/COPYING">kernel.org</a> 上找到相关信息。</p> +<h2 id="contributor-license-grants">贡献者许可协议</h2> +<p><em></em>为 Android 开放源代码项目提供想法、代码或文档的所有个人贡献者(即仅以个人名义做贡献的贡献者)都需要填写、签署并提交《<a href="https://cla.developers.google.com/about/google-individual">个人贡献者许可协议</a>》。该协议可通过<a href="https://android-review.googlesource.com/#/settings/agreements">代码审核工具</a>在线签署。该协议明确规定了他们为 Android 开放源代码项目贡献知识产权内容时遵循的条款。该许可既是为了保护贡献者,也是为了保护该项目;它不会影响贡献者将贡献内容用于任何其他用途的权利。</p> +<p><em></em>对于已指派员工参与 Android 开放源代码项目的企业(或其他实体),则需要签署《<a href="https://cla.developers.google.com/about/google-corporate">企业贡献者许可协议</a>》。该版本的协议中规定,企业可以对其指派的员工提交的贡献内容进行授权,并可以授予版权和专利许可。请注意,签署《企业贡献者许可协议》并不意味着任何开发者无需再以个人名义签署《个人贡献者许可协议》。所有开发者都<em></em>必须签署个人协议,以涵盖他们贡献的任何不归签署《企业贡献者许可协议》的企业所有的内容。</p> +<p>请注意,我们的协议是根据 <a href="http://www.apache.org">Apache 软件基金会</a>所用的协议(可在 <a href="http://www.apache.org/licenses/">Apache 网站</a>上找到)制定的。</p> +<h2 id="why-apache-software-license">为什么使用 Apache Software License?</h2> +<p>有时候,有人会问我们,为什么 Apache Software License 2.0 是 Android 的首选许可。对于用户空间(即非内核)软件,相比其他许可(例如 LGPL),我们确实更倾向于 ASL2.0(以及 BSD、MIT 等类似许可)。</p> +<p>Android 的宗旨是自由和选择。Android 旨在促进移动世界的开放性,我们不认为我们能够预测出或规定用户希望将我们的软件应用到的所有用途。因此,虽然我们鼓励每个人打造开放且可修改的设备,但我们并不认为我们有权利强制他们这样做。使用 LGPL 库则往往会强制他们这样做。</p> +<p>以下是我们关心的一些具体问题:</p> +<ul> +<li> +<p>LGPL(简化条款形式)要求:将源代码植入到应用中;书面提供源代码;或者动态关联 LGPL-ed 库,并允许用户手动升级或替换该库。由于 Android 软件通常是以静态系统映像的形式植入的,因此遵守这些要求最终会限制原始设备制造商 (OEM) 的设计。(例如,用户很难在只读闪存中替换库。)</p> +</li> +<li> +<p>LGPL 要求允许用户进行修改,并要求允许用户进行逆向工程以便调试这些修改。大多数设备制造商都不希望受到这些条款的约束。因此,为了尽量减轻这些公司的负担,我们会最大限度地减少在用户空间中使用 LGPL 软件。</p></li><p></p> + +<li> +<p>过去,LGPL 库是下游设备制造商和应用开发者面临的大量合规问题的根源。遗憾的是,就这些问题对工程师提供指导非常困难而且进展缓慢。设备制造商能够尽可能轻松地遵守许可对于 Android 的成功至关重要。鉴于过去在遵守 LGPL 方面遇到的困难,最明智的做法就是,如果我们能够避免使用 LGPL 库,便不使用它们。</p> +</li> +</ul> +<p>上面讨论的问题是我们为自己的代码首选 ASL2.0 的原因。它们并不是批判 LGPL 或其他许可。我们非常热衷于这一主题,甚至不厌其烦地想方设法确保尽可能多的代码根据 ASL2.0 授权用户使用。不过,我们喜欢各种免费的开放源代码许可,并尊重其他人的意见和偏好。我们只是认定 ASL2.0 是适合我们目标的许可而已。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/life-of-a-bug.html b/zh-cn/source/life-of-a-bug.html new file mode 100644 index 00000000..cfd960dd --- /dev/null +++ b/zh-cn/source/life-of-a-bug.html @@ -0,0 +1,128 @@ +<html devsite><head> + <title>错误的生命周期</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>Android 开放源代码项目提供了一个公开问题跟踪工具,您可以在其中就 Android 核心软件堆栈报告错误及请求功能。(要详细了解此问题跟踪工具,请参阅<a href="report-bugs.html">报告错误</a>页面。)我们非常欢迎您报告错误(谢谢!),但在提交错误报告后会发生什么呢?本页将说明错误的生命周期。</p> + +<p>*请注意:Android 开放源代码项目 (AOSP) 问题跟踪工具仅用于与 Android 核心软件堆栈相关的错误报告和功能请求,同时也是一个供开放源代码社区使用的技术工具。</p> + +<p>但它不是一个客户支持论坛。您可以在 <a href="http://support.google.com/nexus">Google 的 Nexus 支持网站</a>上找到关于 Nexus 设备的支持信息。其他设备的支持由设备制造商或销售这些设备的运营商提供。</p> + +<p>通过 <a href="http://support.google.com/">Google 的支持网站</a>可以找到关于 Google 应用的支持信息。涉及第三方应用的支持由各自的应用开发者提供,例如,您可以通过 Google Play 上提供的联系信息与他们联系。</p> + +<p>下面简要说明了错误的生命周期:</p> +<ol> +<li> +<p>用户提交一个错误,该错误的状态将为“New”(新)。</p> +</li> +<li> +<p>AOSP 维护人员定期审核错误并进行分类。错误将划分为 4 个类别中的一个:“新”、“Open”(待解决)、“No-Action”(无需处理)或“Resolved”(已解决)。</p> +</li> +<li> +<p>每个类别都包括多种状态,可提供有关问题处理的更多详情。</p> +</li> +<li> +<p>“已解决”类别中的错误最终会在未来版本的 Android 软件中予以修复。</p> +</li> +</ol> +<h2 id="bucket-details">类别详情</h2> +<p>以下是关于每个类别、其含义及处理方式的更多信息。</p> +<h3 id="new-issues">“新”问题</h3> +<p>“新”问题包括尚未进行任何处理的错误报告,具有以下两种状态:</p> +<ul> +<li> +<p><em></em>New(新): + 错误报告尚未分类(即由 AOSP 维护人员审核。)</p> +</li> +<li> +<p><em></em>NeedsInfo(需要信息): + 错误报告的信息不充分,无法予以处理。报告错误的用户需要提供更多详细信息,错误才可以进行分类。如果在规定时间内未提供新信息,该错误默认可能会被关闭,变为“无需处理”类别下的某种状态。</p> +</li> +</ul> +<h3 id="open-issues">“待解决”问题</h3> +<p>此类别包含需要处理但仍未解决的错误(正在等待我们对源代码进行更改)。</p> +<ul> +<li> +<p><em></em>Unassigned(未分配): + 错误报告已被认定为细节充分、问题有效,但尚未分配给 AOSP 贡献者进行修复。</p> +</li> +<li> +<p><em></em><em></em>Assigned(已分配): + 与“未分配”类似,但错误实际上已分配给特定贡献者进行修复。</p> +</li> +</ul> +<p><em></em><em></em>通常情况下,特定错误一开始会处于“未分配”状态并一直保持该状态,直到有人有意解决该错误,此时该错误会变成“已分配”状态。但请注意,我们并不保证一定会是这样,而错误从“未分配”直接变为“已解决”类别下的某种状态也是很常见的。<em></em></p> +<p>一般来说,如果一个错误处于以上“待解决”类别下的某种状态,则表明 AOSP 团队已将其认定为有效问题,该错误很可能会获得贡献者的认可,从而得到高质量的修复。不过,我们无法保证及时修复任何特定版本的错误。</p> + +<h3 id="no-action-issues">“无需处理”问题</h3> +<p>此类别包含由于某种原因而被认定为不需要任何处理措施的错误。</p> +<ul> +<li> +<p><em></em>Spam(无关内容): + 好心人士给我们送来一些美味的猪肉制品,但是很遗憾,我们并不需要。</p> +</li> +<li> +<p><em></em>Duplicate(重复): + 问题跟踪工具中已有相同的报告。类似报告将收到有关任何实际处理措施的消息。</p> +</li> +<li> +<p><em></em>Unreproducible(不可重现): + AOSP 贡献者尝试重现所描述的行为,但无法做到。有时,这意味着错误虽然有效但不常见或者难以重现,有时也意味着错误已在更高版本中予以修复。</p> +</li> +<li> +<p><em></em><em></em>Obsolete(过时): + 与“不可重现”类似,但可以合理认定错误确实存在于所报告的版本中,但已在更高版本中得以修复。</p> +</li> +<li> +<p><em></em>WorkingAsIntended(正常情况): + AOSP 维护人员已确定所描述的行为不是错误,而是正常情况。这种状态通常也称为“WAI”。</p> +</li> +<li> +<p><em></em><em></em>Declined(遭拒): + 除了通常用于功能请求(而非错误)的情况之外,其他与“正常情况”类似。也就是说,AOSP 维护人员已确定相应请求不会在 Android 中予以实现。</p> +</li> +<li> +<p><em></em>NotEnoughInformation(缺少充分信息):报告没有提供充分的信息,导致维护人员无法采取任何处理措施。</p> +</li> +<li> +<p><em></em>UserError(用户错误):报告是用户在使用 Android 时犯错而造成的结果,例如输入错误的密码导致无法连接到服务器。</p> +</li> +<li> +<p><em></em>WrongForum(错误论坛):报告无法在 AOSP 中予以处理,通常是因为报告与定制设备或外部应用相关。</p> +</li> +<li> +<p><em></em>Question(问题):用户误以为问题跟踪工具是帮助论坛而提出的问题。</p> +</li> +</ul> +<h3 id="resolved-issues">“已解决”问题</h3> +<p>此类别包含已采取处理措施且现在被视为已解决的错误。</p> +<ul> +<li> +<p><em></em>Released(已发布):此错误已修复,且修复方案已纳入一个正式版本中。在设置此状态的同时,我们也会尝试设置一个属性,说明错误在哪个版本中予以修复的。</p> +</li> +<li> +<p><em></em>FutureRelease(未来版本):此错误已经在源代码树中予以修复(或功能已经实现),但修复方案尚未纳入正式版本中。</p> +</li> +</ul> +<h2 id="other-stuff">其他事项</h2> +<p>上述状态和生命周期是我们通常跟踪软件的方式。但是,Android 包含大量软件,相应地也会收到大量错误报告。因此,有时候错误并没有经过正式流程中的所有状态。虽然我们会尽量确保系统保持最新状态,但我们倾向于定期进行“错误清除”- 在此过程中,我们会检查数据库并进行更新。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/life-of-a-patch.html b/zh-cn/source/life-of-a-patch.html new file mode 100644 index 00000000..8e169ed3 --- /dev/null +++ b/zh-cn/source/life-of-a-patch.html @@ -0,0 +1,29 @@ +<html devsite><head> + <title>补丁程序的生命周期</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>Android 开放源代码项目 (AOSP) 使用一种基于网页的代码审核工具,该工具称为 <a href="https://android-review.googlesource.com/">Gerrit</a>。下图是一个流程图,详细说明了补丁程序在编写好之后会发生什么。虽然这看起来可能非常复杂,但以下大多数步骤都是在网络应用中执行的。</p> +<p>如需关于如何完成相关设置来使用 Gerrit 和 Git 的完整说明,请参阅<a href="submit-patches.html">提交补丁程序</a>页面。</p> +<img src="/images/workflow-0.png" alt="工作流程示意图" id="figure1"/> +<p class="img-caption"> + <strong>图 1.</strong> 补丁程序工作流程</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/read-bug-reports.html b/zh-cn/source/read-bug-reports.html new file mode 100644 index 00000000..55bb6500 --- /dev/null +++ b/zh-cn/source/read-bug-reports.html @@ -0,0 +1,863 @@ +<html devsite><head> + <title>阅读错误报告</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>无论是任何类型的开发工作,出错都在所难免,而错误报告对于找出和解决问题至关重要。Android 的所有版本都支持通过 <a href="http://developer.android.com/tools/help/adb.html">Android 调试桥 (adb)</a> 获取错误报告;Android 4.2 及更高版本支持一个旨在获取错误报告以及通过电子邮件、云端硬盘等分享报告的<a href="http://developer.android.com/tools/device.html#developer-device-options">开发者选项</a>。</p> + +<p>Android 错误报告中包含文本 (.txt) 格式的 <code>dumpsys</code>、<code>dumpstate</code> 和 <code>logcat</code> 数据,以便您轻松搜索特定内容。以下各部分详细说明了错误报告的组成部分、介绍了常见问题,并提供了关于查找与这些错误相关的日志的实用提示和 <code>grep</code> 命令。大多数部分中还包括 <code>grep</code> 命令及输出和/或 <code>dumpsys</code> 输出方面的示例。</p> + +<h2 id="logcat">Logcat</h2> +<p><code>logcat</code> 日志是所有 <code>logcat</code> 信息的转储,并采用字符串形式。<strong>system</strong>(系统)部分专门用于记录框架方面的信息,与包含所有其他内容的 <strong>main</strong>(主要内容)部分相比,该部分包含更长时间内的记录。每行都以 <code>timestamp PID TID log-level</code> 开头。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>------ SYSTEM LOG (logcat -v threadtime -d *:v) ------ +--------- beginning of system +<i>Blah</i> +<i>Blah</i> +<i>Blah</i> + +--------- beginning of main +<i>Blah </i> +<i>Blah</i> +<i>Blah</i></pre><p></p> + </section> + +<h3 id="event-log">查看事件日志</h3> +<p>该日志中包含将二进制格式转换成了字符串形式的日志消息。它比 <code>logcat</code> 日志要清晰明了,但也有些难以阅读。在查看事件日志时,您可以在这一部分中搜索特定进程 ID (PID),以查看相应进程一直在做什么。基本格式为:<code>timestamp PID TID log-level log-tag tag-values</code>。</p> + +<p>日志级别包括以下几种:</p> +<ul> +<li>V:详细</li> +<li>D:调试</li> +<li>I:信息</li> +<li>W:警告</li> +<li>E:错误</li> +</ul> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>------ EVENT LOG (logcat -b events -v threadtime -d *:v) ------ +09-28 13:47:34.179 785 5113 I am_proc_bound: [0,23054,com.google.android.gms.unstable] +09-28 13:47:34.777 785 1975 I am_proc_start: [0,23134,10032,com.android.chrome,broadcast,com.android.chrome/org.chromium.chrome.browser.precache.PrecacheServiceLauncher] +09-28 13:47:34.806 785 2764 I am_proc_bound: [0,23134,com.android.chrome] +...</pre><p></p> + </section> +<p> </p> +<p>有关其他实用的事件日志标记,请参阅 <a href="https://android.googlesource.com/platform/frameworks/base/+/master/services/core/java/com/android/server/EventLogTags.logtags">/services/core/java/com/android/server/EventLogTags.logtags</a>。</p> + +<h2 id="anrs-deadlocks">ANR 和死锁</h2> +<p>错误报告有助于您找出导致<a href="http://developer.android.com/training/articles/perf-anr.html">应用无响应 (ANR)</a> 错误和死锁事件的原因。</p> + +<h3 id="determine-anr-app">找出无响应的应用</h3> +<p>当某个应用在一定时间内没有响应(通常是由于主线程被阻塞或繁忙)时,系统会终止该进程并将堆栈转储到 <code>/data/anr</code>。要找出 ANR 背后的罪魁祸首,请为二进制事件日志中的 <code>am_anr</code> 执行 grep 命令。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>grep "am_anr" bugreport-2015-10-01-18-13-48.txt +10-01 18:12:49.599 4600 4614 I am_anr : [0,29761,com.google.android.youtube,953695941,executing service com.google.android.youtube/com.google.android.apps.youtube.app.offline.transfer.OfflineTransferService] +10-01 18:14:10.211 4600 4614 I am_anr : [0,30363,com.google.android.apps.plus,953728580,executing service com.google.android.apps.plus/com.google.android.apps.photos.service.PhotosService]</pre><p></p> + </section> + +<p></p> +<p>您也可以为 <code>logcat</code> 日志(其中包含关于发生 ANR 时是什么在占用 CPU 的更多信息)中的 <code>ANR in</code> 执行 grep 命令。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>grep "ANR in" bugreport-2015-10-01-18-13-48.txt +10-01 18:13:11.984 4600 4614 E ActivityManager: ANR in com.google.android.youtube +10-01 18:14:31.720 4600 4614 E ActivityManager: ANR in com.google.android.apps.plus +10-01 18:14:31.720 4600 4614 E ActivityManager: PID: 30363 +10-01 18:14:31.720 4600 4614 E ActivityManager: Reason: executing service com.google.android.apps.plus/com.google.android.apps.photos.service.PhotosService +10-01 18:14:31.720 4600 4614 E ActivityManager: Load: 35.27 / 23.9 / 16.18 +10-01 18:14:31.720 4600 4614 E ActivityManager: CPU usage from 16ms to 21868ms later: +10-01 18:14:31.720 4600 4614 E ActivityManager: 74% 3361/mm-qcamera-daemon: 62% user + 12% kernel / faults: 15276 minor 10 major +10-01 18:14:31.720 4600 4614 E ActivityManager: 41% 4600/system_server: 18% user + 23% kernel / faults: 18597 minor 309 major +10-01 18:14:31.720 4600 4614 E ActivityManager: 32% 27420/com.google.android.GoogleCamera: 24% user + 7.8% kernel / faults: 48374 minor 338 major +10-01 18:14:31.720 4600 4614 E ActivityManager: 16% 130/kswapd0: 0% user + 16% kernel +10-01 18:14:31.720 4600 4614 E ActivityManager: 15% 283/mmcqd/0: 0% user + 15% kernel +... +10-01 18:14:31.720 4600 4614 E ActivityManager: 0.1% 27248/irq/503-synapti: 0% +10-01 18:14:31.721 4600 4614 I ActivityManager: Killing 30363:com.google.android.apps.plus/u0a206 (adj 0): bg anr</pre><p></p> + </section> + +<h3 id="find-stack-traces">查找堆栈跟踪</h3> +<p>通常您可以找到与 ANR 对应的堆栈跟踪。请确保 VM 跟踪上的时间戳和 PID 与您正在调查的 ANR 相符,然后再检查进程的主线程。请注意:</p> +<ul> +<li>主线程只能让您了解发生 ANR 时它在做什么,这可能是导致 ANR 的真正原因,也可能不是。(错误报告中的堆栈可能是无辜的;可能有其他线程在恢复正常之前粘滞了很长时间,但不足以导致 ANR。) +</li> +<li>可能存在多组堆栈跟踪(<code>VM TRACES JUST NOW</code> 和 <code>VM TRACES AT LAST ANR</code>)。请确保您查看的是正确的部分。</li> +</ul> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>------ VM TRACES AT LAST ANR (/data/anr/traces.txt: 2015-10-01 18:14:41) ------ + +----- pid 30363 at 2015-10-01 18:14:11 ----- +Cmd line: com.google.android.apps.plus +Build fingerprint: 'google/angler/angler:6.0/MDA89D/2294819:userdebug/dev-keys' +ABI: 'arm' +Build type: optimized +Zygote loaded classes=3978 post zygote classes=27 +Intern table: 45068 strong; 21 weak +JNI: CheckJNI is off; globals=283 (plus 360 weak) +Libraries: /system/lib/libandroid.so /system/lib/libcompiler_rt.so /system/lib/libjavacrypto.so /system/lib/libjnigraphics.so /system/lib/libmedia_jni.so /system/lib/libwebviewchromium_loader.so libjavacore.so (7) +Heap: 29% free, 21MB/30MB; 32251 objects +Dumping cumulative Gc timings +Total number of allocations 32251 +Total bytes allocated 21MB +Total bytes freed 0B +Free memory 9MB +Free memory until GC 9MB +Free memory until OOME 490MB +Total memory 30MB +Max memory 512MB +Zygote space size 1260KB +Total mutator paused time: 0 +Total time waiting for GC to complete: 0 +Total GC count: 0 +Total GC time: 0 +Total blocking GC count: 0 +Total blocking GC time: 0 + +suspend all histogram: Sum: 119.728ms 99% C.I. 0.010ms-107.765ms Avg: 5.442ms Max: 119.562ms +DALVIK THREADS (12): +"Signal Catcher" daemon prio=5 tid=2 Runnable + | group="system" sCount=0 dsCount=0 obj=0x12c400a0 self=0xef460000 + | sysTid=30368 nice=0 cgrp=default sched=0/0 handle=0xf4a69930 + | state=R schedstat=( 9021773 5500523 26 ) utm=0 stm=0 core=1 HZ=100 + | stack=0xf496d000-0xf496f000 stackSize=1014KB + | held mutexes= "mutator lock"(shared held) + native: #00 pc 0035a217 /system/lib/libart.so (art::DumpNativeStack(std::__1::basic_ostream<char, std::__1::char_traits<char> >&, int, char const*, art::ArtMethod*, void*)+126) + native: #01 pc 0033b03b /system/lib/libart.so (art::Thread::Dump(std::__1::basic_ostream<char, std::__1::char_traits<char> >&) const+138) + native: #02 pc 00344701 /system/lib/libart.so (art::DumpCheckpoint::Run(art::Thread*)+424) + native: #03 pc 00345265 /system/lib/libart.so (art::ThreadList::RunCheckpoint(art::Closure*)+200) + native: #04 pc 00345769 /system/lib/libart.so (art::ThreadList::Dump(std::__1::basic_ostream<char, std::__1::char_traits<char> >&)+124) + native: #05 pc 00345e51 /system/lib/libart.so (art::ThreadList::DumpForSigQuit(std::__1::basic_ostream<char, std::__1::char_traits<char> >&)+312) + native: #06 pc 0031f829 /system/lib/libart.so (art::Runtime::DumpForSigQuit(std::__1::basic_ostream<char, std::__1::char_traits<char> >&)+68) + native: #07 pc 00326831 /system/lib/libart.so (art::SignalCatcher::HandleSigQuit()+896) + native: #08 pc 003270a1 /system/lib/libart.so (art::SignalCatcher::Run(void*)+324) + native: #09 pc 0003f813 /system/lib/libc.so (__pthread_start(void*)+30) + native: #10 pc 00019f75 /system/lib/libc.so (__start_thread+6) + (no managed stack frames) + +"main" prio=5 tid=1 Suspended + | group="main" sCount=1 dsCount=0 obj=0x747552a0 self=0xf5376500 + | sysTid=30363 nice=0 cgrp=default sched=0/0 handle=0xf74feb34 + | state=S schedstat=( 331107086 164153349 851 ) utm=6 stm=27 core=3 HZ=100 + | stack=0xff00f000-0xff011000 stackSize=8MB + | held mutexes= + kernel: __switch_to+0x7c/0x88 + kernel: futex_wait_queue_me+0xd4/0x130 + kernel: futex_wait+0xf0/0x1f4 + kernel: do_futex+0xcc/0x8f4 + kernel: compat_SyS_futex+0xd0/0x14c + kernel: cpu_switch_to+0x48/0x4c + native: #00 pc 000175e8 /system/lib/libc.so (syscall+28) + native: #01 pc 000f5ced /system/lib/libart.so (art::ConditionVariable::Wait(art::Thread*)+80) + native: #02 pc 00335353 /system/lib/libart.so (art::Thread::FullSuspendCheck()+838) + native: #03 pc 0011d3a7 /system/lib/libart.so (art::ClassLinker::LoadClassMembers(art::Thread*, art::DexFile const&, unsigned char const*, art::Handle<art::mirror::Class>, art::OatFile::OatClass const*)+746) + native: #04 pc 0011d81d /system/lib/libart.so (art::ClassLinker::LoadClass(art::Thread*, art::DexFile const&, art::DexFile::ClassDef const&, art::Handle<art::mirror::Class>)+88) + native: #05 pc 00132059 /system/lib/libart.so (art::ClassLinker::DefineClass(art::Thread*, char const*, unsigned int, art::Handle<art::mirror::ClassLoader>, art::DexFile const&, art::DexFile::ClassDef const&)+320) + native: #06 pc 001326c1 /system/lib/libart.so (art::ClassLinker::FindClassInPathClassLoader(art::ScopedObjectAccessAlreadyRunnable&, art::Thread*, char const*, unsigned int, art::Handle<art::mirror::ClassLoader>, art::mirror::Class**)+688) + native: #07 pc 002cb1a1 /system/lib/libart.so (art::VMClassLoader_findLoadedClass(_JNIEnv*, _jclass*, _jobject*, _jstring*)+264) + native: #08 pc 002847fd /data/dalvik-cache/arm/system@framework@boot.oat (Java_java_lang_VMClassLoader_findLoadedClass__Ljava_lang_ClassLoader_2Ljava_lang_String_2+112) + at java.lang.VMClassLoader.findLoadedClass!(Native method) + at java.lang.ClassLoader.findLoadedClass(ClassLoader.java:362) + at java.lang.ClassLoader.loadClass(ClassLoader.java:499) + at java.lang.ClassLoader.loadClass(ClassLoader.java:469) + at android.app.ActivityThread.installProvider(ActivityThread.java:5141) + at android.app.ActivityThread.installContentProviders(ActivityThread.java:4748) + at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4688) + at android.app.ActivityThread.-wrap1(ActivityThread.java:-1) + at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1405) + at android.os.Handler.dispatchMessage(Handler.java:102) + at android.os.Looper.loop(Looper.java:148) + at android.app.ActivityThread.main(ActivityThread.java:5417) + at java.lang.reflect.Method.invoke!(Native method) + at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726) + at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616) + + ... +<i> Stacks for other threads in this process follow</i> + ...</pre><p></p> + </section> + +<h3 id="deadlocks">查找死锁</h3> +<p>由于线程出现粘滞,死锁往往首先表现为 ANR。如果系统服务器发生死锁,监控程序最终会将其终止,从而导致日志中出现类似以下的条目:<code>WATCHDOG KILLING SYSTEM PROCESS</code>。对于用户来说,他们看到的是设备重新启动,但从技术上来讲这是运行时重启,而不是真正的设备重新启动。</p> + +<ul> +<li>在<strong>运行时</strong>重启时,系统服务器已死机并会重启,并且用户会看到设备返回到显示启动动画。</li> +<li>在设备<strong>重新启动</strong>时,内核已崩溃,并且用户会看到设备返回到显示 Google 启动徽标。</li> +</ul> + +<p>要查找死锁,请检查 VM 跟踪部分中是否存在以下模式:线程 A 在等待线程 B 占用的某些资源,而线程 B 也在等待线程 A 占用的某些资源。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>"Binder_B" prio=5 tid=73 Blocked + | group="main" sCount=1 dsCount=0 obj=0x13faa0a0 self=0x95e24800 + | sysTid=2016 nice=0 cgrp=default sched=0/0 handle=0x8b68d930 + | state=S schedstat=( 9351576559 4141431119 16920 ) utm=819 stm=116 core=1 HZ=100 + | stack=0x8b591000-0x8b593000 stackSize=1014KB + | held mutexes= + at com.android.server.pm.UserManagerService.exists(UserManagerService.java:387) + - waiting to lock <0x025f9b02> (a android.util.ArrayMap) held by thread 20 + at com.android.server.pm.PackageManagerService.getApplicationInfo(PackageManagerService.java:2848) + at com.android.server.AppOpsService.getOpsRawLocked(AppOpsService.java:881) + at com.android.server.AppOpsService.getOpsLocked(AppOpsService.java:856) + at com.android.server.AppOpsService.noteOperationUnchecked(AppOpsService.java:719) + - locked <0x0231885a> (a com.android.server.AppOpsService) + at com.android.server.AppOpsService.noteOperation(AppOpsService.java:713) + at com.android.server.AppOpsService$2.getMountMode(AppOpsService.java:260) + at com.android.server.MountService$MountServiceInternalImpl.getExternalStorageMountMode(MountService.java:3416) + at com.android.server.am.ActivityManagerService.startProcessLocked(ActivityManagerService.java:3228) + at com.android.server.am.ActivityManagerService.startProcessLocked(ActivityManagerService.java:3170) + at com.android.server.am.ActivityManagerService.startProcessLocked(ActivityManagerService.java:3059) + at com.android.server.am.BroadcastQueue.processNextBroadcast(BroadcastQueue.java:1070) + - locked <0x044d166f> (a com.android.server.am.ActivityManagerService) + at com.android.server.am.ActivityManagerService.finishReceiver(ActivityManagerService.java:16950) + at android.app.ActivityManagerNative.onTransact(ActivityManagerNative.java:494) + at com.android.server.am.ActivityManagerService.onTransact(ActivityManagerService.java:2432) + at android.os.Binder.execTransact(Binder.java:453) +... + "PackageManager" prio=5 tid=20 Blocked + | group="main" sCount=1 dsCount=0 obj=0x1304f4a0 self=0xa7f43900 + | sysTid=1300 nice=10 cgrp=bg_non_interactive sched=0/0 handle=0x9fcf9930 + | state=S schedstat=( 26190141996 13612154802 44357 ) utm=2410 stm=209 core=2 HZ=100 + | stack=0x9fbf7000-0x9fbf9000 stackSize=1038KB + | held mutexes= + at com.android.server.AppOpsService.noteOperationUnchecked(AppOpsService.java:718) + - waiting to lock <0x0231885a> (a com.android.server.AppOpsService) held by thread 73 + at com.android.server.AppOpsService.noteOperation(AppOpsService.java:713) + at com.android.server.AppOpsService$2.getMountMode(AppOpsService.java:260) + at com.android.server.AppOpsService$2.hasExternalStorage(AppOpsService.java:273) + at com.android.server.MountService$MountServiceInternalImpl.hasExternalStorage(MountService.java:3431) + at com.android.server.MountService.getVolumeList(MountService.java:2609) + at android.os.storage.StorageManager.getVolumeList(StorageManager.java:880) + at android.os.Environment$UserEnvironment.getExternalDirs(Environment.java:83) + at android.os.Environment.isExternalStorageEmulated(Environment.java:708) + at com.android.server.pm.PackageManagerService.isExternalMediaAvailable(PackageManagerService.java:9327) + at com.android.server.pm.PackageManagerService.startCleaningPackages(PackageManagerService.java:9367) + - locked <0x025f9b02> (a android.util.ArrayMap) + at com.android.server.pm.PackageManagerService$PackageHandler.doHandleMessage(PackageManagerService.java:1320) + at com.android.server.pm.PackageManagerService$PackageHandler.handleMessage(PackageManagerService.java:1122) + at android.os.Handler.dispatchMessage(Handler.java:102) + at android.os.Looper.loop(Looper.java:148) + at android.os.HandlerThread.run(HandlerThread.java:61) + at com.android.server.ServiceThread.run(ServiceThread.java:46)</pre><p></p> + </section> + +<h2 id="activities">Activity</h2> +<p><a href="http://developer.android.com/guide/components/activities.html">Activity</a> 是一种应用组件,可提供一个屏幕,用户能够通过与该屏幕互动来执行某些操作,例如拨打电话号码、拍照、发送电子邮件,等等。从错误报告的角度来看,一个 <a href="http://developer.android.com/reference/android/app/Activity.html">Activity</a> 是用户可以执行一项明确具体的操作,这使得查找在崩溃期间处于聚焦状态的 Activity 变得非常重要。Activity 通过 ActivityManager 运行进程,因此找出指定 Activity 的所有进程停止和启动事件也有助于进行问题排查。</p> + +<h3 id="history-focused-activities">查看处于聚焦状态的 Activity</h3> +<p>要查看记录的处于聚焦状态的 Activity,请搜索 <code>am_focused_activity</code>。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>grep "am_focused_activity" bugreport-2015-10-01-18-13-48.txt +10-01 18:10:41.409 4600 14112 I am_focused_activity: [0,com.google.android.GoogleCamera/com.android.camera.CameraActivity] +10-01 18:11:17.313 4600 5687 I am_focused_activity: [0,com.google.android.googlequicksearchbox/com.google.android.launcher.GEL] +10-01 18:11:52.747 4600 14113 I am_focused_activity: [0,com.google.android.GoogleCamera/com.android.camera.CameraActivity] +10-01 18:14:07.762 4600 5687 I am_focused_activity: [0,com.google.android.googlequicksearchbox/com.google.android.launcher.GEL]</pre><p></p> + </section> + +<h3 id="history-process-starts">查看进程启动事件</h3> +<p>要查看记录的进程启动事件,请搜索 <code>Start proc</code>。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>grep "Start proc" bugreport-2015-10-01-18-13-48.txt +10-01 18:09:15.309 4600 4612 I ActivityManager: Start proc 24533:com.metago.astro/u0a240 for broadcast com.metago.astro/com.inmobi.commons.analytics.androidsdk.IMAdTrackerReceiver +10-01 18:09:15.687 4600 14112 I ActivityManager: Start proc 24548:com.google.android.apps.fitness/u0a173 for service com.google.android.apps.fitness/.api.services.ActivityUpsamplingService +10-01 18:09:15.777 4600 6604 I ActivityManager: Start proc 24563:cloudtv.hdwidgets/u0a145 for broadcast cloudtv.hdwidgets/cloudtv.switches.SwitchSystemUpdateReceiver +10-01 18:09:20.574 4600 6604 I ActivityManager: Start proc 24617:com.wageworks.ezreceipts/u0a111 for broadcast com.wageworks.ezreceipts/.ui.managers.IntentReceiver +...</pre><p></p> + </section> + +<h3 id="device-thrashing">设备是否发生系统颠簸?</h3> +<p>要确定设备是否发生<a href="https://en.wikipedia.org/wiki/Thrashing_(computer_science)">系统颠簸</a>,请检查 <code>am_proc_died</code> 和 <code>am_proc_start</code> 前后在短时间内是否出现活动异常增加。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>grep -e "am_proc_died" -e "am_proc_start" bugreport-2015-10-01-18-13-48.txt +10-01 18:07:06.494 4600 9696 I am_proc_died: [0,20074,com.android.musicfx] +10-01 18:07:06.555 4600 6606 I am_proc_died: [0,31166,com.concur.breeze] +10-01 18:07:06.566 4600 14112 I am_proc_died: [0,18812,com.google.android.apps.fitness] +10-01 18:07:07.018 4600 7513 I am_proc_start: [0,20361,10113,com.sony.playmemories.mobile,broadcast,com.sony.playmemories.mobile/.service.StartupReceiver] +10-01 18:07:07.357 4600 4614 I am_proc_start: [0,20381,10056,com.google.android.talk,service,com.google.android.talk/com.google.android.libraries.hangouts.video.CallService] +10-01 18:07:07.784 4600 4612 I am_proc_start: [0,20402,10190,com.andcreate.app.trafficmonitor:loopback_measure_serivce,service,com.andcreate.app.trafficmonitor/.loopback.LoopbackMeasureService] +10-01 18:07:10.753 4600 5997 I am_proc_start: [0,20450,10097,com.amazon.mShop.android.shopping,broadcast,com.amazon.mShop.android.shopping/com.amazon.identity.auth.device.storage.LambortishClock$ChangeTimestampsBroadcastReceiver] +10-01 18:07:15.267 4600 6605 I am_proc_start: [0,20539,10173,com.google.android.apps.fitness,service,com.google.android.apps.fitness/.api.services.ActivityUpsamplingService] +10-01 18:07:15.985 4600 4612 I am_proc_start: [0,20568,10022,com.android.musicfx,broadcast,com.android.musicfx/.ControlPanelReceiver] +10-01 18:07:16.315 4600 7512 I am_proc_died: [0,20096,com.google.android.GoogleCamera]</pre><p></p> + </section> + +<h2 id="memory">内存</h2> +<p>由于 Android 设备的物理内存通常都存在限制,因此管理随机存取存储器 (RAM) 至关重要。错误报告中包含一些用于指示内存不足的指标以及一个提供内存快照的 dumpstate。</p> + +<h3 id="low-memory">发现内存不足的情况</h3> +<p>内存不足可能会导致系统发生颠簸,这是因为虽然内存不足时系统会终止某些进程来释放内存,但又会继续启动其他进程。要查看内存不足的确凿证据,请检查二进制事件日志中 <code>am_proc_died</code> 和 <code>am_proc_start</code> 条目的密集程度。</p> + +<p>内存不足还可能会减慢任务切换速度,并且可能会阻止进行返回尝试(因为用户尝试返回到的任务已被终止)。如果启动器被终止,它会在用户触摸主屏幕按钮时重启,并且日志中会显示启动器重新加载其内容。</p> + +<h4 id="historical-low-memory">查看历史指标</h4> +<p>二进制事件日志中的 <code>am_low_memory</code> 条目表示最后一个缓存的进程已终止。在此之后,系统开始终止各项服务。 + + </p><section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>grep "am_low_memory" bugreport-2015-10-01-18-13-48.txt +10-01 18:11:02.219 4600 7513 I am_low_memory: 41 +10-01 18:12:18.526 4600 14112 I am_low_memory: 39 +10-01 18:12:18.874 4600 7514 I am_low_memory: 38 +10-01 18:12:22.570 4600 14112 I am_low_memory: 40 +10-01 18:12:34.811 4600 20319 I am_low_memory: 43 +10-01 18:12:37.945 4600 6521 I am_low_memory: 43 +10-01 18:12:47.804 4600 14110 I am_low_memory: 43</pre><p></p> + </section> + +<h4 id="thrashing-indicators">查看系统颠簸指标</h4> +<p>关于系统颠簸(分页、直接回收等)的其他指标包括 <code>kswapd</code>、<code>kworker</code> 和 <code>mmcqd</code> 消耗的 CPU 周期。(请注意,收集错误报告可能会影响系统颠簸指标。)</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>------ CPU INFO (top -n 1 -d 1 -m 30 -t) ------ + +User 15%, System 54%, IOW 28%, IRQ 0% +User 82 + Nice 2 + Sys 287 + Idle 1 + IOW 152 + IRQ 0 + SIRQ 5 = 529 + + PID TID PR CPU% S VSS RSS PCY UID Thread Proc +15229 15229 0 19% R 0K 0K fg root kworker/0:2 +29512 29517 1 7% D 1173524K 101188K bg u0_a27 Signal Catcher com.google.android.talk +24565 24570 3 6% D 2090920K 145168K fg u0_a22 Signal Catcher com.google.android.googlequicksearchbox:search +19525 19525 2 6% R 3476K 1644K fg shell top top +24957 24962 2 5% R 1706928K 125716K bg u0_a47 Signal Catcher com.google.android.GoogleCamera +19519 19519 3 4% S 0K 0K fg root kworker/3:1 + 120 120 0 3% S 0K 0K fg root mmcqd/1 +18233 18233 1 3% S 0K 0K fg root kworker/1:1 +25589 25594 1 2% D 1270476K 75776K fg u0_a8 Signal Catcher com.google.android.gms +19399 19399 2 1% S 0K 0K fg root kworker/2:2 + 1963 1978 1 0% S 1819100K 125136K fg system android.fg system_server + 1963 1981 3 0% S 1819100K 125136K fg system android.display system_server</pre><p></p> + </section> +<p></p> + +<p>ANR 日志可以提供类似的内存快照。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>10-03 17:19:59.959 1963 1976 E ActivityManager: ANR in com.google.android.apps.magazines +10-03 17:19:59.959 1963 1976 E ActivityManager: PID: 18819 +10-03 17:19:59.959 1963 1976 E ActivityManager: Reason: Broadcast of Intent { act=android.net.conn.CONNECTIVITY_CHANGE flg=0x4000010 cmp=com.google.android.apps.magazines/com.google.apps.dots.android.newsstand.appwidget.NewsWidgetProvider (has extras) } +10-03 17:19:59.959 1963 1976 E ActivityManager: Load: 19.19 / 14.76 / 12.03 +10-03 17:19:59.959 1963 1976 E ActivityManager: CPU usage from 0ms to 11463ms later: +10-03 17:19:59.959 1963 1976 E ActivityManager: 54% 15229/kworker/0:2: 0% user + 54% kernel +10-03 17:19:59.959 1963 1976 E ActivityManager: 38% 1963/system_server: 14% user + 23% kernel / faults: 17152 minor 1073 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 11% 120/mmcqd/1: 0% user + 11% kernel +10-03 17:19:59.959 1963 1976 E ActivityManager: 10% 2737/com.android.systemui: 4.7% user + 5.6% kernel / faults: 7211 minor 149 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 0.2% 1451/debuggerd: 0% user + 0.2% kernel / faults: 15211 minor 147 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 8.7% 6162/com.twofortyfouram.locale: 4% user + 4.7% kernel / faults: 4924 minor 260 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 6.1% 24565/com.google.android.googlequicksearchbox:search: 2.4% user + 3.7% kernel / faults: 2902 minor 129 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 6% 55/kswapd0: 0% user + 6% kernel +10-03 17:19:59.959 1963 1976 E ActivityManager: 4.9% 18819/com.google.android.apps.magazines: 1.5% user + 3.3% kernel / faults: 10129 minor 986 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 2.8% 18233/kworker/1:1: 0% user + 2.8% kernel +10-03 17:19:59.959 1963 1976 E ActivityManager: 4.2% 3145/com.android.phone: 2% user + 2.2% kernel / faults: 3005 minor 43 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 4.2% 8084/com.android.chrome: 2% user + 2.1% kernel / faults: 4798 minor 380 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 3.4% 182/surfaceflinger: 1.1% user + 2.3% kernel / faults: 842 minor 13 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 3% 18236/kworker/1:2: 0% user + 3% kernel +10-03 17:19:59.959 1963 1976 E ActivityManager: 2.9% 19231/com.android.systemui:screenshot: 0.8% user + 2.1% kernel / faults: 6119 minor 348 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 2.3% 15350/kworker/0:4: 0% user + 2.3% kernel +10-03 17:19:59.959 1963 1976 E ActivityManager: 2.2% 1454/mediaserver: 0% user + 2.2% kernel / faults: 479 minor 6 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 2% 16496/com.android.chrome:sandboxed_process10: 0.1% user + 1.8% kernel / faults: 3610 minor 234 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 1% 3119/com.android.nfc: 0.4% user + 0.5% kernel / faults: 1789 minor 17 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 1.7% 19337/com.jarettmillard.localeconnectiontype:background: 0.1% user + 1.5% kernel / faults: 7854 minor 439 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 0.7% 3066/com.google.android.inputmethod.latin: 0.3% user + 0.3% kernel / faults: 1336 minor 7 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 1% 25589/com.google.android.gms: 0.3% user + 0.6% kernel / faults: 2867 minor 237 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 0.9% 1460/sensors.qcom: 0.5% user + 0.4% kernel / faults: 262 minor 5 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 0.8% 3650/mpdecision: 0% user + 0.8% kernel / faults: 160 minor 1 major +10-03 17:19:59.959 1963 1976 E ActivityManager: 0.1% 3132/com.redbend.vdmc: 0% user + 0% kernel / faults: 1746 minor 5 major</pre><p></p> + </section> + +<h3 id="memory-snapshot">获取内存快照</h3> +<p>内存快照是一种 dumpstate,其中会列出正在运行的 Java 进程和本机进程(有关详情,请参阅<a href="https://developer.android.com/tools/debugging/debugging-memory.html#ViewingAllocations">查看整体内存分配</a>)。请注意,快照仅提供特定时刻的状态;在此快照之前,系统的状况可能更好,也可能更糟。</p> +<ul> +<li>要了解某个进程的运行时长,请参阅<a href="#process-runtime">进程运行时</a>。</li> +<li>要了解为什么某个进程当前正在运行,请参阅<a href="#why-is-process-running">某个进程为什么正在运行?</a></li> +</ul> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>Total PSS by OOM adjustment: + 86752 kB: Native + 22645 kB: surfaceflinger (pid 197) + 18597 kB: mediaserver (pid 204) + ... + 136959 kB: System + 136959 kB: system (pid 785) + 220218 kB: Persistent + 138859 kB: com.android.systemui (pid 947 / activities) + 39178 kB: com.android.nfc (pid 1636) + 28313 kB: com.android.phone (pid 1659) + 13868 kB: com.redbend.vdmc (pid 1646) + 9534 kB: Persistent Service + 9534 kB: com.android.bluetooth (pid 23807) + 178604 kB: Foreground + 168620 kB: com.google.android.googlequicksearchbox (pid 1675 / activities) + 9984 kB: com.google.android.apps.maps (pid 13952) + 188286 kB: Visible + 85326 kB: com.google.android.wearable.app (pid 1535) + 38978 kB: com.google.process.gapps (pid 1510) + 31936 kB: com.google.android.gms.persistent (pid 2072) + 27950 kB: com.google.android.gms.wearable (pid 1601) + 4096 kB: com.google.android.googlequicksearchbox:interactor (pid 1550) + 52948 kB: Perceptible + 52948 kB: com.google.android.inputmethod.latin (pid 1566) + 150851 kB: A Services + 81121 kB: com.google.android.gms (pid 1814) + 37586 kB: com.google.android.talk (pid 9584) + 10949 kB: com.google.android.music:main (pid 4019) + 10727 kB: com.motorola.targetnotif (pid 31071) + 10468 kB: com.google.android.GoogleCamera (pid 9984) + 33298 kB: Previous + 33298 kB: com.android.settings (pid 9673 / activities) + 165188 kB: B Services + 49490 kB: com.facebook.katana (pid 15035) + 22483 kB: com.whatsapp (pid 28694) + 21308 kB: com.iPass.OpenMobile (pid 5325) + 19788 kB: com.google.android.apps.googlevoice (pid 23934) + 17399 kB: com.google.android.googlequicksearchbox:search (pid 30359) + 9073 kB: com.google.android.apps.youtube.unplugged (pid 21194) + 7660 kB: com.iPass.OpenMobile:remote (pid 23754) + 7291 kB: com.pujie.wristwear.pujieblack (pid 24240) + 7157 kB: com.instagram.android:mqtt (pid 9530) + 3539 kB: com.qualcomm.qcrilmsgtunnel (pid 16186) + 204324 kB: Cached + 43424 kB: com.amazon.mShop.android (pid 13558) + 22563 kB: com.google.android.apps.magazines (pid 13844) + ... + 4298 kB: com.google.android.apps.enterprise.dmagent (pid 13826)</pre><p></p> + </section> + +<h2 id="broadcasts">广播</h2> +<p>应用会生成广播,以便在当前应用内发送事件或向其他应用发送事件。广播接收方可以通过过滤器订阅特定消息,以便收听和响应广播。错误报告中包含已发送广播和未发送广播的相关信息,以及关于收听特定广播的所有接收方的 dumpsys。</p> + +<h3 id="historical-broadcasts">查看历史广播</h3> +<p>历史广播是指已发送的广播,按时间逆序排列。</p> + +<p><strong>summary</strong>(摘要)部分用于提供最近 300 个前台广播和最近 300 个后台广播的概况。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre> Historical broadcasts summary [foreground]: + #0: act=android.intent.action.SCREEN_ON flg=0x50000010 + +1ms dispatch +90ms finish + enq=2015-10-29 17:10:51 disp=2015-10-29 17:10:51 fin=2015-10-29 17:10:51 + #1: act=android.intent.action.SCREEN_OFF flg=0x50000010 + 0 dispatch +60ms finish + enq=2015-10-29 17:10:05 disp=2015-10-29 17:10:05 fin=2015-10-29 17:10:05 + ... + Historical broadcasts summary [background]: + ...</pre><p></p> + </section> +<p></p> + +<p><strong>detail</strong>(详情)部分包含最近 50 个前台广播和最近 50 个后台广播的完整信息,以及每个广播的接收方。</p> +<ul> +<li>具有 <code>BroadcastRecord</code> 条目的接收方是在运行时注册的,并且只会被发送到已在运行的进程。</li> +<li>具有 <code>ResolveInfo</code> 条目的接收方是通过清单条目注册的。ActivityManager 会为每个 <code>ResolveInfo</code> 启动相应进程(如果相应进程尚未在运行)。</li> +</ul> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>Historical broadcasts [foreground]: + ... + Historical broadcasts [background]: + Historical Broadcast background #0: + ... + Historical Broadcast background #5: + BroadcastRecord{18dbb16 u0 android.intent.action.USER_PRESENT} to user 0 + Intent { act=android.intent.action.USER_PRESENT flg=0x24000010 } + caller=com.android.systemui 2925:com.android.systemui/u0a27 pid=2925 uid=10027 + enqueueClockTime=2015-10-29 17:10:55 dispatchClockTime=2015-10-29 17:10:55 + dispatchTime=-2s321ms (0 since enq) finishTime=-2s320ms (+1ms since disp) + Receiver #0: BroadcastFilter{8181cc1 u-1 ReceiverList{5d929a8 902 system/1000/u-1 local:eca4dcb}} + Receiver #1: BroadcastFilter{6371c97 u-1 ReceiverList{2938b16 902 system/1000/u-1 local:840b831}} + ... + Receiver #19: BroadcastFilter{93f16b u0 ReceiverList{5c61eba 17016 com.google.android.gm/10079/u0 remote:24083e5}} + ... + Historical Broadcast background #37: + BroadcastRecord{7f6dd6 u0 android.hardware.action.NEW_PICTURE} to user 0 + Intent { act=android.hardware.action.NEW_PICTURE dat=content://media/external/images/media/6345 flg=0x10 } + caller=com.google.android.GoogleCamera 32734:com.google.android.GoogleCamera/u0a53 pid=32734 uid=10053 + enqueueClockTime=2015-10-29 17:09:48 dispatchClockTime=2015-10-29 17:09:49 + dispatchTime=-45s720ms (+399ms since enq) finishTime=-45s701ms (+19ms since disp) + resultTo=null resultCode=0 resultData=null + nextReceiver=4 receiver=null + Receiver #0: ResolveInfo{33d2857 com.google.android.gms/com.google.android.libraries.social.mediamonitor.MediaMonitor m=0x608000} + priority=0 preferredOrder=0 match=0x608000 specificIndex=-1 isDefault=false + ActivityInfo: + name=com.google.android.libraries.social.mediamonitor.MediaMonitor + packageName=com.google.android.gms + enabled=true exported=true processName=com.google.android.gms + ... + Receiver #1: ResolveInfo{d9edf44 com.google.android.apps.maps/com.google.android.apps.gmm.ugc.clientnotification.StartPhotoTakenNotifierServiceReceiver m=0x608000} + priority=0 preferredOrder=0 match=0x608000 specificIndex=-1 isDefault=false + ActivityInfo: + name=com.google.android.apps.gmm.ugc.clientnotification.StartPhotoTakenNotifierServiceReceiver + packageName=com.google.android.apps.maps + enabled=true exported=true processName=com.google.android.apps.maps + ... + Receiver #2: ResolveInfo{743f82d com.google.android.apps.photos/com.google.android.libraries.social.mediamonitor.MediaMonitor m=0x608000} + priority=0 preferredOrder=0 match=0x608000 specificIndex=-1 isDefault=false + ActivityInfo: + name=com.google.android.libraries.social.mediamonitor.MediaMonitor + packageName=com.google.android.apps.photos + enabled=true exported=true processName=com.google.android.apps.photos + ... + Receiver #3: ResolveInfo{d5c9162 com.google.android.apps.plus/com.google.android.libraries.social.mediamonitor.MediaMonitor m=0x608000} + priority=0 preferredOrder=0 match=0x608000 specificIndex=-1 isDefault=false + ActivityInfo: + name=com.google.android.libraries.social.mediamonitor.MediaMonitor + packageName=com.google.android.apps.plus + enabled=true exported=true processName=com.google.android.apps.plus + ...</pre><p></p> + </section> + +<h3 id="active-broadcasts">查看待发送的广播</h3> +<p>待发送的广播是指尚未发送的广播。如果队列中存在大量广播,则意味着系统无法足够快地发送广播来跟上进度。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre> Active ordered broadcasts [background]: + Active Ordered Broadcast background #133: <i>// size of queue</i> + ...</pre><p></p> + </section> + +<h3 id="broadcast-listeners">查看广播收听方</h3> +<p>要查看收听某个广播的接收方列表,请查看 <code>dumpsys activity broadcasts</code> 中的 Receiver Resolver Table。以下示例显示了收听 <code>USER_PRESENT</code> 的所有接收方。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>------------------------------------------------------------------------------- +ACTIVITY MANAGER BROADCAST STATE (dumpsys activity broadcasts) +.. + Receiver Resolver Table: + Full MIME Types: + .. + Wild MIME Types: + .. + Schemes: + .. + Non-Data Actions: + .. + android.intent.action.USER_PRESENT: + BroadcastFilter{8181cc1 u-1 ReceiverList{5d929a8 902 system/1000/u-1 local:eca4dcb}} + BroadcastFilter{6371c97 u-1 ReceiverList{2938b16 902 system/1000/u-1 local:840b831}} + BroadcastFilter{320c00 u0 ReceiverList{d3a6283 902 system/1000/u0 local:799c532}} + BroadcastFilter{e486048 u0 ReceiverList{36fbaeb 902 system/1000/u0 local:5f51e3a}} + BroadcastFilter{22b02 u-1 ReceiverList{b3f744d 902 system/1000/u-1 local:de837e4}} + BroadcastFilter{3e989ab u0 ReceiverList{f8deffa 2981 com.google.process.gapps/10012/u0 remote:26bd225}} + BroadcastFilter{fb56150 u0 ReceiverList{22b7b13 2925 com.android.systemui/10027/u0 remote:c54a602}} + BroadcastFilter{63bbb6 u-1 ReceiverList{ba6c751 3484 com.android.nfc/1027/u-1 remote:5c4a478}} + BroadcastFilter{95ad20d u0 ReceiverList{d8374a4 3586 com.google.android.googlequicksearchbox/10029/u0 remote:feb3737}} + BroadcastFilter{fdef551 u0 ReceiverList{28ca78 3745 com.google.android.gms.persistent/10012/u0 remote:f23afdb}} + BroadcastFilter{9830707 u0 ReceiverList{aabd946 3745 com.google.android.gms.persistent/10012/u0 remote:a4da121}} + BroadcastFilter{83c43d2 u0 ReceiverList{d422e5d 3745 com.google.android.gms.persistent/10012/u0 remote:f585034}} + BroadcastFilter{8890378 u0 ReceiverList{26d2cdb 3745 com.google.android.gms.persistent/10012/u0 remote:dfa61ea}} + BroadcastFilter{7bbb7 u0 ReceiverList{214b2b6 3745 com.google.android.gms.persistent/10012/u0 remote:8353a51}} + BroadcastFilter{38d3566 u0 ReceiverList{de859c1 3745 com.google.android.gms.persistent/10012/u0 remote:e003aa8}} + BroadcastFilter{3435d9f u0 ReceiverList{6e38b3e 3745 com.google.android.gms.persistent/10012/u0 remote:8dd7ff9}} + BroadcastFilter{d0a34bb u0 ReceiverList{5091d4a 3745 com.google.android.gms.persistent/10012/u0 remote:d6d22b5}} + BroadcastFilter{d43c416 u0 ReceiverList{51a3531 3745 com.google.android.gms.persistent/10012/u0 remote:d0b9dd8}} + BroadcastFilter{aabf36d u0 ReceiverList{a88bf84 3745 com.google.android.gms.persistent/10012/u0 remote:a9d6197}} + BroadcastFilter{93f16b u0 ReceiverList{5c61eba 17016 com.google.android.gm/10079/u0 remote:24083e5}} + BroadcastFilter{68f794e u0 ReceiverList{4cb1c49 947 com.google.android.googlequicksearchbox:search/10029/u0 remote:251d250}} + .. + MIME Typed Actions:</pre><p></p> + </section> + +<h2 id="monitor contention">显示器争用</h2> +<p>显示器争用日志记录有时可以表明实际的显示器争用情况,但通常情况下会表明系统负载过重,从而导致所有进程都变慢了。您可能会在系统日志或事件日志中看到 ART 记录的长时间占用显示器的事件。</p> + +<p>在系统日志中:</p> +<p></p><pre>10-01 18:12:44.343 29761 29914 W art : Long monitor contention event with owner method=void android.database.sqlite.SQLiteClosable.acquireReference() from SQLiteClosable.java:52 waiters=0 for 3.914s</pre><p></p> + +<p>在事件日志中:</p> +<p></p><pre>10-01 18:12:44.364 29761 29914 I dvm_lock_sample: [com.google.android.youtube,0,pool-3-thread-9,3914,ScheduledTaskMaster.java,138,SQLiteClosable.java,52,100]</pre><p></p> + +<h2 id="background-compilation">后台编译</h2> +<p>编译可能会占用大量资源,而且会加重设备负载。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>09-14 06:27:05.670 2508 2587 E ActivityManager: CPU usage from 0ms to 5857ms later: +09-14 06:27:05.670 2508 2587 E ActivityManager: 84% 5708/dex2oat: 81% user + 2.3% kernel / faults: 3731 minor 1 major +09-14 06:27:05.670 2508 2587 E ActivityManager: 73% 2508/system_server: 21% user + 51% kernel / faults: 10019 minor 28 major +09-14 06:27:05.670 2508 2587 E ActivityManager: 1% 3935/com.android.phone: 0.3% user + 0.6% kernel / faults: 2684 minor 2 major</pre><p></p> + </section> +<p></p> + +<p>下载 Google Play 商店更新时,编译可能会在后台进行。在这种情况下,来自 Google Play 商店应用 (<code>finsky</code>) 和 <code>installd</code> 的消息会显示在 <code>dex2oat</code> 消息之前。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>10-07 08:42:33.725 11051 11051 D Finsky : [1] InstallerTask.advanceState: Prepare to patch com.garmin.android.apps.virb (com.garmin.android.apps.virb) from content://downloads/my_downloads/3602 format 2 +10-07 08:42:33.752 495 495 I installd: free_cache(48637657) avail 15111192576 +… +10-07 08:42:39.998 2497 2567 I PackageManager.DexOptimizer: Running dexopt (dex2oat) on: /data/app/vmdl436577137.tmp/base.apk pkg=com.garmin.android.apps.virb isa=arm vmSafeMode=false debuggable=false oatDir = /data/app/vmdl436577137.tmp/oat bootComplete=true +…</pre><p></p> + </section> +<p></p> + +<p>当某个应用正在加载尚未编译的 dex 文件时,编译也可能会在后台进行。在这种情况下,您将看不到 <code>finsky</code> 或 <code>installd</code> 日志记录。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>09-14 07:29:20.433 15736 15736 I dex2oat : /system/bin/dex2oat -j4 --dex-file=/data/user/0/com.facebook.katana/app_secondary_program_dex/program-72cef82b591768306676e10161c886b58b34315a308602be.dex.jar --oat-file=/data/user/0/com.facebook.katana/app_secondary_program_dex_opt/program-72cef82b591768306676e10161c886b58b34315a308602be.dex.dex +... +09-14 07:29:25.102 15736 15736 I dex2oat : dex2oat took 4.669s (threads: 4) arena alloc=7MB java alloc=3MB native alloc=29MB free=4MB</pre><p></p> + </section> + +<h2 id="narrative">叙述</h2> +<p>创建问题叙述(如何开始、发生了什么、系统是如何应对的)需要一个固定的事件时间轴。您可以利用错误报告中的信息来同步多个日志中的时间轴并确定错误报告的确切时间戳。</p> + +<h3 id="timelines">同步时间轴</h3> +<p>错误报告会反映多个并行时间轴(系统日志、事件日志、内核日志)以及针对广播、电池统计信息等的多个专用时间轴。遗憾的是,系统通常会使用不同的时间基准来报告时间轴。</p> + +<p>系统日志时间戳和事件日志时间戳采用用户所用的时区(与大多数其他时间戳一样)。例如,当用户点按主屏幕按钮时,系统日志会报告以下内容:</p> +<p></p><pre>10-03 17:19:52.939 1963 2071 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.HOME] flg=0x10200000 cmp=com.google.android.googlequicksearchbox/com.google.android.launcher.GEL (has extras)} from uid 1000 on display 0</pre><p></p> + +<p>对于上述操作,事件日志会报告以下内容:</p> +<p></p><pre>10-03 17:19:54.279 1963 2071 I am_focused_activity: [0,com.google.android.googlequicksearchbox/com.google.android.launcher.GEL]</pre><p></p> + +<p>内核 (<code>dmesg</code>) 日志采用不同的时间基准,按距离引导加载程序完成的时间来标记日志内容(以秒为单位)。要按照其他时间表的时间基准记录此时间表,请搜索“suspend exit”(暂停退出)和“suspend entry”(暂停进入)消息。<em></em><em></em></p> +<p></p><pre><6>[201640.779997] PM: suspend exit 2015-10-03 19:11:06.646094058 UTC +… +<6>[201644.854315] PM: suspend entry 2015-10-03 19:11:10.720416452 UTC</pre><p></p> + +<p>由于内核日志在暂停状态下可能不会包含时间,因此您应该分段记录暂停进入和暂停退出消息之间的日志。此外,内核日志使用 UTC 时区,您必须将其调整为用户时区。</p> + +<h3 id="time-of-bugreport">确定错误报告的生成时间</h3> +<p>要确定错误报告的生成时间,请先查看系统日志 (Logcat) 中的 <code>dumpstate: begin</code>:</p> +<p></p><pre>10-03 17:19:54.322 19398 19398 I dumpstate: begin</pre><p></p> + +<p>接下来,查看内核日志 (<code>dmesg</code>) 时间戳中的 <code>Starting service +'bugreport'</code> 消息:</p> +<p></p><pre><5>[207064.285315] init: Starting service 'bugreport'...</pre><p></p> + +<p>进行逆向推算以关联这两个事件,同时牢记<a href="#timelines">同步时间轴</a>中提到的注意事项。尽管在初始化错误报告之后发生了很多活动,但大多数活动并不是非常有用,因为生成错误报告这一活动会大大加重系统负载。</p> + +<h2 id="power">电源</h2> + +<p>事件日志中包含屏幕电源状态,其中 0 表示屏幕关闭,1 表示屏幕打开,2 表示已锁屏。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>grep screen_toggled bugreport-2015-10-18-16-52-22.txt +10-18 15:05:04.383 992 992 I screen_toggled: 1 +10-18 15:05:07.010 992 992 I screen_toggled: 0 +10-18 15:23:15.063 992 992 I screen_toggled: 1 +10-18 15:23:25.684 992 992 I screen_toggled: 0 +10-18 15:36:31.623 992 992 I screen_toggled: 1 +10-18 15:36:37.660 3283 3283 I screen_toggled: 2</pre><p></p> + </section> + +<p></p> +<p>错误报告中还包含关于唤醒锁的统计信息,唤醒锁是应用开发者采用的一种机制,用于表明其应用需要设备保持开启状态。(要详细了解唤醒锁,请参阅 <a href="https://developer.android.com/reference/android/os/PowerManager.WakeLock.html">PowerManager.WakeLock</a> 和<a href="https://developer.android.com/training/scheduling/wakelock.html#cpu">使 CPU 保持运行状态</a>。) + +</p><p>唤醒锁总时长统计信息<strong>仅</strong>跟踪唤醒锁实际负责使设备保持唤醒状态的时间,<strong>不</strong>包括屏幕处于开启状态的时间。此外,如果同时持有多个唤醒锁,系统会在它们之间分配唤醒锁时长。</p> + +<p>如需直观呈现电源状态方面的更多帮助,请使用 <a href="https://github.com/google/battery-historian">Battery Historian</a>(一种 Google 开放源代码工具,能够利用 Android 错误报告文件分析电池消耗进程)。</p> + +<h2 id="packages">程序包</h2> +<p>“DUMP OF SERVICE”程序包中包含应用版本(以及其他实用信息)。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>... +Packages: +... + Package [com.google.android.gms] (3cf534b): + userId=10013 + sharedUser=SharedUserSetting{98f3d28 com.google.uid.shared/10013} + pkg=Package{b8f6a41 com.google.android.gms} + codePath=/system/priv-app/PrebuiltGmsCore + resourcePath=/system/priv-app/PrebuiltGmsCore + legacyNativeLibraryDir=/system/priv-app/PrebuiltGmsCore/lib + primaryCpuAbi=arm64-v8a + secondaryCpuAbi=armeabi-v7a + versionCode=8186448 targetSdk=23 + versionName=8.1.86 (2287566-448) + splits=[base] + applicationInfo=ApplicationInfo{5158507 com.google.android.gms} + flags=[ SYSTEM HAS_CODE ALLOW_CLEAR_USER_DATA ] + privateFlags=[ PRIVILEGED ] + dataDir=/data/user/0/com.google.android.gms + supportsScreens=[small, medium, large, xlarge, resizeable, anyDensity] + libraries: + com.google.android.gms + usesOptionalLibraries: + com.android.location.provider + com.google.android.ble + com.android.media.remotedisplay + usesLibraryFiles: + /system/framework/com.android.media.remotedisplay.jar + /system/framework/com.android.location.provider.jar + timeStamp=2015-10-14 15:17:56 + firstInstallTime=2015-09-22 14:08:35 + lastUpdateTime=2015-10-14 15:17:56 + signatures=PackageSignatures{db63be6 [1af63d8]} + installPermissionsFixed=true installStatus=1 + pkgFlags=[ SYSTEM HAS_CODE ALLOW_CLEAR_USER_DATA ] + declared permissions: + com.google.android.gms.permission.INTERNAL_BROADCAST: prot=signature, INSTALLED + ... + com.google.android.gms.permission.CAR_VENDOR_EXTENSION: prot=dangerous, INSTALLED + User 0: installed=true hidden=false stopped=false notLaunched=false enabled=0 + disabledComponents: + com.google.android.gms.icing.service.PowerConnectedReceiver + ... + com.google.android.gms.icing.proxy.AppsMonitor + enabledComponents: + com.google.android.gms.mdm.receivers.GmsRegisteredReceiver + ... + com.google.android.gms.subscribedfeeds.SyncService</pre><p></p> + </section> + +<h2 id="processes">进程</h2> +<p>错误报告中包含大量的进程数据,例如启动和停止时间、运行时时长、相关服务、<code>oom_adj</code> 得分等。要详细了解 Android 如何管理进程,请参阅<a href="http://developer.android.com/guide/components/processes-and-threads.html">进程和线程</a>。</p> + +<h3 id="process-runtime">确定进程运行时</h3> +<p><code>procstats</code> 部分包含有关进程及相关服务已运行时长的完整统计信息。要快速获得便于用户阅读的摘要,请搜索 <code>AGGREGATED OVER</code> 以查看最近 3 个小时或 24 个小时的数据,然后搜索 <code>Summary:</code> 以查看进程列表、这些进程已以各种优先级运行的时长,以及它们使用 RAM 的情况(格式为“最小-平均-最大 PSS”/“最小-平均-最大 USS”)。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>------------------------------------------------------------------------------- +DUMP OF SERVICE processinfo: +------------------------------------------------------------------------------- +DUMP OF SERVICE procstats: +COMMITTED STATS FROM 2015-10-19-23-54-56 (checked in): +... +COMMITTED STATS FROM 2015-10-20-03-00-00 (checked in): +... +CURRENT STATS: +... +AGGREGATED OVER LAST 24 HOURS: +System memory usage: +... +Per-Package Stats: +... +Summary: +... + * com.google.android.gms.persistent / u0a13 / v8186448: + TOTAL: 100% (21MB-27MB-40MB/20MB-24MB-38MB over 597) + Top: 51% (22MB-26MB-38MB/21MB-24MB-36MB over 383) + Imp Fg: 49% (21MB-27MB-40MB/20MB-25MB-38MB over 214) +… + Start time: 2015-10-19 09:14:37 + Total elapsed time: +1d0h22m7s390ms (partial) libart.so + +AGGREGATED OVER LAST 3 HOURS: +System memory usage: +... +Per-Package Stats: +... +Summary: + * com.google.android.gms.persistent / u0a13 / v8186448: + TOTAL: 100% (23MB-27MB-32MB/21MB-25MB-29MB over 111) + Top: 61% (23MB-26MB-31MB/21MB-24MB-28MB over 67) + Imp Fg: 39% (23MB-28MB-32MB/21MB-26MB-29MB over 44) +... + Start time: 2015-10-20 06:49:24 + Total elapsed time: +2h46m59s736ms (partial) libart.so</pre><p></p> + </section> + +<h3 id="why-is-process-running">某个进程为什么正在运行?</h3> +<p><code>dumpsys activity processes</code> 部分会列出当前正在运行的所有进程,并按 <code>oom_adj</code> 得分排序(Android 通过为进程分配 <code>oom_adj</code> 值来表明进程的重要性,该值可由 ActivityManager 动态更新)。这种输出类似于<a href="#memory-snapshot">内存快照</a>的输出,但包含有关是什么导致进程运行的更多信息。在以下示例中,以粗体显示的条目表明 <code>gms.persistent</code> 进程正在以 <code>vis</code>(可见)优先级运行,因为该系统进程已经与其 <code>NetworkLocationService</code> 绑定。</p> + + <section class="expandable"> + <h4 class="showalways">显示示例</h4> + <p></p><pre>------------------------------------------------------------------------------- +ACTIVITY MANAGER RUNNING PROCESSES (dumpsys activity processes) +... +Process LRU list (sorted by oom_adj, 34 total, non-act at 14, non-svc at 14): + PERS #33: sys F/ /P trm: 0 902:system/1000 (fixed) + PERS #32: pers F/ /P trm: 0 2925:com.android.systemui/u0a27 (fixed) + PERS #31: pers F/ /P trm: 0 3477:com.quicinc.cne.CNEService/1000 (fixed) + PERS #30: pers F/ /P trm: 0 3484:com.android.nfc/1027 (fixed) + PERS #29: pers F/ /P trm: 0 3502:com.qualcomm.qti.rcsbootstraputil/1001 (fixed) + PERS #28: pers F/ /P trm: 0 3534:com.qualcomm.qti.rcsimsbootstraputil/1001 (fixed) + PERS #27: pers F/ /P trm: 0 3553:com.android.phone/1001 (fixed) + Proc #25: psvc F/ /IF trm: 0 4951:com.android.bluetooth/1002 (service) + com.android.bluetooth/.hfp.HeadsetService<=Proc{902:system/1000} + Proc # 0: fore F/A/T trm: 0 3586:com.google.android.googlequicksearchbox/u0a29 (top-activity) + Proc #26: vis F/ /SB trm: 0 3374:com.google.android.googlequicksearchbox:interactor/u0a29 (service) + com.google.android.googlequicksearchbox/com.google.android.voiceinteraction.GsaVoiceInteractionService<=Proc{902:system/1000} +<b> Proc # 5: vis F/ /T trm: 0 3745:com.google.android.gms.persistent/u0a12 (service)</b> +<b> com.google.android.gms/com.google.android.location.network.NetworkLocationService<=Proc{902:system/1000}</b> + Proc # 3: vis F/ /SB trm: 0 3279:com.google.android.gms/u0a12 (service) + com.google.android.gms/.icing.service.IndexService<=Proc{947:com.google.android.googlequicksearchbox:search/u0a29} + Proc # 2: vis F/ /T trm: 0 947:com.google.android.googlequicksearchbox:search/u0a29 (service) + com.google.android.googlequicksearchbox/com.google.android.sidekick.main.remoteservice.GoogleNowRemoteService<=Proc{3586:com.google.android.googlequicksearchbox/u0a29} + Proc # 1: vis F/ /T trm: 0 2981:com.google.process.gapps/u0a12 (service) + com.google.android.gms/.tapandpay.hce.service.TpHceService<=Proc{3484:com.android.nfc/1027} + Proc #11: prcp B/ /IB trm: 0 3392:com.google.android.inputmethod.latin/u0a64 (service) + com.google.android.inputmethod.latin/com.android.inputmethod.latin.LatinIME<=Proc{902:system/1000} + Proc #24: svc B/ /S trm: 0 27071:com.google.android.music:main/u0a67 (started-services) + Proc #22: svc B/ /S trm: 0 853:com.qualcomm.qcrilmsgtunnel/1001 (started-services) + Proc # 4: prev B/ /LA trm: 0 32734:com.google.android.GoogleCamera/u0a53 (previous) + Proc #23: svcb B/ /S trm: 0 671:com.qualcomm.telephony/1000 (started-services) + Proc #20: cch B/ /CE trm: 0 27659:com.android.providers.calendar/u0a2 (provider) + com.android.providers.calendar/.CalendarProvider2<=Proc{27697:com.google.android.calendar/u0a40} + Proc #13: cch B/ /CE trm: 0 653:com.google.android.gms.wearable/u0a12 (cch-empty) + Proc #10: cch B/ /S trm: 0 4067:com.google.android.talk/u0a62 (cch-started-ui-services) + Proc # 7: cch B/ /S trm: 0 18868:com.google.corp.huddle.android/u0a95 (cch-started-ui-services) + Proc # 6: cch B/ /CA trm: 0 27697:com.google.android.calendar/u0a40 (cch-act) + Proc # 8: cch+1 B/ /CA trm: 0 25675:com.google.android.apps.genie.geniewidget/u0a81 (cch-act) + Proc #16: cch+2 B/ /CE trm: 0 1272:com.google.android.keep/u0a106 (cch-empty) + Proc #15: cch+2 B/ /CE trm: 0 885:android.process.media/u0a9 (cch-empty) + Proc #14: cch+2 B/ /CE trm: 0 15146:android.process.acore/u0a3 (cch-empty) + Proc # 9: cch+3 B/ /CA trm: 0 17016:com.google.android.gm/u0a79 (cch-act) + Proc #19: cch+4 B/ /CE trm: 0 973:com.google.android.apps.maps/u0a66 (cch-empty) + Proc #18: cch+4 B/ /CE trm: 0 1091:com.google.android.apps.photos/u0a71 (cch-empty) + Proc #17: cch+4 B/ /CE trm: 0 1141:com.google.android.apps.plus/u0a74 (cch-empty) + Proc #12: cch+5 B/ /CA trm: 0 22299:com.google.android.apps.dogfood/u0a105 (cch-act) + Proc #21: cch+6 B/ /CE trm: 0 995:com.google.android.partnersetup/u0a18 (cch-empty)></pre><p></p> + </section> + +<h2 id="scans">扫描</h2> +<p>您可以按照以下步骤来确定过度执行蓝牙低功耗 (BLE) 扫描的应用:</p> +<ul> +<li>查找 <code>BluetoothLeScanner</code> 的日志消息:<pre> +$ grep 'BluetoothLeScanner' ~/downloads/bugreport.txt +07-28 15:55:19.090 24840 24851 D BluetoothLeScanner: onClientRegistered() - status=0 clientIf=5 +</pre></li> +<li>在日志消息中找到 PID。在此示例中,“24840”和“24851”分别为 PID(进程 ID)和 TID(线程 ID)。</li> +<li>找到与该 PID 关联的应用:<pre> +PID #24840: ProcessRecord{4fe996a 24840:com.badapp/u0a105} +</pre> +<p>在此示例中,程序包名称为 <code>com.badapp</code>。</p></li> +<li>在 Google Play 上查找该程序包名称,以找出相应的应用:<strong>https://play.google.com/store/apps/details?id=com.badapp</strong>。</li> +</ul> +<p class="note"><strong>注意</strong>:对于运行 Android 7.0 的设备,系统会收集 BLE 扫描数据,并会将这些活动与初始应用相关联。有关详情,请参阅<a href="/devices/tech/power/values.html#le-bt-scans">低功耗 (LE) 和蓝牙扫描</a>。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/report-bugs.html b/zh-cn/source/report-bugs.html new file mode 100644 index 00000000..ddaf61ee --- /dev/null +++ b/zh-cn/source/report-bugs.html @@ -0,0 +1,53 @@ +<html devsite><head> + <title>报告错误</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>感谢您对 Android 的关注!您可以帮助我们改进 Android 的最佳方式之一就是向我们报告您发现的任何问题。</p> +<p class="note"><strong>注意</strong>:对于安全漏洞,请使用 AOSP 错误跟踪工具<a href="https://code.google.com/p/android/issues/entry?template=Security%20bug%20report">安全错误报告</a>模板。如需了解详情,请参阅<a href="/security/overview/updates-resources.html#report-issues">报告安全问题</a>。</p> +<p>下面说明了如何报告<strong>非安全</strong>方面的错误:</p> +<ul> +<li> +<p><a href="https://code.google.com/p/android/issues/advsearch">搜索您的错误</a>,看看是否有人已报告过该错误。请记得在所有问题(而不仅仅是尚未解决的问题)中搜索,因为可能有用户已经报告过您的问题并且该问题已被关闭。要找到最热门的结果,请按收到的星数为结果排序。</p> +</li> +<li> +<p>如果您找到了所遇到的问题并且该问题对您来说很重要,请为其加注星标!这样我们就知道要着重修复哪些错误。</p> +</li> +<li> +<p>如果没有人报告过您的错误,请提交该错误。您可以使用以下模板之一:</p> +<ul> +<li> +<p><a href="https://code.google.com/p/android/issues/entry?template=User%20bug%20report">您设备中的错误</a> - 如果您是一名用户并且要报告您自己设备中的错误,请使用此模板</p> +</li> +<li> +<p><a href="https://code.google.com/p/android/issues/entry?template=Developer%20bug%20report">软件中的错误</a> - 如果您在开发应用的过程中发现错误,请使用此模板</p> +</li> +<li> +<p><a href="https://code.google.com/p/android/issues/entry?template=Feature%20request">功能请求</a> - 您可使用此模板提交您希望在未来的版本中看到的功能</p> +</li> +</ul> +</li> +</ul> +<p>请注意,问题跟踪工具不是用户支持论坛。它列出了待解决的技术任务、这些任务的相关信息以及有关这些任务处理进度的信息,包括哪些任务在短期内可能得到处理。</p> +<p>此问题跟踪工具仅限用于 Android 开放源代码项目。与零售设备(特别是 Nexus 之外的设备)相关的问题需要通过这些设备的支持渠道来报告。非 AOSP 应用的相关问题需要由这些应用的开发者报告;Google 应用也遵循此要求。</p> +<p>请注意,我们无法保证可以在任何特定版本中修复任何特定错误。要了解在您报告错误之后会出现什么情况,请阅读<a href="life-of-a-bug.html">错误的生命周期</a>。</p> +<p>一般情况下,请尽量提供详尽的错误信息。仅仅用一句话告诉我们某些方面存在问题通常不起任何作用,而且问题可能未经任何处理就会被关闭。您提供的详细信息越多,您的问题就越有可能得到解决。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/requirements.html b/zh-cn/source/requirements.html new file mode 100644 index 00000000..a6fbf476 --- /dev/null +++ b/zh-cn/source/requirements.html @@ -0,0 +1,95 @@ +<html devsite><head> + <title>要求</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>下载和编译 Android 源代码之前,请先确保您的系统符合以下要求。然后,请参阅<a href="initializing.html">构建编译环境</a>,查看适用于相应操作系统的安装说明。</p> + +<h2 id="hardware-requirements">硬件要求</h2> + +<p>您的开发工作站必须达到或超出以下硬件要求:</p> + +<ul> + + <li>如果是 Gingerbread (2.3.x) 及更高版本(包括 master 分支),需要使用 64 位环境。如果是较低的版本,则可以在 32 位系统中进行编译。 + </li> + + <li>如果是进行校验,至少需要 100GB 可用磁盘空间;如果是进行单次编译,至少需要 150GB 可用磁盘空间;如果是进行多次编译,至少需要 200GB 或更多可用磁盘空间。如果您使用 ccache,则需要更多空间。<p></p> + </li> + + <li>如果您在虚拟机中运行 Linux,则至少需要 16GB 的 RAM/交换空间。 + </li> + +</ul> + +<h2 id="software-requirements">软件要求</h2> + +<p><a href="https://android.googlesource.com/">Android 开放源代码项目 (AOSP)</a> <code>master</code> 分支历来是在 Ubuntu Long Term Support (LTS) 版本中进行开发和测试,但您也可以使用其他 Ubuntu 分发版本。要查看建议使用的版本,请参阅下面的列表。</p> + +<p>您的工作站必须具有下面列出的软件。要查看所需的其他程序包以及用于安装这些程序包的命令,请参阅<a href="initializing.html">构建编译环境</a>。</p> + +<h3 id="operating-system">操作系统</h3> + +<p>Android 通常是在 GNU/Linux 或 Mac OS 操作系统中进行编译。您也可以使用虚拟机在不支持的系统(例如 Windows)中编译 Android。<br /> + +</p><h4 id="linux">GNU/Linux</h4> + + <ul> + <li>Android 6.0 (Marshmallow) - AOSP master:Ubuntu 14.04 (Trusty)</li> + <li>Android 2.3.x (Gingerbread) - Android 5.x (Lollipop):Ubuntu 12.04 (Precise)</li> + <li>Android 1.5 (Cupcake) - Android 2.2.x (Froyo):Ubuntu 10.04 (Lucid)</li> + </ul> + +<h4 id="mac">Mac OS (Intel/x86)</h4> + + <ul> + <li>Android 6.0 (Marshmallow) - AOSP master:Mac OS v10.10 (Yosemite) 或更高版本,具有 Xcode 4.5.2 和命令行工具</li> + <li>Android 5.x (Lollipop):Mac OS v10.8 (Mountain Lion),具有 Xcode 4.5.2 和命令行工具</li> + <li>Android 4.1.x-4.3.x (Jelly Bean) - Android 4.4.x (KitKat):Mac OS v10.6 (Snow Leopard) 或 Mac OS X v10.7 (Lion),以及 Xcode 4.2(Apple 的开发者工具)</li> + <li>Android 1.5 (Cupcake) - Android 4.0.x (Ice Cream Sandwich):Mac OS v10.5 (Leopard) 或 Mac OS X v10.6 (Snow Leopard),以及 Mac OS X v10.5 SDK</li> + </ul> + +<h3 id="jdk">Java 开发套件 (JDK)</h3> + +<p>请注意,由于没有适用于 Ubuntu 14.04 的受支持 OpenJDK 8 程序包,因此您必须手动安装 Ubuntu 15.04 程序包。要查看具体说明,请参阅<a href="initializing.html#for-ubuntu-14-04">适用于 Ubuntu LTS 14.04 的 JDK</a>。</p> + <ul> + <li>AOSP 中 Android 的 master 分支:Ubuntu - <a href="http://openjdk.java.net/install/">OpenJDK 8</a>;Mac OS - <a href="http://www.oracle.com/technetwork/java/javase/downloads/java-archive-javase8-2177648.html#jdk-8u45-oth-JPR">jdk 8u45 或更高版本</a></li> + <li>Android 5.x (Lollipop) - Android 6.0 (Marshmallow):Ubuntu - <a href="http://openjdk.java.net/install/">OpenJDK 7</a>;Mac OS - <a href="https://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase7-521261.html#jdk-7u71-oth-JPR">jdk-7u71-macosx-x64.dmg</a></li> + <li>Android 2.3.x (Gingerbread) - Android 4.4.x (KitKat):Ubuntu - <a href="http://www.oracle.com/technetwork/java/javase/archive-139210.html">Java JDK 6</a>;Mac OS - <a href="http://support.apple.com/kb/dl1572">Java JDK 6</a></li> + <li>Android 1.5 (Cupcake) - Android 2.2.x (Froyo):Ubuntu - <a href="http://www.oracle.com/technetwork/java/javase/archive-139210.html">Java JDK 5</a></li> + </ul> + +<h3 id="packages">主要程序包</h3> + <ul> + <li><a href="http://www.python.org/download/">python.org</a> 中提供的 Python 2.6 - 2.7</li> + <li><a href="http://ftp.gnu.org/gnu/make/">gnu.org</a> 中提供的 GNU Make 3.81 - 3.82;对于 Android 3.2.x (Honeycomb) 及更低版本,则需要<a href="initializing.html#reverting-from-make-382">将 make 3.82 还原到较低版本</a>,以避免出现编译错误</li> + <li><a href="http://git-scm.com/download">git-scm.com</a> 中提供的 Git 1.7 或更高版本</li> + </ul> + +<h3 id="binaries">设备二进制文件</h3> +<p>下载预览、出厂映像、驱动程序、无线 (OTA) 更新和下列其他 Blob。如需更多详细信息,请参阅<a href="/source/building.html#obtaining-proprietary-binaries">下载专有二进制文件</a><a></a>。</p><a> + </a><ul><a> + </a><li><a></a><a href="https://developers.google.com/android/nexus/blobs-preview">预览二进制文件 (Blob)</a> - 用于 AOSP <code>master</code> 分支开发</li> + <li><a href="https://developers.google.com/android/nexus/images">出厂映像</a> - 针对运行带标记的 AOSP 版本分支的受支持设备</li> + <li><a href="https://developers.google.com/android/nexus/drivers">硬件支持二进制文件</a> - 针对运行带标记的 AOSP 版本分支的设备</li> + <li><a href="https://developers.google.com/android/nexus/ota">OTA 映像</a> - 用于通过无线方式手动更新 Nexus 设备</li> + </ul> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/roles.html b/zh-cn/source/roles.html new file mode 100644 index 00000000..e2a682dc --- /dev/null +++ b/zh-cn/source/roles.html @@ -0,0 +1,63 @@ +<html devsite><head> + <title>项目角色</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>Android 开放源代码项目 (AOSP) 涉及担任各种角色的人员。Google 负责 Android 产品管理以及核心框架和平台的工程流程;不过,该项目要考虑所有来源的贡献,而不仅仅只是 Google 的贡献。本页介绍了有兴趣者可以担任的各种角色。</p> +<p>任何有兴趣探索 Android 以及有兴趣为 Android 做贡献的人都可以使用 Android 开放源代码项目资源。任何人都可以加入论坛、提问、贡献补丁程序、报告错误、查看贡献者提交的补丁程序,以及使用相关工具。要开始进行 Android 代码方面的事情,请参阅<a href="/source/contributing.html">贡献</a>。</p> +<h2 id="contributor">贡献者</h2> +<p>“贡献者”是指为 AOSP 源代码做贡献的人,包括 Google 或其他公司的员工,以及以个人名义为 Android 做贡献的个人开发者。Google 聘请的贡献者与其他贡献者并无差别;所有工程师都使用相同的工具(Git、Repo 和 Gerrit),遵循相同的代码审核流程,并遵守相同的代码样式要求,等等。</p> +<h2 id="developer">开发者</h2> +<p>“开发者”是指编写在 Android 设备上运行的应用的工程师。开发者与贡献者要具备的技能通常并没有太大差异。但 AOSP 使用“开发者”将使用该平台的工程师与为该平台做贡献的工程师区分开来。开发者(以及用户)是贡献者打造的 Android 平台的“客户”。因此,我们经常会提到开发者,尽管从技术层面来讲,其本质上并不是 AOSP 中的一个单独角色。</p> +<h2 id="verifier">验证者</h2> +<p>“验证者”负责测试更改请求。当有人向该项目提交了大量高质量代码后,项目负责人可能会邀请他们成为验证者。</p> +<p class="note"><strong>注意</strong>:目前,验证者的角色与审批者类似。</p> +<h2 id="approver">审批者</h2> +<p>“审批者”是该项目中经验丰富的成员,他们展现出了出色的设计技能,并为该项目做出了重大的技术贡献。在代码审核流程中,审批者会决定是纳入还是排除某项更改。项目负责人(通常是 Google 员工)负责选择审批者,有时也会将曾在特定项目中展现出杰出专业技能的验证者晋升为审批者。</p> +<h2 id="project-leads">项目负责人</h2> +<p>Android 包含许多子项目;您可以在 Git 存储库中看到这些作为单个 .git 文件存在的子项目。“项目负责人”是资深贡献者,负责监督各个 Android 项目的工程工作。这些项目负责人通常是 Google 员工。各个项目的负责人负责以下事项:</p> +<ul> +<li> +<p>主导项目的所有技术事宜,包括项目路线图、开发、发布周期、版本管理和质量保证 (QA)。</p> +</li> +<li> +<p>确保项目及时通过 QA 测试,不耽误预定的 Android 平台发布。</p> +</li> +<li> +<p>为贡献者提交的补丁程序指定验证者和审批者。</p> +</li> +<li> +<p>在审核更改时保持客观公正。根据技术价值以及是否符合 Android 策略来接受或拒绝补丁程序。</p> +</li> +<li> +<p>及时审核更改,并在更改未被接受时尽最大努力与相关人员进行沟通。</p> +</li> +<li> +<p>视需要维护项目的网站,以便提供针对相应项目的信息和文档。</p> +</li> +<li> +<p>担任解决技术冲突的调解者。</p> +</li> +<li> +<p>担任项目的公开负责人以及项目相关问题的联系人。</p> +</li> +</ul> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/running.html b/zh-cn/source/running.html new file mode 100644 index 00000000..0e0feae0 --- /dev/null +++ b/zh-cn/source/running.html @@ -0,0 +1,391 @@ +<html devsite><head> + <title>运行编译系统</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>本页提供了关于在特定设备上运行编译系统的详细信息,是对<a href="/source/building.html">编译系统</a>部分的补充。</p> + +<h2 id="building-fastboot-and-adb">编译 fastboot 和 adb</h2> +<p>如果您还没有 fastboot 和 adb,则可以使用常规编译系统来编译。请按照<a href="/source/building.html">编译系统</a>中的说明操作,将主 <code>make</code> 命令替换为以下命令:</p> +<pre><code>$ make fastboot adb +</code></pre> + +<h2 id="booting-into-fastboot-mode">启动进入 fastboot 模式</h2> +<p><em></em>Fastboot 是一种引导加载程序模式,您可以在该模式下刷写设备。在设备冷启动过程中,可使用以下组合键进入 fastboot 模式:</p> +<table> +<thead> +<tr> +<th>代号</th> +<th>设备</th> +<th>组合键</th> +</tr> +</thead> +<tbody> +<tr> +<td>marlin</td><td>Pixel XL</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>sailfish</td> +<td>Pixel</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>hikey</td> +<td>hikey</td> +<td>连接 J15 的引脚 1-2 和 5-6</td> +</tr> +<tr> +<td>angler</td> +<td>Nexus 6P</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>bullhead</td> +<td>Nexus 5X</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>shamu</td> +<td>Nexus 6</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>fugu</td> +<td>Nexus Player</td> +<td>按住电源键<em></em></td> +</tr> +<tr> +<td>volantis</td> +<td>Nexus 9</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>hammerhead</td> +<td>Nexus 5</td> +<td>同时按住音量调高键和音量调低键,然后按住电源键<em></em><em></em><em></em></td> +</tr> +<tr> +<td>flo</td> +<td>Nexus 7</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>deb</td> +<td>Nexus 7 3G</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>manta</td> +<td>Nexus 10</td> +<td>同时按住音量调高键和音量调低键,然后按住电源键<em></em><em></em><em></em></td> +</tr> +<tr> +<td>mako</td> +<td>Nexus 4</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>grouper</td> +<td>Nexus 7 (2012)</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>tilapia</td> +<td>Nexus 7 3G (2012)</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>phantasm</td> +<td>Nexus Q</td> +<td>启动设备,LED 指示灯亮起后用一只手盖住设备,直至指示灯变成红色</td> +</tr> +<tr> +<td>maguro</td> +<td>Galaxy Nexus GSM</td> +<td>同时按住音量调高键和音量调低键,然后按住电源键<em></em><em></em><em></em></td> +</tr> +<tr> +<td>toro</td> +<td>Galaxy Nexus (Verizon)</td> +<td>同时按住音量调高键和音量调低键,然后按住电源键<em></em><em></em><em></em></td> +</tr> +<tr> +<td>toroplus</td> +<td>Galaxy Nexus (Sprint)</td> +<td>同时按住音量调高键和音量调低键,然后按住电源键<em></em><em></em><em></em></td> +</tr> +<tr> +<td>wingray</td> +<td>Motorola Xoom</td> +<td>按住音量调低键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>crespo</td> +<td>Nexus S</td> +<td>按住音量调高键,然后按住电源键<em></em><em></em></td> +</tr> +<tr> +<td>crespo4g</td> +<td>Nexus SG</td> +<td>按住音量调高键,然后按住电源键<em></em><em></em></td> +</tr> +</tbody> +</table> +<p>您还可以使用命令 <code>adb reboot bootloader</code> 直接在 Android 系统中重新启动进入引导加载程序,而无需使用任何组合键。</p> + +<h2 id="unlocking-the-bootloader">解锁引导加载程序</h2> + +<p>只有在引导加载程序允许的情况下,您才可以刷写定制系统,而引导加载程序默认处于锁定状态。您可以解锁引导加载程序,但这样做会导致系统出于保护隐私方面的考虑而删除用户数据。<em></em>解锁之后,系统会清空设备上的所有数据,即应用中的个人数据以及可通过 USB 访问的共享数据(包括照片和影片)。请务必先备份设备上的所有重要文件,然后再尝试解锁引导加载程序。</p> + +<p>您只需解锁引导加载程序一次即可,并可视需要将其重新锁定。</p> + +<h3>解锁新款设备</h3> +<p>自 2014 年以来发布的所有 Nexus 和 Pixel 设备(从 Nexus 6 和 Nexus 9 开始)都内置有恢复出厂设置保护功能,需要通过多个步骤才能解锁引导加载程序。</p> + +<ol> +<li>在设备上启用 OEM 解锁: +<ol style="list-style-type:lower-alpha"> +<li>在“设置”中,点按<strong>关于手机</strong>,然后点按<strong>版本号</strong>七 (7) 次。</li> +<li>当看到“您已处于开发者模式”这条消息后,点按返回按钮。</li> +<li>点按<strong>开发者选项</strong>,然后启用 <strong>OEM 解锁</strong>和 <strong>USB 调试</strong>。(如果 OEM 解锁处于停用状态,请连接到互联网,以便设备可以至少签到一次。如果 OEM 解锁仍处于停用状态,则说明您的设备可能已被运营商锁定 SIM 卡,系统无法解锁引导加载程序。)</li></ol></li> +<li>重新启动进入引导加载程序,然后使用 fastboot 解锁。 +<ul> +<li>对于新款设备(2015 年及之后发布的设备):<code>$ fastboot flashing unlock</code> +</li> +<li>对于老款设备(2014 年及之前发布的设备):<code>$ fastboot oem +unlock</code></li></ul>您必须在屏幕上确认解锁。</li></ol> + +<p class="note"><strong>注意</strong>:在 Nexus 10 上,解锁引导加载程序后,内部存储仍保持未格式化状态。您可以依次使用 <code>fastboot format cache</code> 和 <code>fastboot format userdata</code> 来格式化设备</p> + +<h3 id="relocking-the-bootloader">重新锁定引导加载程序</h3> +<p>要重新锁定引导加载程序,请执行以下命令:</p> +<ul> +<li>对于新款设备(2015 年及之后发布的设备):<code>$ fastboot flashing lock</code></li> +<li>对于老款设备(2014 年及之后发布的设备):<code>$ fastboot oem lock</code></li> +</ul> + +<p class="note"><strong>注意</strong>:在 Motorola Xoom 上重新锁定引导加载程序会清空用户数据(包括共享的 USB 数据)。</p> + +<h2 id="flash-unlock">使用刷写解锁</h2> + +<p>Android 7.0 包含一个新的系统 API <code>getFlashLockState()</code>(用于传输引导加载程序状态)以及以下系统 API(用于返回兼容设备上引导加载程序的锁定状态):</p> + +<pre> +PersistentDataBlockManager.getFlashLockState() +</pre> + +<table> +<tbody><tr> +<th>返回的值</th> +<th>条件</th> +</tr> +<tr> +<td><code>FLASH_LOCK_UNKNOWN</code> +</td> +<td><p>仅升级到 Android 7.0 的符合以下条件的设备会返回此值:设备支持刷写锁定/解锁功能,但尚不支持获取刷写锁定状态所需的引导加载程序变更。</p> +<p>新款 Android 7.0 设备必须处于 <code>FLASH_LOCK_LOCKED</code> 或 <code>FLASH_LOCK_UNLOCKED</code> 状态。如果某设备升级到了 Android 7.0,且不支持刷写解锁/锁定功能,则应仅会返回 <code>FLASH_LOCK_LOCKED</code> 状态。</p> +</td> +</tr> +<tr> +<td><code>FLASH_LOCK_LOCKED</code> +</td> +<td>不支持刷写锁定/解锁的设备(即设备始终处于锁定状态)或支持刷写锁定/解锁且处于锁定状态的设备应该会返回此值。 +</td> +</tr> +<tr> +<td><code>FLASH_LOCK_UNLOCKED</code> +</td> +<td>支持刷写锁定/解锁且当前处于已解锁状态的设备会返回此值。 +</td> +</tr> +</tbody></table> + +<h3 id="examples-and-source">示例和源代码</h3> + +<p>AOSP 包含参考实现代码,根据 <code>ro.boot.flash.locked</code> 启动属性返回值。具体代码位于以下目录中:</p> + +<pre> +frameworks/base/services/core/java/com/android/server/PersistentDataBlockService.java +frameworks/base/core/java/android/service/persistentdata/PersistentDataBlockManager.java +</pre> + +<h3 id="validation">验证</h3> +<p>制造商应测试已锁定引导加载程序的设备和已解锁引导加载程序的设备返回的值。</p> + +<h2 id="selecting-device-build">选择设备编译系统</h2> + +<p>启动菜单中提供了建议的设备编译系统,在不使用任何参数的情况下运行 <code>lunch</code> 命令即可查看。您可以从 developers.google.com 下载 Nexus 设备的出厂映像和二进制文件:</p> + +<ul> +<li><a href="https://developers.google.com/android/nexus/blobs-preview">预览二进制文件 (Blob)</a></li> +<li><a href="https://developers.google.com/android/nexus/images">已发布设备的出厂映像</a></li> +<li><a href="https://developers.google.com/android/nexus/drivers">已发布设备的支持二进制文件(驱动程序)</a></li> +</ul> + +<p>有关详情以及其他资源,请参阅<a href="building.html#obtaining-proprietary-binaries">获取专有二进制文件</a>和<a href="requirements.html#binaries">设备二进制文件要求</a>。</p> + +<table> +<thead> +<tr> +<th>设备</th> +<th>代号</th> +<th>编译配置</th> +</tr> +</thead> +<tbody> +<tr> +<td>Pixel XL</td> +<td>marlin</td> +<td>aosp_marlin-userdebug</td> +</tr> +<tr> +<td>Pixel</td> +<td>sailfish</td> +<td>aosp_sailfish-userdebug</td> +</tr> +<tr> +<td>HiKey</td> +<td>hikey</td> +<td>hikey-userdebug</td> +</tr> +<tr> +<td>Nexus 6P</td> +<td>angler</td> +<td>aosp_angler-userdebug</td> +</tr> +<tr> +<td>Nexus 5X</td> +<td>bullhead</td> +<td>aosp_bullhead-userdebug</td> +</tr> +<tr> +<td>Nexus 6</td> +<td>shamu</td> +<td>aosp_shamu-userdebug</td> +</tr> +<tr> +<td>Nexus Player</td> +<td>fugu</td> +<td>aosp_fugu-userdebug</td> +</tr> +<tr> +<td>Nexus 9</td> +<td>volantis (flounder)</td> +<td>aosp_flounder-userdebug</td> +</tr> +<tr> +<td>Nexus 5 (GSM/LTE)</td> +<td>hammerhead</td> +<td>aosp_hammerhead-userdebug</td> +</tr> +<tr> +<td>Nexus 7 (WLAN)</td> +<td>razor (flo)</td> +<td>aosp_flo-userdebug</td> +</tr> +<tr> +<td>Nexus 7(移动版)</td> +<td>razorg (deb)</td> +<td>aosp_deb-userdebug</td> +</tr> +<tr> +<td>Nexus 10</td> +<td>mantaray (manta)</td> +<td>full_manta-userdebug</td> +</tr> +<tr> +<td>Nexus 4</td> +<td>occam (mako)</td> +<td>full_mako-userdebug</td> +</tr> +<tr> +<td>Nexus 7 (WLAN)</td> +<td>nakasi (grouper)</td> +<td>full_grouper-userdebug</td> +</tr> +<tr> +<td>Nexus 7(移动版)</td> +<td>nakasig (tilapia)</td> +<td>full_tilapia-userdebug</td> +</tr> +<tr> +<td>Galaxy Nexus (GSM/HSPA+)</td> +<td>yakju (maguro)</td> +<td>full_maguro-userdebug</td> +</tr> +<tr> +<td>Galaxy Nexus (Verizon)</td> +<td>mysid (toro)</td> +<td>aosp_toro-userdebug</td> +</tr> +<tr> +<td>Galaxy Nexus(试验版)</td> +<td>mysidspr (toroplus)</td> +<td>aosp_toroplus-userdebug</td> +</tr> +<tr> +<td>Motorola Xoom(美国 WLAN 版)</td> +<td>wingray</td> +<td>full_wingray-userdebug</td> +</tr> +<tr> +<td>Nexus S</td> +<td>soju (crespo)</td> +<td>full_crespo-userdebug</td> +</tr> +<tr> +<td>Nexus S 4G</td> +<td>sojus (crespo4g)</td> +<td>full_crespo4g-userdebug</td> +</tr> +</tbody> +</table> + +<p class="note"><b>注意</b>:请不要在原本搭载 Android 4.1.2 或更高版本的 Nexus 7 上使用 Android 4.1.1。</p> + +<h2 id="flashing-a-device">刷写设备</h2> + +<p>您可以通过运行一个命令来刷写整个 Android 系统;这样做可验证正在刷写的系统与已安装的引导加载程序和无线通信模块的驱动程序是否兼容,还可以将启动、恢复和系统分区一起写入,然后重新启动系统。与 <code>fastboot oem +unlock</code> 类似,刷写设备也会清空所有用户数据。</p> + +<p>您可以通过两种方式使设备进入 fastboot 模式:在启动时按住相应的组合键手动实现此操作;从 shell 运行以下命令:</p> + +<pre> +$ adb reboot bootloader +</pre> + +<p>在设备处于 fastboot 模式后,运行以下命令:</p> + +<pre> +$ fastboot flashall -w +</pre> + +<p><code>-w</code> 选项会清除设备上的 <code>/data</code> 分区;该选项在您第一次刷写特定设备时非常有用,但在其他情况下则没必要使用。</p> + +<p class="note"><strong>注意</strong>:在 Motorola Xoom 上通过 fastboot 创建的文件系统无法发挥最佳作用。建议您使用 <code>$ adb reboot recovery</code> 命令通过恢复功能来重新创建文件系统。在执行恢复操作时,打开菜单(同时按电源键和音量调高键),清除缓存分区,然后清除数据。</p> + +<h2 id="restoring-devices-to-factory-state">将设备恢复到出厂状态</h2> + +<p>您可以在 <a href="https://developers.google.com/android/nexus/images">Google 的出厂映像</a>页面上查看 Nexus 5、Nexus 10、Nexus 4、Nexus Q、Nexus 7、Galaxy Nexus(GSM/HSPA+“yakju”和“takju”,CDMA/LTE“mysid”和“mysidspr”)、Nexus S 和 Nexus S 4G 的出厂映像。</p> + +<p>Motorola Xoom 的出厂映像由 Motorola 直接提供。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/site-updates.html b/zh-cn/source/site-updates.html new file mode 100644 index 00000000..d717ad2b --- /dev/null +++ b/zh-cn/source/site-updates.html @@ -0,0 +1,57 @@ +<html devsite><head> + <title>网站更新</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>本页介绍了我们对 source.android.com 进行的重大修订。要查看我们对本网站进行的更改的完整列表,请参阅 <a href="https://android.googlesource.com/platform/docs/source.android.com/+log/master?no-merges">Android 开放源代码项目 (AOSP) 文档/source.android.com 日志</a>。 + +</p><h2 id="april-2017">2017 年 4 月</h2> +<p>欢迎访问新版 source.android.com!本网站经过了全新改版,可让您更轻松地浏览、搜索和阅读日益增多的信息。以下是我们对本网站所做改进的摘要:</p> + +<h3 id="screen-estate">屏幕空间更宽裕,字体更大</h3> +<p>整个网站的空间更宽裕,可让您同时查看更多内容。代码示例和命令更加醒目,并且所有文字均采用了更大的字体。</p> + +<h3 id="mobile-ready">适合移动设备的视图</h3> +<p>通过专用的移动视图,新版网站可以在手持设备上更明晰地呈现内容。</p> + +<div style="width:407px"> + <img src="images/mobile-view.png" alt="新移动视图" height="533px"/> + <p class="img-caption"> + <strong>图 1.</strong> 网站的新移动视图</p> +</div> + +<h3 id="top-tabs">新的顶级标签</h3> +<p><em></em>之前的“设备”标签已更名为<a href="/devices/">移植</a>,<em></em>并且之前的“核心技术”子标签已更名为<a href="/devices/tech/">微调</a>并移到了网站顶部,以便更好地显示给用户。</p> + +<h3 id="security-forefront">“安全性”标签排在了前列</h3> +<p>随着人们越来越关注 Android 的安全性,我们将<a href="/security/">安全性</a>标签向前移到了<a href="/source/">源代码</a>旁边,以体现其重要性。</p> + +<h3 id="reference-materials">更好的参考资料</h3> +<p>您可以直接从顶层的<a href="/reference/">参考资料</a>标签获得<a href="/reference/hal/">硬件抽象层</a>和 <a href="/reference/tradefed/packages">Trade Federation</a> 参考资料。</p> + +<h3 id="code-links">每页都有的代码链接</h3> +<p>在每个页面中,您只需点击一下右上角的<strong>转到源代码</strong>按钮,即可访问 <a href="https://android.googlesource.com/">AOSP 代码存储库</a>。</p> + +<h3 id="comprehensive-footers">包罗广泛的页脚</h3> +<p><em></em><em></em><em></em>除了已有的“关于”、“社区”和“法律”页脚之外,现在您还可以在每个页面的底部找到完整的链接列表。通过这些链接,您可以编译 Android、与 Android 生态系统建立联系,以及获得使用操作系统方面的帮助。</p> +<hr /> +<p>和以往一样,我们衷心希望收到您的反馈,您可以使用每个页面(首页除外)右上角附近的<strong>发送反馈</strong>按钮向我们发送反馈。您可以在<strong>转到源代码</strong>下方找到该按钮。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/submit-patches.html b/zh-cn/source/submit-patches.html new file mode 100644 index 00000000..0cf4ac3a --- /dev/null +++ b/zh-cn/source/submit-patches.html @@ -0,0 +1,179 @@ +<html devsite><head> + <title>提交补丁程序</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>本页介绍向 AOSP 提交补丁程序的完整流程,包括使用 <a href="https://android-review.googlesource.com/">Gerrit</a> 查看和跟踪更改。</p> +<h3 id="prerequisites">前提条件</h3> +<ul> +<li> +<p>您需要先<a href="/source/initializing.html">初始化编译环境</a>、<a href="/source/downloading.html">下载源代码</a>、<a href="https://android.googlesource.com/new-password">创建密码</a>并按照密码生成器页面上的说明操作,然后再按照本页上的说明操作。</p> +</li> +<li> +<p>如需详细了解 Repo 和 Git,请参阅<a href="/source/developing.html">开发</a>部分。</p> +</li> +<li> +<p>如需了解您可以在 Android 开放源代码社区中担任的不同角色,请参阅<a href="/source/roles.html">项目角色</a>。</p> +</li> +<li> +<p>如果您计划向 Android 平台贡献代码,请务必阅读 <a href="/source/licenses.html">AOSP 的许可信息</a>。</p> +</li> +<li> +<p>请注意,如果要对 Android 使用的某些上游项目做出更改,请直接针对相应项目进行更改,如<a href="#upstream-projects">上游项目</a>部分中所述。</p> +</li> +</ul> +<h2 id="for-contributors">贡献者须知</h2> +<h3 id="authenticate-with-the-server">向服务器验证身份</h3> +<p>您需要先<a href="https://android.googlesource.com/new-password">创建一个密码</a>(该密码将用于服务器识别您的身份),然后您才可以向 Gerrit 上传内容。请按照密码生成器页面上的说明操作。您只需执行此流程一次即可。如需了解详情,请参阅<a href="/source/downloading.html#using-authentication">使用身份验证</a>。</p> +<h3 id="start-a-repo-branch">新建一个 Repo 分支</h3> +<p>对于您打算进行的每项更改,请在相关的 Git 存储库中新建一个分支:</p> +<pre><code>$ repo start NAME . +</code></pre> +<p>您可以在同一存储库中同时新建多个独立的分支。“NAME”分支是您的工作区的本地分支,不会包含在 Gerrit 或最终源代码树中。</p> +<h3 id="make-your-change">进行更改</h3> +<p>在您修改源代码文件(并且验证)后,请将这些更改提交到您的本地存储库:</p> +<pre><code>$ git add -A +$ git commit -s +</code></pre> +<p>请在您的提交消息中提供相关更改的详细说明。该说明将会被推送到公开 AOSP 存储库,因此请按照我们的准则来撰写更改列表说明:</p> +<ul> + +<li> +<p>以一行摘要(最多 50 个字符)开头,后跟一个空白行。这是 Git 和 Gerrit 支持的格式,适用于各种屏幕尺寸的设备。</p> +</li> + +<li> +<p>从第三行开始输入较长的说明,说明会在达到 72 个字符时自动硬回车换行。该部分应着重说明更改解决了什么问题,以及如何解决了问题。尽管我们建议您提供第二部分的内容,但这在实现新功能时是可选内容。</p> +</li> +<li> +<p>添加对任何假设或背景信息的简短说明,这些内容可能对下一年研究此功能的其他贡献者起到很大的帮助作用。</p> +</li> +</ul> + +<p>以下是一个示例提交消息:</p> +<pre><code>short description on first line + +more detailed description of your patch, +which is likely to take up multiple lines. +</code></pre> + +<p><code>repo +init</code> 期间提供的唯一更改 ID 以及您的姓名和电子邮件将自动添加到您的提交消息中。</p> +<h3 id="upload-to-gerrit">上传到 Gerrit</h3> +<p>将更改提交到您的个人历史记录后,请使用以下命令将其上传到 Gerrit:</p> +<pre><code>$ repo upload +</code></pre> +<p>如果您在同一存储库中新建了多个分支,则系统会提示您选择要上传的分支。</p> +<p>上传成功后,Repo 会为您提供 <a href="https://android-review.googlesource.com/">Gerrit</a> 上对应新页面的网址。访问该链接可在审核服务器上查看您上传的补丁程序、添加注释,或者为您的补丁程序申请特定审核者。</p> +<h3 id="uploading-a-replacement-patch">上传替换补丁程序</h3> +<p>假设某位审核者已看过您的补丁程序,并要求您做一些小小的修改。您可以在 Git 中修改提交,这会在 Gerrit 中生成一个新的补丁程序,但具有与原始补丁程序相同的更改 ID。</p> +<p><em>请注意,如果您在上传该补丁程序之后进行了其他提交,那么您需要手动移动 Git HEAD。</em></p> +<pre><code>$ git add -A +$ git commit --amend +</code></pre> +<p>当您上传修改后的补丁程序时,它将替换 Gerrit 和本地 Git 历史记录中的原始补丁程序。</p> +<h3 id="resolving-sync-conflicts">解决同步冲突</h3> +<p>如果提交到源代码树的其他补丁程序与您的存在冲突,那么您需要在源代码存储库的新 HEAD 的基础上对您的补丁程序执行“衍合”(rebase) 命令。执行此操作的一种简单方法是运行以下命令:</p> +<pre><code>$ repo sync +</code></pre> +<p>此命令首先从源代码服务器获取更新,然后尝试在新的远程 HEAD 的基础上对您的 HEAD 自动执行衍合命令。</p> +<p>如果自动衍合命令失败,您就必须手动执行衍合。</p> +<pre><code>$ repo rebase +</code></pre> +<p>使用 <code>git mergetool</code> 可帮助您处理衍合冲突。在成功合并冲突文件后,运行以下命令:</p> +<pre><code>$ git rebase --continue +</code></pre> +<p>在自动或手动衍合完成之后,运行 <code>repo +upload</code> 来提交衍合后的补丁程序。</p> +<h3 id="after-a-submission-is-approved">提交内容获得批准后</h3> +<p>在提交内容通过审核和验证流程之后,Gerrit 会自动将更改合并到公开存储库。其他用户可以运行 <code>repo sync</code> 将更新提取到自己的本地客户端。</p> +<h2 id="for-reviewers-and-verifiers">审核者和验证者须知</h2> +<h3 id="reviewing-a-change">审核更改</h3> +<p>如果您被指定为某项更改的审批者,则需要确定以下事项:</p> +<ul> +<li> +<p>此项更改是否符合此项目既定的目的?</p> +</li> +<li> +<p>此项更改在项目的现有架构中是否有效?</p> +</li> +<li> +<p>此项更改是否会引入在将来造成问题的设计缺陷?</p> +</li> +<li> +<p>此项更改是否遵循了针对此项目中制定的最佳做法?</p> +</li> +<li> +<p>此项更改是否是执行所述功能的绝佳方式?</p> +</li> +<li> +<p>此项更改是否会带来任何安全风险或不稳定性方面的风险?</p> +</li> +</ul> +<p>如果您批准此项更改,请在 Gerrit 中将其标记为 LGTM(“看起来不错”)。</p> +<h3 id="verifying-a-change">验证更改</h3> +<p>如果您被指定为某项更改的验证者,则需要执行以下工作:</p> +<ul> +<li> +<p>使用其中一种下载命令将更改以补丁程序的形式添加到自己的本地客户端。</p> +</li> +<li> +<p>编译和测试更改。</p> +</li> +<li> +<p>在 Gerrit 中,使用“Publish Comments”(发布注释)功能将提交标记为“Verified”(已验证)或“Fails”(失败),并添加一条消息说明发现了哪些问题。</p> +</li> +</ul> +<h3 id="downloading-changes-from-gerrit">从 Gerrit 下载更改</h3> +<p>已验证并合并的提交内容将在下一次运行 <code>repo sync</code> 时下载。如果您希望下载尚未获得批准的特定更改,请运行以下命令:</p> +<pre><code>$ repo download TARGET CHANGE +</code></pre> +<p>其中 TARGET 是更改应该下载到的本地目录,CHANGE 是 <a href="https://android-review.googlesource.com/">Gerrit</a> 中列出的更改编号。如需了解详细信息,请参阅 <a href="/source/using-repo.html">Repo 参考资料</a>。</p> +<h3 id="how-do-i-become-a-verifier-or-approver">如何成为验证者或审批者?</h3> +<p>简言之,为一个或多个 Android 项目贡献高质量代码。要详细了解 Android 开放源代码社区中的不同角色以及谁在担任这些角色,请参阅<a href="/source/roles.html">项目角色</a>。</p> +<h3 id="diffs-and-comments">差异和注释</h3> +<p>要在 Gerrit 中打开某项更改的详细信息,请点击该项更改的“ID 号”或“主题”。要比较已定版的原有代码与更新后的代码,请点击“Side-by-side diffs”(并排显示差异)下的文件名。</p> +<h3 id="adding-comments">添加注释</h3> +<p>社区中的任何人都可以使用 Gerrit 为提交的代码添加代码内注释。符合标准的注释会与 Gerrit 中其所依附的代码行或代码段相关。这可能是关于如何改进一行代码的简短而有建设性的建议,也可能是作者对于为什么这样编写代码的解释。</p> +<p>要添加代码内注释,请双击代码的相关行,然后在打开的文本框中编写注释。点击“Save”(保存)后,只有您可以看到自己的注释。</p> +<p>要发布注释以便让其他使用 Gerrit 的人可以看到,请点击“Publish Comments”(发布注释)按钮。您的注释将通过电子邮件发送给相应更改的所有相关方,包括更改的所有者、补丁程序集上传者(如果与所有者不同)以及所有当前审核者。</p> +<p><a name="upstream-projects"></a></p> +<h2 id="upstream-projects">上游项目</h2> +<p>Android 使用了许多其他开放源代码项目,例如<a href="/source/code-lines.html">代码行、分支和版本</a>中所述的 Linux 内核和 WebKit。对于 <code>external/</code> 下的大多数项目,如果要提交更改,则应该在上游进行,然后 Android 维护者会收到有关包含这些更改的新上游版本的通知。上传补丁程序也可能有助于我们跟踪新的上游版本,但如果是 Android 中广泛使用的项目(如下面提到的大多数大型项目),我们将很难做出更改。在这种情况下,我们倾向于在每次发布版本时进行升级。</p> +<p>一个有趣的特殊情况是 Bionic。由于大部分代码都是来自 BSD,因此,除非更改涉及对 Bionic 新内容的编码,否则我们宁愿使用上游修复程序,然后从相应的 BSD 中提取一个全新文件。(可惜的是,我们目前有各种不同的 BSD,但我们希望将来能够解决该问题,并能够更密切地跟踪上游项目。)</p> +<h3 id="icu4c">ICU4C</h3> +<p>对于 <code>external/icu4c</code> 中的 ICU4C 项目,所有更改都应该通过 <a href="http://site.icu-project.org/">icu-project.org/</a> 在上游进行。如需了解详情,请参阅<a href="http://site.icu-project.org/bugs">提交 ICU 错误和功能请求</a>。</p> + +<h3 id="llvmclangcompiler-rt">LLVM/Clang/Compiler-rt</h3> +<p>对 LLVM 相关项目(<code>external/clang</code>、<code>external/compiler-rt</code>、<code>external/llvm</code>)的所有更改都应该通过 <a href="http://llvm.org/">llvm.org/</a> 在上游进行。</p> + +<h3 id="mksh">mksh</h3> +<p>对于 <code>external/mksh</code> 中的 MirBSD Korn Shell 项目,所有更改都应该在上游进行:通过向 miros-mksh@mirbsd.org 发送电子邮件(无需订阅即可提交)或者在 <a href="https://launchpad.net/mksh">Launchpad</a> 中进行(可选)。 +</p> +<h3 id="openssl">OpenSSL</h3> +<p>对于 <code>external/openssl</code> 中的 OpenSSL 项目,所有更改都应该通过 <a href="http://www.openssl.org">openssl.org</a> 在上游进行。</p> +<h3 id="v8">V8</h3> +<p>对于 <code>external/v8</code> 中的 V8 项目,所有更改都应该通过 <a href="https://code.google.com/p/v8">code.google.com/p/v8</a> 在上游提交。如需了解详情,请参阅<a href="https://code.google.com/p/v8/wiki/Contributing">为 V8 贡献代码</a>。</p> +<h3 id="webkit">WebKit</h3> +<p>对于 <code>external/webkit</code> 中的 WebKit 项目,所有更改都应该通过 <a href="http://www.webkit.org">webkit.org</a> 在上游进行。该过程需从提交 WebKit 错误开始。只有当该错误仅限于 Android 时,才可以在 <code>Platform</code> 和 <code>OS</code> 字段中使用 <code>Android</code>。如果附有建议的修复程序并包含测试结果,则错误更有可能引起审核者的注意。如需了解详情,请参阅<a href="http://webkit.org/coding/contributing.html">为 WebKit 贡献代码</a>。</p> +<h3 id="zlib">zlib</h3> +<p>对于 <code>external/zlib</code> 中的 zlib 项目,所有更改都应该通过 <a href="http://zlib.net">zlib.net</a> 在上游进行。</p> + +</body></html>
\ No newline at end of file diff --git a/zh-cn/source/using-repo.html b/zh-cn/source/using-repo.html new file mode 100644 index 00000000..7bef3f8a --- /dev/null +++ b/zh-cn/source/using-repo.html @@ -0,0 +1,258 @@ +<html devsite><head> + <title>Repo 命令参考资料</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>使用 Repo 需遵循的格式如下:</p> +<pre><code>repo <em><COMMAND></em> <em><OPTIONS></em> +</code></pre> +<p>可选元素显示在方括号 [ ] 中。例如,许多命令会将项目列表用作参数。您可以为项目指定项目列表,作为名称列表或本地源代码目录的路径列表:</p> +<pre><code>repo sync [<em><PROJECT0></em> <em><PROJECT1></em> <em><PROJECTN></em>] +repo sync [<em></PATH/TO/PROJECT0></em> ... <em></PATH/TO/PROJECTN></em>] +</code></pre> + +<h2 id="help">help</h2> +<p>安装 Repo 后,您可以通过运行以下命令找到最新文档(开头是包含所有命令的摘要):</p> +<pre><code>repo help +</code></pre> +<p>您可以通过在 Repo 树中运行以下命令来获取有关某个命令的信息:</p> +<pre><code>repo help <em><COMMAND></em> +</code></pre> + +<p>例如,以下命令会生成 Repo <code>init</code> 参数的说明和选项列表,该参数会在当前目录中初始化 Repo。(要了解详情,请参阅 <a href="#init">init</a>。)</p> +<pre><code>repo help init +</code></pre> + +<h2 id="init">init</h2> +<pre><code>$ repo init -u <em><URL></em> [<em><OPTIONS></em>] +</code></pre> +<p>在当前目录中安装 Repo。这会创建一个 <code>.repo/</code> 目录,其中包含用于 Repo 源代码和标准 Android 清单文件的 Git 代码库。该 <code>.repo/</code> 目录中还包含 <code>manifest.xml</code>,这是一个指向 <code>.repo/manifests/</code> 目录中所选清单的符号链接。</p> +<p>选项:</p> +<ul> +<li> +<p><code>-u</code>:指定要从中检索清单代码库的网址。您可以在 <code>https://android.googlesource.com/platform/manifest</code> 中找到常见清单</p> +</li> +<li> +<p><code>-m</code>:在代码库中选择清单文件。如果未选择任何清单名称,则会默认选择 default.xml。</p> +</li> +<li> +<p><code>-b</code>:指定修订版本,即特定的清单分支。</p> +</li> +</ul> +<p class="note"><strong>注意</strong>:对于其余的所有 Repo 命令,当前工作目录必须是 <code>.repo/</code> 的父目录或相应父目录的子目录。</p> +<h2 id="sync">sync</h2> +<pre><code>repo sync [<em><PROJECT_LIST></em>] +</code></pre> +<p>下载新的更改并更新本地环境中的工作文件。如果您在未使用任何参数的情况下运行 <code>repo sync</code>,则该操作会同步所有项目的文件。</p> +<p>运行 <code>repo sync</code> 后,将出现以下情况:</p> +<ul> +<li> +<p>如果目标项目从未同步过,则 <code>repo sync</code> 相当于 <code>git clone</code>。远程代码库中的所有分支都会复制到本地项目目录中。</p> +</li> +<li> +<p>如果目标项目已同步过,则 <code>repo sync</code> 相当于以下命令:</p> +<pre><code>git remote update +git rebase origin/<em><BRANCH></em> +</code></pre> +<p>其中 <code><em><BRANCH></em></code> 是本地项目目录中当前已检出的分支。如果本地分支没有在跟踪远程代码库中的分支,则相应项目不会发生任何同步。</p> +</li> +<li> +<p>如果 git rebase 操作导致合并冲突,那么您需要使用普通 Git 命令(例如 <code>git rebase --continue</code>)来解决冲突。</p> +</li> +</ul> +<p><code>repo sync</code> 运行成功后,指定项目中的代码会与远程代码库中的代码保持同步。</p> +<p>选项:</p> +<ul> +<li> +<p><code>-d</code>:将指定项目切换回清单修订版本。如果项目当前属于某个主题分支,但只是临时需要清单修订版本,则此选项会有所帮助。</p> +</li> +<li> +<p><code>-s</code>:同步到当前清单中清单服务器元素指定的一个已知的良好版本。</p> +</li> +<li> +<p><code>-f</code>:即使某个项目同步失败,系统也会继续同步其他项目。</p> +</li> +</ul> +<h2 id="upload">upload</h2> +<pre><code>repo upload [<em><PROJECT_LIST></em>] +</code></pre> +<p>对于指定的项目,Repo 会将本地分支与最后一次 repo sync 时更新的远程分支进行比较。Repo 会提示您选择一个或多个尚未上传以供审核的分支。</p> +<p>您选择一个或多个分支后,所选分支上的所有提交都会通过 HTTPS 连接传输到 Gerrit。您需要配置一个 HTTPS 密码以启用上传授权。要生成新的用户名/密码对以用于 HTTPS 传输,请访问<a href="https://android-review.googlesource.com/new-password">密码生成器</a>。</p> +<p>当 Gerrit 通过其服务器接收对象数据时,它会将每项提交转变成一项更改,以便审核者可以单独针对每项提交给出意见。要将几项“检查点”提交合并为一项提交,请使用 git rebase -i,然后再运行 repo upload。</p> +<p>如果您在未使用任何参数的情况下运行 repo upload,则该操作会搜索所有项目中的更改以进行上传。</p> +<p>要在更改上传之后对其进行修改,您应该使用 <code>git rebase -i</code> 或 <code>git commit --amend</code> 等工具更新您的本地提交。修改完成之后,请执行以下操作:</p> +<ul> +<li> +<p>进行核对以确保更新后的分支是当前已检出的分支。</p> +</li> +<li> +<p>对于相应系列中的每项提交,请在方括号内输入 Gerrit 更改 ID:</p> +<pre><code># Replacing from branch foo +[ 3021 ] 35f2596c Refactor part of GetUploadableBranches to lookup one specific... +[ 2829 ] ec18b4ba Update proto client to support patch set replacments +# Insert change numbers in the brackets to add a new patch set. +# To create a new change record, leave the brackets empty. +</code></pre> +</li> +</ul> +<p>上传完成后,这些更改将拥有一个额外的补丁程序集。</p> +<h2 id="diff">diff</h2> +<pre><code>repo diff [<em><PROJECT_LIST></em>] +</code></pre> +<p>使用 <code>git diff</code> 显示提交与工作树之间的明显更改。</p> +<h2 id="download">download</h2> +<pre><code>repo download <em><TARGET></em> <em><CHANGE></em> +</code></pre> +<p>从审核系统中下载指定更改,并放在您项目的本地工作目录中供使用。</p> +<p>例如,要将<a href="https://android-review.googlesource.com/23823">更改 23823</a> 下载到您的平台/编译目录,请运行以下命令:</p> +<pre><code>$ repo download platform/build 23823 +</code></pre> +<p><code>repo sync</code> 应该可以有效移除通过 <code>repo download</code> 检索到的任何提交。或者,您可以将远程分支检出,例如 <code>git checkout m/master</code>。</p> +<p class="note"><strong>注意</strong>:由于全球的所有服务器均存在复制延迟,因此某项更改(位于 <a href="https://android-review.googlesource.com/">Gerrit</a> 中)出现在网络上的时间与所有用户可通过 <code>repo download</code> 找到此项更改的时间之间存在些许的镜像延迟。</p> +<h2 id="forall">forall</h2> +<pre><code>repo forall [<em><PROJECT_LIST></em>] -c <em><COMMAND></em> +</code></pre> +<p>在每个项目中运行指定的 shell 命令。通过 <code>repo forall</code> 可使用下列额外的环境变量:</p> +<ul> +<li> +<p><code>REPO_PROJECT</code> 可设为项目的具有唯一性的名称。</p> +</li> +<li> +<p><code>REPO_PATH</code> 是客户端根目录的相对路径。</p> +</li> +<li> +<p><code>REPO_REMOTE</code> 是清单中远程系统的名称。</p> +</li> +<li> +<p><code>REPO_LREV</code> 是清单中修订版本的名称,已转换为本地跟踪分支。如果您需要将清单修订版本传递到某个本地运行的 Git 命令,则可使用此变量。</p> +</li> +<li> +<p><code>REPO_RREV</code> 是清单中修订版本的名称,与清单中显示的名称完全一致。</p> +</li> +</ul> +<p>选项:</p> +<ul> +<li> +<p><code>-c</code>:要运行的命令和参数。此命令会通过 <code>/bin/sh</code> 进行求值,它之后的任何参数都将作为 shell 位置参数传递。</p> +</li> +<li> +<p><code>-p</code>:在指定命令输出结果之前显示项目标头。这通过以下方式实现:将管道绑定到命令的 stdin、stdout 和 sterr 流,然后通过管道将所有输出结果传输到一个页面调度会话中显示的连续流中。</p> +</li> +<li> +<p><code>-v</code>:显示该命令向 stderr 写入的消息。</p> +</li> +</ul> +<h2 id="prune">prune</h2> +<pre><code>repo prune [<em><PROJECT_LIST></em>] +</code></pre> +<p>删减(删除)已合并的主题。</p> +<h2 id="start">start</h2> +<pre><code>repo start <em><BRANCH_NAME></em> [<em><PROJECT_LIST></em>] +</code></pre> +<p>从清单中指定的修订版本开始,创建一个新的分支进行开发。</p> +<p><code><em><BRANCH_NAME></em></code> 参数应简要说明您尝试对项目进行的更改。如果您不知道,则不妨考虑使用默认名称。</p> +<p><code><em><PROJECT_LIST></em></code> 指定了将参与此主题分支的项目。</p> +<p class="note"><strong>注意</strong>:“.”是一个非常实用的简写形式,用来代表当前工作目录中的项目。</p> +<h2 id="status">status</h2> +<pre><code>repo status [<em><PROJECT_LIST></em>] +</code></pre> +<p>对于每个指定的项目,将工作树与临时区域(索引)以及此分支 (HEAD) 上的最近一次提交进行比较。在这三种状态存在差异之处显示每个文件的摘要行。</p> +<p>要仅查看当前分支的状态,请运行 <code>repo status</code>。系统会按项目列出状态信息。对于项目中的每个文件,系统使用两个字母的代码来表示:</p> +<p>在第一列中,大写字母表示临时区域与上次提交状态之间的不同之处。</p> +<table> +<thead> +<tr> +<th>字母</th> +<th>含义</th> +<th>说明</th> +</tr> +</thead> +<tbody> +<tr> +<td>-</td> +<td>无更改</td> +<td>HEAD 与索引中相同</td> +</tr> +<tr> +<td>A</td> +<td>已添加</td> +<td>不存在于 HEAD 中,但存在于索引中</td> +</tr> +<tr> +<td>M</td> +<td>已修改</td> +<td>存在于 HEAD 中,但索引中的文件已修改</td> +</tr> +<tr> +<td>D</td> +<td>已删除</td> +<td>存在于 HEAD 中,但不存在于索引中</td> +</tr> +<tr> +<td>R</td> +<td>已重命名</td> +<td>不存在于 HEAD 中,但索引中的文件的路径已更改</td> +</tr> +<tr> +<td>C</td> +<td>已复制</td> +<td>不存在于 HEAD 中,已从索引中的另一个文件复制</td> +</tr> +<tr> +<td>T</td> +<td>模式已更改</td> +<td>HEAD 与索引中的内容相同,但模式已更改</td> +</tr> +<tr> +<td>U</td> +<td>未合并</td> +<td>HEAD 与索引之间存在冲突;需要解决方案</td> +</tr> +</tbody> +</table> +<p>在第二列中,小写字母表示工作目录与索引之间的不同之处。</p> +<table> +<thead> +<tr> +<th>字母</th> +<th>含义</th> +<th>说明</th> +</tr> +</thead> +<tbody> +<tr> +<td>-</td> +<td>新/未知</td> +<td>不存在于索引中,但存在于工作树中</td> +</tr> +<tr> +<td>m</td> +<td>已修改</td> +<td>存在于索引中,也存在于工作树中(但已修改)</td> +</tr> +<tr> +<td>d</td> +<td>已删除</td> +<td>存在于索引中,不存在于工作树中</td> +</tr> +</tbody> +</table> + +</body></html>
\ No newline at end of file diff --git a/zh-tw/security/bulletin/2017-05-01.html b/zh-tw/security/bulletin/2017-05-01.html new file mode 100644 index 00000000..75f3345f --- /dev/null +++ b/zh-tw/security/bulletin/2017-05-01.html @@ -0,0 +1,2497 @@ +<html devsite><head> + <title>Android 安全性公告 - 2017 年 5 月</title> + <meta name="project_path" value="/_project.yaml"/> + <meta name="book_path" value="/_book.yaml"/> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><em>發佈日期:2017 年 5 月 1 日 | 更新日期:2017 年 5 月 2 日</em></p> + +<p>Android 安全性公告羅列了會對 Android 裝置造成影響的安全性漏洞,並說明各項相關細節。在這篇公告發佈的同時,Google 已透過 OTA 更新機制發佈了 Google 裝置的安全性更新。此外,Google 韌體映像檔也已經發佈到 <a href="https://developers.google.com/android/nexus/images">Google Developers 網站</a>上。2017 年 5 月 5 日之後的安全修補等級已解決了這些問題。請參閱 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 與 Nexus 更新時間表</a>,瞭解如何查看裝置的安全修補等級。</p> + +<p>我們的合作夥伴在 2017 年 4 月 3 日當天或更早之前已收到公告中所述問題的相關通知。這些問題的原始碼修補程式已發佈到 Android 開放原始碼計劃 (AOSP) 存放區中,且公告中亦提供相關連結。此外,本公告也提供 AOSP 以外的修補程式連結。</p> + +<p>在這些問題中,最嚴重的就是「最高」等級的安全性漏洞。當系統執行媒體檔案時,遠端程式碼可利用這類漏洞,透過電子郵件、網頁瀏覽活動和多媒體訊息等方法,自動在受影響的裝置上執行。<a href="/security/overview/updates-resources.html#severity">嚴重程度評定標準</a>是假設平台與服務的因應防護措施基於開發作業的需求而被停用,或是遭到有心人士破解,然後推算當有人惡意運用漏洞時,裝置會受到多大的影響,據此評定漏洞的嚴重程度。</p> + +<p>針對這些新發現的漏洞,我們目前尚未收到任何客戶回報相關的漏洞濫用案例。如果您想進一步瞭解 <a href="/security/enhancements/index.html">Android 安全性平台防護措施</a>和服務防護措施 (例如 <a href="https://developer.android.com/training/safetynet/index.html">SafetyNet</a>) 如何加強 Android 平台的安全性,請參閱 <a href="#mitigations">Android 和 Google 服務因應措施</a>一節。</p> + +<p>我們建議所有客戶接受這些裝置更新。</p> +<h2 id="announcements">公告</h2> +<ul> +<li>本公告有兩個安全修補等級字串,讓 Android 合作夥伴能夠靈活運用,以快速修正某些發生在所有 Android 裝置上的類似漏洞。如需查詢其他相關資訊,請參閱<a href="#common-questions-and-answers">常見問題與解答</a>:<ul> + <li><strong>2017-05-01</strong>:部分安全修補等級字串。這個安全修補等級字串表示所有與 2017-05-01 相關的問題 (以及所有先前的安全修補等級字串) 都已獲得解決。</li> + <li><strong>2017-05-05</strong>:完整安全修補等級字串。這個安全修補等級字串表示所有與 2017-05-01 和 2017-05-05 相關的問題 (以及所有先前的安全修補等級字串) 都已獲得解決。</li> +</ul> +</li> +<li>支援的 Google 裝置會收到一項 OTA 更新,安全修補等級為 2017 年 5 月 5 日。</li> +</ul> + +<h2 id="mitigations">Android 和 Google 服務問題因應措施</h2> + +<p>本節概述 <a href="/security/enhancements/index.html">Android 安全性平台</a>和 SafetyNet 等服務防護方案針對資安漏洞所提供的因應措施。這些措施可有效防範有心人士在 Android 系統上惡意運用安全性漏洞來達到特定目的。</p> + +<ul> +<li>Android 平台持續推出新的版本來強化安全性,因此有心人士越來越難在 Android 系統上找出漏洞加以利用。我們建議所有使用者盡可能更新至最新版的 Android。</li> +<li>Android 安全性小組採用<a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf">「驗證應用程式」和 SafetyNet</a> 主動監控濫用情形;使用這些功能的目的是在發現<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">可能有害的應用程式</a>時警告使用者。「驗證應用程式」在搭載 <a href="http://www.android.com/gms">Google 行動服務</a>的裝置上都會預設啟用,且對於要從 Google Play 以外來源安裝應用程式的使用者來說格外重要。Google Play 禁止發佈任何可用於獲取裝置 Root 權限的工具,但「驗證應用程式」會在使用者嘗試安裝已偵測到的 Root 權限獲取應用程式 (無論其來源為何) 時發出警告。此外,「驗證應用程式」會設法找出已知會利用權限升級漏洞的惡意應用程式,並封鎖這類應用程式的安裝作業。如果使用者已安裝這類應用程式,「驗證應用程式」會通知使用者並嘗試移除偵測到的應用程式。</li> +<li>在適用情況下,Google Hangouts 和 Messenger 應用程式不會自動將媒體內容傳送給媒體伺服器這類的處理程序。</li> +</ul> + +<h2 id="acknowledgements">特別銘謝</h2> + +<p>感謝以下研究人員做出的貢獻:</p> +<ul> +<li>ADlab of Venustech:CVE-2017-0630</li> +<li>騰訊 KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>) 的 Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>):CVE-2016-10287</li> +<li>趨勢科技的 Ecular Xu (徐健):CVE-2017-0599、CVE-2017-0635</li> +<li><a href="http://www.ms509.com">MS509Team</a> 的 En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) 和 Bo Liu:CVE-2017-0601</li> +<li><a href="https://twrp.me/">Team Win Recovery Project</a> 的 Ethan Yonker:CVE-2017-0493</li> +<li>奇虎 360 科技有限公司 IceSword 實驗室的 Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) 和 <a href="http://weibo.com/jfpan">pjf</a>:CVE-2016-10285、CVE-2016-10288、CVE-2016-10290、CVE-2017-0624、CVE-2017-0616、CVE-2017-0617、CVE-2016-10294、CVE-2016-10295、CVE-2016-10296</li> +<li>Tencent 電腦管理員的 godzheng (郑文选 <a href="https://twitter.com/virtualseekers">@VirtualSeekers</a>):CVE-2017-0602</li> +<li><a href="http://tuncay2.web.engr.illinois.edu">伊利諾大學厄巴納-香檳分校</a>的 <a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz Seray Tuncay</a>:CVE-2017-0593</li> +<li>奇虎 360 科技有限公司 Alpha 小組成員 Hao Chen 和 Guang Gong:CVE-2016-10283</li> +<li>小米科技的 Juhu Nie、Yang Cheng、Nan Li 和 Qiwu Huang:CVE-2016-10276</li> +<li><a href="https://github.com/michalbednarski">Michał Bednarski</a>:CVE-2017-0598</li> +<li>特斯拉產品安全小組的 Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>):CVE-2017-0331、CVE-2017-0606</li> +<li><a href="mailto:jiych.guru@gmail.com">Niky1235</a> (<a href="https://twitter.com/jiych_guru">@jiych_guru</a>):CVE-2017-0603</li> +<li>阿里巴巴行動安全小組的 Peng Xiao、Chengming Yang、Ning You、Chao Yang 和 Yang song:CVE-2016-10281、CVE-2016-10280</li> +<li><a href="https://alephsecurity.com/">Aleph 研究部門</a>的 Roee Hay (<a href="https://twitter.com/roeehay">@roeehay</a>):CVE-2016-10277</li> +<li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>):CVE-2016-10274</li> +<li><a href="http://c0reteam.org">C0RE 小組</a>成員 <a href="mailto:segfault5514@gmail.com">Tong Lin</a>、<a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> 和 Xuxian Jiang:CVE-2016-10291</li> +<li>Vasily Vasiliev:CVE-2017-0589</li> +<li><a href="http://www.trendmicro.com">趨勢科技</a><a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile">行動威脅研究小組成員</a> V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>):CVE-2017-0590、CVE-2017-0587、CVE-2017-0600</li> +<li>騰訊安全平台部門成員 Xiling Gong:CVE-2017-0597</li> +<li>360 Marvel Team 成員 Xingyuan Lin:CVE-2017-0627</li> +<li>阿里巴巴的 Yong Wang (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>):CVE-2017-0588</li> +<li>奇虎 360 科技有限公司 IceSword 實驗室的 Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>):CVE-2016-10289、CVE-2017-0465</li> +<li>奇虎 360 科技有限公司 Vulpecker 小組成員 Yu Pan:CVE-2016-10282、CVE-2017-0615</li> +<li>奇虎 360 科技有限公司 Vulpecker 小組成員 Yu Pan 和 Peide Zhang:CVE-2017-0618、CVE-2017-0625</li> +</ul> + +<h2 id="2017-05-01-details">2017-05-01 安全修補等級 - 資安漏洞詳情</h2> + +<p>下列各節針對 2017-05-01 安全修補等級適用的各項安全性漏洞提供了詳細資訊,包括問題說明、嚴重程度評定原因,以及一份漏洞資訊表,顯示漏洞的 CVE、相關參考資料、嚴重程度、更新的 Google 裝置、更新的 AOSP 版本 (在適用情況下) 和回報日期。假如相關錯誤有公開變更,該錯誤 ID 會連結到相對應的變更 (例如 AOSP 變更清單)。如果單一錯誤有多項相關變更,其他參考資料可透過該錯誤 ID 後面的編號連結開啟。</p> + +<h3 id="rce-in-mediaserver">媒體伺服器中的遠端程式碼執行漏洞</h3> + +<p>在媒體檔案和資料的處理期間,媒體伺服器中的遠端程式碼執行漏洞可能會讓攻擊者能利用特製檔案造成記憶體出錯。由於這個問題可能會讓遠端程式碼在媒體伺服器程序環境內執行,因此嚴重程度被評定為「最高」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0587</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/a86eb798d077b9b25c8f8c77e3c02c2f287c1ce7">A-35219737</a></td> + <td>最高</td> + <td>全部</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 4 日</td> + </tr> + <tr> + <td>CVE-2017-0588</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6f1d990ce0f116a205f467d9eb2082795e33872b">A-34618607</a></td> + <td>最高</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 21 日</td> + </tr> + <tr> + <td>CVE-2017-0589</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/bcfc7124f6ef9f1ec128fb2e90de774a5b33d199">A-34897036</a></td> + <td>最高</td> + <td>全部</td> + <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 1 日</td> + </tr> + <tr> + <td>CVE-2017-0590</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/45c97f878bee15cd97262fe7f57ecea71990fed7">A-35039946</a></td> + <td>最高</td> + <td>全部</td> + <td>5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 6 日</td> + </tr> + <tr> + <td>CVE-2017-0591</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d">A-34097672</a></td> + <td>最高</td> + <td>全部</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>Google 內部</td> + </tr> + <tr> + <td>CVE-2017-0592</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/acc192347665943ca674acf117e4f74a88436922">A-34970788</a></td> + <td>最高</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>Google 內部</td> + </tr> +</tbody></table> + +<h3 id="eop-in-framework-apis">Framework API 中的權限升級漏洞</h3> + +<p>Framework API 中的權限升級漏洞可能會讓本機惡意應用程式取得某些自訂權限。由於這種攻擊可規避作業系統為了將應用程式資料與其他應用程式隔離而採取的防護措施,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0593</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/78efbc95412b8efa9a44d573f5767ae927927d48">A-34114230</a></td> + <td>高</td> + <td>全部</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 5 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediaserver">媒體伺服器中的權限升級漏洞</h3> + +<p>媒體伺服器中的權限升級漏洞可能會讓本機惡意應用程式在獲得授權的程序環境內執行任何指令。由於這個問題可用於取得某些進階功能的本機存取權,第三方應用程式通常無法存取這類功能,因此嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0594</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb">A-34617444</a></td> + <td>高</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 22 日</td> + </tr> + <tr> + <td>CVE-2017-0595</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34705519</a></td> + <td>高</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td> + <td>2017 年 1 月 24 日</td> + </tr> + <tr> + <td>CVE-2017-0596</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34749392</a></td> + <td>高</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1</td> + <td>2017 年 1 月 24 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-audioserver">音訊伺服器中的權限升級漏洞</h3> + +<p>音訊伺服器中的權限升級漏洞可能會讓本機惡意應用程式在獲得授權的程序環境內執行任何指令。由於這個問題可被利用來取得某些進階功能的本機存取權,第三方應用程式通常無法存取這類功能,因此嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0597</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a9188f89179a7edd301abaf37d644adf5d647a04">A-34749571</a></td> + <td>高</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 25 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-framework-apis">Framework API 中的資訊外洩漏洞</h3> + +<p>Framework API 中的資訊外洩漏洞可能會讓本機惡意應用程式規避作業系統為了將應用程式資料與其他應用程式隔離而採取的防護措施。由於這個問題可用於取得某個應用程式無法存取的資料,因此嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0598</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> + <td>高</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 6 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver">媒體伺服器中的拒絕服務漏洞</h3> + +<p>媒體伺服器中的遠端拒絕服務漏洞可能會讓攻擊者能利用特製檔案造成裝置停止運作或重新開機。由於這個問題可能會造成遠端拒絕服務,因此嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0599</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a1424724a00d62ac5efa0e27953eed66850d662f">A-34672748</a></td> + <td>高</td> + <td>全部</td> + <td>6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 1 月 23 日</td> + </tr> + <tr> + <td>CVE-2017-0600</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0">A-35269635</a></td> + <td>高</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 10 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-bluetooth">藍牙中的權限升級漏洞</h3> + +<p>藍牙中的權限升級漏洞可能會讓本機惡意應用程式在未經使用者同意的情況下接受透過藍牙分享的有害檔案。由於這個問題可能會讓有心人士規避本機的使用者互動要求,因此嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0601</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/667d2cbe3eb1450f273a4f6595ccef35e1f0fe4b">A-35258579</a></td> + <td>中</td> + <td>全部</td> + <td>7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 9 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-file-based-encryption">個別檔案加密中的資訊外洩漏洞</h3> + +<p>個別檔案加密中的資訊外洩漏洞可能會讓本機惡意應用程式規避作業系統針對螢幕鎖定而採取的防護措施。由於這個問題或許可用來略過螢幕鎖定,因此嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0493</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>]</td> + <td>中</td> + <td>全部</td> + <td>7.0、7.1.1</td> + <td>2016 年 11 月 9 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-bluetooth">藍牙中的資訊外洩漏洞</h3> + +<p>藍牙中的資訊外洩漏洞可能會讓本機惡意應用程式規避作業系統為了將應用程式資料與其他應用程式隔離而採取的防護措施。由於這個問題具有專屬的詳細資料,因此嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0602</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/a4875a49404c544134df37022ae587a4a3321647">A-34946955</a></td> + <td>中</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2016 年 12 月 5 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-openssl-&-boringssl">OpenSSL 和 BoringSSL 中的資訊外洩漏洞</h3> + +<p>OpenSSL 和 BoringSSL 中的資訊外洩漏洞可能會讓遠端攻擊者取得機密資訊的存取權。由於這個問題具有專屬的詳細資料,因此嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-7056</td> + <td><a href="https://android.googlesource.com/platform/external/boringssl/+/13179a8e75fee98740b5ce728752aa7294b3e32d">A-33752052</a></td> + <td>中</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2016 年 12 月 19 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-2">媒體伺服器中的拒絕服務漏洞</h3> + +<p>媒體伺服器中的拒絕服務漏洞可能會讓攻擊者能利用特製檔案造成裝置停止運作或重新開機。由於這種攻擊必須透過罕見的裝置設定才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0603</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/36b04932bb93cc3269279282686b439a17a89920">A-35763994</a></td> + <td>中</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-mediaserver-3">媒體伺服器中的拒絕服務漏洞</h3> + +<p>媒體伺服器中的遠端拒絕服務漏洞可能會讓攻擊者能利用特製檔案造成裝置停止運作或重新開機。由於這個問題具有專屬的詳細資料,因此嚴重程度被評定為「低」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0635</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/523f6b49c1a2289161f40cf9fe80b92e592e9441">A-35467107</a></td> + <td>低</td> + <td>全部</td> + <td>7.0、7.1.1、7.1.2</td> + <td>2017 年 2 月 16 日</td> + </tr> +</tbody></table> + +<h2 id="2017-05-05-details">2017-05-05 安全修補等級 - 資安漏洞詳情</h2> + +<p>下列各節針對 2017-05-05 安全修補等級適用的各項安全性漏洞提供了詳細資訊,包括問題說明、嚴重程度評定原因,以及一份漏洞資訊表,顯示漏洞的 CVE、相關參考資料、嚴重程度、更新的 Google 裝置、更新的 AOSP 版本 (在適用情況下) 和回報日期。假如相關錯誤有公開變更,該錯誤 ID 會連結到相對應的變更 (例如 AOSP 變更清單)。如果單一錯誤有多項相關變更,其他參考資料可透過該錯誤 ID 後面的編號連結開啟。</p> + +<h3 id="rce-in-giflib">GIFLIB 中的遠端程式碼執行漏洞</h3> + +<p>在媒體檔案和資料的處理期間,GIFLIB 中的遠端程式碼執行漏洞可能會讓攻擊者能利用特製檔案造成記憶體出錯。由於這個問題可能會讓遠端程式碼在媒體伺服器程序環境內執行,因此嚴重程度被評定為「最高」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2015-7555</td> + <td><a href="https://android.googlesource.com/platform/external/giflib/+/dc07290edccc2c3fc4062da835306f809cea1fdc">A-34697653</a></td> + <td>最高</td> + <td>全部</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0、7.1.1、7.1.2</td> + <td>2016 年 4 月 13 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-touchscreen-driver">MediaTek 觸控螢幕驅動程式中的權限升級漏洞</h3> + +<p>MediaTek 觸控螢幕驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10274</td> + <td>A-30202412*<br /> + M-ALPS02897901</td> + <td>最高</td> + <td>無**</td> + <td>2016 年 7 月 16 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="eop-in-qualcomm-bootloader">Qualcomm 開機導引程式中的權限升級漏洞</h3> + +<p>Qualcomm 開機導引程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10275</td> + <td>A-34514954<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=1a0a15c380e11fc46f8d8706ea5ae22b752bdd0b"> +QC-CR#1009111</a></td> + <td>最高</td> + <td>Nexus 5X、Nexus 6、Pixel、Pixel XL、Android One</td> + <td>2016 年 9 月 13 日</td> + </tr> + <tr> + <td>CVE-2016-10276</td> + <td>A-32952839<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=5dac431748027e8b50a5c4079967def4ea53ad64"> +QC-CR#1094105</a></td> + <td>最高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td> + <td>2016 年 11 月 16 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-sound-subsystem">核心音效子系統中的權限升級漏洞</h3> + +<p>核心音效子系統中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-9794</td> + <td>A-34068036<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=a27178e05b7c332522df40904f27674e36ee3757"> +上游程式庫核心</a></td> + <td>最高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2016 年 12 月 3 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-motorola-bootloader">Motorola 開機導引程式中的權限升級漏洞</h3> + +<p>Motorola 開機導引程式中的權限升級漏洞可能會讓本機惡意應用程式在開機導引程式環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10277</td> + <td>A-33840490*<br /> + </td> + <td>最高</td> + <td>Nexus 6</td> + <td>2016 年 12 月 21 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="eop-in-nvidia-video-driver">NVIDIA 視訊驅動程式中的權限升級漏洞</h3> + +<p>NVIDIA 視訊驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,使裝置必須以還原 (Re-flash) 作業系統的方式才能修復,因此嚴重程度被評定為「最高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0331</td> + <td>A-34113000*<br /> + N-CVE-2017-0331</td> + <td>最高</td> + <td>Nexus 9</td> + <td>2017 年 1 月 4 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="eop-in-qualcomm-power-driver">Qualcomm 電源驅動程式中的權限升級漏洞</h3> + +<p>核心 Qualcomm 電源驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0604</td> + <td>A-35392981<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=6975e2dd5f37de965093ba3a8a08635a77a960f7"> +QC-CR#826589</a></td> + <td>最高</td> + <td>無*</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="eop-in-kernel-trace-subsystem">核心追蹤子系統中的權限升級漏洞</h3> + +<p>核心追蹤子系統中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這個問題可能導致本機裝置的安全性徹底被破壞,造成使用者必須以還原 (Re-flash) 作業系統的方式才能修復裝置,因此嚴重程度被評定為「最高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0605</td> + <td>A-35399704<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=2161ae9a70b12cf18ac8e5952a20161ffbccb477"> +QC-CR#1048480</a></td> + <td>最高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="vulnerabilities-in-qualcomm-components">Qualcomm 元件中的漏洞</h3> + +<p>以下列出會影響 Qualcomm 元件的安全性漏洞,詳情請參考 2016 年 8 月、9 月、10 月和 12 月的 Qualcomm AMSS 安全性公告。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10240</td> + <td>A-32578446**<br /> + QC-CR#955710</td> + <td>最高</td> + <td>Nexus 6P</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2016-10241</td> + <td>A-35436149**<br /> + QC-CR#1068577</td> + <td>最高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2016-10278</td> + <td>A-31624008**<br /> + QC-CR#1043004</td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2016-10279</td> + <td>A-31624421**<br /> + QC-CR#1031821</td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>Qualcomm 內部</td> + </tr> +</tbody></table> + +<p>* 這些漏洞的嚴重程度是由廠商自行評定。</p> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>*** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="rce-in-libxml2">libxml2 中的遠端程式碼執行漏洞</h3> + +<p>libxml2 中的遠端程式碼執行漏洞可能會讓攻擊者能利用特製檔案在未獲授權的程序環境內執行任何指令。由於這個問題可能會讓遠端程式碼在使用這個程式庫的應用程式中執行,因此嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="18%" /> + <col width="17%" /> + <col width="10%" /> + <col width="19%" /> + <col width="18%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>更新的 AOSP 版本</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-5131</td> + <td>A-32956747*</td> + <td>高</td> + <td>無**</td> + <td>4.4.4、5.0.2、5.1.1、6.0、6.0.1、7.0</td> + <td>2016 年 7 月 23 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="eop-in-mediatek-thermal-driver">MediaTek 熱能感知驅動程式中的權限升級漏洞</h3> + +<p>MediaTek 熱能感知驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10280</td> + <td>A-28175767*<br /> + M-ALPS02696445</td> + <td>高</td> + <td>無**</td> + <td>2016 年 4 月 11 日</td> + </tr> + <tr> + <td>CVE-2016-10281</td> + <td>A-28175647*<br /> + M-ALPS02696475</td> + <td>高</td> + <td>無**</td> + <td>2016 年 4 月 11 日</td> + </tr> + <tr> + <td>CVE-2016-10282</td> + <td>A-33939045*<br /> + M-ALPS03149189</td> + <td>高</td> + <td>無**</td> + <td>2016 年 12 月 27 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="eop-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm Wi-Fi 驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10283</td> + <td>A-32094986<br /> + <a href="https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=93863644b4547324309613361d70ad9dc91f8dfd"> +QC-CR#2002052</a></td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL、Android One</td> + <td>2016 年 10 月 11 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-video-driver">Qualcomm 視訊驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm 視訊驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10284</td> + <td>A-32402303*<br /> + QC-CR#2000664</td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 10 月 24 日</td> + </tr> + <tr> + <td>CVE-2016-10285</td> + <td>A-33752702<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67dfd3a65336e0b3f55ee83d6312321dc5f2a6f9"> +QC-CR#1104899</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 12 月 19 日</td> + </tr> + <tr> + <td>CVE-2016-10286</td> + <td>A-35400904<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=5d30a3d0dc04916ddfb972bfc52f8e636642f999"> +QC-CR#1090237</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="eop-in-kernel-performance-subsystem">核心效能子系統中的權限升級漏洞</h3> + +<p>核心效能子系統中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2015-9004</td> + <td>A-34515362<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"> +上游程式庫核心</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2016 年 11 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-driver">Qualcomm 音效驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm 音訊驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10287</td> + <td>A-33784446<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=937bc9e644180e258c68662095861803f7ba4ded"> +QC-CR#1112751</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 12 月 20 日</td> + </tr> + <tr> + <td>CVE-2017-0606</td> + <td>A-34088848<br /> + <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=d3237316314c3d6f75a58192971f66e3822cd250"> +QC-CR#1116015</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 1 月 3 日</td> + </tr> + <tr> + <td>CVE-2016-5860</td> + <td>A-34623424<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=9f91ae0d7203714fc39ae78e1f1c4fd71ed40498"> +QC-CR#1100682</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 1 月 22 日</td> + </tr> + <tr> + <td>CVE-2016-5867</td> + <td>A-35400602<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5"> +QC-CR#1095947</a></td> + <td>高</td> + <td>無*</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0607</td> + <td>A-35400551<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b003c8d5407773d3aa28a48c9841e4c124da453d"> +QC-CR#1085928</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0608</td> + <td>A-35400458<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b66f442dd97c781e873e8f7b248e197f86fd2980"> +QC-CR#1098363</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0609</td> + <td>A-35399801<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=38a83df036084c00e8c5a4599c8ee7880b4ee567"> +QC-CR#1090482</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2016-5859</td> + <td>A-35399758<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=97fdb441a9fb330a76245e473bc1a2155c809ebe"> +QC-CR#1096672</a></td> + <td>高</td> + <td>無*</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0610</td> + <td>A-35399404<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=65009746a6e649779f73d665934561ea983892fe"> +QC-CR#1094852</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0611</td> + <td>A-35393841<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=1aa5df9246557a98181f03e98530ffd509b954c8"> +QC-CR#1084210</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2016-5853</td> + <td>A-35392629<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a8f3b894de319718aecfc2ce9c691514696805be"> +QC-CR#1102987</a></td> + <td>高</td> + <td>無*</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="eop-in-qualcomm-led-driver">Qualcomm LED 驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm LED 驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10288</td> + <td>A-33863909<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=db2cdc95204bc404f03613d5dd7002251fb33660"> +QC-CR#1109763</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 12 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-crypto-driver">Qualcomm 加密編譯驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm 加密編譯驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10289</td> + <td>A-33899710<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a604e6f3889ccc343857532b63dea27603381816"> +QC-CR#1116295</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 12 月 24 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-shared-memory-driver">Qualcomm 共用記憶體驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm 共用記憶體驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10290</td> + <td>A-33898330<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td> + <td>2016 年 12 月 24 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-slimbus-driver">Qualcomm Slimbus 驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm Slimbus 驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10291</td> + <td>A-34030871<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a225074c0494ca8125ca0ac2f9ebc8a2bd3612de"> +QC-CR#986837</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Android One</td> + <td>2016 年 12 月 31 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-adsprpc-driver">Qualcomm ADSPRPC 驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm ADSPRPC 驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0465</td> + <td>A-34112914<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=3823f0f8d0bbbbd675a42a54691f4051b3c7e544"> +QC-CR#1110747</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 1 月 5 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-execution-environment-communicator-driver">Qualcomm 安全執行環境通訊工具驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm 安全執行環境通訊工具驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0612</td> + <td>A-34389303<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=05efafc998dc86c3b75af9803ca71255ddd7a8eb"> +QC-CR#1061845</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 1 月 10 日</td> + </tr> + <tr> + <td>CVE-2017-0613</td> + <td>A-35400457<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=b108c651cae9913da1ab163cb4e5f7f2db87b747"> +QC-CR#1086140</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2017-0614</td> + <td>A-35399405<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=fc2ae27eb9721a0ce050c2062734fec545cda604"> +QC-CR#1080290</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-mediatek-power-driver">MediaTek 電源驅動程式中的權限升級漏洞</h3> + +<p>MediaTek 電源驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0615</td> + <td>A-34259126*<br /> + M-ALPS03150278</td> + <td>高</td> + <td>無**</td> + <td>2017 年 1 月 12 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="eop-in-mediatek-system-management-interrupt-driver">MediaTek 系統管理中斷驅動程式中的權限升級漏洞</h3> + +<p>MediaTek 系統管理中斷驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0616</td> + <td>A-34470286*<br /> + M-ALPS03149160</td> + <td>高</td> + <td>無**</td> + <td>2017 年 1 月 19 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="eop-in-mediatek-video-driver">MediaTek 視訊驅動程式中的權限升級漏洞</h3> + +<p>MediaTek 視訊驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0617</td> + <td>A-34471002*<br /> + M-ALPS03149173</td> + <td>高</td> + <td>無**</td> + <td>2017 年 1 月 19 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="eop-in-mediatek-command-queue-driver">MediaTek 指令佇列驅動程式中的權限升級漏洞</h3> + +<p>MediaTek 指令佇列驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0618</td> + <td>A-35100728*<br /> + M-ALPS03161536</td> + <td>高</td> + <td>無**</td> + <td>2017 年 2 月 7 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="eop-in-qualcomm-pin-controller-driver">Qualcomm PIN 碼控制器驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm PIN 碼控制器驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0619</td> + <td>A-35401152<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.14/commit/?id=72f67b29a9c5e6e8d3c34751600c749c5f5e13e1"> +QC-CR#826566</a></td> + <td>高</td> + <td>Nexus 6、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-secure-channel-manager-driver">Qualcomm 安全連線管理員驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm 安全連線管理員驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0620</td> + <td>A-35401052<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=01b2c9a5d728ff6f2f1f28a5d4e927aaeabf56ed"> +QC-CR#1081711</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-sound-codec-driver">Qualcomm 音訊轉碼器驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm 音訊轉碼器驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-5862</td> + <td>A-35399803<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04"> +QC-CR#1099607</a></td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-voltage-regulator-driver">核心穩壓器驅動程式中的權限升級漏洞</h3> + +<p>核心穩壓器驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2014-9940</td> + <td>A-35399757<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba"> +上游程式庫核心</a></td> + <td>高</td> + <td>Nexus 6、Nexus 9、Pixel C、Android One、Nexus Player</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-camera-driver">Qualcomm 相機驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm 相機驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0621</td> + <td>A-35399703<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=9656e2c2b3523af20502bf1e933e35a397f5e82f"> +QC-CR#831322</a></td> + <td>高</td> + <td>Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-qualcomm-networking-driver">Qualcomm 網路驅動程式中的權限升級漏洞</h3> + +<p>Qualcomm 網路驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-5868</td> + <td>A-35392791<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c"> +QC-CR#1104431</a></td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-kernel-networking-subsystem">核心網路子系統中的權限升級漏洞</h3> + +<p>核心網路子系統中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-7184</td> + <td>A-36565222<br /> + <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=677e806da4d916052585301785d847c3b3e6186a"> +上游程式庫核心</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f843ee6dd019bcece3e74e76ad9df0155655d0df"> +[2]</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Android One</td> + <td>2017 年 3 月 23 日</td> + </tr> +</tbody></table> + +<h3 id="eop-in-goodix-touchscreen-driver">Goodix 觸控螢幕驅動程式中的權限升級漏洞</h3> + +<p>Goodix 觸控螢幕驅動程式中的權限升級漏洞可能會讓本機惡意應用程式在核心環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0622</td> + <td>A-32749036<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=40efa25345003a96db34effbd23ed39530b3ac10"> +QC-CR#1098602</a></td> + <td>高</td> + <td>Android One</td> + <td>Google 內部</td> + </tr> +</tbody></table> + +<h3 id="eop-in-htc-bootloader">HTC 開機導引程式中的權限升級漏洞</h3> + +<p>HTC 開機導引程式中的權限升級漏洞可能會讓本機惡意應用程式在開機導引程式環境內執行任何指令。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0623</td> + <td>A-32512358*<br /> + </td> + <td>高</td> + <td>Pixel、Pixel XL</td> + <td>Google 內部</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="id-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm Wi-Fi 驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這個問題可能讓有心人士在未獲使用者明確授權的情況下存取機密資料,因此嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0624</td> + <td>A-34327795*<br /> + QC-CR#2005832</td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL</td> + <td>2017 年 1 月 16 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="id-in-mediatek-command-queue-driver">MediaTek 命令佇列驅動程式中的資訊外洩漏洞</h3> + +<p>MediaTek 命令佇列驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這個問題可能讓有心人士在未獲使用者明確授權的情況下存取機密資料,因此嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0625</td> + <td>A-35142799*<br /> + M-ALPS03161531</td> + <td>高</td> + <td>無**</td> + <td>2017 年 2 月 8 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="id-in-qualcomm-crypto-engine-driver">Qualcomm 加密編譯引擎驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm 加密編譯引擎驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這個問題可能讓有心人士在未獲使用者明確授權的情況下存取機密資料,因此嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0626</td> + <td>A-35393124<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=64551bccab9b5b933757f6256b58f9ca0544f004"> +QC-CR#1088050</a></td> + <td>高</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="dos-in-qualcomm-wi-fi-driver">Qualcomm Wi-Fi 驅動程式中的拒絕服務漏洞</h3> + +<p>Qualcomm Wi-Fi 驅動程式中的拒絕服務漏洞可能會讓鄰近的攻擊者在 Wi-Fi 子系統中造成拒絕服務。由於這個問題可能會造成遠端拒絕服務,因此嚴重程度被評定為「高」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10292</td> + <td>A-34514463*<br /> + QC-CR#1065466</td> + <td>高</td> + <td>Nexus 5X、Pixel、Pixel XL</td> + <td>2016 年 12 月 16 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="id-in-kernel-uvc-driver">核心 UVC 驅動程式中的資訊外洩漏洞</h3> + +<p>核心 UVC 驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0627</td> + <td>A-33300353*<br /> + </td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Nexus 9、Pixel C、Nexus Player</td> + <td>2016 年 12 月 2 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="id-in-qualcomm-video-driver">Qualcomm 視訊驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm 視訊驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10293</td> + <td>A-33352393<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=2469d5374745a2228f774adbca6fb95a79b9047f"> +QC-CR#1101943</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Android One</td> + <td>2016 年 12 月 4 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-power-driver-(device-specific)">Qualcomm 電源驅動程式中的資訊外洩漏洞 (特定裝置)</h3> + +<p>Qualcomm 電源驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10294</td> + <td>A-33621829<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9e9bc51ffb8a298f0be5befe346762cdb6e1d49c"> +QC-CR#1105481</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL</td> + <td>2016 年 12 月 14 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-led-driver">Qualcomm LED 驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm LED 驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10295</td> + <td>A-33781694<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f11ae3df500bc2a093ddffee6ea40da859de0fa9"> +QC-CR#1109326</a></td> + <td>中</td> + <td>Pixel、Pixel XL</td> + <td>2016 年 12 月 20 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-shared-memory-driver">Qualcomm 共用記憶體驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm 共用記憶體驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-10296</td> + <td>A-33845464<br /> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a5e46d8635a2e28463b365aacdeab6750abd0d49"> +QC-CR#1109782</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2016 年 12 月 22 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver">Qualcomm 相機驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm 相機驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0628</td> + <td>A-34230377<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Pixel、Pixel XL</td> + <td>2017 年 1 月 10 日</td> + </tr> + <tr> + <td>CVE-2017-0629</td> + <td>A-35214296<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=012e37bf91490c5b59ba2ab68a4d214b632b613f"> +QC-CR#1086833</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Pixel、Pixel XL</td> + <td>2017 年 2 月 8 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-kernel-trace-subsystem">核心追蹤子系統中的資訊外洩漏洞</h3> + +<p>核心追蹤子系統中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0630</td> + <td>A-34277115*<br /> + </td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Pixel、Pixel XL、Pixel C、Android One、Nexus Player</td> + <td>2017 年 1 月 11 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="id-in-qualcomm-sound-codec-driver">Qualcomm 音效轉碼器驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm 音效轉碼器驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-5858</td> + <td>A-35400153<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=3154eb1d263b9c3eab2c9fa8ebe498390bf5d711"> +QC-CR#1096799</a> <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=afc5bea71bc8f251dad1104568383019f4923af6"> +[2]</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-camera-driver-2">Qualcomm 相機驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm 相機驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0631</td> + <td>A-35399756<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=8236d6ebc7e26361ca7078cbeba01509f10941d8"> +QC-CR#1093232</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-sound-driver">Qualcomm 音效驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm 音效驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-5347</td> + <td>A-35394329<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=f14390f13e62460fc6b05fc0acde0e825374fdb6"> +QC-CR#1100878</a></td> + <td>中</td> + <td>Nexus 5X、Nexus 6、Nexus 6P、Pixel、Pixel XL、Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-qualcomm-spcom-driver">Qualcomm SPCom 驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm SPCopm 驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2016-5854</td> + <td>A-35392792<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=28d23d4d7999f683b27b6e0c489635265b67a4c9"> +QC-CR#1092683</a></td> + <td>中</td> + <td>無*</td> + <td>2017 年 2 月 15 日</td> + </tr> + <tr> + <td>CVE-2016-5855</td> + <td>A-35393081<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a5edb54e93ba85719091fe2bc426d75fa7059834"> +QC-CR#1094143</a></td> + <td>中</td> + <td>無*</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<p>* 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h3 id="id-in-qualcomm-sound-codec-driver-2">Qualcomm 音效轉碼器驅動程式中的資訊外洩漏洞</h3> + +<p>Qualcomm 音效轉碼器驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0632</td> + <td>A-35392586<br /> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=970d6933e53c1f7ca8c8b67f49147b18505c3b8f"> +QC-CR#832915</a></td> + <td>中</td> + <td>Android One</td> + <td>2017 年 2 月 15 日</td> + </tr> +</tbody></table> + +<h3 id="id-in-broadcom-wi-fi-driver">Broadcom Wi-Fi 驅動程式中的資訊外洩漏洞</h3> + +<p>Broadcom Wi-Fi 驅動程式中的資訊外洩漏洞可能會讓本機元件存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0633</td> + <td>A-36000515*<br /> + B-RB#117131</td> + <td>中</td> + <td>Nexus 6、Nexus 6P、Nexus 9、Pixel C、Nexus Player</td> + <td>2017 年 2 月 23 日</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="id-in-synaptics-touchscreen-driver">Synaptics 觸控螢幕驅動程式中的資訊外洩漏洞</h3> + +<p>Synaptics 觸控螢幕驅動程式中的資訊外洩漏洞可能會讓本機惡意應用程式存取其權限範圍以外的資料。由於這種攻擊必須先破壞特定獲授權的程序才能執行,因此這個問題的嚴重程度被評定為「中」。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2017-0634</td> + <td>A-32511682*<br /> + </td> + <td>中</td> + <td>Pixel、Pixel XL</td> + <td>Google 內部</td> + </tr> +</tbody></table> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<h3 id="vulnerabilities-in-qualcomm-components-2">Qualcomm 元件中的漏洞</h3> + +<p>以下列出會影響 Qualcomm 元件的安全性漏洞,詳情請參考 2014 至 2016 年之間發佈的 Qualcomm AMSS 安全性公告。我們在這個 Android 安全性公告中列出這些漏洞,方便使用者確認漏洞修正程式及其相對應的 Android 安全修補等級。</p> + +<table> + <colgroup><col width="19%" /> + <col width="20%" /> + <col width="10%" /> + <col width="23%" /> + <col width="17%" /> + </colgroup><tbody><tr> + <th>CVE</th> + <th>參考資料</th> + <th>嚴重程度</th> + <th>更新的 Google 裝置</th> + <th>回報日期</th> + </tr> + <tr> + <td>CVE-2014-9923</td> + <td>A-35434045**<br /> + QC-CR#403910</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9924</td> + <td>A-35434631**<br /> + QC-CR#596102</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9925</td> + <td>A-35444657**<br /> + QC-CR#638130</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9926</td> + <td>A-35433784**<br /> + QC-CR#631527</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9927</td> + <td>A-35433785**<br /> + QC-CR#661111</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9928</td> + <td>A-35438623**<br /> + QC-CR#696972</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9929</td> + <td>A-35443954**<br /> + QC-CR#644783</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9930</td> + <td>A-35432946**<br /> + QC-CR#634637</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2015-9005</td> + <td>A-36393500**<br /> + QC-CR#741548</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2015-9006</td> + <td>A-36393450**<br /> + QC-CR#750559</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2015-9007</td> + <td>A-36393700**<br /> + QC-CR#807173</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2016-10297</td> + <td>A-36393451**<br /> + QC-CR#1061123</td> + <td>最高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9941</td> + <td>A-36385125**<br /> + QC-CR#509915</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9942</td> + <td>A-36385319**<br /> + QC-CR#533283</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9943</td> + <td>A-36385219**<br /> + QC-CR#546527</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9944</td> + <td>A-36384534**<br /> + QC-CR#613175</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9945</td> + <td>A-36386912**<br /> + QC-CR#623452</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9946</td> + <td>A-36385281**<br /> + QC-CR#520149</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9947</td> + <td>A-36392400**<br /> + QC-CR#650540</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9948</td> + <td>A-36385126**<br /> + QC-CR#650500</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9949</td> + <td>A-36390608**<br /> + QC-CR#652426</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9950</td> + <td>A-36385321**<br /> + QC-CR#655530</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9951</td> + <td>A-36389161**<br /> + QC-CR#525043</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> + <tr> + <td>CVE-2014-9952</td> + <td>A-36387019**<br /> + QC-CR#674836</td> + <td>高</td> + <td>無***</td> + <td>Qualcomm 內部</td> + </tr> +</tbody></table> + +<p>* 這些漏洞的嚴重程度是由廠商自行評定。</p> + +<p>* 這個問題的修補程式並未開放給一般使用者下載,而是直接整合在最新的 Nexus 裝置專用驅動程式的安裝檔中。您可以前往 <a href="https://developers.google.com/android/nexus/drivers">Google Developers 網站</a>下載這些驅動程式。</p> + +<p>*** 如果是搭載 Android 7.1.1 以上版本的 Google 裝置 (必須是受支援的機型,且已安裝所有可用更新),就不會受到這個漏洞所影響。</p> + +<h2 id="common-questions-and-answers">常見問題與解答</h2> +<p>如果您在閱讀這篇公告後有任何疑問,可參考本節的常見問答。</p> + +<p><strong>1. 如何判斷我目前的裝置軟體版本是否已修正這些問題? +</strong></p> + +<p>要瞭解如何查看裝置的安全修補等級,請詳讀 <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel 和 Nexus 更新時間表</a>中的操作說明。</p> + +<ul> +<li>2017 年 5 月 1 日之後的安全修補等級已解決了所有與 2017-05-01 安全修補等級相關的問題。</li> +<li>2017 年 5 月 5 日之後的安全修補等級完全解決了與 2017-05-05 安全修補等級及所有先前修補等級相關的問題。 +</li> +</ul> + +<p>提供這些更新的裝置製造商應將修補程式字串等級設定為:</p> +<ul> +<li>[ro.build.version.security_patch]:[2017-05-01]</li> +<li>[ro.build.version.security_patch]:[2017-05-05]</li> +</ul> + +<p><strong>2. 為什麼這篇公告有兩種安全修補等級?</strong></p> + +<p>本公告有兩種安全修補等級,讓 Android 合作夥伴能夠靈活運用,以快速修正某些發生在所有 Android 裝置上的類似漏洞。我們建議 Android 合作夥伴修正本公告所列的所有問題,並使用最新的安全修補等級。</p> +<ul> +<li>安全修補等級為 2017 年 5 月 1 日的裝置必須納入所有與該安全修補等級相關的問題,以及在之前安全性公告中回報的所有問題適用的修正程式。</li> +<li>如果裝置的安全修補等級在 2017 年 5 月 5 日之後,就必須加入本安全性公告 (以及之前公告) 中的所有適用修補程式。</li> +</ul> + +<p>我們建議合作夥伴將所要解決的所有問題適用修補程式包裝在單一更新中。</p> + +<p><strong>3. 如何判斷哪些 Google 裝置會受到哪種問題的影響?</strong></p> + +<p>在 <a href="#2017-05-01-details">2017-05-01</a> 和 <a href="#2017-05-05-details">2017-05-05</a> 安全性漏洞詳情的章節中,每個表格都包含「更新的 Google 裝置」<em></em>欄,當中列出已針對各個問題進行更新的受影響 Google 裝置範圍。此欄中的選項包括:</p> +<ul> +<li><strong>所有 Google 裝置</strong>:如果問題會影響到「全部」和 Pixel 裝置,表格內「更新的 Google 裝置」<em></em>欄中就會顯示「全部」字樣。「全部」包含下列<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">支援的裝置</a>:Nexus 5X、Nexus 6、Nexus 6P、Nexus 9、Android One、Nexus Player、Pixel C、Pixel 和 Pixel XL。</li> +<li><strong>部分 Google 裝置</strong>:如果問題並未影響到所有 Google 裝置,則「更新的 Google 裝置」<em></em>欄中會列出受影響的 Google 裝置。</li> +<li><strong>無 Google 裝置</strong>:如果問題不會影響到任何搭載 Android 7.0 的 Google 裝置,「更新的 Google 裝置」<em></em>欄中就會顯示「無」字樣。</li> +</ul> +<p><strong>4. 參考資料欄中的項目會對應到什麼?</strong></p> + +<p>資安漏洞詳情表格中「參考資料」<em></em>欄底下的項目可能會包含一個前置字串,用以表示該參考資料值所屬的公司。這些前置字元代表的意義如下:</p> + +<table> + <tbody><tr> + <th>前置字元</th> + <th>參考資料</th> + </tr> + <tr> + <td>A-</td> + <td>Android 錯誤 ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm 參考編號</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek 參考編號</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA 參考編號</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom 參考編號</td> + </tr> +</tbody></table> +<h2 id="revisions">修訂版本</h2> +<ul> +<li>2017 年 5 月 1 日:發佈公告。</li> +<li>2017 年 5 月 2 日:在公告中加入 AOSP 連結。</li> +</ul> + +</body></html>
\ No newline at end of file |
