diff options
author | Android Partner Docs <noreply@android.com> | 2017-05-23 05:57:27 +0000 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2017-05-23 05:57:27 +0000 |
commit | 70046478c4133545f1113be9e1d2ac8476e793db (patch) | |
tree | 0f3abc54410605cc8bde9b6e020a9d633ad53aab | |
parent | 81d8478a97eb4d3141d79da5e864330e46f270f4 (diff) | |
parent | 49f33bf3091676f2b2d87bd216ded86de5095484 (diff) | |
download | source.android.com-70046478c4133545f1113be9e1d2ac8476e793db.tar.gz |
Merge "Docs: Changes to source.android.com" am: 493114bd93 am: f5f4f53be2 am: 00e5a80717
am: 49f33bf309
Change-Id: I568ee5e454079b1b5672083372a2eb0a8e50e0f3
-rw-r--r-- | en/security/bulletin/2016-10-01.html | 2 | ||||
-rw-r--r-- | en/security/bulletin/2016-11-01.html | 2 | ||||
-rw-r--r-- | en/security/bulletin/2016-12-01.html | 2 | ||||
-rw-r--r-- | en/security/bulletin/2017-01-01.html | 2 | ||||
-rw-r--r-- | en/security/bulletin/2017-02-01.html | 2 | ||||
-rw-r--r-- | en/security/bulletin/2017-03-01.html | 2 | ||||
-rw-r--r-- | en/security/bulletin/2017-04-01.html | 2 | ||||
-rw-r--r-- | en/security/bulletin/2017-05-01.html | 8 | ||||
-rw-r--r-- | en/security/verifiedboot/dm-verity.html | 4 | ||||
-rw-r--r-- | en/source/add-device.html | 43 |
10 files changed, 54 insertions, 15 deletions
diff --git a/en/security/bulletin/2016-10-01.html b/en/security/bulletin/2016-10-01.html index caaa232a..ae196add 100644 --- a/en/security/bulletin/2016-10-01.html +++ b/en/security/bulletin/2016-10-01.html @@ -2062,7 +2062,7 @@ each issue. This column has a few options: the table will have “All Nexus” in the <em>Updated Nexus devices</em> column. “All Nexus” encapsulates the following <a href="https://support.google.com/nexus/answer/4457705#nexus_devices">supported - devices</a>: Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, + devices</a>: Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player and Pixel C.</li> <li><strong>Some Nexus devices</strong>: If an issue doesn’t affect all Nexus devices, the affected Nexus devices are listed in the <em>Updated Nexus diff --git a/en/security/bulletin/2016-11-01.html b/en/security/bulletin/2016-11-01.html index efc9390b..463f3aaa 100644 --- a/en/security/bulletin/2016-11-01.html +++ b/en/security/bulletin/2016-11-01.html @@ -2319,7 +2319,7 @@ each issue. This column has a few options: devices, the table will have "All" in the <em>Updated Google devices</em> column. "All" encapsulates the following <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported - devices</a>: Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, + devices</a>: Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel, and Pixel XL.</li> <li><strong>Some Google devices</strong>: If an issue doesn't affect all Google devices, the affected Google devices are listed in the <em>Updated Google diff --git a/en/security/bulletin/2016-12-01.html b/en/security/bulletin/2016-12-01.html index 6043969e..afdf5f1b 100644 --- a/en/security/bulletin/2016-12-01.html +++ b/en/security/bulletin/2016-12-01.html @@ -2041,7 +2041,7 @@ each issue. This column has a few options: devices, the table will have "All" in the <em>Updated Google devices</em> column. "All" encapsulates the following <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported - devices</a>: Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, + devices</a>: Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel, and Pixel XL.</li> <li><strong>Some Google devices</strong>: If an issue doesn't affect all Google devices, the affected Google devices are listed in the <em>Updated Google diff --git a/en/security/bulletin/2017-01-01.html b/en/security/bulletin/2017-01-01.html index b605e8a9..c3ac2dd0 100644 --- a/en/security/bulletin/2017-01-01.html +++ b/en/security/bulletin/2017-01-01.html @@ -2465,7 +2465,7 @@ each issue. This column has a few options:</p> devices, the table will have "All" in the <em>Updated Google devices</em> column. "All" encapsulates the following <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported - devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One, + devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel, and Pixel XL.</li> <li><strong>Some Google devices</strong>: If an issue doesn't affect all Google devices, the affected Google devices are listed in the <em>Updated Google diff --git a/en/security/bulletin/2017-02-01.html b/en/security/bulletin/2017-02-01.html index 4c919af4..2bc221f2 100644 --- a/en/security/bulletin/2017-02-01.html +++ b/en/security/bulletin/2017-02-01.html @@ -1789,7 +1789,7 @@ each issue. This column has a few options: devices, the table will have "All" in the <em>Updated Google devices</em> column. "All" encapsulates the following <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported - devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One, + devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel, and Pixel XL.</li> <li><strong>Some Google devices</strong>: If an issue doesn't affect all Google devices, the affected Google devices are listed in the <em>Updated Google diff --git a/en/security/bulletin/2017-03-01.html b/en/security/bulletin/2017-03-01.html index c5bbf055..fea5591c 100644 --- a/en/security/bulletin/2017-03-01.html +++ b/en/security/bulletin/2017-03-01.html @@ -2704,7 +2704,7 @@ each issue. This column has a few options:</p> devices, the table will have "All" in the <em>Updated Google devices</em> column. "All" encapsulates the following <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported -devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One, +devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel, and Pixel XL.</li> <li><strong>Some Google devices</strong>: If an issue doesn't affect all Google devices, the affected Google devices are listed in the <em>Updated Google diff --git a/en/security/bulletin/2017-04-01.html b/en/security/bulletin/2017-04-01.html index f5a9bd48..446616ed 100644 --- a/en/security/bulletin/2017-04-01.html +++ b/en/security/bulletin/2017-04-01.html @@ -2636,7 +2636,7 @@ each issue. This column has a few options:</p> devices, the table will have "All" in the <em>Updated Google devices</em> column. "All" encapsulates the following <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">supported - devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Android One, + devices</a>: Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel, and Pixel XL.</li> <li><strong>Some Google devices</strong>: If an issue doesn't affect all Google devices, the affected Google devices are listed in the <em>Updated Google diff --git a/en/security/bulletin/2017-05-01.html b/en/security/bulletin/2017-05-01.html index bafb90e2..b3e9a684 100644 --- a/en/security/bulletin/2017-05-01.html +++ b/en/security/bulletin/2017-05-01.html @@ -987,7 +987,7 @@ security bulletins.</p> <tr> <th>CVE</th> <th>References</th> - <th>Severity</th> + <th>Severity*</th> <th>Updated Google devices</th> <th>Date reported</th> </tr> @@ -1032,10 +1032,6 @@ in the latest binary drivers for Nexus devices available from the <a href="https://developers.google.com/android/nexus/drivers"> Google Developer site</a>.</p> -<p>*** Supported Google devices on Android 7.1.1 or later that have installed all -available updates are not affected by this vulnerability.</p> - - <h3 id="rce-in-libxml2">Remote code execution vulnerability in libxml2</h3> <p>A remote code execution vulnerability in libxml2 could enable an attacker to @@ -2771,7 +2767,7 @@ patch level.</p> <tr> <th>CVE</th> <th>References</th> - <th>Severity</th> + <th>Severity*</th> <th>Updated Google devices</th> <th>Date reported</th> </tr> diff --git a/en/security/verifiedboot/dm-verity.html b/en/security/verifiedboot/dm-verity.html index 65e2cc22..763b2e4c 100644 --- a/en/security/verifiedboot/dm-verity.html +++ b/en/security/verifiedboot/dm-verity.html @@ -128,8 +128,8 @@ are used during the construction of your dm-verity mapping table.</p> <p>Build the dm-verity mapping table, which identifies the block device (or target) for the kernel and the location of the hash tree (which is the same value.) This mapping is used for <code>fstab</code> generation and booting. The table also identifies -the size of the blocks and the hash_start, or the offset in hash size blocks -(length of layer 0).</p> +the size of the blocks and the hash_start, the start location of the hash tree +(specifically, its block number from the beginning of the image).</p> <p>See <a href="https://code.google.com/p/cryptsetup/wiki/DMVerity">cryptsetup</a> for a detailed description of the verity target mapping table fields.</p> diff --git a/en/source/add-device.html b/en/source/add-device.html index 783fd6f3..d9f42f89 100644 --- a/en/source/add-device.html +++ b/en/source/add-device.html @@ -417,5 +417,48 @@ add_lunch_combo <product_name>-userdebug </tbody> </table> +<h3 id="ANDROID_VENDOR_KEYS">Set ANDROID_VENDOR_KEYS to connect over USB</h3> + +<p>The <code>ANDROID_VENDOR_KEYS</code> environment variable enables device +manufacturers to access production builds over <code>adb</code>. Generate a key +for each release that every device will accept, store those internally (such as at +<code>vendor/oem-name/security/adb/</code>), and then use +<code>ANDROID_VENDOR_KEYS</code> to tell <code>adb</code> to use these canonical +keys rather than random keys.</p> + +<p>Use the <code>ANDROID_VENDOR_KEYS</code> environment variable to +point to the directory containing the generated <code>adb</code> public and +private keys used for encryption. The private key is stored in file. The public +key is stored in file.pub. The <code>ANDROID_VENDOR_KEYS</code> environment +variable points to a file or directory where the generated key pairs are +stored.</p> + +<p>This variable is set to a file or directory that contains 2048-bit RSA +authentication key pairs generated with the <code>adb keygen</code> file command. +These key pairs are in addition to the RSA key pairs generated by the ADB +server. An RSA key pair is needed when you use <code>adb</code> to connect over +USB for the first time.</p> + +<p>You must accept the host computer's RSA key to explicitly grant +<code>adb</code> access to the device. By default key pairs generated by the +ADB server are stored in the following key store directories as +<code>adbkey</code> (private key) and <code>adbkey.pub</code> (public key):</p> + +<p>For file locations, on MacOS, this will likely be: +<code>$HOME/.android</code>. On Windows and Linux, this will be: +<code>%USERPOFILE%\.android</code>. On Windows, RSA authentication keys can +also be in <code>C:\Windows\System32\config\systemprofile\.android</code> in +some cases. When the ADB server needs a key, it first searches the ADB server +key store directory. If no keys are found, it then checks the +<code>ANDROID_VENDOR_KEYS</code> environment variable. If no keys are found, +the local ADB server generates and saves a new key pair in the ADB server key +store directory.</p> + +<p class="note"><strong>Note:</strong> You can override the default directory +where the ADB server stores RSA keys by setting the +<code>ANDROID_SDK_HOME</code> environment variable. On the device, keys are +stored in the <code>/data/misc/adb/adb_keys/</code> file, and new authorized +keys are appended to the same file as you accept them.</p> + </body> </html> |