diff options
| author | Android Partner Docs <noreply@android.com> | 2017-05-09 18:20:40 +0000 |
|---|---|---|
| committer | android-build-merger <android-build-merger@google.com> | 2017-05-09 18:20:40 +0000 |
| commit | 190ab4920bd871ebf1f5f3c353be74e8274c1e23 (patch) | |
| tree | d299da9acea9f9276fc5a388fc5560366c1adc4a | |
| parent | a8c7a9e162203ec1c1b99e8de73cae49c18f6e35 (diff) | |
| parent | 7636f10566f5754ac720bb09563b90a382034699 (diff) | |
| download | source.android.com-190ab4920bd871ebf1f5f3c353be74e8274c1e23.tar.gz | |
Merge "Docs: Changes to source.android.com" am: 8e65d54c96 am: d9b1022a7d am: 7ee01948fe
am: 7636f10566
Change-Id: Ia321920aa8a3a49ae4bc6bc5b047b8dff4862a29
| -rw-r--r-- | en/_index.yaml | 24 | ||||
| -rw-r--r-- | en/compatibility/7.0/android-7.0-cdd.html | 2 | ||||
| -rw-r--r-- | en/compatibility/cts/downloads.html | 72 | ||||
| -rw-r--r-- | en/devices/tech/ota/device_code.html | 18 | ||||
| -rw-r--r-- | en/security/bulletin/2017-04-01.html | 2 | ||||
| -rw-r--r-- | en/security/bulletin/2017-05-01.html | 66 | ||||
| -rw-r--r-- | en/security/overview/updates-resources.html | 320 | ||||
| -rw-r--r-- | en/source/_toc.yaml | 2 | ||||
| -rw-r--r-- | en/source/devices.html | 206 | ||||
| -rw-r--r-- | en/source/requirements.html | 6 | ||||
| -rw-r--r-- | en/source/site-updates.html | 2 |
11 files changed, 397 insertions, 323 deletions
diff --git a/en/_index.yaml b/en/_index.yaml index a4ad1d12..1d80ac8c 100644 --- a/en/_index.yaml +++ b/en/_index.yaml @@ -59,6 +59,22 @@ landing_page: image_path: /images/android_stack.png - heading: News items: + - heading: Using Reference Boards + description: > + The former <em>Selecting Devices</em> page has been renamed + <strong>Using Reference Boards</strong> and updated to include + information on HiKey960 boards. + buttons: + - label: May 3rd, 2017 + path: /source/devices#960hikey + - heading: May Android Security Bulletin + description: > + The May 2017 Android Security Bulletin has been published along with + links to associated fixes and new build numbers to support the May + Android security release. + buttons: + - label: May 2nd, 2017 + path: /security/bulletin/2017-05-01 - heading: Evaluating Performance in Detail description: > Detailed instructions now exist for understanding and examining the @@ -75,14 +91,6 @@ landing_page: buttons: - label: April 20th, 2017 path: /compatibility/cts/camera-its-box - - heading: April Android Security Bulletin - description: > - The April 2017 Android Security Bulletin has been published along with - links to associated fixes and new build numbers to support the April - Android security release. - buttons: - - label: April 6th, 2017 - path: /security/bulletin/2017-04-01 - classname: devsite-landing-row-100 tf-row-centered items: - buttons: diff --git a/en/compatibility/7.0/android-7.0-cdd.html b/en/compatibility/7.0/android-7.0-cdd.html index aaa7a5e4..348ed0ca 100644 --- a/en/compatibility/7.0/android-7.0-cdd.html +++ b/en/compatibility/7.0/android-7.0-cdd.html @@ -5,7 +5,7 @@ <title> Android 7.0, (N) Compatibility Definition </title> - <link href="source/android-cdd.css" rel="stylesheet" type="text/css" /> + <link href="/compatibility/android-cdd.css" rel="stylesheet" type="text/css" /> <meta charset="utf-8" /> </head> <body> diff --git a/en/compatibility/cts/downloads.html b/en/compatibility/cts/downloads.html index 785aeb94..6320be29 100644 --- a/en/compatibility/cts/downloads.html +++ b/en/compatibility/cts/downloads.html @@ -31,77 +31,77 @@ R<number> in the link name.</p> <h2 id="android-71">Android 7.1</h2> <p>Android 7.1 is the release of the development milestone code-named Nougat-MR1. The source code for the following tests can be synced with the -'android-cts-7.1_r4' tag in the open-source tree.</p> +'android-cts-7.1_r5' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.1_r4-linux_x86-arm.zip">Android -7.1 R4 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.1_r5-linux_x86-arm.zip">Android +7.1 R5 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.1_r4-linux_x86-x86.zip">Android -7.1 R4 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.1_r5-linux_x86-x86.zip">Android +7.1 R5 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r4-linux_x86-arm.zip">Android -7.1 R4 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r5-linux_x86-arm.zip">Android +7.1 R5 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r4-linux_x86-x86.zip">Android -7.1 R4 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r5-linux_x86-x86.zip">Android +7.1 R5 CTS Verifier - x86</a></li> </ul> <h2 id="android-70">Android 7.0</h2> <p>Android 7.0 is the release of the development milestone code-named Nougat. The source code for the following tests can be synced with the -'android-cts-7.0_r8' tag in the open-source tree.</p> +'android-cts-7.0_r9' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.0_r8-linux_x86-arm.zip">Android -7.0 R8 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.0_r9-linux_x86-arm.zip">Android +7.0 R9 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.0_r8-linux_x86-x86.zip">Android -7.0 R8 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.0_r9-linux_x86-x86.zip">Android +7.0 R9 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r8-linux_x86-arm.zip">Android -7.0 R8 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r9-linux_x86-arm.zip">Android +7.0 R9 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r8-linux_x86-x86.zip">Android -7.0 R8 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r9-linux_x86-x86.zip">Android +7.0 R9 CTS Verifier - x86</a></li> </ul> <h2 id="android-60">Android 6.0</h2> <p>Android 6.0 is the release of the development milestone code-named Marshmallow. The source code for the following tests can be synced with the -'android-cts-6.0_r17' tag in the open-source tree.</p> +'android-cts-6.0_r18' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-6.0_r17-linux_x86-arm.zip">Android -6.0 R17 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-6.0_r18-linux_x86-arm.zip">Android +6.0 R18 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-6.0_r17-linux_x86-x86.zip">Android -6.0 R17 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-6.0_r18-linux_x86-x86.zip">Android +6.0 R18 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r17-linux_x86-arm.zip">Android -6.0 R17 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r18-linux_x86-arm.zip">Android +6.0 R18 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r17-linux_x86-x86.zip">Android -6.0 R17 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r18-linux_x86-x86.zip">Android +6.0 R18 CTS Verifier - x86</a></li> </ul> <h2 id="android-51">Android 5.1</h2> <p>Android 5.1 is the release of the development milestone code-named Lollipop-MR1. The source code for the following tests can be synced with the -'android-cts-5.1_r18' tag in the open source tree.</p> +'android-cts-5.1_r19' tag in the open source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-5.1_r18-linux_x86-arm.zip">Android -5.1 R18 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-5.1_r19-linux_x86-arm.zip">Android +5.1 R19 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-5.1_r18-linux_x86-x86.zip">Android -5.1 R18 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-5.1_r19-linux_x86-x86.zip">Android +5.1 R19 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r18-linux_x86-arm.zip">Android -5.1 R18 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r19-linux_x86-arm.zip">Android +5.1 R19 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r18-linux_x86-x86.zip">Android -5.1 R18 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r19-linux_x86-x86.zip">Android +5.1 R19 CTS Verifier - x86</a></li> </ul> <h2 id="android-50">Android 5.0</h2> diff --git a/en/devices/tech/ota/device_code.html b/en/devices/tech/ota/device_code.html index 47668a49..144f43fc 100644 --- a/en/devices/tech/ota/device_code.html +++ b/en/devices/tech/ota/device_code.html @@ -105,6 +105,22 @@ field on the line begins with a ‘/' character, it is considered a <b>device2 </b> entry; if the entry does not begin with a ‘/' character, it is considered an <b>options</b> field.</p> +<h2 id="boot-animation">Boot animation</h2> + +<p>Device manufacturers have the ability to customize the animation shown when +an Android device is booting. To do this, construct a .zip file organized and +located according to the specifications in <a +href="https://android.googlesource.com/platform/frameworks/base/+/master/cmds/bootanimation/FORMAT.md">bootanimation +format</a>.</p> + +<p>For <a + href="https://developer.android.com/things/hardware/index.html">Android + Things</a> devices, you may upload the zipped file in the Android +Things console to have the images included in the selected product.</p> + +<p class="note"><strong>Note:</strong> These images must meet Android <a +href="/source/brands">brand guidelines</a>.</p> + <h2 id="recovery-ui">Recovery UI</h2> <p>To support devices with different available hardware (physical buttons, LEDs, screens, etc.), you can customize the recovery interface to display @@ -449,7 +465,7 @@ TARGET_RECOVERY_UI_LIB := librecovery_ui_tardis <h2 id="recovery-ui-images">Recovery UI images</h2> -<p>The recovery user interface consists images. Ideally, users never interact +<p>The recovery user interface consists of images. Ideally, users never interact with the UI: During a normal update, the phone boots into recovery, fills the installation progress bar, and boots back into the new system without input from the user. In the event of a system update problem, the only user action diff --git a/en/security/bulletin/2017-04-01.html b/en/security/bulletin/2017-04-01.html index 22988ff9..b24ea7a4 100644 --- a/en/security/bulletin/2017-04-01.html +++ b/en/security/bulletin/2017-04-01.html @@ -112,7 +112,7 @@ successfully exploited on Android.</p> <li>Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>) and <a href="http://weibo.com/jfpan">pjf </a>of IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2017-6426, CVE-2017-0581, CVE-2017-0329, CVE-2017-0332, - CVE-2017-0566</li> + CVE-2017-0566, CVE-2017-0573</li> <li>Guang Gong (龚广) (<a href="https://twitter.com/oldfresher">@oldfresher</a>) of Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2017-0547</li> <li>Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.: diff --git a/en/security/bulletin/2017-05-01.html b/en/security/bulletin/2017-05-01.html index bfad8ced..bafb90e2 100644 --- a/en/security/bulletin/2017-05-01.html +++ b/en/security/bulletin/2017-05-01.html @@ -22,7 +22,7 @@ --> -<p><em>Published May 01, 2017</em></p> +<p><em>Published May 01, 2017 | Updated May 02, 2017</em></p> <p>The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security @@ -36,9 +36,9 @@ and Nexus update schedule</a> to learn how to check a device's security patch level.</p> <p>Partners were notified of the issues described in the bulletin on April 03, 2017 -or earlier. Source code patches for these issues will be released to the Android -Open Source Project (AOSP) repository in the next 48 hours. We will revise this -bulletin with the AOSP links when they are available.</p> +or earlier. Source code patches for these issues have been released to the +Android Open Source Project (AOSP) repository and linked from this bulletin. +This bulletin also includes links to patches outside of AOSP.</p> <p>The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such @@ -143,6 +143,8 @@ Tesla's Product Security Team: CVE-2017-0331, CVE-2017-0606</li> href="https://twitter.com/jiych_guru">@jiych_guru</a>): CVE-2017-0603</li> <li>Peng Xiao, Chengming Yang, Ning You, Chao Yang, and Yang song of Alibaba Mobile Security Group: CVE-2016-10281, CVE-2016-10280</li> +<li>Roee Hay (<a href="https://twitter.com/roeehay">@roeehay</a>) of <a +href="https://alephsecurity.com/">Aleph Research</a>: CVE-2016-10277</li> <li><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>): CVE-2016-10274</li> <li><a href="mailto:segfault5514@gmail.com">Tong Lin</a>, <a @@ -204,7 +206,7 @@ remote code execution within the context of the Mediaserver process.</p> </tr> <tr> <td>CVE-2017-0587</td> - <td>A-35219737</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/a86eb798d077b9b25c8f8c77e3c02c2f287c1ce7">A-35219737</a></td> <td>Critical</td> <td>All</td> <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -212,7 +214,7 @@ remote code execution within the context of the Mediaserver process.</p> </tr> <tr> <td>CVE-2017-0588</td> - <td>A-34618607</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/6f1d990ce0f116a205f467d9eb2082795e33872b">A-34618607</a></td> <td>Critical</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -220,7 +222,7 @@ remote code execution within the context of the Mediaserver process.</p> </tr> <tr> <td>CVE-2017-0589</td> - <td>A-34897036</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/bcfc7124f6ef9f1ec128fb2e90de774a5b33d199">A-34897036</a></td> <td>Critical</td> <td>All</td> <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -228,7 +230,7 @@ remote code execution within the context of the Mediaserver process.</p> </tr> <tr> <td>CVE-2017-0590</td> - <td>A-35039946</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/45c97f878bee15cd97262fe7f57ecea71990fed7">A-35039946</a></td> <td>Critical</td> <td>All</td> <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -236,7 +238,7 @@ remote code execution within the context of the Mediaserver process.</p> </tr> <tr> <td>CVE-2017-0591</td> - <td>A-34097672</td> + <td><a href="https://android.googlesource.com/platform/external/libavc/+/5c3fd5d93a268abb20ff22f26009535b40db3c7d">A-34097672</a></td> <td>Critical</td> <td>All</td> <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -244,7 +246,7 @@ remote code execution within the context of the Mediaserver process.</p> </tr> <tr> <td>CVE-2017-0592</td> - <td>A-34970788</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/acc192347665943ca674acf117e4f74a88436922">A-34970788</a></td> <td>Critical</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -278,7 +280,7 @@ protections that isolate application data from other applications.</p> </tr> <tr> <td>CVE-2017-0593</td> - <td>A-34114230</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/78efbc95412b8efa9a44d573f5767ae927927d48">A-34114230</a></td> <td>High</td> <td>All</td> <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -313,7 +315,7 @@ to a third-party application.</p> </tr> <tr> <td>CVE-2017-0594</td> - <td>A-34617444</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/594bf934384920618d2b6ce0bcda1f60144cb3eb">A-34617444</a></td> <td>High</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -321,7 +323,7 @@ to a third-party application.</p> </tr> <tr> <td>CVE-2017-0595</td> - <td>A-34705519</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34705519</a></td> <td>High</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> @@ -329,7 +331,7 @@ to a third-party application.</p> </tr> <tr> <td>CVE-2017-0596</td> - <td>A-34749392</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/5443b57cc54f2e46b35246637be26a69e9f493e1">A-34749392</a></td> <td>High</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> @@ -364,7 +366,7 @@ to a third-party application.</p> </tr> <tr> <td>CVE-2017-0597</td> - <td>A-34749571</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/a9188f89179a7edd301abaf37d644adf5d647a04">A-34749571</a></td> <td>High</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -399,7 +401,8 @@ access to.</p> </tr> <tr> <td>CVE-2017-0598</td> - <td>A-34128677</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/4e110ab20bb91e945a17c6e166e14e2da9608f08">A-34128677</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/d42e1204d5dddb78ec9d20d125951b59a8344f40">2</a>]</td> <td>High</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -432,7 +435,7 @@ service.</p> </tr> <tr> <td>CVE-2017-0599</td> - <td>A-34672748</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/a1424724a00d62ac5efa0e27953eed66850d662f">A-34672748</a></td> <td>High</td> <td>All</td> <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -440,7 +443,7 @@ service.</p> </tr> <tr> <td>CVE-2017-0600</td> - <td>A-35269635</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0">A-35269635</a></td> <td>High</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -474,7 +477,7 @@ user interaction requirements. </p> </tr> <tr> <td>CVE-2017-0601</td> - <td>A-35258579</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/667d2cbe3eb1450f273a4f6595ccef35e1f0fe4b">A-35258579</a></td> <td>Moderate</td> <td>All</td> <td>7.0, 7.1.1, 7.1.2</td> @@ -508,7 +511,8 @@ lock screen.</p> </tr> <tr> <td>CVE-2017-0493</td> - <td>A-32793550</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e4cefbf4fce458489b5f1bebc79dfaf566bcc5d5">A-32793550</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/f806d65e615b942c268a5f68d44bde9d55634972">2</a>]</td> <td>Moderate</td> <td>All</td> <td>7.0, 7.1.1</td> @@ -541,7 +545,7 @@ to details specific to the vulnerability.</p> </tr> <tr> <td>CVE-2017-0602</td> - <td>A-34946955</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/a4875a49404c544134df37022ae587a4a3321647">A-34946955</a></td> <td>Moderate</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -574,7 +578,7 @@ Moderate due to details specific to the vulnerability.</p> </tr> <tr> <td>CVE-2016-7056</td> - <td>A-33752052</td> + <td><a href="https://android.googlesource.com/platform/external/boringssl/+/13179a8e75fee98740b5ce728752aa7294b3e32d">A-33752052</a></td> <td>Moderate</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -607,7 +611,7 @@ rated as Moderate because it requires an uncommon device configuration.</p> </tr> <tr> <td>CVE-2017-0603</td> - <td>A-35763994</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/36b04932bb93cc3269279282686b439a17a89920">A-35763994</a></td> <td>Moderate</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -640,7 +644,7 @@ issue is rated as Low due to details specific to the vulnerability.</p> </tr> <tr> <td>CVE-2017-0635</td> - <td>A-35467107</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/523f6b49c1a2289161f40cf9fe80b92e592e9441">A-35467107</a></td> <td>Low</td> <td>All</td> <td>7.0, 7.1.1, 7.1.2</td> @@ -686,7 +690,7 @@ code execution within the context of the Mediaserver process.</p> </tr> <tr> <td>CVE-2015-7555</td> - <td>A-34697653</td> + <td><a href="https://android.googlesource.com/platform/external/giflib/+/dc07290edccc2c3fc4062da835306f809cea1fdc">A-34697653</a></td> <td>Critical</td> <td>All</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> @@ -1056,15 +1060,20 @@ remote code execution in an application that uses this library.</p> </tr> <tr> <td>CVE-2016-5131</td> - <td>A-32956747</td> + <td>A-32956747*</td> <td>High</td> - <td>None*</td> + <td>None**</td> <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td> <td>July 23, 2016</td> </tr> </table> -<p>* Supported Google devices on Android 7.1.1 or later that have installed all +<p>* The patch for this issue is not publicly available. The update is contained +in the latest binary drivers for Nexus devices available from the <a +href="https://developers.google.com/android/drivers">Google Developer +site</a>.</p> + +<p>** Supported Google devices on Android 7.1.1 or later that have installed all available updates are not affected by this vulnerability.</p> @@ -3073,6 +3082,7 @@ belongs. These prefixes map as follows:</p> <h2 id="revisions">Revisions</h2> <ul> <li>May 01, 2017: Bulletin published.</li> +<li>May 02, 2017: Bulletin revised to include AOSP links.</li> </ul> </body> </html> diff --git a/en/security/overview/updates-resources.html b/en/security/overview/updates-resources.html index fcf199f5..a7a44415 100644 --- a/en/security/overview/updates-resources.html +++ b/en/security/overview/updates-resources.html @@ -23,8 +23,6 @@ -<h2 id=android_security_bug_lifecycle>Android security bug lifecycle</h2> - <p>The Android security team is responsible for managing security vulnerabilities discovered in the Android platform and many of the core Android apps bundled with Android devices.</p> @@ -38,7 +36,7 @@ upstream open source project maintainers, notifications from our device manufacturer partners, and publicly disclosed issues posted on blogs or social media.</p> -<h2 id=report-issues>Reporting security issues</h2> +<h2 id="report-issues">Reporting security issues</h2> <p>Any developer, Android user, or security researcher can notify the Android security team of potential security issues through the <a @@ -51,134 +49,162 @@ plan to submit a patch or Compatibility Test Suite (CTS) test to resolve a security issue, please attach it to the bug report and wait for a response before uploading the code to AOSP.</p> -<h2 id=triaging_bugs>Triaging bugs</h2> +<h2 id="triaging_bugs">Triaging bugs</h2> <p>The first task in handling a security vulnerability is to identify the severity of the bug and which component of Android is affected. The severity determines how the issue is prioritized, and the component determines who fixes the bug, who is notified, and how the fix gets deployed to users.</p> -<h3 id=process_types>Process types</h3> +<h3 id="process_types">Process types</h3> <p>This table covers the definitions of process types. The process type can be defined by the type of application or process or the area in which it runs. This table is ordered from least to most privileged.</p> <table> - <tr> - <th>Process type</th> - <th>Type definition</th> - </tr> - <tr> - <td>Constrained process</td> - <td>A process that runs in a highly limited SELinux domain.<br /> - OR<br /> - A process that is significantly more limited than a normal application.</td> - </tr> - <tr> - <td>Unprivileged process</td> - <td>A third-party application or process.<br /> - OR<br /> - An application or process that runs in the SELinux <code>untrusted_app</code> domain.</td> - </tr> - <tr> - <td>Privileged process</td> - <td>An application or process with capabilities that are restricted by SELinux - <code>untrusted_app</code> domain.<br /> - OR<br /> - An application or process with important privileges that a third-party - application cannot obtain.</td> - </tr> - <tr> - <td>Kernel</td> - <td>Functionality that is either part of the kernel or runs in the same CPU context - as the kernel (like device drivers).</td> - </tr> - <tr> - <td>Trusted Execution Environment (TEE)</td> - <td> A component that is designed to be protected from even a hostile kernel.</td> - </tr> + <col width="30%"> + <col width="70%"> + <tr> + <th>Process type</th> + <th>Type definition</th> + </tr> + <tr> + <td>Constrained process</td> + <td>A process that runs in a highly limited SELinux domain.<br /> + OR<br /> + A process that is significantly more limited than a normal application.</td> + </tr> + <tr> + <td>Unprivileged process</td> + <td>A third-party application or process.<br /> + OR<br /> + An application or process that runs in the SELinux <code>untrusted_app</code> + domain.</td> + </tr> + <tr> + <td>Privileged process</td> + <td>An application or process with capabilities that are restricted by + SELinux <code>untrusted_app</code> domain.<br /> + OR<br /> + An application or process with important privileges that a third-party + application cannot obtain.</td> + </tr> + <tr> + <td>Trusted Computing Base (TCB)</td> + <td>Functionality that is part of the kernel, runs in the same CPU context as + the kernel (such as device drivers), has direct access to kernel memory (such as + hardware components on the device), or is one of a handful of user services + that is considered kernel equivalent: <code>init</code>, <code>ueventd</code>, + and <code>vold</code>.</td> + </tr> + <tr> + <td>Trusted Execution Environment (TEE)</td> + <td> A component that is designed to be protected from even a hostile kernel.</td> + </tr> </table> -<h3 id=severity>Severity</h3> +<h3 id="severity">Severity</h3> <p>The severity of a bug generally reflects the potential harm that could occur if a bug was successfully exploited. Use the following criteria to determine the severity:</p> <table> - <tr> - <th>Rating</th> - <th>Consequence of successful exploitation</th> - </tr> - <tr> - <td><strong>Critical</strong></td> - <td> - <ul> - <li> Remote arbitrary code execution in a privileged process - <li> Permanent device compromise (device cannot be repaired without re-flashing the - entire operating system) - <li> Unauthorized access to data secured by the TEE - <li> Remote permanent denial of service (device inoperability: completely permanent - or requiring re-flashing the entire operating system) - </ul> - </td> - </tr> - <tr> - <td><strong>High</strong></td> - <td> - <ul> - <li> Remote arbitrary code execution in an unprivileged process - <li> Remote access to protected data (data normally accessible only to locally - installed apps that request permission, or that is limited to a privileged - process) - <li> Remote bypass of user interaction requirements (access to functionality that - would normally require either user initiation or user permission) - <li> Local arbitrary code execution in a privileged process - <li> Local permanent denial of service (device inoperability: completely permanent - or requiring re-flashing the entire operating system) - <li> A general bypass for a kernel level defense in depth or exploit mitigation - technology - <li> Remote temporary device denial of service (remote hang or reboot) - <li> Local bypass of user interaction requirements for any developer or security - settings modifications - <li> A general bypass for operating system protections that isolate application data - from other applications - <li> Lockscreen bypass - </ul> - </td> - </tr> - <tr> - <td><strong>Moderate</strong></td> - <td> - <ul> - <li> Remote arbitrary code execution in a constrained process - <li> Local bypass of user interaction requirements (access to functionality that - would normally require either user initiation or user permission) - <li> Local temporary denial of service (device requires a factory reset) - <li> A general bypass for a user level defense in depth or exploit mitigation - technology in a privileged process - <li> Remote access to unprotected data (data normally accessible to any locally - installed app) - <li> Bypass of Device Protection/ Factory Reset Protection - </ul> - </td> - </tr> - <tr> - <td><strong>Low</strong></td> - <td> - <ul> - <li> A general bypass for a user level defense in depth or exploit mitigation - technology in an unprivileged process - <li> Local temporary denial of service (can be resolved by booting the device into - Safe Mode and removing the problematic application, or by a factory reset if - the device does not support Safe Mode) - </ul> - </td> - </tr> + <tr> + <th>Rating</th> + <th>Consequence of successful exploitation</th> + </tr> + <tr> + <td><strong>Critical</strong></td> + <td> + <ul> + <li>Arbitrary code execution in the TEE</li> + <li>Remote arbitrary code execution in a privileged process or the TCB</li> + <li>Remote permanent denial of service (device inoperability: completely + permanent or requiring re-flashing the entire operating system)</li> + <li>Remote bypass of user interaction requirements on package installation or + equivalent behavior</li> + <li>Secure Boot bypass</li> + </ul> + </td> + </tr> + <tr> + <td><strong>High</strong></td> + <td> + <ul> + <li>Remote arbitrary code execution in an unprivileged process</li> + <li>Arbitrary local code execution in a privileged process or the TCB</li> + <li>Unauthorized access to data secured by the TEE</li> + <li>Remote access to protected data (data normally accessible only to locally + installed apps that request permission, or that is limited to a privileged + process)</li> + <li>Local permanent denial of service (device inoperability: completely + permanent or requiring re-flashing the entire operating system)</li> + <li>Remote temporary device denial of service (remote hang or reboot)</li> + <li>Remote bypass of user interaction requirements (access to functionality that + would normally require either user initiation or user permission)</li> + <li>Local bypass of user interaction requirements for any developer or security + settings modifications</li> + <li>A general bypass for operating system protections that isolate application + data from other applications</li> + <li>A general bypass for operating system protections that isolate users or + profiles from one another</li> + <li>Cryptographic Vulnerability in Standard TLS that allows for + man-in-the-middle attacks</li> + <li>Lockscreen bypass</li> + </ul> + </td> + </tr> + <tr> + <td><strong>Moderate</strong></td> + <td> + <ul> + <li>Remote arbitrary code execution in a constrained process</li> + <li>Local arbitrary code execution in an unprivileged process</li> + <li>A general bypass for a defense in depth or exploit mitigation technology in + a privileged process, the TCB, or the TEE</li> + <li>Bypass of restrictions on a constrained process</li> + <li>Remote access to unprotected data (data normally accessible to any locally + installed app)</li> + <li>Local access to protected data (data normally accessible only to locally + installed apps that request permission, or that is limited to a privileged + process)</li> + <li>Local bypass of user interaction requirements (access to functionality that + would normally require either user initiation or user permission)</li> + <li>Local permanent denial of service (device requires a factory reset)</li> + <li>Cryptographic Vulnerability in standard crypto primitives that allows + leaking of plaintext (not primitives used in TLS)</li> + <li>Bypass of Device Protection/ Factory Reset Protection</li> + <li>Bypass of Carrier Restrictions</li> + <li>Targeted prevention of access to emergency services</li> + </ul> + </td> + </tr> + <tr> + <td><strong>Low</strong></td> + <td> + <ul> + <li>Local arbitrary code execution in a constrained process</li> + <li>Cryptographic Vulnerability in non-standard usage</li> + <li>A general bypass for a user level defense in depth or exploit + mitigation technology in an unprivileged process</li> + </ul> + </td> + </tr> + <tr> + <td><strong>No Security Impact (NSI)</strong></td> + <td> + <ul> + <li>A vulnerability whose impact has been mitigated by one or more rating + modifiers or version-specific architecture changes such that the effective + severity is below Low, although the underlying code issue may remain</li> + </ul> + </td> + </tr> </table> -<h4 id=local_vs_remote>Local vs. remote</h4> +<h4 id="local_vs_remote">Local vs. remote</h4> <p>A remote attack vector indicates the bug could be exploited without installing an app or without physical access to the device. This includes bugs that could @@ -196,26 +222,45 @@ physical access to the device, for example a bug in a lock screen or one that requires plugging in a USB cable. The Android security team also considers NFC-based attacks as local.</p> -<h3 id=rating_modifiers>Rating modifiers</h3> +<h3 id="rating_modifiers">Rating modifiers</h3> <p>While the severity of security vulnerabilities is often easy to identify, -ratings may change based on circumstances. </p> +ratings may change based on circumstances.</p> <table> - <tr> - <th>Reason</th> - <th>Effect</th> - </tr> - <tr> - <td>Requires running as a privileged process to execute the attack</td> - <td>-1 Severity</td> - </tr> - <tr> - <td>Vulnerability-specific details limit the impact of the issue </td> - <td>-1 Severity</td> - </tr> + <tr> + <th>Reason</th> + <th>Effect</th> + </tr> + <tr> + <td>Requires running as a privileged process to execute the attack</td> + <td>-1 Severity</td> + </tr> + <tr> + <td>Vulnerability-specific details limit the impact of the issue</td> + <td>-1 Severity</td> + </tr> + <tr> + <td>Compiler or platform configurations mitigate a vulnerability in the + source code</td> + <td>Moderate Severity if the underlying vulnerability is Moderate or higher</td> + </tr> + <tr> + <td>Requires tamper-evident physical access</td> + <td>-2 Severity</td> + </tr> + <tr> + <td>If no SELinux domain can conduct the operation under the Google-provided + SEPolicy</td> + <td>No Security Impact</td> + </tr> </table> +<p class="note"> +<strong>Note</strong>: A CVE may not be issued for issues assessed as Low or NSI. +</p> + + -<h3 id=affected_component>Affected component</h3> +<h3 id="affected_component">Affected component</h3> <p>The development team responsible for fixing the bug depends on which component the bug is in. It could be a core component of the Android platform, a kernel @@ -231,24 +276,23 @@ fixed in our internal repositories first.</p> or kernel will require an over-the-air (OTA) firmware update that each OEM will need to push. A bug in an app or library published in Google Play (e.g., Gmail, Google Play Services, WebView in Lollipop and later versions) can be sent to -Android users as an update from Google Play. </p> +Android users as an update from Google Play.</p> -<h2 id=notifying_partners>Notifying partners</h2> +<h2 id="notifying_partners">Notifying partners</h2> -<p>When a moderate or higher severity security vulnerability in AOSP is fixed, -we'll notify Android partners of issue details and provide patches for a minimum -of the most recent three Android releases. The Android security team currently -provides patches for Android versions 4.4 (KitKat), 5.0 (Lollipop), 5.1 -(Lollipop MR1), and 6.0 (Marshmallow). This list of backport-supported versions -changes with each new Android release.</p> +<p>When a security vulnerability in AOSP is fixed in an Android Security +Bulletin, we'll notify Android partners of issue details and provide patches. +The Android security team currently provides patches for Android versions 4.4 +(KitKat) and above. This list of backport-supported versions changes with each +new Android release.</p> -<h2 id=releasing_code_to_aosp>Releasing code to AOSP</h2> +<h2 id="releasing_code_to_aosp">Releasing code to AOSP</h2> <p>If the security bug is in an AOSP component, the fix will be pushed out to AOSP after the OTA is released to users. Fixes for low-severity issues may be submitted directly to the AOSP master branch before a fix is available.</p> -<h2 id=android_updates>Receiving Android updates</h2> +<h2 id="android_updates">Receiving Android updates</h2> <p>Updates to the Android system are generally delivered to devices through OTA update packages. These updates may come from the OEM who @@ -258,7 +302,7 @@ carrier technical acceptance (TA) testing procedure. Google also publishes <a href="https://developers.google.com/android/nexus/images">Nexus factory images</a> that can be side-loaded to devices.</p> -<h2 id=updating_google_services>Updating Google services</h2> +<h2 id="updating_google_services">Updating Google services</h2> <p>In addition to providing patches for security bugs, the Android security team also review security bugs to determine if there are other ways to protect @@ -268,7 +312,7 @@ from outside of Google Play, devices with Google Play Services may also use the <a href="https://support.google.com/accounts/answer/2812853">Verify Apps</a> feature to warn users about applications that may be potentially harmful.</p> -<h2 id=other_resources>Other resources</h2> +<h2 id="other_resources">Other resources</h2> <p>Information for Android application developers: <a href="https://developer.android.com">https://developer.android.com</a></p> @@ -278,7 +322,7 @@ sites. Good places to start:<br> <a href="/security/index.html">https://source.android.com/security/index.html</a><br> <a href="https://developer.android.com/training/articles/security-tips.html">https://developer.android.com/training/articles/security-tips.html</a></p> -<h3 id=reports>Reports</h3> +<h3 id="reports">Reports</h3> <p>Sometimes the Android Security team publishes reports or whitepapers. Here are some of the most recent.</p> <ul> <li><a href="/security/reports/Google_Android_Security_2016_Report_Final.pdf"> @@ -311,7 +355,5 @@ sites. Good places to start:<br> <li><a href="/security/reports/Android-Bootcamp-2016-Android-Attack-Team.pdf"> Android attack team</a></li> </ul> - - </body> </html> diff --git a/en/source/_toc.yaml b/en/source/_toc.yaml index 2f24202d..74e92cc7 100644 --- a/en/source/_toc.yaml +++ b/en/source/_toc.yaml @@ -29,7 +29,7 @@ toc: path: /source/building - title: Compiling with Jack path: /source/jack - - title: Selecting Devices + - title: Using Reference Boards path: /source/devices - title: Running Builds path: /source/running diff --git a/en/source/devices.html b/en/source/devices.html index 4c821d63..082478be 100644 --- a/en/source/devices.html +++ b/en/source/devices.html @@ -1,6 +1,6 @@ <html devsite> <head> - <title>Selecting Devices</title> + <title>Using Reference Boards</title> <meta name="project_path" value="/_project.yaml" /> <meta name="book_path" value="/_book.yaml" /> </head> @@ -22,8 +22,6 @@ --> - - <p>You can create builds for Nexus devices using Android Open Source Project (AOSP) builds and the relevant hardware-specific binaries. For available Android builds and targeted devices, see @@ -41,112 +39,15 @@ upgrade efforts, reduce time-to-market for new Android devices, lower device costs by enabling ODM/OEMs to choose from a wider range of compatible components, and increase the speed of innovation among component suppliers.</p> -<p>Google supports <a href="#620hikey">HiKey</a> and -<a href="#960hikey">Hikey960</a> certified +<p>Google supports <a href="#960hikey">HiKey960</a> and +<a href="#620hikey">HiKey</a> certified <a href="https://www.96boards.org/products/ce/hikey/">96Boards</a> as Android reference boards. AOSP provides kernel source and board support for HiKey so developers can easily create and debug new and existing peripheral drivers, do kernel development, and perform other tasks with fewer OEM encumbrances.</p> -<h2 id="620hikey">Hikey boards</h2> - -<p>The HiKey board (also known as HiKey620) is available in -<a href="http://www.lenovator.com/product/86.html">1GB RAM</a> and -<a href="http://www.lenovator.com/product/90.html">2GB RAM</a> configurations -from <a href="http://www.lenovator.com">Lenovator</a>:</p> - -<img src="images/hikey620.png" alt="HiKey620 board image" /> -<p class="img-caption"><strong>Figure 1.</strong> HiKey board by Lenovator</p> - -<p>Additional resources:</p> -<ul> -<li> -<a href="https://www.96boards.org/wp-content/uploads/2015/02/96Boards-Hikey-Rev-A1.pdf">HiKey -schematics</a></li> -<li> -<a href="https://www.96boards.org/wp-content/uploads/2015/02/HiKey_User_Guide_Rev0.2.pdf">HiKey -user guide</a></li> -<li><a href="https://github.com/96boards/documentation/wiki/">96boards wiki</a></li> -</ul> - -<p>Use the following commands to download, build, and run Android on the HiKey -board.</p> - -<h3 id="620userspace">Compiling userspace</h3> -<ol> -<li>Download the Android source tree: -<pre>$ repo init -u <a href="https://android.googlesource.com/platform/manifest">https://android.googlesource.com/platform/manifest</a> -b master -$ repo sync -j24</pre></li> -<li>Download and extract HDMI binaries into the Android source tree: -<pre>$ wget <a href="https://dl.google.com/dl/android/aosp/linaro-hikey-20160226-67c37b1a.tgz">https://dl.google.com/dl/android/aosp/linaro-hikey-20160226-67c37b1a.tgz</a> -$ tar xzf linaro-hikey-20160226-67c37b1a.tgz -$ ./extract-linaro-hikey.sh</pre></li> -<li>Install mcopy utility: -<pre>$ apt-get install mtools</pre></li> -<li>Build: -<pre>$ . ./build/envsetup.sh -$ lunch hikey-userdebug -$ make -j32</pre></li> -</ol> - -<p class="note"><strong>Note:</strong> For 4GB eMMC, instead of <code>$ make -j32</code> -use: <code>$ make -j32 TARGET_USERDATAIMAGE_4GB=true</code>.</p> - -<h3 id="620fastboot">Installing initial fastboot and ptable</h3> -<ol> -<li>Select special bootloader mode by linking J15 1-2 and 3-4 pins (for details, -refer to the -<a href="https://www.96boards.org/wp-content/uploads/2015/02/HiKey_User_Guide_Rev0.2.pdf">HiKey -user guide</a>).</li> -<li>Connect USB to PC to get ttyUSB device (ex: <code>/dev/ttyUSB1</code>).</li> -<li>Power the board: -<pre>$ cd device/linaro/hikey/installer/hikey -$ ./flash-all.sh /dev/ttyUSB1 [4g]</pre></li> -<li>Remove jumper 3-4 and power the board.</li> -</ol> - -<h3 id="620images">Flashing images</h3> -<ol> -<li>Enter fastboot mode by linking J15 1-2 and 5-6 pins.</li> -<li>Run the following commands: -<pre>$ fastboot flash boot out/target/product/hikey/boot.img -$ fastboot flash -w system out/target/product/hikey/system.img</pre></li> -<li>Remove jumper 5-6 and power the board.</li> -</ol> - -<h3 id="620kernel">Building the kernel</h3> -<ol> -<li>Run the following commands: -<pre>$ git clone <a href="https://android.googlesource.com/kernel/hikey-linaro">https://android.googlesource.com/kernel/hikey-linaro</a> -$ cd hikey-linaro -$ git checkout -b android-hikey-linaro-4.9 origin/android-hikey-linaro-4.9 -$ make ARCH=arm64 hikey_defconfig -$ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-android- -j24</pre></li> -<li>Copy output to the hikey kernel directory -(<code>/kernel/hikey-linaro</code>): -<ul> -<li>Copy hi6220-hikey.dtb -(<code>arch/arm64/boot/dts/hisilicon/hi6220-hikey.dtb</code>) to the -hikey-kernel directory as file hi6220-hikey.dtb-4.9.</li> -<li>Copy the Image file <code>(arch/arm64/boot/Image-dtb</code>) to the -hikey-kernel directory as file Image-dtb-4.9.</li></ul> -<li>Make the boot image: -<pre>$ make bootimage -j24</pre></li> -</ol> - -<h3 id="620resolution">Setting monitor resolution</h3> -<p>Edit <code>device/linaro/hikey/hikey/BoardConfig.mk</code> parameter -<code>BOARD_KERNEL_CMDLINE</code> and configure the <code>video</code> setting. -Example setting for a 24" monitor: <code>video=HDMI-A-1:1280x800@60</code>.</p> - -<h3 id="620serial">Configuring kernel serial output (uart3)</h3> -<p>Set the J2 low speed expansion connector to 1 - Gnd, 11 - Rx, 13 - Tx. For -details, refer to the -<a href="https://www.96boards.org/wp-content/uploads/2015/02/HiKey_User_Guide_Rev0.2.pdf">HiKey -user guide</a>.</p> - -<h2 id="960hikey">Hikey960 boards</h2> +<h2 id="960hikey">HiKey960 boards</h2> <p>The HiKey960 board is available in a 3GB RAM configuration from LeMaker (via <a href="https://www.amazon.com/dp/B071RD3V34">Amazon.com</a>) and from @@ -203,7 +104,7 @@ $ ./flash-all.sh</pre></li> <ol> <li>Enter fastboot mode by turning ON switch 1 and 3.</li> <li>Flash images by running the following commands: -<pre>$ fastboot flash boot out/target/product/hikey/boot.img +<pre>$ fastboot flash boot out/target/product/hikey960/boot.img $ fastboot flash dts out/target/product/hikey960/dt.img $ fastboot flash system out/target/product/hikey960/system.img $ fastboot flash cache out/target/product/hikey960/cache.img @@ -245,5 +146,102 @@ For a <a href="https://www.arrow.com/en/products/96boards-display-7/linksprite-technologies-inc">LinkSprite 7-inch Display Kit</a>, the setting is <code>video=HDMI-A-1:800x480@60</code>.</p> +<h2 id="620hikey">HiKey boards</h2> + +<p>The HiKey board (also known as HiKey620) is available in +<a href="http://www.lenovator.com/product/86.html">1GB RAM</a> and +<a href="http://www.lenovator.com/product/90.html">2GB RAM</a> configurations +from <a href="http://www.lenovator.com">Lenovator</a>:</p> + +<img src="images/hikey620.png" alt="HiKey620 board image" /> +<p class="img-caption"><strong>Figure 1.</strong> HiKey board by Lenovator</p> + +<p>Additional resources:</p> +<ul> +<li> +<a href="https://github.com/96boards/documentation/blob/master/ConsumerEdition/HiKey960/HardwareDocs/HiKey960_Schematics.pdf">HiKey +schematics</a></li> +<li> +<a href="http://www.96boards.org/documentation/ConsumerEdition/HiKey960/HardwareDocs/HardwareUserManual.md/">HiKey +user guide</a></li> +<li><a href="https://github.com/96boards/documentation/wiki/">96boards wiki</a></li> +</ul> + +<p>Use the following commands to download, build, and run Android on the HiKey +board.</p> + +<h3 id="620userspace">Compiling userspace</h3> +<ol> +<li>Download the Android source tree: +<pre>$ repo init -u <a href="https://android.googlesource.com/platform/manifest">https://android.googlesource.com/platform/manifest</a> -b master +$ repo sync -j24</pre></li> +<li>Download and extract HDMI binaries into the Android source tree: +<pre>$ wget <a href="https://dl.google.com/dl/android/aosp/linaro-hikey-20160226-67c37b1a.tgz">https://dl.google.com/dl/android/aosp/linaro-hikey-20160226-67c37b1a.tgz</a> +$ tar xzf linaro-hikey-20160226-67c37b1a.tgz +$ ./extract-linaro-hikey.sh</pre></li> +<li>Install mcopy utility: +<pre>$ apt-get install mtools</pre></li> +<li>Build: +<pre>$ . ./build/envsetup.sh +$ lunch hikey-userdebug +$ make -j32</pre></li> +</ol> + +<p class="note"><strong>Note:</strong> For 4GB eMMC, instead of <code>$ make -j32</code> +use: <code>$ make -j32 TARGET_USERDATAIMAGE_4GB=true</code>.</p> + +<h3 id="620fastboot">Installing initial fastboot and ptable</h3> +<ol> +<li>Select special bootloader mode by linking J15 1-2 and 3-4 pins (for details, +refer to the +<a href="https://www.96boards.org/wp-content/uploads/2015/02/HiKey_User_Guide_Rev0.2.pdf">HiKey +user guide</a>).</li> +<li>Connect USB to PC to get ttyUSB device (ex: <code>/dev/ttyUSB1</code>).</li> +<li>Power the board: +<pre>$ cd device/linaro/hikey/installer/hikey +$ ./flash-all.sh /dev/ttyUSB1 [4g]</pre></li> +<li>Remove jumper 3-4 and power the board.</li> +</ol> + +<h3 id="620images">Flashing images</h3> +<ol> +<li>Enter fastboot mode by linking J15 1-2 and 5-6 pins.</li> +<li>Run the following commands: +<pre>$ fastboot flash boot out/target/product/hikey/boot.img +$ fastboot flash -w system out/target/product/hikey/system.img</pre></li> +<li>Remove jumper 5-6 and power the board.</li> +</ol> + +<h3 id="620kernel">Building the kernel</h3> +<ol> +<li>Run the following commands: +<pre>$ git clone <a href="https://android.googlesource.com/kernel/hikey-linaro">https://android.googlesource.com/kernel/hikey-linaro</a> +$ cd hikey-linaro +$ git checkout -b android-hikey-linaro-4.9 origin/android-hikey-linaro-4.9 +$ make ARCH=arm64 hikey_defconfig +$ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-android- -j24</pre></li> +<li>Copy output to the hikey kernel directory +(<code>/kernel/hikey-linaro</code>): +<ul> +<li>Copy hi6220-hikey.dtb +(<code>arch/arm64/boot/dts/hisilicon/hi6220-hikey.dtb</code>) to the +hikey-kernel directory as file hi6220-hikey.dtb-4.9.</li> +<li>Copy the Image file <code>(arch/arm64/boot/Image-dtb</code>) to the +hikey-kernel directory as file Image-dtb-4.9.</li></ul> +<li>Make the boot image: +<pre>$ make bootimage -j24</pre></li> +</ol> + +<h3 id="620resolution">Setting monitor resolution</h3> +<p>Edit <code>device/linaro/hikey/hikey/BoardConfig.mk</code> parameter +<code>BOARD_KERNEL_CMDLINE</code> and configure the <code>video</code> setting. +Example setting for a 24" monitor: <code>video=HDMI-A-1:1280x800@60</code>.</p> + +<h3 id="620serial">Configuring kernel serial output (uart3)</h3> +<p>Set the J2 low speed expansion connector to 1 - Gnd, 11 - Rx, 13 - Tx. For +details, refer to the +<a href="https://www.96boards.org/wp-content/uploads/2015/02/HiKey_User_Guide_Rev0.2.pdf">HiKey +user guide</a>.</p> + </body> </html> diff --git a/en/source/requirements.html b/en/source/requirements.html index 48d62ffa..e47d3e66 100644 --- a/en/source/requirements.html +++ b/en/source/requirements.html @@ -38,9 +38,9 @@ branch. You can compile older versions on 32-bit systems. </li> - <li>At least 100GB of free disk space for a checkout, 150GB for a single - build, and 200GB or more for multiple builds. If you employ ccache, you will - need even more space.</p> + <li>At least 100GB of free disk space to checkout the code and an extra 150GB + to build it. If you conduct multiple builds or employ ccache, you will need + even more space.</p> </li> <li>If you are running Linux in a virtual machine, you need at diff --git a/en/source/site-updates.html b/en/source/site-updates.html index 21bbe7f2..d2f0afaf 100644 --- a/en/source/site-updates.html +++ b/en/source/site-updates.html @@ -34,7 +34,7 @@ Here is a summary of enhancements:</p> <h3 id="screen-estate">More screen real estate, larger type size</h3> <p>The entire site is wider, allowing you to view more content at once. Code -samples and commands are move visible, and all text has been enlarged.</p> +samples and commands are more visible, and all text has been enlarged.</p> <h3 id="mobile-ready">Mobile-ready view</h3> <p>The new site renders more cleanly on handheld devices with a dedicated |