diff options
| author | Android Partner Docs <noreply@android.com> | 2018-10-05 14:54:59 -0700 |
|---|---|---|
| committer | Christina Nguyen <cqn@google.com> | 2018-10-09 20:33:29 +0000 |
| commit | 28f304ca21458a83ae64be7bc253d66d64c6fe7d (patch) | |
| tree | 7357b9f31e6cc1c199f5a5c733622fd4e291ef68 /en | |
| parent | 4e8e6388d40ba495c1d28923818ccbc74d71194a (diff) | |
| download | source.android.com-28f304ca21458a83ae64be7bc253d66d64c6fe7d.tar.gz | |
Docs: Changes to source.android.com
- 215970977 Temporarily removing lhaviland@google.com from Android ow... by Mark Hecomovich <mheco@google.com>
- 215922321 Devsite localized content from translation request 999742. by Android Partner Docs <noreply@android.com>
- 215752895 Devsite localized content from translation request 987635. by Android Partner Docs <noreply@android.com>
- 215747061 Devsite localized content from translation request 999280. by Android Partner Docs <noreply@android.com>
- 215685626 Update a typo by Android Partner Docs <noreply@android.com>
- 215569645 Devsite localized content from translation request 964298. by Android Partner Docs <noreply@android.com>
- 215569641 Devsite localized content from translation request 997224. by Android Partner Docs <noreply@android.com>
- 215489394 Devsite localized content from translation request 985768. by Android Partner Docs <noreply@android.com>
- 215441686 Change 9.0 > 9 in September bulletin by Danielle Roberts <daroberts@google.com>
- 215436485 Updated Brand guidelines page and added new An... by Christina Nguyen <cqn@google.com>
- 215415034 Updating GSI page, cleaning up formatting by Heidi von Markham <hvm@google.com>
- 215410527 Devsite localized content from translation request 973639. by Android Partner Docs <noreply@android.com>
- 215409948 Add Luke to OWNERS.android file by Christina Nguyen <cqn@google.com>
- 215397775 Devsite localized content from translation request 996306. by Android Partner Docs <noreply@android.com>
- 215345146 FIxed instances of title case to sentence case in H2s and... by Android Partner Docs <noreply@android.com>
- 215327809 Add description for adding public native libraries from O... by Android Partner Docs <noreply@android.com>
- 215321681 Fix "Title Case" to "Sentence case" for H2 and lower. by Android Partner Docs <noreply@android.com>
- 215306961 Correct typo by Heidi von Markham <hvm@google.com>
- 215305539 Add AOSP links to bulletins by Danielle Roberts <daroberts@google.com>
- 215298999 Rename freeze.yaml to _freeze.yaml by Christina Nguyen <cqn@google.com>
- 215294337 Update build numbers for 2018/10 releases by Android Partner Docs <noreply@android.com>
- 215233776 October 2018 Pixel and Android bulletins by Danielle Roberts <daroberts@google.com>
- 215219829 Devsite localized content from translation request 984390. by Android Partner Docs <noreply@android.com>
- 215219824 Devsite localized content from translation request 976983. by Android Partner Docs <noreply@android.com>
- 215180705 Fix "Title Case" to "Sentence case" for H2 and lower. by Android Partner Docs <noreply@android.com>
- 215177158 Fix "Title Case" to "Sentence case" for H2 and lower. by Android Partner Docs <noreply@android.com>
- 214995897 Clarify 'behind the defining app' in APK v3 docs by Android Partner Docs <noreply@android.com>
- 214985353 Devsite localized content from translation request 1055447. by Android Partner Docs <noreply@android.com>
- 214982121 Update unclear phrase in docs by Danielle Roberts <daroberts@google.com>
- 214981703 Correct typo in APK v3 docs by Danielle Roberts <daroberts@google.com>
- 214906080 Fix "Title Case" to "Sentence case" for H2 and lower. by Android Partner Docs <noreply@android.com>
- 214830981 Devsite localized content from translation request 995327. by Android Partner Docs <noreply@android.com>
- 214826101 Fix typos. by Android Partner Docs <noreply@android.com>
- 214618705 Devsite localized content from translation request 967917. by Android Partner Docs <noreply@android.com>
- 214618693 Devsite localized content from translation request 1055677. by Android Partner Docs <noreply@android.com>
- 214618684 Devsite localized content from translation request 990062. by Android Partner Docs <noreply@android.com>
- 214434593 Devsite localized content from translation request 1055931. by Android Partner Docs <noreply@android.com>
- 214312016 Fixed links in the CTS section. by Android Partner Docs <noreply@android.com>
- 214278331 Devsite localized content from translation request 993097. by Android Partner Docs <noreply@android.com>
- 214009866 Create a freeze.yaml file for new content by Danielle Roberts <daroberts@google.com>
- 214003222 Devsite localized content from translation request 972159. by Android Partner Docs <noreply@android.com>
- 214003217 Devsite localized content from translation request 987626. by Android Partner Docs <noreply@android.com>
- 213846463 Correct length for ADK file 4300 by Android Partner Docs <noreply@android.com>
- 213845788 Fix text to match format of list by Kenneth Lau <kennethlau@google.com>
- 213833136 Devsite localized content from translation request 985770. by Android Partner Docs <noreply@android.com>
- 213827062 Devsite localized content from translation request 987627. by Android Partner Docs <noreply@android.com>
- 213823462 Change all booleans in googledata/devsite/site-androidsou... by Android Partner Docs <noreply@android.com>
- 213654861 Devsite localized content from translation request 985558. by Android Partner Docs <noreply@android.com>
- 213650475 [SAC Bug] Update CTS/CTS-Verifier/CTS_Instant downloads f... by Android Partner Docs <noreply@android.com>
- 213646341 Update indentation in health deprecation doc by Android Partner Docs <noreply@android.com>
- 213511670 Devsite localized content from translation request 980844. by Android Partner Docs <noreply@android.com>
- 213467973 Devsite localized content from translation request 976982. by Android Partner Docs <noreply@android.com>
- 213363938 Fix broken link to repo command reference by Danielle Roberts <daroberts@google.com>
- 213351475 Updating contact form link in case redirect disappears by Clay Murphy <claym@google.com>
PiperOrigin-RevId: 215970977
Change-Id: I18d960e9a079f775725ffefac54265f157d1c15b
Diffstat (limited to 'en')
35 files changed, 1678 insertions, 878 deletions
diff --git a/en/_index.yaml b/en/_index.yaml index 61eacae3..1a28e7a3 100644 --- a/en/_index.yaml +++ b/en/_index.yaml @@ -77,14 +77,14 @@ landing_page: image_path: /images/android_stack.png - heading: News items: - - heading: September Security Bulletins + - heading: October Security Bulletins description: > - The September 2018 Android and Pixel/Nexus Security Bulletins have been + The October 2018 Android and Pixel/Nexus Security Bulletins have been published along with links to associated fixes and new build numbers - to support the September security release. + to support the October security release. buttons: - - label: September 5th, 2018 - path: /security/bulletin/2018-09-01 + - label: October 1st, 2018 + path: /security/bulletin/2018-10-01 - heading: Android 9 Documentation description: > Android 9 has been released! This site includes documentation for diff --git a/en/_translation.yaml b/en/_translation.yaml index cf0d9878..cf10a2a2 100644 --- a/en/_translation.yaml +++ b/en/_translation.yaml @@ -5,7 +5,7 @@ ignore_paths: - /reference/... - /security/... - /setup/... -enable_continuous_translation: True +enable_continuous_translation: true title: Android Open Source Project description: Translations for source.android.com language: diff --git a/en/compatibility/_translation.yaml b/en/compatibility/_translation.yaml index a099d81b..b458dee8 100644 --- a/en/compatibility/_translation.yaml +++ b/en/compatibility/_translation.yaml @@ -17,7 +17,7 @@ ignore_paths: - /compatibility/8.1/... - /compatibility/images/... - /compatibility/source/... -enable_continuous_translation: True +enable_continuous_translation: true title: Android Open Source Project Compatibility tab description: Translations for SAC compatibility tab language: diff --git a/en/compatibility/cts/downloads.html b/en/compatibility/cts/downloads.html index b5dc66cb..ebc2265a 100644 --- a/en/compatibility/cts/downloads.html +++ b/en/compatibility/cts/downloads.html @@ -31,121 +31,121 @@ R<number> in the link name.</p> <h2 id="android-90">Android 9</h2> <p>Android 9 is the release of the development milestone code-named P. The source code for the following tests, including tests for instant apps, can be synced with the -'android-cts-9.0_r1' tag in the open-source tree.</p> +'android-cts-9.0_r2' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-9.0_r1-linux_x86-arm.zip">Android -9.0 R1 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-9.0_r2-linux_x86-arm.zip">Android +9.0 R2 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-9.0_r1-linux_x86-x86.zip">Android -9.0 R1 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-9.0_r2-linux_x86-x86.zip">Android +9.0 R2 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-9.0_r1-linux_x86-arm.zip">Android -9.0 R1 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-9.0_r2-linux_x86-arm.zip">Android +9.0 R2 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-9.0_r1-linux_x86-x86.zip">Android -9.0 R1 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-9.0_r2-linux_x86-x86.zip">Android +9.0 R2 CTS Verifier - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts_instant-9.0_r1-linux_x86-arm.zip">Android -9.0 R1 CTS for Instant Apps - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts_instant-9.0_r2-linux_x86-arm.zip">Android +9.0 R2 CTS for Instant Apps - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts_instant-9.0_r1-linux_x86-x86.zip">Android -9.0 R1 CTS for Instant Apps - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts_instant-9.0_r2-linux_x86-x86.zip">Android +9.0 R2 CTS for Instant Apps - x86</a></li> </ul> <h2 id="android-81">Android 8.1</h2> <p>Android 8.1 is the release of the development milestone code-named Oreo-MR1. The source code for the following tests can be synced with the -'android-cts-8.1_r8' tag in the open-source tree.</p> +'android-cts-8.1_r9' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-8.1_r8-linux_x86-arm.zip">Android -8.1 R8 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-8.1_r9-linux_x86-arm.zip">Android +8.1 R9 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-8.1_r8-linux_x86-x86.zip">Android -8.1 R8 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-8.1_r9-linux_x86-x86.zip">Android +8.1 R9 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.1_r8-linux_x86-arm.zip">Android -8.1 R8 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.1_r9-linux_x86-arm.zip">Android +8.1 R9 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.1_r8-linux_x86-x86.zip">Android -8.1 R8 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.1_r9-linux_x86-x86.zip">Android +8.1 R9 CTS Verifier - x86</a></li> </ul> <h2 id="android-80">Android 8.0</h2> <p>Android 8.0 is the release of the development milestone code-named Oreo. The source code for the following tests can be synced with the -'android-cts-8.0_r12' tag in the open-source tree.</p> +'android-cts-8.0_r13' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-8.0_r12-linux_x86-arm.zip">Android -8.0 R12 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-8.0_r13-linux_x86-arm.zip">Android +8.0 R13 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-8.0_r12-linux_x86-x86.zip">Android -8.0 R12 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-8.0_r13-linux_x86-x86.zip">Android +8.0 R13 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r12-linux_x86-arm.zip">Android -8.0 R12 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r13-linux_x86-arm.zip">Android +8.0 R13 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r12-linux_x86-x86.zip">Android -8.0 R12 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-8.0_r13-linux_x86-x86.zip">Android +8.0 R13 CTS Verifier - x86</a></li> </ul> <h2 id="android-71">Android 7.1</h2> <p>Android 7.1 is the release of the development milestone code-named Nougat-MR1. The source code for the following tests can be synced with the -'android-cts-7.1_r20' tag in the open-source tree.</p> +'android-cts-7.1_r21' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.1_r20-linux_x86-arm.zip">Android -7.1 R20 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.1_r21-linux_x86-arm.zip">Android +7.1 R21 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.1_r20-linux_x86-x86.zip">Android -7.1 R20 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.1_r21-linux_x86-x86.zip">Android +7.1 R21 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r20-linux_x86-arm.zip">Android -7.1 R20 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r21-linux_x86-arm.zip">Android +7.1 R21 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r20-linux_x86-x86.zip">Android -7.1 R20 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r21-linux_x86-x86.zip">Android +7.1 R21 CTS Verifier - x86</a></li> </ul> <h2 id="android-70">Android 7.0</h2> <p>Android 7.0 is the release of the development milestone code-named Nougat. The source code for the following tests can be synced with the -'android-cts-7.0_r24' tag in the open-source tree.</p> +'android-cts-7.0_r25' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.0_r24-linux_x86-arm.zip">Android -7.0 R24 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.0_r25-linux_x86-arm.zip">Android +7.0 R25 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.0_r24-linux_x86-x86.zip">Android -7.0 R24 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.0_r25-linux_x86-x86.zip">Android +7.0 R25 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r24-linux_x86-arm.zip">Android -7.0 R24 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r25-linux_x86-arm.zip">Android +7.0 R25 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r24-linux_x86-x86.zip">Android -7.0 R24 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r25-linux_x86-x86.zip">Android +7.0 R25 CTS Verifier - x86</a></li> </ul> <h2 id="android-60">Android 6.0</h2> <p>Android 6.0 is the release of the development milestone code-named Marshmallow. The source code for the following tests can be synced with the -'android-cts-6.0_r31' tag in the open-source tree.</p> +'android-cts-6.0_r32' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-6.0_r31-linux_x86-arm.zip">Android -6.0 R31 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-6.0_r32-linux_x86-arm.zip">Android +6.0 R32 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-6.0_r31-linux_x86-x86.zip">Android -6.0 R31 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-6.0_r32-linux_x86-x86.zip">Android +6.0 R32 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r31-linux_x86-arm.zip">Android -6.0 R31 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r32-linux_x86-arm.zip">Android +6.0 R32 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r31-linux_x86-x86.zip">Android -6.0 R31 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r32-linux_x86-x86.zip">Android +6.0 R32 CTS Verifier - x86</a></li> </ul> <h2 id="android-51">Android 5.1</h2> diff --git a/en/compatibility/cts/index.html b/en/compatibility/cts/index.html index eda91ff2..52c5c8a0 100644 --- a/en/compatibility/cts/index.html +++ b/en/compatibility/cts/index.html @@ -26,7 +26,7 @@ <h2 id="how-does-the-cts-work">How does the CTS work?</h2> <p>The Compatibility Test Suite (CTS) is a free, commercial-grade test suite, -available for <a href="downloads.html">download</a>. The CTS represents the +available for <a href="/compatibility/cts/downloads">download</a>. The CTS represents the "mechanism" of compatibility.</p> <p>The CTS runs on a desktop machine and executes test cases directly on @@ -40,17 +40,17 @@ development process.</p> <p>The CTS is an automated testing harness that includes two major software components:</p> <ul> <li> -<p>The CTS tradefed test harness runs on your desktop machine and manages test execution.</p> +The CTS tradefed test harness runs on your desktop machine and manages test execution. </li> <li> -<p>Individual test cases are executed on the Device Under Test (DUT). The test +Individual test cases are executed on the Device Under Test (DUT). The test cases are written in Java as JUnit tests and packaged as -Android .apk files to run on the actual device target.</p> +Android .apk files to run on the actual device target. </li> </ul> <p>The Compatibility Test Suite Verifier (CTS Verifier) is a supplement to the -CTS available for <a href="downloads.html">download</a>. CTS Verifier +CTS available for <a href="/compatibility/cts/downloads">download</a>. CTS Verifier provides tests for APIs and functions that cannot be tested on a stationary device without manual input (e.g. audio quality, accelerometer, etc).</p> @@ -69,33 +69,35 @@ app.</p> <h2 id="workflow">Workflow</h2> <div class="attempt-right" style="width:383px"> - <img src="images/cts-0.png" alt="CTS flow" height="340px" id="figure1" /> + <img src="/compatibility/cts/images/cts-0.png" alt="CTS flow" height="340px" id="figure1" /> <p class="img-caption"> <strong>Figure 1.</strong> How to use CTS </p> </div> <p>This diagram summarizes CTS workflow. Please refer to the subpages of this -section starting with <a href="setup.html">Setup</a> for detailed +section starting with <a href="/compatibility/cts/setup">Setup</a> for detailed instructions.</p> <h2 id="types-of-test-cases">Types of test cases</h2> <p>The CTS includes the following types of test cases:</p> <ul> <li> -<p><em>Unit tests</em> test atomic units of code within the Android platform; e.g. a single class, such as java.util.HashMap.</p> +<em>Unit tests</em> test atomic units of code within the Android platform; +e.g. a single class, such as java.util.HashMap. </li> <li> <p><em>Functional tests</em> test a combination of APIs together in a higher-level use-case.</p> </li> </ul> -<p>Future versions of the CTS will include the following types of test cases:</p> +Future versions of the CTS will include the following types of test cases: <ul> <li> -<p><em>Robustness tests</em> test the durability of the system under stress.</p> +<em>Robustness tests</em> test the durability of the system under stress. </li> <li> -<p><em>Performance tests</em> test the performance of the system against defined benchmarks, for example rendering frames per second.</p> +<em>Performance tests</em> test the performance of the system against defined benchmarks, +for example rendering frames per second. </li> </ul> <h2 id="areas-covered">Areas covered</h2> @@ -110,11 +112,18 @@ instructions.</p> <tbody> <tr> <td>Signature tests</td> -<td>For each Android release, there are XML files describing the signatures of all public APIs contained in the release. The CTS contains a utility to check those API signatures against the APIs available on the device. The results from signature checking are recorded in the test result XML file.</td> +<td>For each Android release, there are XML files describing the signatures of all +public APIs contained in the release. The CTS contains a utility to check those API +signatures against the APIs available on the device. The results from signature +checking are recorded in the test result XML file.</td> </tr> <tr> <td>Platform API Tests</td> -<td>Test the platform (core libraries and Android Application Framework) APIs as documented in the SDK <a href="https://developer.android.com/reference/classes.html">Class Index</a> to ensure API correctness, including correct class, attribute and method signatures, correct method behavior, and negative tests to ensure expected behavior for incorrect parameter handling.</td> +<td>Test the platform (core libraries and Android Application Framework) APIs as documented +in the SDK <a href="https://developer.android.com/reference/classes">Class Index</a> to +ensure API correctness, including correct class, attribute and method signatures, +correct method behavior, and negative tests to ensure expected behavior for +incorrect parameter handling.</td> </tr> <tr> <td>Dalvik Tests</td> @@ -122,19 +131,30 @@ instructions.</p> </tr> <tr> <td>Platform Data Model</td> -<td>The CTS tests the core platform data model as exposed to application developers through content providers, as documented in the SDK <a href="https://developer.android.com/reference/android/provider/package-summary.html">android.provider</a> package: contacts, browser, settings, etc.</td> +<td>The CTS tests the core platform data model as exposed to application developers +through content providers, as documented in the +SDK <a href="https://developer.android.com/reference/android/provider/package-summary"> +android.provider</a> package: contacts, browser, settings, etc.</td> </tr> <tr> <td>Platform Intents</td> -<td>The CTS tests the core platform intents, as documented in the SDK <a href="https://developer.android.com/guide/appendix/g-app-intents.html">Available Intents</a>.</td> +<td>The CTS tests the core platform intents, as documented in the +SDK <a href="https://developer.android.com/guide/appendix/g-app-intents"> +Available Intents</a>.</td> </tr> <tr> <td>Platform Permissions</td> -<td>The CTS tests the core platform permissions, as documented in the SDK <a href="https://developer.android.com/reference/android/Manifest.permission.html">Available Permissions</a>.</td> +<td>The CTS tests the core platform permissions, as documented in the +SDK <a href="https://developer.android.com/reference/android/Manifest.permission"> +Available Permissions</a>.</td> </tr> <tr> <td>Platform Resources</td> -<td>The CTS tests for correct handling of the core platform resource types, as documented in the SDK <a href="https://developer.android.com/guide/topics/resources/available-resources.html">Available Resource Types</a>. This includes tests for: simple values, drawables, nine-patch, animations, layouts, styles and themes, and loading alternate resources.</td> +<td>The CTS tests for correct handling of the core platform resource types, +as documented in the +SDK <a href="https://developer.android.com/guide/topics/resources/available-resources"> +Available Resource Types</a>. This includes tests for: simple values, drawables, nine-patch, +animations, layouts, styles and themes, and loading alternate resources.</td> </tr> </tbody> </table> diff --git a/en/compatibility/cts/pkcs15-commands.txt b/en/compatibility/cts/pkcs15-commands.txt index 1c8f4a3e..881efd5a 100644 --- a/en/compatibility/cts/pkcs15-commands.txt +++ b/en/compatibility/cts/pkcs15-commands.txt @@ -40,7 +40,7 @@ Commands for PKCS#15 00 E0 00 00 1D 62 1B 82 02 41 21 83 02 42 00 8A 01 03 8B 03 6F 06 01 80 02 00 12 88 00 A5 03 C0 01 40 #Create ADF File 4300 -00 E0 00 00 1D 62 1B 82 02 41 21 83 02 43 00 8A 01 03 8B 03 6F 06 01 80 02 00 E0 88 00 A5 03 C0 01 40 +00 E0 00 00 1D 62 1B 82 02 41 21 83 02 43 00 8A 01 03 8B 03 6F 06 01 80 02 01 DC 88 00 A5 03 C0 01 40 #Create ADF File 4310 00 E0 00 00 1D 62 1B 82 02 41 21 83 02 43 10 8A 01 03 8B 03 6F 06 01 80 02 00 02 88 00 A5 03 C0 01 40 diff --git a/en/compatibility/cts/secure-element.md b/en/compatibility/cts/secure-element.md index a5e486e3..86f8d68f 100644 --- a/en/compatibility/cts/secure-element.md +++ b/en/compatibility/cts/secure-element.md @@ -100,7 +100,7 @@ applet with the following application identifiers (AIDs): <thead> <tr> <th>Transmit APDU</th> - <th>Status Word</th> + <th>Status word</th> <th>Data</th> </tr> </thead> @@ -431,21 +431,59 @@ applet with the following application identifiers (AIDs): that is the same as input APDU, except the first byte is 0x01 instead of 0x00.</small> </li> - <li>The applet should return segmented responses of size 2048 bytes for - commands a,b,c,d, f and g whereas 32767 bytes for APDU(e), with last - data byte being 0xFF and success status word <0x9000> for the following - APDUs: - <ol> - <li>0x00C2080000</li> - <li>0x00C4080002123400</li> - <li>0x00C6080000</li> - <li>0x00C8080002123400</li> - <li>0x00C27FFF00</li> - <li>0x00CF080000</li> - <li>0x94C2080000</li> - </ol> + <li>The applet should return segmented responses with <code>0xFF</code> + as the last data byte and have the respective status words and response + lengths for the following APDUs. + + <table> + <thead> + <tr> + <th>APDU</th> + <th>Status word</th> + <th>Response length (bytes)</th> + </tr> + </thead> + <tbody> + <tr> + <td>0x00C2080000</td> + <td>0x9000</td> + <td>2048</td> + </tr> + <tr> + <td>0x00C4080002123400</td> + <td>0x9000</td> + <td>2048</td> + </tr> + <tr> + <td>0x00C6080000</td> + <td>0x9000</td> + <td>2048</td> + </tr> + <tr> + <td>0x00C8080002123400</td> + <td>0x9000</td> + <td>2048</td> + </tr> + <tr> + <td>0x00C27FFF00</td> + <td>0x9000</td> + <td>2048</td> + </tr> + <tr> + <td>0x00CF080000</td> + <td>0x9000</td> + <td>32767</td> + </tr> + <tr> + <td>0x94C2080000</td> + <td>0x9000</td> + <td>2048</td> + </tr> + </tbody> + </table> </li> - <li>The applet should return success status word <0x9000> for the given + <li>The applet should return success status word <code>0x9000</code> for + the given APDU: 0x00F40000</li> </ol> <li>A000000476416E64726F696443545332 diff --git a/en/devices/_translation.yaml b/en/devices/_translation.yaml index 64e32fca..32d1e74b 100644 --- a/en/devices/_translation.yaml +++ b/en/devices/_translation.yaml @@ -1,4 +1,4 @@ -enable_continuous_translation: True +enable_continuous_translation: true title: Android Open Source Project Devices tab description: Translations for SAC devices tab language: diff --git a/en/devices/accessories/index.html b/en/devices/accessories/index.html index ec9ded65..787309c0 100644 --- a/en/devices/accessories/index.html +++ b/en/devices/accessories/index.html @@ -29,7 +29,7 @@ that extend Android capabilities in a wide range of Android-powered devices. <div class="layout-content-row"> <div class="layout-content-col span-6"> - <h4 id="audio-accessories">Audio Accessories</h4> + <h4 id="audio-accessories">Audio accessories</h4> <p>Android supports local on-device audio and remote off-device audio over a wired 3.5 mm headset jack, USB connection, or Bluetooth. Manufacturers should see the <a @@ -41,7 +41,7 @@ that extend Android capabilities in a wide range of Android-powered devices. </div> <div class="layout-content-col span-6"> - <h4 id="custom-accessories">Custom Accessories</h4> + <h4 id="custom-accessories">Custom accessories</h4> <p>What do you want to connect to your Android device? Alarm clock? Keyboard? Thermostat? Robot? Learn how to connect existing equipment or your own unique hardware to Android using the Android Open Accessory diff --git a/en/devices/architecture/hidl/threading.html b/en/devices/architecture/hidl/threading.html index 26c2cc12..fef555ad 100644 --- a/en/devices/architecture/hidl/threading.html +++ b/en/devices/architecture/hidl/threading.html @@ -112,7 +112,7 @@ concurrently with future calls from the client (unless the server threadpool has only one thread).</p> <p>In addition to synchronous callbacks, <code>oneway</code> calls from a -single-threadedclient may be handled concurrently by a server with multiple +single-threaded client may be handled concurrently by a server with multiple threads in its threadpool, but only if those <code>oneway</code> calls are executed on different interfaces. <code>oneway</code> calls on the same interface are always serialized.</p> @@ -164,9 +164,9 @@ and does not wait for the server to complete its function call invocation. At th surface (and in aggregate), this means the function call takes half the time because it is executing half the code, but when writing implementations that are performance sensitive, this has some scheduling implications. Normally, -using a oneway call causes the callee to continue to be scheduled whereas +using a oneway call causes the caller to continue to be scheduled whereas using a normal synchronous call causes the scheduler to immediately transfer -from the callee to the caller process. This is a performance optimization in +from the caller to the callee process. This is a performance optimization in binder. For services where the oneway call must be executed in the target process with a high priority, the scheduling policy of the receiving service can be changed. In C++, using <code>libhidltransport</code>'s method diff --git a/en/devices/audio/latency/design.html b/en/devices/audio/latency/design.html index 59ab47e0..acbcc382 100644 --- a/en/devices/audio/latency/design.html +++ b/en/devices/audio/latency/design.html @@ -34,7 +34,7 @@ SoC vendors implement the design correctly on their particular devices and chipsets. This article is not intended for application developers. </p> -<h2 id="trackCreation">Track Creation</h2> +<h2 id="trackCreation">Track creation</h2> <p> The client can optionally set bit <code>AUDIO_OUTPUT_FLAG_FAST</code> in the @@ -83,7 +83,7 @@ If the client's request was accepted, it is called a "fast track." Otherwise it's called a "normal track." </p> -<h2 id="mixerThreads">Mixer Threads</h2> +<h2 id="mixerThreads">Mixer threads</h2> <p> At the time AudioFlinger creates a normal mixer thread, it decides diff --git a/en/devices/input/input-device-configuration-files.html b/en/devices/input/input-device-configuration-files.html index 97234ab0..c99d1f7c 100644 --- a/en/devices/input/input-device-configuration-files.html +++ b/en/devices/input/input-device-configuration-files.html @@ -106,7 +106,7 @@ touch.orientationAware = 1 # Additional calibration properties... # etc... </pre> -<h2 id="common-properties">Common Properties</h2> +<h2 id="common-properties">Common properties</h2> <p>The following property is common to all input device classes.</p> <p>Refer to the documentation of each input device class for information about the special properties used by each class.</p> diff --git a/en/devices/input/key-layout-files.html b/en/devices/input/key-layout-files.html index 823770a5..be58e7e1 100644 --- a/en/devices/input/key-layout-files.html +++ b/en/devices/input/key-layout-files.html @@ -61,7 +61,7 @@ in the device name other than '0'-'9', 'a'-'z', 'A'-'Z', '-' or '_' are replaced by '_'.</p> -<h2 id="generic-key-layout-file">Generic Key Layout File</h2> +<h2 id="generic-key-layout-file">Generic key layout file</h2> <p>The system provides a special built-in generic key layout file called <code>Generic.kl</code>. This key layout is intended to support a variety of standard external keyboards and joysticks. <strong>Do not modify the generic key @@ -71,7 +71,7 @@ layout!</strong></p> <p>A key layout file is a plain text file consisting of key or axis declarations and flags.</p> -<h3 id="key-declarations">Key Declarations</h3> +<h3 id="key-declarations">Key declarations</h3> <p>Key declarations consist of the keyword <code>key</code> followed by a Linux key code number and Android key code name, or the keyword usage followed by a HID usage and Android key code name. The HID usage is represented as a 32-bit @@ -95,12 +95,12 @@ adjacent to the main touch screen. This causes special debouncing logic to be enabled (see below).</li> </ul> -<h3 id="axis-declarations">Axis Declarations</h3> +<h3 id="axis-declarations">Axis declarations</h3> <p>Axis declarations each consist of the keyword <code>axis</code> followed by a Linux axis code number and qualifiers that control the behavior of the axis including at least one Android axis code name.</p> -<h4 id="basic-axes">Basic Axes</h4> +<h4 id="basic-axes">Basic axes</h4> <p>A basic axis simply maps a Linux axis code to an Android axis code name. The following declaration maps <code>ABS_X</code> (indicated by <code>0x00</code>) to <code>AXIS_X</code> (indicated by <code>X</code>).</p> @@ -110,7 +110,7 @@ axis 0x00 X <p>In the above example, if the value of <code>ABS_X</code> is <code>5</code> then <code>AXIS_X</code> is set to <code>5</code>.</p> -<h4 id="split-axes">Split Axes</h4> +<h4 id="split-axes">Split axes</h4> <p>A split axis maps a Linux axis code to two Android axis code names, such that values less than or greater than a threshold are split across two different axes when mapped. This mapping is useful when a single physical axis reported by the @@ -130,7 +130,7 @@ of <code>ABS_Y</code> is <code>0x83</code> then <code>AXIS_GAS</code> is set to the split value of <code>0x7f</code> then both <code>AXIS_GAS</code> and <code>AXIS_BRAKE</code> are set to <code>0</code>.</p> -<h4 id="inverted-axes">Inverted Axes</h4> +<h4 id="inverted-axes">Inverted axes</h4> <p>An inverted axis inverts the sign of the axis value. The following declaration maps <code>ABS_RZ</code> (indicated by <code>0x05</code>) to <code>AXIS_BRAKE</code> (indicated by <code>BRAKE</code>), and inverts the @@ -141,7 +141,7 @@ axis 0x05 invert BRAKE <p>In the above example, if the value of <code>ABS_RZ</code> is <code>2</code> then <code>AXIS_BRAKE</code> is set to <code>-2</code>.</p> -<h4 id="center-flat-option">Center Flat Option</h4> +<h4 id="center-flat-option">Center flat option</h4> <p> A joystick device may report input events even when the joystick is not being used, due to noise. This noise typically comes from the left and/or right sticks, and causes the driver to report a position value near 0. @@ -200,7 +200,7 @@ key 14 DEL # etc... </pre> -<h4 id="system-controls">System Controls</h4> +<h4 id="system-controls">System controls</h4> <pre class="devsite-click-to-copy"> # This is an example of a key layout file for basic system controls, # such as volume and power keys which are typically implemented as GPIO pins @@ -211,7 +211,7 @@ key 115 VOLUME_UP key 116 POWER </pre> -<h4 id="capacitive-buttons">Capacitive Buttons</h4> +<h4 id="capacitive-buttons">Capacitive buttons</h4> <pre class="devsite-click-to-copy"> # This is an example of a key layout file for a touch device with capacitive buttons. @@ -221,7 +221,7 @@ key 158 BACK VIRTUAL key 217 SEARCH VIRTUAL </pre> -<h4 id="headset-jack-media-controls">Headset Jack Media Controls</h4> +<h4 id="headset-jack-media-controls">Headset jack media controls</h4> <pre class="devsite-click-to-copy"> # This is an example of a key layout file for headset mounted media controls. # A typical headset jack interface might have special control wires or detect known @@ -269,7 +269,7 @@ axis 0x10 HAT_X axis 0x11 HAT_Y </pre> -<h2 id="virtual-soft-keys">Virtual Soft Keys</h2> +<h2 id="virtual-soft-keys">Virtual soft keys</h2> <p>The input system provides special features for implementing virtual soft keys in the following use cases:</p> <ol> diff --git a/en/devices/tech/config/namespaces_libraries.html b/en/devices/tech/config/namespaces_libraries.html index 1e94bf1b..5dae4b07 100644 --- a/en/devices/tech/config/namespaces_libraries.html +++ b/en/devices/tech/config/namespaces_libraries.html @@ -54,11 +54,43 @@ with <code>libpng</code>). libraries</h2> <p> -In addition to standard public native libraries, vendors may choose to provide -additional native libraries accessible to apps by putting them under the -<code>/vendor</code> library folder (/vendor/lib for 32 bit libraries and, -/vendor/lib64 for 64 bit) and listing them in: -<code>/vendor/etc/public.libraries.txt</code> +In addition to standard public native libraries, silicon vendors (starting from Android 7.0) and +device manufactures (starting from Android 9) may choose to provide additional native libraries +accessible to apps by putting them under the respective library folders and explicitly listing them +in .txt files. +</p> + +<p>The library folders are:</p> +<ul> + <li><code>/vendor/lib</code> (for 32-bit) and <code>/vendor/lib64</code> (for 64-bit) + for libraries from silicon vendors</li> + <li><code>/system/lib</code> (for 32-bit) and <code>/system/lib64</code> (for 64-bit) + for libraries from device manufacturers</li> +<ul> + +<p>The .txt files are:</p> +<ul> + <li><code>/vendor/etc/public.libraries.txt</code> for libraries from silicon vendors</li> + <li><code>/system/etc/public.libraries-COMPANYNAME.txt</code> for libraries from device manufacturers, + where <code>COMPANYNAME</code> refers to a name of the manufacturer (such as + <code>awesome.company</code>). <code>COMPANYNAME</code> should match with + <code>[A-Za-z0-9_.-]+</code>; alphanumeric characters, _, . (dot) and -. It is possible to + have multiple such .txt files in a device if some libraries are from external solution + providers. +</ul> + +<p> + Native libraries in the <code>system</code> partition that are made public by device manufacturers + <strong>MUST</strong> be named <code>lib*COMPANYNAME.so</code>, e.g., <code>libFoo.awesome.company.so</code>. + In other words, <code>libFoo.so</code> without the company name suffix MUST NOT be made public. + The <code>COMPANYNAME</code> in the library file name MUST match with the <code>COMPANYNAME</code> in the + txt file name in which the library name is listed. +</p> + +<p> + Native libraries that are part of AOSP MUST NOT be made public (except the standard + public native libraries which are public by default). Only the additional libraries added by + silicon vendors or device manufacturers can be made accessible to apps. </p> <p> diff --git a/en/devices/tech/display/adaptive-icons.html b/en/devices/tech/display/adaptive-icons.html index 5d74b10c..31770a3a 100644 --- a/en/devices/tech/display/adaptive-icons.html +++ b/en/devices/tech/display/adaptive-icons.html @@ -109,7 +109,7 @@ class="prettyprint">public class Icon extends Parceleable { method public Bitmap createWithAdaptiveBitmap(); }</pre> - <h2>Reference Implementation</h2> + <h2>Reference implementation</h2> <p> Nothing needs to be done to render the static adaptive icons on any of the System UI surfaces. When PackageManager returns a drawable, simply bind that to @@ -131,7 +131,7 @@ A recommended manual test case can be found at: platform/development/samples/AdaptiveIconSample/. </p> - <h2>Known Issues</h2> + <h2>Known issues</h2> <p> Known issues include the following: </p><ul> diff --git a/en/devices/tech/health/deprecation.md b/en/devices/tech/health/deprecation.md index fcaf711f..9a31cd5b 100644 --- a/en/devices/tech/health/deprecation.md +++ b/en/devices/tech/health/deprecation.md @@ -49,21 +49,21 @@ To do so: 1. Remove `healthd` and `healthd.rc` from the system image by adding the following line to the device-specific implementation in Soong: - ``` - cc_binary { - name: "android.hardware.health@2.0-service.device_name" - overrides: ["healthd"], - // ... - } - ``` - - Or, if the module is in Make: - - ```yaml - LOCAL_MODULE_NAME := \ - android.hardware.health@2.0-service.device_name - LOCAL_OVERRIDES_MODULES := healthd - ``` + ``` + cc_binary { + name: "android.hardware.health@2.0-service.device_name" + overrides: ["healthd"], + // ... + } + ``` + + Or, if the module is in Make: + + ```yaml + LOCAL_MODULE_NAME := \ + android.hardware.health@2.0-service.device_name + LOCAL_OVERRIDES_MODULES := healthd + ``` If the default implementation `android.hardware.health@2.0-service` is installed, implement a device-specific diff --git a/en/devices/tech/settings/info-architecture.html b/en/devices/tech/settings/info-architecture.html index d0f027de..48f74bfe 100644 --- a/en/devices/tech/settings/info-architecture.html +++ b/en/devices/tech/settings/info-architecture.html @@ -103,7 +103,7 @@ single host fragment and multiple setting controllers. <p> <code>DashboardFragment</code> is the host of plugin-style preference controllers. The fragment inherits from <code>PreferenceFragment</code> and has hooks to -inflate and update both static preference lists and dynamic preference lists. +expand and update both static preference lists and dynamic preference lists. </p> <h3 id="static-preferences">Static preferences</h3> diff --git a/en/security/_toc-bulletins.yaml b/en/security/_toc-bulletins.yaml index 6363024c..b3f51c04 100644 --- a/en/security/_toc-bulletins.yaml +++ b/en/security/_toc-bulletins.yaml @@ -11,6 +11,8 @@ toc: section: - title: 2018 Bulletins section: + - title: October + path: /security/bulletin/2018-10-01 - title: September path: /security/bulletin/2018-09-01 - title: August @@ -107,6 +109,8 @@ toc: path: /security/bulletin/pixel/index - title: 2018 Bulletins section: + - title: October + path: /security/bulletin/pixel/2018-10-01 - title: September path: /security/bulletin/pixel/2018-09-01 - title: August diff --git a/en/security/_translation.yaml b/en/security/_translation.yaml index 67867a6b..858045e0 100644 --- a/en/security/_translation.yaml +++ b/en/security/_translation.yaml @@ -1,6 +1,6 @@ ignore_paths: - /security/bulletin/... -enable_continuous_translation: True +enable_continuous_translation: true title: Android Open Source Project Security tab description: Translations for SAC Security tab language: diff --git a/en/security/apksigning/v3.html b/en/security/apksigning/v3.html index e5b85947..f15428e6 100644 --- a/en/security/apksigning/v3.html +++ b/en/security/apksigning/v3.html @@ -139,13 +139,13 @@ should be as trusted as the older key(s). </p> <p> The self-trusted-old-certs data structure is constructed by adding flags to each -node indicating its membership, and properties, in the set. For example, a flag +node indicating its membership and properties in the set. For example, a flag may be present indicating that the signing certificate at a given node is -trusted for obtaining Android signature permissions, so that other apps which -are signed by it still may be granted that permission, even though they are now -behind the defining app. Because the whole proof-of-rotation attribute resides -in the signed data section of the v3 <code>signer</code> field, it is protected -by the key used to sign the containing apk. +trusted for obtaining Android signature permissions. This flag allows other apps +signed by the older certificate to still be granted a signature permission +defined by an app signed with the new signing certificate. Because the whole +proof-of-rotation attribute resides in the signed data section of the v3 +<code>signer</code> field, it is protected by the key used to sign the containing apk. </p> <p> This format precludes <a href="#multiple-certificates">multiple signing keys</a> @@ -192,7 +192,7 @@ ordering becomes a concern. What's more, it is no longer possible to sign APKs independently, because the proof-of-rotation structure must have the old signing certs signing the new set of certs, rather than signing them one-by-one. For example, an APK signed by key A that wishes to be signed by two new keys B and C -could not have the B signer just include a signature by A of B, because that is +could not have the B signer just include a signature by A or B, because that is a different signing identity than B and C. This would mean that the signers must coordinate before building up such a struct. </p> diff --git a/en/security/bulletin/2018-09-01.html b/en/security/bulletin/2018-09-01.html index 8275bbcf..5c5699ff 100644 --- a/en/security/bulletin/2018-09-01.html +++ b/en/security/bulletin/2018-09-01.html @@ -129,7 +129,7 @@ href="https://android.googlesource.com/platform/libcore/+/518e8d27de9f32eb86bc30 class="external">A-110955991</a></td> <td>EoP</td> <td>High</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> </table> @@ -159,7 +159,7 @@ href="https://android.googlesource.com/platform/frameworks/base/+/623b2b604c4ffc class="external">A-109824443</a></td> <td>EoP</td> <td>High</td> - <td>7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9470</td> @@ -168,7 +168,7 @@ href="https://android.googlesource.com/platform/external/neven/+/86a561f79f97baa class="external">A-78290481</a></td> <td>EoP</td> <td>High</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9471</td> @@ -177,7 +177,7 @@ href="https://android.googlesource.com/platform/frameworks/base/+/eabaff1c7f0290 class="external">A-77599679</a></td> <td>EoP</td> <td>High</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> </table> @@ -236,7 +236,7 @@ href="https://android.googlesource.com/platform/frameworks/base/+/586b9102f32273 class="external">A-77600398</a></td> <td>EoP</td> <td>High</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9440</td> @@ -248,7 +248,7 @@ href="https://android.googlesource.com/platform/frameworks/av/+/2870acaa4c58cf59 class="external">2</a>]</td> <td>DoS</td> <td>Moderate</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> </table> @@ -278,7 +278,7 @@ href="https://android.googlesource.com/platform/system/bt/+/43cd528a444d0cc5bbf3 class="external">A-79266386</a></td> <td>EoP</td> <td>Critical</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9478</td> @@ -287,7 +287,7 @@ href="https://android.googlesource.com/platform/system/bt/+/68688194eade113ad316 class="external">A-79217522</a></td> <td>EoP</td> <td>Critical</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9479</td> @@ -296,7 +296,7 @@ href="https://android.googlesource.com/platform/system/bt/+/68688194eade113ad316 class="external">A-79217770</a></td> <td>EoP</td> <td>Critical</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9456</td> @@ -323,7 +323,7 @@ href="https://android.googlesource.com/platform/system/bt/+/75c22982624fb530bc1d class="external">A-109757168</a></td> <td>ID</td> <td>High</td> - <td>8.0, 8.1, 9.0</td> + <td>8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9481</td> @@ -332,7 +332,7 @@ href="https://android.googlesource.com/platform/system/bt/+/75c22982624fb530bc1d class="external">A-109757435</a></td> <td>ID</td> <td>High</td> - <td>8.0, 8.1, 9.0</td> + <td>8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9482</td> @@ -341,7 +341,7 @@ href="https://android.googlesource.com/platform/system/bt/+/75c22982624fb530bc1d class="external">A-109757986</a></td> <td>ID</td> <td>High</td> - <td>8.0, 8.1, 9.0</td> + <td>8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9483</td> @@ -350,7 +350,7 @@ href="https://android.googlesource.com/platform/system/bt/+/d3689fb0ddcdede16c13 class="external">A-110216173</a></td> <td>ID</td> <td>High</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9484</td> @@ -359,7 +359,7 @@ href="https://android.googlesource.com/platform/system/bt/+/d5b44f6522c3294d6f5f class="external">A-79488381</a></td> <td>ID</td> <td>High</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9485</td> @@ -368,7 +368,7 @@ href="https://android.googlesource.com/platform/system/bt/+/bdbabb2ca4ebb4dc5971 class="external">A-80261585</a></td> <td>ID</td> <td>High</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9486</td> @@ -377,7 +377,7 @@ href="https://android.googlesource.com/platform/system/bt/+/bc6aef4f29387d07e0c6 class="external">A-80493272</a></td> <td>ID</td> <td>High</td> - <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9487</td> @@ -386,7 +386,7 @@ href="https://android.googlesource.com/platform/frameworks/base/+/cf6784bfbf713a class="external">A-69873852</a></td> <td>DoS</td> <td>High</td> - <td>8.0, 8.1, 9.0</td> + <td>8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9488</td> @@ -395,7 +395,7 @@ href="https://android.googlesource.com/platform/system/sepolicy/+/d4e094e2b1a47c class="external">A-110107376</a></td> <td>EoP</td> <td>Moderate</td> - <td>8.0, 8.1, 9.0</td> + <td>8.0, 8.1, 9</td> </tr> </table> @@ -425,7 +425,7 @@ href="https://android.googlesource.com/platform/system/libhidl/+/93484b9b015d47c class="external">A-79376389</a></td> <td>RCE</td> <td>Critical</td> - <td>8.0, 8.1, 9.0</td> + <td>8.0, 8.1, 9</td> </tr> <tr> <td>CVE-2018-9427</td> @@ -434,7 +434,7 @@ href="https://android.googlesource.com/platform/frameworks/av/+/29d991fac25b261a class="external">A-77486542</a></td> <td>RCE</td> <td>Critical</td> - <td>8.0, 8.1, 9.0</td> + <td>8.0, 8.1, 9</td> </tr> </table> diff --git a/en/security/bulletin/2018-10-01.html b/en/security/bulletin/2018-10-01.html new file mode 100644 index 00000000..53b700fd --- /dev/null +++ b/en/security/bulletin/2018-10-01.html @@ -0,0 +1,550 @@ +<html devsite> + <head> + <title>Android Security Bulletin—October 2018</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2018 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + //www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> +<p><em>Published October 1, 2018 | Updated October 1, 2018</em></p> + +<p> +The Android Security Bulletin contains details of security vulnerabilities +affecting Android devices. Security patch levels of 2018-10-05 or later address +all of these issues. To learn how to check a device's security patch level, see +<a href="https://support.google.com/pixelphone/answer/4457705" + class="external">Check and update your Android version</a>. +</p> +<p> +Android partners are notified of all issues at least a month before +publication. Source code patches for these issues have been released to the +Android Open Source Project (AOSP) repository and linked from this bulletin. +This bulletin also includes links to patches outside of AOSP.</p> +<p> +The most severe of these issues is a critical security vulnerability in +Framework that could enable a remote attacker using a specially crafted file +to execute arbitrary code within the context of a privileged process. The +<a href="/security/overview/updates-resources.html#severity">severity +assessment</a> is based on the effect that exploiting the vulnerability would +possibly have on an affected device, assuming the platform and service +mitigations are turned off for development purposes or if successfully bypassed. +</p> +<p> +We have had no reports of active customer exploitation or abuse of these newly +reported issues. Refer to the +<a href="#mitigations">Android and Google Play Protect mitigations</a> +section for details on the +<a href="/security/enhancements/">Android security platform protections</a> +and Google Play Protect, which improve the security of the Android platform. +</p> +<p class="note"> +<strong>Note:</strong> Information on the latest over-the-air update (OTA) and +firmware images for Google devices is available in the +<a href="/security/bulletin/pixel/2018-10-01">October 2018 +Pixel / Nexus Security Bulletin</a>. +</p> + +<h2 id="mitigations">Android and Google service mitigations</h2> +<p> +This is a summary of the mitigations provided by the +<a href="/security/enhancements/">Android security platform</a> +and service protections such as +<a href="https://www.android.com/play-protect" class="external">Google Play +Protect</a>. These capabilities reduce the likelihood that security +vulnerabilities could be successfully exploited on Android. +</p> +<ul> +<li>Exploitation for many issues on Android is made more difficult by +enhancements in newer versions of the Android platform. We encourage all users +to update to the latest version of Android where possible.</li> +<li>The Android security team actively monitors for abuse through +<a href="https://www.android.com/play-protect" class="external">Google Play +Protect</a> and warns users about +<a href="/security/reports/Google_Android_Security_PHA_classifications.pdf">Potentially +Harmful Applications</a>. Google Play Protect is enabled by default on devices +with <a href="http://www.android.com/gms" class="external">Google Mobile +Services</a>, and is especially important for users who install apps from +outside of Google Play.</li> +</ul> +<h2 id="2018-10-01-details">2018-10-01 security patch level vulnerability details</h2> +<p> +In the sections below, we provide details for each of the security +vulnerabilities that apply to the 2018-10-01 patch level. Vulnerabilities are +grouped under the component they affect. There is a description of the +issue and a table with the CVE, associated references, +<a href="#type">type of vulnerability</a>, +<a href="/security/overview/updates-resources.html#severity">severity</a>, +and updated AOSP versions (where applicable). When available, we link the public +change that addressed the issue to the bug ID, such as the AOSP change list. When +multiple changes relate to a single bug, additional references are linked to +numbers following the bug ID. +</p> + + + +<h3 id="framework">Framework</h3> +<p>The most severe vulnerability in this section could enable a remote attacker +using a specially crafted file to execute arbitrary code within the context of +a privileged process.</p> + +<table> + <col width="21%"> + <col width="21%"> + <col width="14%"> + <col width="14%"> + <col width="30%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2018-9490</td> + <td><a href="https://android.googlesource.com/platform/external/chromium-libpac/+/948d4753664cc4e6b33cc3de634ac8fd5f781382">A-111274046</a> + [<a href="https://android.googlesource.com/platform/external/v8/+/a24543157ae2cdd25da43e20f4e48a07481e6ceb">2</a>]</td> + <td>EoP</td> + <td>Critical</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9491</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/2b4667baa5a2badbdfec1794156ee17d4afef37c">A-111603051</a></td> + <td>RCE</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9492</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/962fb40991f15be4f688d960aa00073683ebdd20">A-111934948</a></td> + <td>EoP</td> + <td>High</td> + <td>8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9493</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/462aaeaa616e0bb1342e8ef7b472acc0cbc93deb">A-111085900</a> + [<a href="https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/e7364907439578ce5334bce20bb03fef2e88b107">2</a>] + [<a href="https://android.googlesource.com/platform/frameworks/base/+/ebc250d16c747f4161167b5ff58b3aea88b37acf">3</a>]</td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9452</td> + <td><a href="https://android.googlesource.com/platform/frameworks/base/+/54f661b16b308cf38d1b9703214591c0f83df64d">A-78464361</a> + [<a href="https://android.googlesource.com/platform/frameworks/base/+/3b6f84b77c30ec0bab5147b0cffc192c86ba2634">2</a>]</td> + <td>DoS</td> + <td>Moderate</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> +</table> + + +<h3 id="media-framework">Media framework</h3> +<p>The most severe vulnerability in this section could enable a remote attacker +using a specially crafted file to execute arbitrary code within the context of +a privileged process.</p> + +<table> + <col width="21%"> + <col width="21%"> + <col width="14%"> + <col width="14%"> + <col width="30%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2018-9473</td> + <td><a href="https://android.googlesource.com/platform/external/libhevc/+/9f0fb67540d2259e4930d9bd5f1a1a6fb95af862">A-65484460</a></td> + <td>RCE</td> + <td>Critical</td> + <td>8.0</td> + </tr> + <tr> + <td>CVE-2018-9496</td> + <td><a href="https://android.googlesource.com/platform/external/libxaac/+/04e8cd58f075bec5892e369c8deebca9c67e855c">A-110769924</a></td> + <td>RCE</td> + <td>Critical</td> + <td>9</td> + </tr> + <tr> + <td>CVE-2018-9497</td> + <td><a href="https://android.googlesource.com/platform/external/libmpeg2/+/bef16671c891e16f25a7b174bc528eea109357be">A-74078669</a></td> + <td>RCE</td> + <td>Critical</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9498</td> + <td><a href="https://android.googlesource.com/platform/external/skia/+/77c955200ddd1761d6ed7a6c1578349fedbb55e4">A-78354855</a></td> + <td>RCE</td> + <td>Critical</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> + </tr> + <tr> + <td>CVE-2018-9499</td> + <td><a href="https://android.googlesource.com/platform/frameworks/av/+/bf7a67c33c0f044abeef3b9746f434b7f3295bb1">A-79218474</a></td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> +</table> + + +<h3 id="system">System</h3> +<p>The most severe vulnerability in this section could enable a proximate +attacker to execute arbitrary code within the context of a privileged +process.</p> + +<table> + <col width="21%"> + <col width="21%"> + <col width="14%"> + <col width="14%"> + <col width="30%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-13283</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/ebc284cf3a59ee5cf7c06af88c2f3bcd0480e3e9">A-78526423</a></td> + <td>RCE</td> + <td>Critical</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9476</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/dd28d8ddf2985d654781770c691c60b45d7f32b4">A-109699112</a></td> + <td>EoP</td> + <td>Critical</td> + <td>8.0, 8.1</td> + </tr> + <tr> + <td>CVE-2018-9504</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/11fb7aa03437eccac98d90ca2de1730a02a515e2">A-110216176</a></td> + <td>RCE</td> + <td>Critical</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9501</td> + <td><a href="https://android.googlesource.com/platform/packages/apps/Settings/+/5e43341b8c7eddce88f79c9a5068362927c05b54">A-110034419</a></td> + <td>EoP</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9502</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/92a7bf8c44a236607c146240f3c0adc1ae01fedf">A-111936792</a> + [<a href="https://android.googlesource.com/platform/system/bt/+/d4a34fefbf292d1e02336e4e272da3ef1e3eef85">2</a>] + [<a href="https://android.googlesource.com/platform/system/bt/+/9fe27a9b445f7e911286ed31c1087ceac567736b">3</a>]</td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9503</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/92a7bf8c44a236607c146240f3c0adc1ae01fedf">A-80432928</a> + [<a href="https://android.googlesource.com/platform/system/bt/+/d4a34fefbf292d1e02336e4e272da3ef1e3eef85">2</a>] + [<a href="https://android.googlesource.com/platform/system/bt/+/9fe27a9b445f7e911286ed31c1087ceac567736b">3</a>]</td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9505</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/5216e6120160b28d76e9ee4dff9995e772647511">A-110791536</a></td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9506</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/830cb39cb2a0f1bf6704d264e2a5c5029c175dd7">A-111803925</a></td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9507</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/30cec963095366536ca0b1306089154e09bfe1a9">A-111893951</a></td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9508</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/e8bbf5b0889790cf8616f4004867f0ff656f0551">A-111936834</a></td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1</td> + </tr> + <tr> + <td>CVE-2018-9509</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/198888b8e0163bab7a417161c63e483804ae8e31">A-111937027</a></td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9510</td> + <td><a href="https://android.googlesource.com/platform/system/bt/+/6e4b8e505173f803a5fc05abc09f64eef89dc308">A-111937065</a></td> + <td>ID</td> + <td>High</td> + <td>7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9</td> + </tr> + <tr> + <td>CVE-2018-9511</td> + <td><a href="https://android.googlesource.com/platform/system/netd/+/931418b16c7197ca2df34c2a5609e49791125abe">A-111650288</a></td> + <td>DoS</td> + <td>High</td> + <td>9</td> + </tr> +</table> + + +<h2 id="2018-10-05-details">2018-10-05 security patch level vulnerability details</h2> +<p> +In the sections below, we provide details for each of the security +vulnerabilities that apply to the 2018-10-05 patch level. Vulnerabilities are +grouped under the component they affect and include details such as the +CVE, associated references, <a href="#type">type of vulnerability</a>, +<a href="/security/overview/updates-resources.html#severity">severity</a>, +component (where applicable), and updated AOSP versions (where applicable). When +available, we link the public change that addressed the issue to the bug ID, +such as the AOSP change list. When multiple changes relate to a single bug, +additional references are linked to numbers following the bug ID. +</p> + + +<h3 id="kernel-components">Kernel components</h3> +<p>The most severe vulnerability in this section could enable a local malicious +application to execute arbitrary code within the context of a privileged +process.</p> + +<table> + <col width="21%"> + <col width="21%"> + <col width="14%"> + <col width="14%"> + <col width="30%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2018-9513</td> + <td>A-111081202<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>High</td> + <td>Fork</td> + </tr> + <tr> + <td>CVE-2018-9514</td> + <td>A-111642636<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>High</td> + <td>sdcardfs</td> + </tr> + <tr> + <td>CVE-2018-9515</td> + <td>A-111641492<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>High</td> + <td>sdcardfs</td> + </tr> +</table> + +<h2 id="common-questions-and-answers">Common questions and answers</h2> +<p>This section answers common questions that may occur after reading this +bulletin.</p> +<p><strong>1. How do I determine if my device is updated to address these +issues?</strong></p> +<p>To learn how to check a device's security patch level, see +<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices" + class="external">Check and update your Android version</a>.</p> +<ul> +<li>Security patch levels of 2018-10-01 or later address all issues associated +with the 2018-10-01 security patch level.</li> +<li>Security patch levels of 2018-10-05 or later address all issues associated +with the 2018-10-05 security patch level and all previous patch levels.</li> +</ul> +<p>Device manufacturers that include these updates should set the patch string +level to:</p> +<ul> + <li>[ro.build.version.security_patch]:[2018-10-01]</li> + <li>[ro.build.version.security_patch]:[2018-10-05]</li> +</ul> +<p><strong>2. Why does this bulletin have two security patch levels?</strong></p> +<p> +This bulletin has two security patch levels so that Android partners have the +flexibility to fix a subset of vulnerabilities that are similar across all +Android devices more quickly. Android partners are encouraged to fix all issues +in this bulletin and use the latest security patch level. +</p> +<ul> +<li>Devices that use the 2018-10-01 security patch level must include all +issues associated with that security patch level, as well as fixes for all +issues reported in previous security bulletins.</li> +<li>Devices that use the security patch level of 2018-10-05 or newer must +include all applicable patches in this (and previous) security +bulletins.</li> +</ul> +<p> +Partners are encouraged to bundle the fixes for all issues they are addressing +in a single update. +</p> +<p id="type"> +<strong>3. What do the entries in the <em>Type</em> column mean?</strong> +</p> +<p> +Entries in the <em>Type</em> column of the vulnerability details table +reference the classification of the security vulnerability. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Abbreviation</th> + <th>Definition</th> + </tr> + <tr> + <td>RCE</td> + <td>Remote code execution</td> + </tr> + <tr> + <td>EoP</td> + <td>Elevation of privilege</td> + </tr> + <tr> + <td>ID</td> + <td>Information disclosure</td> + </tr> + <tr> + <td>DoS</td> + <td>Denial of service</td> + </tr> + <tr> + <td>N/A</td> + <td>Classification not available</td> + </tr> +</table> +<p> +<strong>4. What do the entries in the <em>References</em> column mean?</strong> +</p> +<p> +Entries under the <em>References</em> column of the vulnerability details table +may contain a prefix identifying the organization to which the reference value +belongs. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Prefix</th> + <th>Reference</th> + </tr> + <tr> + <td>A-</td> + <td>Android bug ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm reference number</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek reference number</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA reference number</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom reference number</td> + </tr> +</table> +<p id="asterisk"> +<strong>5. What does a * next to the Android bug ID in the <em>References</em> +column mean?</strong> +</p> +<p> +Issues that are not publicly available have a * next to the Android bug ID in +the <em>References</em> column. The update for that issue is generally +contained in the latest binary drivers for Pixel / Nexus devices +available from the +<a href="https://developers.google.com/android/drivers" class="external">Google +Developer site</a>. +</p> +<p> +<strong>6. Why are security vulnerabilities split between this bulletin and +device / partner security bulletins, such as the +Pixel / Nexus bulletin?</strong> +</p> +<p> +Security vulnerabilities that are documented in this security bulletin are +required to declare the latest security patch level on Android +devices. Additional security vulnerabilities that are documented in the +device / partner security bulletins are not required for +declaring a security patch level. Android device and chipset manufacturers are +encouraged to document the presence of other fixes on their devices through +their own security websites, such as the +<a href="https://security.samsungmobile.com/securityUpdate.smsb" + class="external">Samsung</a>, +<a href="https://lgsecurity.lge.com/security_updates.html" + class="external">LGE</a>, or +<a href="/security/bulletin/pixel/" + class="external">Pixel / Nexus</a> security bulletins. +</p> + +<h2 id="versions">Versions</h2> +<table> + <col width="25%"> + <col width="25%"> + <col width="50%"> + <tr> + <th>Version</th> + <th>Date</th> + <th>Notes</th> + </tr> + <tr> + <td>1.0</td> + <td>October 1, 2018</td> + <td>Bulletin published.</td> + </tr> + <tr> + <td>1.1</td> + <td>October 1, 2018</td> + <td>Bulletin revised to include AOSP links.</td> + </tr> +</table> +</body></html> diff --git a/en/security/bulletin/2018.html b/en/security/bulletin/2018.html index 21939052..b172b8e3 100644 --- a/en/security/bulletin/2018.html +++ b/en/security/bulletin/2018.html @@ -37,6 +37,22 @@ of all bulletins, see the <a href="/security/bulletin/index.html">Android Securi <th>Security patch level</th> </tr> <tr> + <td><a href="/security/bulletin/2018-10-01.html">October 2018</a></td> + <td>Coming soon + <!-- + <a href="/security/bulletin/2018-10-01.html">English</a> / + <a href="/security/bulletin/2018-10-01.html?hl=ja">日本語</a> / + <a href="/security/bulletin/2018-10-01.html?hl=ko">한국어</a> / + <a href="/security/bulletin/2018-10-01.html?hl=ru">ру́сский</a> / + <a href="/security/bulletin/2018-10-01.html?hl=zh-cn">中文 (中国)</a> / + <a href="/security/bulletin/2018-10-01.html?hl=zh-tw">中文 (台灣)</a> + --> + </td> + <td>October 1, 2018</td> + <td>2018-10-01<br> + 2018-10-05</td> + </tr> + <tr> <td><a href="/security/bulletin/2018-09-01.html">September 2018</a></td> <td> <a href="/security/bulletin/2018-09-01.html">English</a> / diff --git a/en/security/bulletin/_translation.yaml b/en/security/bulletin/_translation.yaml index 6a8d393a..7ff6379d 100644 --- a/en/security/bulletin/_translation.yaml +++ b/en/security/bulletin/_translation.yaml @@ -41,7 +41,7 @@ ignore_paths: - /security/bulletin/pixel/2017-12-01 - /security/bulletin/pixel/2017-11-01 - /security/bulletin/pixel/2017-10-01 -enable_continuous_translation: True +enable_continuous_translation: true title: Android Security Bulletins description: Translations for Android Security Bulletins language: diff --git a/en/security/bulletin/index.html b/en/security/bulletin/index.html index 55a42b19..512e1e88 100644 --- a/en/security/bulletin/index.html +++ b/en/security/bulletin/index.html @@ -69,6 +69,22 @@ Android Open Source Project (AOSP), the upstream Linux kernel, and system-on-chi <th>Security patch level</th> </tr> <tr> + <td><a href="/security/bulletin/2018-10-01.html">October 2018</a></td> + <td>Coming soon + <!-- + <a href="/security/bulletin/2018-10-01.html">English</a> / + <a href="/security/bulletin/2018-10-01.html?hl=ja">日本語</a> / + <a href="/security/bulletin/2018-10-01.html?hl=ko">한국어</a> / + <a href="/security/bulletin/2018-10-01.html?hl=ru">ру́сский</a> / + <a href="/security/bulletin/2018-10-01.html?hl=zh-cn">中文 (中国)</a> / + <a href="/security/bulletin/2018-10-01.html?hl=zh-tw">中文 (台灣)</a> + --> + </td> + <td>October 1, 2018</td> + <td>2018-10-01<br> + 2018-10-05</td> + </tr> + <tr> <td><a href="/security/bulletin/2018-09-01.html">September 2018</a></td> <td> <a href="/security/bulletin/2018-09-01.html">English</a> / diff --git a/en/security/bulletin/pixel/2018-10-01.html b/en/security/bulletin/pixel/2018-10-01.html new file mode 100644 index 00000000..264199bf --- /dev/null +++ b/en/security/bulletin/pixel/2018-10-01.html @@ -0,0 +1,219 @@ +<html devsite> + <head> + <title>Pixel / Nexus Security Bulletin—October 2018</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2018 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + //www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><em>Published October 1, 2018</em></p> + +<p> +The Pixel / Nexus Security Bulletin contains details of security +vulnerabilities and functional improvements affecting <a +href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices" +class="external">supported Google Pixel and Nexus devices</a> (Google devices). +For Google devices, security patch levels of 2018-10-05 or later address all +issues in this bulletin and all issues in the October 2018 Android Security +Bulletin. To learn how to check a device's security patch level, see <a +href="https://support.google.com/pixelphone/answer/4457705" +class="external">Check & update your Android version</a>. +</p> +<p> +All supported Google devices will receive an update to the 2018-10-05 patch +level. We encourage all customers to accept these updates to their devices. +</p> +<p class="note"> +<strong>Note:</strong> The Google device firmware images are available on the +<a href="https://developers.google.com/android/images" class="external">Google +Developer site</a>. +</p> + +<h2 id="announcements">Announcements</h2> + +<p>There are no Pixel or Nexus security patches in the October 2018 Pixel / Nexus + Security Bulletin. +</p> + +<h2 id="functional-patches">Functional patches</h2> +<p> +These updates are included for affected Pixel devices to address functionality +issues not related to the security of Pixel devices. The table includes +associated references; the affected category, such as Bluetooth or mobile data; +improvements; and affected devices. +</p> + +<table> + <tr> + <th>References</th> + <th>Category</th> + <th>Improvements</th> + <th>Devices</th> + </tr> + <tr> + <td>A-112486006</td> + <td>Media</td> + <td>Improved performance for certain protected media formats</td> + <td>Pixel 2, Pixel 2 XL</td> + </tr> + <tr> + <td>A-112529920</td> + <td>Power</td> + <td>Improved fast-charging behavior for Pixel devices</td> + <td>Pixel, Pixel XL</td> + </tr> + <tr> + <td>A-79643956</td> + <td>Stability</td> + <td>Improved stability when using Android Auto</td> + <td>Pixel 2, Pixel 2 XL</td> + </tr> + <tr> + <td>A-111467967</td> + <td>Performance</td> + <td>Modified Call Screening behavior when using Maps Navigation</td> + <td>All</td> + </tr> +</table> + +<h2 id="common-questions-and-answers">Common questions and answers</h2> +<p> +This section answers common questions that may occur after reading this +bulletin. +</p> +<p> +<strong>1. How do I determine if my device is updated to address these issues? +</strong> +</p> +<p> +Security patch levels of 2018-10-05 or later address all issues associated with +the 2018-10-05 security patch level and all previous patch levels. To learn how +to check a device's security patch level, read the instructions on the <a +href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices" +class="external">Pixel and Nexus update schedule</a>. +</p> +<p id="type"> +<strong>2. What do the entries in the <em>Type</em> column mean?</strong> +</p> +<p> +Entries in the <em>Type</em> column of the vulnerability details table reference +the classification of the security vulnerability. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Abbreviation</th> + <th>Definition</th> + </tr> + <tr> + <td>RCE</td> + <td>Remote code execution</td> + </tr> + <tr> + <td>EoP</td> + <td>Elevation of privilege</td> + </tr> + <tr> + <td>ID</td> + <td>Information disclosure</td> + </tr> + <tr> + <td>DoS</td> + <td>Denial of service</td> + </tr> + <tr> + <td>N/A</td> + <td>Classification not available</td> + </tr> +</table> +<p> +<strong>3. What do the entries in the <em>References</em> column mean?</strong> +</p> +<p> +Entries under the <em>References</em> column of the vulnerability details table +may contain a prefix identifying the organization to which the reference value +belongs. +</p> +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Prefix</th> + <th>Reference</th> + </tr> + <tr> + <td>A-</td> + <td>Android bug ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm reference number</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek reference number</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA reference number</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom reference number</td> + </tr> +</table> +<p id="asterisk"> +<strong>4. What does a * next to the Android bug ID in the <em>References</em> +column mean?</strong> +</p> +<p> +Issues that are not publicly available have a * next to the Android bug ID in +the <em>References</em> column. The update for that issue is generally contained +in the latest binary drivers for Pixel / Nexus devices available +from the <a href="https://developers.google.com/android/nexus/drivers" +class="external">Google Developer site</a>. +</p> +<p> +<strong>5. Why are security vulnerabilities split between this bulletin and the +Android Security Bulletins?</strong> +</p> +<p> +Security vulnerabilities that are documented in the Android Security Bulletins +are required to declare the latest security patch level on Android +devices. Additional security vulnerabilities, such as those documented in this +bulletin are not required for declaring a security patch level. +</p> +<h2 id="versions">Versions</h2> +<table> + <col width="25%"> + <col width="25%"> + <col width="50%"> + <tr> + <th>Version</th> + <th>Date</th> + <th>Notes</th> + </tr> + <tr> + <td>1.0</td> + <td>October 1, 2018</td> + <td>Bulletin published.</td> + </tr> +</table> +</body> +</html> diff --git a/en/security/bulletin/pixel/2018.html b/en/security/bulletin/pixel/2018.html index 29669c22..a9df99ca 100644 --- a/en/security/bulletin/pixel/2018.html +++ b/en/security/bulletin/pixel/2018.html @@ -39,6 +39,21 @@ Bulletins</a> homepage.</p> <th>Security patch level</th> </tr> <tr> + <td><a href="/security/bulletin/pixel/2018-10-01.html">October 2018</a></td> + <td>Coming soon + <!-- + <a href="/security/bulletin/pixel/2018-10-01.html">English</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=ja">日本語</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=ko">한국어</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=ru">ру́сский</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=zh-cn">中文 (中国)</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=zh-tw">中文 (台灣)</a> + --> + </td> + <td>October 1, 2018</td> + <td>2018-10-05</td> + </tr> + <tr> <td><a href="/security/bulletin/pixel/2018-09-01.html">September 2018</a></td> <td> <a href="/security/bulletin/pixel/2018-09-01.html">English</a> / diff --git a/en/security/bulletin/pixel/index.html b/en/security/bulletin/pixel/index.html index 8faa9771..bc54cfbe 100644 --- a/en/security/bulletin/pixel/index.html +++ b/en/security/bulletin/pixel/index.html @@ -59,6 +59,21 @@ AOSP 24–48 hours after the Pixel / Nexus bulletin is release <th>Security patch level</th> </tr> <tr> + <td><a href="/security/bulletin/pixel/2018-10-01.html">October 2018</a></td> + <td>Coming soon + <!-- + <a href="/security/bulletin/pixel/2018-10-01.html">English</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=ja">日本語</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=ko">한국어</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=ru">ру́сский</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=zh-cn">中文 (中国)</a> / + <a href="/security/bulletin/pixel/2018-10-01.html?hl=zh-tw">中文 (台灣)</a> + --> + </td> + <td>October 1, 2018</td> + <td>2018-10-05</td> + </tr> + <tr> <td><a href="/security/bulletin/pixel/2018-09-01.html">September 2018</a></td> <td> <a href="/security/bulletin/pixel/2018-09-01.html">English</a> / diff --git a/en/security/overview/acknowledgements.html b/en/security/overview/acknowledgements.html index 864905b5..90a9adb9 100644 --- a/en/security/overview/acknowledgements.html +++ b/en/security/overview/acknowledgements.html @@ -37,6 +37,80 @@ Rewards</a> program.</p> <p>In 2018, the security acknowledgements are listed by month. In prior years, acknowledgements were listed together.</p> +<h4 id="oct-2018">October</h4> + +<table> + <tr> + <th>Researchers</th> + <th>CVEs</th> + </tr> + <tr> + <td>Abhishek Sidharthan (Amrita School of Engineering) and Pratheesh P +Narayanan (Sree Narayana Gurukulam College of Engineering)</td> + <td>CVE-2018-9452</td> + </tr> + <tr> + <td>Chong Wang (<a href="weibo.com/csddl">weibo.com/csddl</a>) of Chengdu +Security Response Center, Qihoo 360 Technology Co. Ltd.</td> + <td>CVE-2018-9503, CVE-2018-9505</td> + </tr> + <tr> + <td>Daniel Kachakil, Senior Security Consultant, IOActive</td> + <td>CVE-2018-9493, CVE-2018-9546</td> + </tr> + <tr> + <td>Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.</td> + <td>CVE-2018-9490</td> + </tr> + <tr> + <td>Jann Horn of Google Project Zero</td> + <td>CVE-2018-9514, CVE-2018-9515</td> + </tr> + <tr> + <td>Jianjun Dai (<a href="https://twitter.com/jioun_dai">@Jioun_dai</a>) and +Guang Gong (<a href="https://twitter.com/oldfresher">@oldfresher</a>) of +Alpha Team, Qihoo 360 Technology Co. Ltd</td> + <td>CVE-2017-13283</td> + </tr> + <tr> + <td><a href="https://github.com/michalbednarski">Michał Bednarski</a></td> + <td>CVE-2018-9492</td> + </tr> + <tr> + <td>Niky1235 (<a href="https://twitter.com/jiych_guru">@jiych_guru</a>)</td> + <td>CVE-2018-9473</td> + </tr> + <tr> + <td>Pengfei Ding (丁鹏飞) of Huawei Mobile Security Lab (华为移动安全实验室)</td> + <td>CVE-2018-9506, CVE-2018-9507</td> + </tr> + <tr> + <td><a href="https://linkedin.com/in/raywdude">Raymond Wang</a></td> + <td>CVE-2018-9501</td> + </tr> + <tr> + <td><a href="https://github.com/stze">Stephan Zeisberg</a> of <a +href="https://srlabs.de">Security Research Labs</a></td> + <td>CVE-2018-9497</td> + </tr> + <tr> + <td>Tamir Zahavi-Brunner (<a +href="https://twitter.com/tamir_zb">@tamir_zb</a>) of Zimperium zLabs Team</td> + <td>CVE-2018-9499</td> + </tr> + <tr> + <td>Yongke Wang (<a href="https://twitter.com/rudykewang">@Rudykewang</a>) +and Xiangqian Zhang (<a href="https://twitter.com/h3rb0x">@h3rb0x</a>) of <a +href="xlab.tencent.com">Tencent Security Xuanwu Lab</a></td> + <td>CVE-2018-9502, CVE-2018-9508, CVE-2018-9509, CVE-2018-9510</td> + </tr> + <tr> + <td>Zinuo Han (<a href="weibo.com/ele7enxxh">weibo.com/ele7enxxh</a>) of +Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</td> + <td>CVE-2018-9476, CVE-2018-9498, CVE-2018-9504</td> + </tr> +</table> + <h4 id="sept-2018">September</h4> <table> diff --git a/en/setup/_toc-build.yaml b/en/setup/_toc-build.yaml index b5fae853..5f4050ac 100644 --- a/en/setup/_toc-build.yaml +++ b/en/setup/_toc-build.yaml @@ -1,7 +1,7 @@ toc: - title: Use Reference Boards path: /setup/build/devices -- title: Find Generic System Images +- title: Generic System Images path: /setup/build/gsi - title: Compile with Jack path: /setup/build/jack diff --git a/en/setup/_translation.yaml b/en/setup/_translation.yaml index de17f36f..88d00f99 100644 --- a/en/setup/_translation.yaml +++ b/en/setup/_translation.yaml @@ -1,4 +1,4 @@ -enable_continuous_translation: True +enable_continuous_translation: true title: Android Open Source Project Setup tab description: Translations for SAC Setup tab language: diff --git a/en/setup/build/gsi.html b/en/setup/build/gsi.html index 5dcafdf4..a80be991 100644 --- a/en/setup/build/gsi.html +++ b/en/setup/build/gsi.html @@ -5,6 +5,7 @@ <meta name="book_path" value="/_book.yaml" /> </head> <body> + {% include "_versions.html" %} <!-- Copyright 2018 The Android Open Source Project @@ -21,656 +22,589 @@ limitations under the License. --> -<h2 id="overview">Overview</h2> <p> -This document describes the Generic System Image (GSI) for Android 9, including -details on the differences between GSIs for devices launching with Android 9 and -devices upgrading to Android 9. + A generic system image (GSI) is a system image with adjusted configurations + for Android devices. It is considered a "pure Android" implementation with + unmodified Android Open Source Project (AOSP) code that any Android device + should be able to run successfully. </p> + +<p> + The content in a GSI does not depend on the vendor image. To verify GSI + independence, the system image of an Android device is replaced with a GSI + then tested thoroughly with the <a href="/compatibility/vts/">Vendor Test + Suite (VTS)</a> and the <a href="/compatibility/cts/">Compatibility Test Suite + (CTS)</a>. Similarly, you can use a GSI in place of your own system image + to verify your Android device implements vendor interfaces correctly. +</p> + +<h2 id="gsi-configuration-and-variances">GSI configuration and variances</h2> + +<p> + The goal of a GSI is to offer a specific, universal configuration for all + Android devices while allowing for variances between different vendor devices. + The current GSI is based on Android {{ androidPVersionNumber }}. +</p> + +<p> + The current GSI has the following configuration: +</p> + +<ul> + <li><strong>Treble</strong>. A GSI includes full support for the + <a href="/devices/architecture/#hidl">HIDL-based architectural changes</a> + (also known as "Treble") introduced in Android 8.0, including support for + <a href="/reference/hidl/">HIDL interfaces</a>. You can use a GSI on any + Android device that uses HIDL vendor interfaces. (For more details, see + <a href="/devices/architecture/#resources">Architecture resources</a>.)</li> + <li><strong>Verify Boot.</strong> A GSI does not include a verify boot + solution (<a href="/security/verifiedboot/">vboot 1.0</a>, + <a href="/security/verifiedboot/avb">AVB</a>, etc.). To flash a GSI to an + Android device, it must have a method for disabling verify boot.</li> + <li><strong>Build variant</strong>. A GSI always uses a <code>userdebug</code> + build variant to enable running VTS and CTS. After replacing the system + image with GSI, you can root the device then test with a + <code>user</code>-build vendor image and a <code>userdebug</code>-build + system image.</li> + <li><strong>File system and image format</strong>. A GSI uses an ext4 file + system with sparse image format.</li> +</ul> + +<p> + The current GSI includes following major variances: +</p> + +<ul> + <li><strong>Version</strong>. Support for Android 8.0, Android 8.1, and + Android {{ androidPVersionNumber }}.</li> + <li><strong>CPU architecture</strong>. Support for different CPU instructions + (ARM, x86, etc.) and CPU bitness (32-bit or 64-bit).</li> + <li><strong>Partition layout</strong>. Can use + <a href="/devices/bootloader/system-as-root">system-as-root</a> or + non-system-as-root partition layout.</li> + <li>Support for binder interface bitness.</li> +</ul> + <h2 id="gsi-types">GSI types</h2> + <p> -Android 9 supports the following GSIs: + The GSI type is determined by the Android version the device launches with. + Android {{ androidPVersionNumber }} supports the following GSIs: </p> + <table> <tr> - <th><strong>GSI Name</strong> - </th> - <th><strong>Description</strong> - </th> - <th><strong>Product Name</strong> - </th> + <th>GSI name</th> + <th>Description</th> + <th>Product name</th> </tr> <tr> - <td>P GSI - </td> - <td>For devices launching with Android 9 - </td> - <td><code>aosp_$arch</code> - </td> + <td>Android GSI</td> + <td>For devices launching with Android {{ androidPVersionNumber }}</td> + <td><code>aosp_$arch</code></td> </tr> <tr> - <td>Legacy GSI - </td> - <td>For devices upgrading to Android 9 - </td> - <td><code>aosp_$arch_a(b)</code> - </td> + <td>Legacy GSI</td> + <td>For devices launching with Android 8.0 or Android 8.1</td> + <td><code>aosp_$arch_a(b)</code></td> </tr> </table> + +<aside class="note"> + <strong>Note:</strong> To determine the appropriate GSI for a device, connect + the device to a workstation and run + <code>adb shell getprop ro.product.first_api_level</code>. If the API level is 28, + use the Android GSI; if the API level is 27, use the Legacy GSI. If there is no + system property then it may not be supported. +</aside> + <p> -All GSIs are built from the Android 9 codebase. + All GSIs are built from the Android {{ androidPVersionNumber }} codebase. As + Legacy GSI support depends on the vendor interface implementation of the + device, not all devices launching with Android 8.0 or Android 8.1 can use the + Legacy GSI. For details, see + <a href="#vendor-binaries-and-vndk-dependencies">Vendor binaries and VNDK + dependencies</a>. </p> -<h3 id="changes-in-p-gsis">Changes in GSIs for Android 9</h3> -<p> -Devices launching with Android 9 must use P GSIs, which include the following -major changes from earlier GSIs: -</p><ul> -<li><strong>Merges GSI and emulator. </strong>GSIs are built from the system -images of emulator products, e.g. <code>aosp_arm64</code>, -<code>aosp_x86</code>, etc. -<li><strong>System-as-root</strong>. In previous versions of Android, devices -that did not support A/B updates could mount the system image under -<code>/system</code> directory.<strong> </strong>In Android 9, the root of the -system image is mounted as the root of the device. -<li><strong>64-bit binder interface</strong>. In Android 8.x, 32-bit GSIs used -the 32-bit binder interface. Android 9 does not support 32-bit binder interface, -so both 32-bit GSIs and 64-bit GSIs use the 64-bit binder interface. -<li><strong>VNDK enforcement</strong>. In Android 8.1, VNDK was optional. In -Android 9, VNDK is mandatory, meaning the -<code>BOARD_VNDK_RUNTIME_DISABLE</code> must <strong>not</strong> be set: -<code>BOARD_VNDK_RUNTIME_DISABLE := # must not be set</code> -<li><strong>Compatible system property</strong>. Android 9 enables the access -check for compatible system property:<code> -PRODUCT_COMPATIBLE_PROPERTY_OVERRIDE := true</code>.</li></ul> + +<h3 id="changes-in-p-gsis">Android {{ androidPVersionNumber }} GSI changes</h3> + <p> -To test devices launching with Android 9 with cts-on-gsi, use the <a -href="#p-gsi-build-targets">build targets for P GSI</a>. + Devices launching with Android {{ androidPVersionNumber }} must use Android + {{ androidPVersionNumber }} GSIs, which include the following major changes + from earlier GSIs: </p> -<h3 id="changes-in-legacy-gsis">Changes in Legacy GSIs</h3> -<p> -Devices upgrading to Android 9 can use Legacy GSI product named with suffix -<code>_ab</code> or <code>_a</code> (e.g. <code>aosp_arm64_ab</code>, -<code>aosp_x86_a</code> ). This GSI supports the following upgrade use cases: -</p><ul> -<li>For devices with an Android 8.1 vendor interface implementation -<li>For devices updated to the Android 9 vendor interface -implementation</li></ul> + +<ul> + <li><strong>Merges GSI and emulator</strong>. GSIs are built from the system + images of emulator products, e.g. <code>aosp_arm64</code>, + <code>aosp_x86</code>, etc.</li> + <li><strong>System-as-root</strong>. In previous versions of Android, devices + that did not support A/B updates could mount the system image under + <code>/system</code> directory. In Android {{ androidPVersionNumber }}, the + root of the system image is mounted as the root of the device.</li> + <li><strong>64-bit binder interface</strong>. In Android 8.x, 32-bit GSIs + used the 32-bit binder interface. Android {{ androidPVersionNumber }} does + not support 32-bit binder interface, so both 32-bit GSIs and 64-bit GSIs + use the 64-bit binder interface.</li> + <li><strong>VNDK enforcement</strong>. In Android 8.1, VNDK was optional. In + Android {{ androidPVersionNumber }}, VNDK is mandatory, meaning the + <code>BOARD_VNDK_RUNTIME_DISABLE</code> must <strong>not</strong> be set + (<code>BOARD_VNDK_RUNTIME_DISABLE := # must not be set</code>).</li> + <li><strong>Compatible system property</strong>. Android + {{ androidPVersionNumber }} enables the access check for compatible system + property (<code>PRODUCT_COMPATIBLE_PROPERTY_OVERRIDE := true</code>).</li> +</ul> + <p> -Legacy GSIs are build from the Android 9 source tree but contain the following -backward compatible configurations for upgraded devices: -</p><ul> -<li><strong>Non system-as-root</strong>. Devices that do not support -system-as-root can continue to use <code>_a</code> products (e.g., -<code>aosp_arm_a</code>). -<li><strong>32-bit userspace + 32-bit binder interface. </strong>32-bit GSIs can -continue to use the 32-bit binder interface. -<li><strong>8.1 VNDK</strong>. Devices can use the included 8.1 VNDK. -<li><strong>Mount directories</strong>. Some legacy devices use directories as -mount-pointers (e.g. <code>/bluetooth</code>, <code>/firmware/radio</code>, -<code>/persist</code>, etc.).</li></ul> + To test devices launching with Android {{ androidPVersionNumber }} with + cts-on-gsi, use the <a href="#p-gsi-build-targets">build targets for the + Android {{ androidPVersionNumber }} GSI</a>. +</p> + +<h3 id="changes-in-legacy-gsis">Android {{ androidPVersionNumber }} Legacy GSI +changes</h3> + <p> -To test devices upgrading to Android 9 with cts-on-gsi, use the <a -href="#legacy-gsi-build-targets">build targets for Legacy GSI</a>. + Devices upgrading to Android {{ androidPVersionNumber }} can use Legacy GSI + product named with suffix <code>_ab</code> or <code>_a</code> (e.g. + <code>aosp_arm64_ab</code>, <code>aosp_x86_a</code> ). This GSI supports the + following upgrade use cases: </p> + +<ul> + <li>Devices with an Android 8.1 vendor interface implementation</li> + <li>Devices updated to the Android {{ androidPVersionNumber }} vendor + interface implementation</li> +</ul> + <p> -<strong>Note:</strong> If a pre-Android 9 device implements the Android 9 vendor -interface and meets all requirements introduced in Android 9, don't use the -Legacy GSIs; instead use P GSIs for VTS and cts-on-gsi. + Legacy GSIs are build from the Android {{ androidPVersionNumber }} source + tree but contain the following backward-compatible configurations for upgraded + devices: </p> -<h2 id="changes-to-keymaster-behavior">Changes to Keymaster behavior</h2> + +<ul> + <li><strong>Non system-as-root</strong>. Devices that do not support + system-as-root can continue to use <code>_a</code> products (e.g., + <code>aosp_arm_a</code>).</li> + <li><strong>32-bit userspace + 32-bit binder interface</strong>. 32-bit GSIs + can continue to use the 32-bit binder interface.</li> + <li><strong>8.1 VNDK</strong>. Devices can use the included 8.1 VNDK.</li> + <li><strong>Mount directories</strong>. Some legacy devices use directories as + mount-pointers (e.g. <code>/bluetooth</code>, <code>/firmware/radio</code>, + <code>/persist</code>, etc.).</li> +</ul> + <p> -In earlier versions of Android, devices implementing Keymaster 3 or earlier were -required to verify the version info (<code>ro.build.version.release</code> and -<code>ro.build.version.security_patch</code>) reported by the running system -matched the version info reported by bootloader. Such information was typically -obtained from the boot image header. + To test devices upgrading to Android {{ androidPVersionNumber }} with + cts-on-gsi, use the <a href="#legacy-gsi-build-targets">build targets for + Legacy GSI</a>. </p> + +<aside class="note"> + <strong>Note:</strong> If a pre-Android {{ androidPVersionNumber }} device + implements the Android {{ androidPVersionNumber }} vendor interface and meets + all requirements introduced in Android {{ androidPVersionNumber }}, don't use + the Legacy GSIs; instead use Android {{ androidPVersionNumber }} GSIs for VTS + and cts-on-gsi. +</aside> + +<h3 id="changes-to-keymaster-behavior">Android {{ androidPVersionNumber }} +Keymaster changes</h3> + <p> -In Android 9, this requirement has changed for vendors to boot GSI: The -Keymaster should not perform verification since the version info reported by the -GSI may not match the version info reported by vendor's bootloader. For devices -implementing Keymaster 3 or earlier, vendors must modify the Keymaster -implementation to skip verification (or upgrade to Keymaster 4). + In earlier versions of Android, devices implementing Keymaster 3 or lower were + required to verify the version info (<code>ro.build.version.release</code> and + <code>ro.build.version.security_patch</code>) reported by the running system + matched the version info reported by bootloader. Such information was + typically obtained from the boot image header. </p> + <p> -For details on Keymaster, refer to <a -href="https://source.android.com/security/keystore/">Hardware-backed -Keystore</a> on source.android.com. + In Android {{ androidPVersionNumber }}, this requirement has changed to enable + vendors to boot a GSI. Specifically, Keymaster should not perform verification + since the version info reported by the GSI may not match the version info + reported by vendor's bootloader. For devices implementing Keymaster 3 or + lower, vendors must modify the Keymaster implementation to skip verification + (or upgrade to Keymaster 4). For details on Keymaster, refer to + <a href="/security/keystore/">Hardware-backed Keystore</a>. </p> + <h2 id="vendor-binaries-and-vndk-dependencies">Vendor binaries and VNDK dependencies</h2> + <p> -Devices upgrading to Android 9 have different upgrade paths depending on the -version of vendor binaries in use on the device and the VNDK-related -configurations used to build the device. -</p> -<p> -The following table summarizes the Legacy GSI support for upgraded devices: + Devices upgrading to Android {{ androidPVersionNumber }} have different + upgrade paths depending on the version of vendor binaries in use on the device + and the VNDK-related configurations used to build the device. The following + table summarizes the Legacy GSI support for upgraded devices: </p> + <table> <tr> - <th><strong>Use Case</strong> - </th> - <th><strong>Device -Vendor Binaries</strong> - </th> - <th><strong><code>BOARD_VNDK -_VERSION</code></strong> - </th> - <th><strong><code>BOARD_VNDK -_RUNTIME_DISABLE</code></strong> - </th> - <th><strong>Legacy GSI -System Binaries</strong> - </th> - <th><strong>Support</strong> - </th> + <th>Use case</th> + <th>Vendor binaries version</th> + <th><code>BOARD_VNDK_VERSION</code></th> + <th><code>BOARD_VNDK_RUNTIME_DISABLE</code></th> + <th>Legacy GSI system binaries version</th> + <th>Legacy GSI support</th> </tr> <tr> - <td>1.a - </td> - <td>8.1 - </td> - <td>(empty) - </td> - <td>(any) - </td> - <td>P - </td> - <td>No - </td> + <td>0</td> + <td>8.0</td> + <td>(any)</td> + <td>(N/A)</td> + <td>{{ androidPVersionNumber }}</td> + <td>No</td> </tr> <tr> - <td>1.b - </td> - <td>8.1 - </td> - <td><code>current</code> - </td> - <td><code>true</code> - </td> - <td>P - </td> - <td>No - </td> + <td>1.a</td> + <td>8.1</td> + <td>(empty)</td> + <td>(any)</td> + <td>{{ androidPVersionNumber }}</td> + <td>No</td> </tr> <tr> - <td>2 - </td> - <td>8.1 - </td> - <td><code>current</code> - </td> - <td>(empty) - </td> - <td>P - </td> - <td>Yes - </td> + <td>1.b</td> + <td>8.1</td> + <td><code>current</code></td> + <td><code>true</code></td> + <td>{{ androidPVersionNumber }}</td> + <td>No</td> </tr> <tr> - <td>3 - </td> - <td>P - </td> - <td><code>current</code> - </td> - <td><code>true</code> - </td> - <td>P - </td> - <td>Yes - </td> + <td>2</td> + <td>8.1</td> + <td><code>current</code></td> + <td>(empty)</td> + <td>{{ androidPVersionNumber }}</td> + <td>Yes</td> </tr> <tr> - <td>4 - </td> - <td>P - </td> - <td><code>current</code> - </td> - <td>(empty) - </td> - <td>P - </td> - <td>Yes - </td> + <td>3</td> + <td>{{ androidPVersionNumber }}</td> + <td><code>current</code></td> + <td><code>true</code></td> + <td>{{ androidPVersionNumber }}</td> + <td>Yes</td> + </tr> + <tr> + <td>4</td> + <td>{{ androidPVersionNumber }}</td> + <td><code>current</code></td> + <td>(empty)</td> + <td>{{ androidPVersionNumber }}</td> + <td>Yes</td> </tr> </table> + <p> -The most common supported use case is #2, where the Legacy GSI supports devices -running 8.1 that were built with <code>BOARD_VNDK_VERSION</code> but built -without <code>BOARD_VNDK_RUNTIME_DISABLE</code> (i.e., runtime enforcement was -NOT disabled). + The most common supported use case is #2, where the Legacy GSI supports + devices running Android 8.1 that were built with + <code>BOARD_VNDK_VERSION</code> but built without + <code>BOARD_VNDK_RUNTIME_DISABLE</code> (i.e., runtime enforcement was NOT + disabled). </p> + <p> -The two unsupported use cases are #1.a and #1.b, where the Legacy GSI does NOT -support devices running 8.1 that were not built with -<code>BOARD_VNDK_VERSION</code> or built with -<code>BOARD_VNDK_RUNTIME_DISABLE</code> (i.e. runtime enforcement WAS disabled). -These devices are not supported because their vendor binaries depend on 8.1 -non-VNDK shared libraries, which are not included in Legacy GSI. + The two unsupported use cases are #1.a and #1.b, where the Legacy GSI does NOT + support devices running Android 8.1 that were not built with + <code>BOARD_VNDK_VERSION</code> or built with + <code>BOARD_VNDK_RUNTIME_DISABLE</code> (i.e. runtime enforcement WAS + disabled). These devices are not supported because their vendor binaries + depend on Android 8.1 non-VNDK shared libraries, which are not included in + Legacy GSIs. </p> + <p> -To make these devices compatible with the Legacy GSI, vendors must do one of the -following: -</p><ul> -<li>Enable <code>BOARD_VNDK_VERSION</code> without -<code>BOARD_VNDK_RUNTIME_DISABLE</code> (use case #2) + To make these devices compatible with the Legacy GSI, vendors must do one of + the following: +</p> + +<ul> + <li>Enable <code>BOARD_VNDK_VERSION</code> without + <code>BOARD_VNDK_RUNTIME_DISABLE</code> (use case #2) + <br><br>OR<br><br></li> + <li>Port/upgrade the vendor binaries to depend on the shared libraries from + Android {{ androidPVersionNumber }} (use case #3 and use case #4).</li> +</ul> -OR -<li>Port/upgrade the vendor binaries to depend on the shared libraries from -Android 9 (use case #3 and use case #4).</li></ul> +<h2 id="building-gsis">Building GSIs</h2> -<h2 id="build-targets">Build targets</h2> <p> -Use the following build target tables to determine the correct GSI version for -your device. + Starting with Android {{ androidPVersionNumber }}, each Android version has a + GSI branch named <code><var>DESSERT</var>-gsi</code> on AOSP (for example, + <code>pie-gsi</code> is the GSI branch on Android + {{ androidPVersionNumber }}). GSI branches include the content of Android with + all <a href="/security/bulletin/">security patches</a> and + <a href="#contributing-to-a-gsi">GSI patches</a> applied. </p> -<h3 id="p-gsi-build-targets">P GSI build targets</h3> + +<p> + To build a GSI, set up the Android source tree by + <a href="/setup/build/downloading">downloading</a> from a GSI branch and + <a href="/setup/build/building#choose-a-target">choosing a GSI build + target</a>. Use the build target tables below to determine the correct GSI + version for your device. After the build completes, the GSI is the system + image (e.g. <code>system.img</code>) and appears in the output folder + <code>out/target/product/<strong>generic_arm64_ab</strong></code>. The build + also outputs <code>vbmeta.img</code> , which you can use to disable verify + boot on the devices using <a href="/security/verifiedboot/avb">Android + Verified Boot</a>. <p> -The following P GSI build targets are for devices launching with Android 9. (Due -to a reduction in variances between architectures, Android 9 includes only four -GSI products). + +<p> + Example: The following commands build the Legacy GSI build target + <code>aosp_arm64_ab-userdebug</code> on GSI branch <code>pie-gsi</code>: </p> + +<pre class="prettyprint"> +$ repo init -u https://android.googlesource.com/platform/manifest -b pie-gsi +$ repo sync -cq +$ source build/envsetup.sh +$ lunch aosp_arm64_ab-userdebug +$ make -j4 +</pre> + +<h3 id="p-gsi-build-targets">Android {{ androidPVersionNumber }} GSI build +targets</h3> + +<p> + The following GSI build targets are for devices launching with Android + {{ androidPVersionNumber }}. Due to a reduction in variances between + architectures, Android {{ androidPVersionNumber }} includes only four GSI + products. +</p> + <table> <tr> - <th><strong>GSI name</strong> - </th> - <th><strong>CPU arch</strong> - </th> - <th><strong>Binder interface bitness</strong> - </th> - <th><strong>System-as-root</strong> - </th> - <th><strong>Product name</strong> - </th> + <th>GSI name</th> + <th>CPU arch</th> + <th>Binder interface bitness</th> + <th>System-as-root</th> + <th>Product name</th> </tr> <tr> - <td><strong><code>aosp_arm</code></strong> - </td> - <td><code>ARM</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_arm-userdebug</code> - </td> + <td><code>aosp_arm</code></td> + <td><code>ARM</code></td> + <td><code>64</code></td> + <td><code>Y</code></td> + <td><code>aosp_arm-userdebug</code></td> </tr> <tr> - <td><strong><code>aosp_arm64</code></strong> - </td> - <td><code>ARM64</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_arm64-userdebug</code> - </td> + <td><code>aosp_arm64</code></td> + <td><code>ARM64</code></td> + <td><code>64</code></td> + <td><code>Y</code></td> + <td><code>aosp_arm64-userdebug</code></td> </tr> <tr> - <td><strong><code>aosp_x86</code></strong> - </td> - <td><code>x86</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_x86-userdebug</code> - </td> + <td><code>aosp_x86</code></td> + <td><code>x86</code></td> + <td><code>64</code></td> + <td><code>Y</code></td> + <td><code>aosp_x86-userdebug</code></td> </tr> <tr> - <td><strong><code>aosp_x86_64</code></strong> - </td> - <td><code>x86-64</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_x86_64-userdebug</code> - </td> + <td><code>aosp_x86_64</code></td> + <td><code>x86-64</code></td> + <td><code>64</code></td> + <td><code>Y</code></td> + <td><code>aosp_x86_64-userdebug</code></td> </tr> </table> -<h3 id="legacy-gsi-build-targets">Legacy GSI build targets</h3> + +<h3 id="legacy-gsi-build-targets">Android {{ androidPVersionNumber }} Legacy +GSI build targets</h3> + <p> -The following Legacy GSI build targets are for devices upgrading to Android 9. -Legacy GSI names include the suffix <code>_ab</code> or <code>_a</code> to -distinguish them from P GSI names. + The following Legacy GSI build targets are for devices upgrading to Android + {{ androidPVersionNumber }}. Legacy GSI names include the suffix + <code>_ab</code> or <code>_a</code> to distinguish them from Android + {{ androidPVersionNumber }} GSI names. </p> + <table> <tr> - <th><strong>GSI name</strong> - </th> - <th><strong>CPU arch</strong> - </th> - <th><strong>Binder interface bitness</strong> - </th> - <th><strong>System-as-root</strong> - </th> - <th><strong>Product name</strong> - </th> + <th>GSI name</th> + <th>CPU arch</th> + <th>Binder interface bitness</th> + <th>System-as-root</th> + <th>Product name</th> </tr> <tr> - <td><strong><code>aosp_arm_a</code></strong> - </td> - <td><code>ARM</code> - </td> - <td><code>32</code> - </td> - <td><code>N</code> - </td> - <td><code>aosp_arm_a-userdebug</code> - </td> + <td><code>aosp_arm_a</code></td> + <td><code>ARM</code></td> + <td><code>32</code></td> + <td><code>N</code></td> + <td><code>aosp_arm_a-userdebug</code></td> </tr> <tr> - <td><strong><code>aosp_arm_ab</code></strong> - </td> - <td><code>ARM</code> - </td> - <td><code>32</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_arm_ab-userdebug</code> - </td> + <td><code>aosp_arm_ab</code></td> + <td><code>ARM</code></td> + <td><code>32</code></td> + <td><code>Y</code></td> + <td><code>aosp_arm_ab-userdebug</code></td> </tr> <tr> - <td><code>**NA</code> - </td> - <td><code>ARM</code> - </td> - <td><code>64</code> - </td> - <td><code>N</code> - </td> - <td> - </td> + <td><code>**NA</code></td> + <td><code>ARM</code></td> + <td><code>64</code></td> + <td><code>N</code></td> + <td></td> </tr> <tr> - <td><code>aosp_arm_64b_ab</code> - </td> - <td><code>ARM</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_arm_64b_ab-userdebug</code> - </td> + <td><code>aosp_arm_64b_ab</code></td> + <td><code>ARM</code></td> + <td><code>64</code></td> + <td><code>Y</code></td> + <td><code>aosp_arm_64b_ab-userdebug</code></td> </tr> <tr> - <td><strong><code>aosp_arm64_a</code></strong> - </td> - <td><code>ARM64</code> - </td> - <td><code>64</code> - </td> - <td><code>N</code> - </td> - <td><code>aosp_arm64_a-userdebug</code> - </td> + <td><code>aosp_arm64_a</code></td> + <td><code>ARM64</code></td> + <td><code>64</code></td> + <td><code>N</code></td> + <td><code>aosp_arm64_a-userdebug</code></td> </tr> <tr> - <td><strong><code>aosp_arm64_ab</code></strong> - </td> - <td><code>ARM64</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_arm64_ab-userdebug</code> - </td> + <td><code>aosp_arm64_ab</code></td> + <td><code>ARM64</code></td> + <td><code>64</code></td> + <td><code>Y</code></td> + <td><code>aosp_arm64_ab-userdebug</code></td> </tr> <tr> - <td><strong><code>aosp_x86_a</code></strong> - </td> - <td><code>x86</code> - </td> - <td><code>32</code> - </td> - <td><code>N</code> - </td> - <td><code>aosp_x86_a-userdebug</code> - </td> + <td><code>aosp_x86_a</code></td> + <td><code>x86</code></td> + <td><code>32</code></td> + <td><code>N</code></td> + <td><code>aosp_x86_a-userdebug</code></td> </tr> <tr> - <td><strong><code>aosp_x86_ab</code></strong> - </td> - <td><code>x86</code> - </td> - <td><code>32</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_x86_ab-userdebug</code> - </td> + <td><code>aosp_x86_ab</code></td> + <td><code>x86</code></td> + <td><code>32</code></td> + <td><code>Y</code></td> + <td><code>aosp_x86_ab-userdebug</code></td> </tr> <tr> - <td><code>**NA</code> - </td> - <td><code>x86</code> - </td> - <td><code>64</code> - </td> - <td><code>N</code> - </td> - <td> - </td> + <td><code>**NA</code></td> + <td><code>x86</code></td> + <td><code>64</code></td> + <td><code>N</code></td> + <td></td> </tr> <tr> - <td><code>**NA</code> - </td> - <td><code>x86</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td> - </td> + <td><code>**NA</code></td> + <td><code>x86</code></td> + <td><code>64</code></td> + <td><code>Y</code></td> + <td></td> </tr> <tr> - <td><strong><code>aosp_x86_64_a</code></strong> - </td> - <td><code>x86-64</code> - </td> - <td><code>64</code> - </td> - <td><code>N</code> - </td> - <td><code>aosp_x86_64_a-userdebug</code> - </td> + <td><code>aosp_x86_64_a</code></td> + <td><code>x86-64</code></td> + <td><code>64</code></td> + <td><code>N</code></td> + <td><code>aosp_x86_64_a-userdebug</code></td> </tr> <tr> - <td><strong><code>aosp_x86_64_ab</code></strong> - </td> - <td><code>x86-64</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_x86_64_ab-userdebug</code> - </td> + <td><code>aosp_x86_64_ab</code></td> + <td><code>x86-64</code></td> + <td><code>64</code></td> + <td><code>Y</code></td> + <td><code>aosp_x86_64_ab-userdebug</code></td> </tr> </table> -<p> <em>** Could be added by request</em> -</p> + +<aside class="aside"> + <strong>Note: </strong>These build targets will likely be removed in a + future version of Android. +</aside> + +<h2 id="flashing-gsis">Flashing GSIs</h2> + <p> -<strong>Note: </strong>These build targets will likely be removed in a future -version of Android. + Android devices can have different designs, so no single command or set of + instructions for flashing a GSI to a specific device is possible. Use the + following general steps as guidelines: </p> -<h3 id="gsi-8-1-build-targets">GSI 8.1 build targets</h3> + +<ol> + <li>Ensure the device has the following: + <ul> + <li>Support for HIDL-HAL interfaces.</li> + <li>A method for unlocking devices (so they can be flashed using + <code>fastboot</code>).</li> + <li>A method for disabling verify boot (e.g. + <a href="/security/verifiedboot/">vboot 1.0</a>, + <a href="/security/verifiedboot/avb">AVB</a>, etc.).</li> + <li>Unlock the device to make it flashable via <code>fastboot</code>.</li> + <aside class="note"> + <strong>Note:</strong> Ensure you have the latest version of + <code>fastboot</code> by building it from Android source tree.</aside> + </ul> + </li> + <li>Disable verify boot.</li> + <li>Erase the current system partition, then flash the GSI to system + partition.</li> + <li>Wipe userdata and clear data from other necessary partitions (e.g. + metadata).</li> + <li>Reboot the device.</li> +</ol> + <p> -Android 8.1 GSIs support eight normal products (<strong>bolded</strong> in the -table) and one special product built from Android 8.1 source tree. + For example, to flash a GSI to a Pixel 2 device: </p> -<table> - <tr> - <th><strong>GSI name</strong> - </th> - <th><strong>CPU arch</strong> - </th> - <th><strong>Binder interface bitness</strong> - </th> - <th><strong>System-as-root</strong> - </th> - <th><strong>Product name</strong> - </th> - </tr> - <tr> - <td><strong><code>aosp_arm_a</code></strong> - </td> - <td><code>ARM</code> - </td> - <td><code>32</code> - </td> - <td><code>N</code> - </td> - <td><code>aosp_arm_a-userdebug</code> - </td> - </tr> - <tr> - <td><strong><code>aosp_arm_ab</code></strong> - </td> - <td><code>ARM</code> - </td> - <td><code>32</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_arm_ab-userdebug</code> - </td> - </tr> - <tr> - <td><code>aosp_arm_64b_a</code> - </td> - <td><code>ARM</code> - </td> - <td><code>64</code> - </td> - <td><code>N</code> - </td> - <td><code>aosp_arm_64b_a-userdebug</code> - </td> - </tr> - <tr> - <td><code>**NA</code> - </td> - <td><code>ARM</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td> - </td> - </tr> - <tr> - <td><strong><code>aosp_arm64_a</code></strong> - </td> - <td><code>ARM64</code> - </td> - <td><code>64</code> - </td> - <td><code>N</code> - </td> - <td><code>aosp_arm64_a-userdebug</code> - </td> - </tr> - <tr> - <td><strong><code>aosp_arm64_ab</code></strong> - </td> - <td><code>ARM64</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_arm64_ab-userdebug</code> - </td> - </tr> - <tr> - <td><strong><code>aosp_x86_a</code></strong> - </td> - <td><code>x86</code> - </td> - <td><code>32</code> - </td> - <td><code>N</code> - </td> - <td><code>aosp_x86_a-userdebug</code> - </td> - </tr> - <tr> - <td><strong><code>aosp_x86_ab</code></strong> - </td> - <td><code>x86</code> - </td> - <td><code>32</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_x86_ab-userdebug</code> - </td> - </tr> - <tr> - <td><code>**NA</code> - </td> - <td><code>x86</code> - </td> - <td><code>64</code> - </td> - <td><code>N</code> - </td> - <td> - </td> - </tr> - <tr> - <td><code>**NA</code> - </td> - <td><code>x86</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td> - </td> - </tr> - <tr> - <td><strong><code>aosp_x86_64_a</code></strong> - </td> - <td><code>x86-64</code> - </td> - <td><code>64</code> - </td> - <td><code>N</code> - </td> - <td><code>aosp_x86_64_a-userdebug</code> - </td> - </tr> - <tr> - <td><strong><code>aosp_x86_64_ab</code></strong> - </td> - <td><code>x86-64</code> - </td> - <td><code>64</code> - </td> - <td><code>Y</code> - </td> - <td><code>aosp_x86_64_ab-userdebug</code> - </td> - </tr> -</table> + +<ol> + <li><a href="/setup/build/running#booting-into-fastboot-mode">Boot to + bootloader mode</a> and + <a href="/setup/build/running#unlocking-the-bootloader">unlock the + bootloader</a>.</li> + <li>Disable verify boot (AVB) by flashing <code>vbmeta.img</code>: +<pre class="prettyprint">$ fastboot flash vbmeta vbmeta.img</pre></li> + <li>Erase and flash the GSI to system partition: +<pre class="prettyprint"> +$ fastboot erase system +$ fastboot flash system system.img +</pre></li> + <li>Wipe userdata and clear other necessary partitions: +<pre class="prettyprint">$ fastboot -w</pre></li> + <li>Reboot: +<pre class="prettyprint">$ fastboot reboot</pre></li> +</ol> + +<h2 id="contributing-to-gsis">Contributing to GSIs</h2> + <p> -<em>** Could be added by request</em> + Android welcomes your contributions to GSI development. You can get involved + and help improve the GSI by: </p> - </body> + +<ul> + <li><strong>Creating a GSI patch</strong>. Because + <code><var>DESSERT</var>-gsi</code> is <strong>not</strong> a development + branch and accepts only cherrypicks from the AOSP master branch, to submit a + GSI patch, you must: + <ol> + <li>Submit the patch to the + <a href="https://android-review.googlesource.com" class="external">AOSP</a> + master branch.</li> + <li>Cherrypick the patch to <code><var>DESSERT</var>-gsi</code>.</li> + <li>File a bug to get the cherrypick reviewed.</li> + </ol> + </li> + <li><strong>Reporting GSI bugs</strong> or making other suggestions. Review + the instructions in + <a href="/setup/contribute/report-bugs#platform">Reporting Bugs</a>, then + browse or file GSI bugs (look for "Generic System Image" in the Platform + table).</li> +</ul> + +</body> </html> diff --git a/en/setup/develop/index.html b/en/setup/develop/index.html index a2c13acf..253f4759 100644 --- a/en/setup/develop/index.html +++ b/en/setup/develop/index.html @@ -63,7 +63,7 @@ In most situations, you can use Git instead of Repo, or mix Repo and Git commands to form complex commands. However, using Repo for basic across-network operations will make your work much simpler. For more details - on Repo, see the <a href="repo.html">Repo Command Reference</a>. + on Repo, see the <a href="/setup/develop/repo">Repo Command Reference</a>. </p> <h2 id="other-tools">Other tools</h2> @@ -180,8 +180,8 @@ <p> For information about using Repo to download source, see - <a href="../build/downloading.html">Downloading the Source</a> and the - <a href="repo.html">Repo Command Reference</a>. + <a href="/setup/build/downloading">Downloading the Source</a> and the + <a href="/setup/develop/repo">Repo Command Reference</a>. </p> <h3 id="synchronizing-clients">Synchronizing clients</h3> diff --git a/en/setup/start/brands.html b/en/setup/start/brands.html deleted file mode 100644 index c530e043..00000000 --- a/en/setup/start/brands.html +++ /dev/null @@ -1,157 +0,0 @@ -<html devsite> - <head> - <title>Brand Guidelines</title> - <meta name="project_path" value="/_project.yaml" /> - <meta name="book_path" value="/_book.yaml" /> - </head> - <body> - <!-- - Copyright 2017 The Android Open Source Project - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - --> - - - -<p>The "Android" name, the <img src="/setup/assets/images/sac_logo.png" -alt="Android" style="margin:0;padding:0 2px;vertical-align:baseline" /> logo, -the "Google Play" brand, and other trademarks are property of Google LLC and -not part of the assets available through the Android Open Source Project.</p> - -<p>If you are interested in using these brands to indicate their association -with your device, adhere to the guidelines on this page. These guidelines -correspond to and complement the -<a href="https://developer.android.com/distribute/tools/promote/brand.html">Brand -Guidelines for Android App Developers</a> and -<a href="https://www.google.com/permissions/">Google Brand Permissions</a>.</p> - -<h2 id="brand-android">Android</h2> - -<p>Here are manufacturer guidelines for the Android brand and related -assets.</p> - -<h3 id="text-android" style="clear:right">Android in text</h3> -<ul> - <li>Android™ should have a trademark symbol the first time it appears in - a creative.</li> - <li>"Android" should always be capitalized and is never plural or possessive. - </li> - <li>The use of “Android” on hardware, packaging or marketing materials of - device is restricted to - <a href="/compatibility/index.html">Android-compatible</a> devices - only.</li> - <li>“Android” should never be used in the name of your product or as the - primary or dominant mark on your packaging or device.</li> - <li>"Android” should be used only as a term to refer to the operating system - (OS) of your device. If you are unsure whether your use meets our guidelines, - follow this simple test: If you can replace "Android" with "the Android - platform" and the text still makes sense, then you may use this term. - <ul> - <li><span style="color:red">Incorrect</span>: "Android XBrand Phone"</li> - <li><span style="color:green">Correct</span>: "XBrand phone on Android"</li> - </ul> - </li> - <li>You may use “with Android” in plain black text with your logo. If used - with your logo, "with Android" should be no larger than 90% of your logo’s - size. First or most prominent instance of this use should be followed by a - ™ symbol.</li> - <li>Android may be used <em>only as a descriptor</em>, as long as it is - followed by a proper generic term. It cannot be framed as the product name or - brand of your device. - <ul> - <li><span style="color:red">Incorrect</span>: "Android XBrand Phone"</li> - <li><span style="color:green">Correct</span>: "Android mobile device"</li> - </ul> - <p><strong>Any use of the Android name must include this attribution in your - communication</strong>:</p> - <blockquote><em>Android is a trademark of Google LLC.</em></blockquote></p> - </li> -</ul> - -<h4>Acceptable examples</h4> -<img src="../images/JB-TM-example.png" alt="Jelly Bean trademark example" /> -<img src="../images/8100-TM-example.png" alt="8100 series trademark example" /> - -<h4>Unacceptable example</h4> -<img src="../images/XBrand-TM-example.jpg" alt="XBrand trademark example" /> - -<h3 id="logo-android">Android logo</h3> -<p>Unless expressly authorized by Google through written agreement, the Android -logo and custom typeface may not be used (with or without the Android robot).</p> -<img alt="No Logo" src="../images/android_logo_new_crossed_out.png"> -<img alt="No Logo" src="https://developer.android.com/images/brand/android_logo_no.png"> - -<h3 id="robot-android">Android robot</h3> - -<div class="wrap"> -<div class="col-4"> - <img alt="android-robot" style="float:left;margin-right:10px" src="../images/Android_Robot_100.png"> - <p style="padding-top:20px"> - <a href="https://developer.android.com/images/brand/Android_Robot_100.png">100x118</a><br> - <a href="https://developer.android.com/images/brand/Android_Robot_200.png">200x237</a><br> - <a href="https://developer.android.com/downloads/brand/Android_Robot_outlined.ai">Illustrator</a> - </p> -</div> -<div class="col-8"> -<p style="padding-top:20px">The Android robot can be used, reproduced, and -modified freely in marketing communications with proper attribution. For -details, refer to -<a href="https://developer.android.com/distribute/tools/promote/brand.html">App -Developers Brand Guidelines</a> and the -<a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons -license</a>.</p> -</div> -</div> - -<div class="wrap" style="padding-top:20px"> -<div class="col-4" style="align:center"> -<img alt="no-peace-robot" style="width:30%;height:30%" src="../images/No_PeaceBot_200.jpg"> -</div> -<div class="col-8"> -<p style="padding-top:20px">The Android Peace Robot or any variation of the -Android Peace Robot (such as the Android robot with a peace sign) may not be -used in partner marketing.</p> -</div> -</div> - -<div style="clear:both"></div> -<h2 id="brand-google_play">Google Play</h2> - -<p>Use of the “Google Play” name and the Google Play Store icon on the -packaging of the hardware, marketing materials of the hardware, or the hardware -itself is allowed only on devices -<a href="/setup/start/faqs.html#if-my-device-is-compatible-does-it-automatically-have-access-to-google-play-and-branding">licensed -to access Google Play</a>. For a list of devices licensed to use Google Play, -refer to -<a href="https://support.google.com/googleplay/answer/1727131">Supported -devices</a>.</p> - - -<h2>Other brands</h2> -<p><a href="https://www.android.com/auto/">Android Auto</a>, -<a href="https://www.android.com/tv/">Android TV</a>, and -<a href="https://www.android.com/wear/">Android Wear</a> are brands owned by -Google. These brands require Google proprietary software that runs on top of -Android and is available only through a license with Google. For information on -how to request a license, see -<a href="/compatibility/contact-us.html">Contact Us</a>. - -<h2 id="Questions">Questions</h2> - -<p>For additional brand usage information, contact the Android Partner -Marketing team by submitting the <a -href="https://support.google.com/googleplay/contact/brand_developer">Partner -Brand Inquiry Form</a>.</p> - - </body> -</html> diff --git a/en/setup/start/build-numbers.html b/en/setup/start/build-numbers.html index fbabe687..7f1408ef 100644 --- a/en/setup/start/build-numbers.html +++ b/en/setup/start/build-numbers.html @@ -240,6 +240,18 @@ following table. </thead> <tbody> <tr> + <td>PPR2.181005.003</td> + <td>android-9.0.0_r10</td> + <td>Pie</td> + <td>Pixel XL, Pixel, Pixel 2 XL, Pixel 2</td> + </tr> + <tr> + <td>PPR1.181005.003</td> + <td>android-9.0.0_r9</td> + <td>Pie</td> + <td>Pixel XL, Pixel</td> + </tr> + <tr> <td>PPR2.180905.006.A1</td> <td>android-9.0.0_r8</td> <td>Pie</td> @@ -282,6 +294,18 @@ following table. <td>Pixel 2 XL, Pixel 2, Pixel XL, Pixel</td> </tr> <tr> + <td>OPM8.181005.003</td> + <td>android-8.1.0_r48</td> + <td>Oreo</td> + <td>Pixel C</td> + </tr> + <tr> + <td>OPM7.181005.003</td> + <td>android-8.1.0_r47</td> + <td>Oreo</td> + <td>Nexus 5X and Nexus 6P</td> + </tr> + <tr> <td>OPM6.171019.030.K1</td> <td>android-8.1.0_r46</td> <td>Oreo</td> |