diff options
| -rw-r--r-- | src/compatibility/android-cdd.html | 41 |
1 files changed, 19 insertions, 22 deletions
diff --git a/src/compatibility/android-cdd.html b/src/compatibility/android-cdd.html index fff34964..94b37748 100644 --- a/src/compatibility/android-cdd.html +++ b/src/compatibility/android-cdd.html @@ -3403,7 +3403,7 @@ sensor. If a device implementation does include a 3-axis accelerometer, it:</p> Android APIs [<a href="http://developer.android.com/reference/android/hardware/SensorEvent.html">Resources, 74</a>].</li> <li>MUST be capable of measuring from freefall up to four times the gravity (4g) or more on any axis.</li> - <li>MUST have a resolution of at least 8-bits and SHOULD have a resolution of at + <li>MUST have a resolution of at least 12-bits and SHOULD have a resolution of at least 16-bits.</li> <li>SHOULD be calibrated while in use if the characteristics changes over the life cycle and compensated, and preserve the compensation parameters between device @@ -3422,7 +3422,7 @@ dynamic or static condition.</li> TYPE_LINEAR_ACCELERATION composite sensors and SHOULD implement the TYPE_GAME_ROTATION_VECTOR composite sensor. Existing and new Android devices are STRONGLY RECOMMENDED to implement the TYPE_GAME_ROTATION_VECTOR sensor.</li> - <li>SHOULD implement a TYPE_ROTATION_VECTOR composite sensor, if a gyroscope sensor + <li>MUST implement a TYPE_ROTATION_VECTOR composite sensor, if a gyroscope sensor and a magnetometer sensor is also included.</li> </ul> @@ -3455,7 +3455,7 @@ while in use or during the production of the device.</li> <li>SHOULD have a standard deviation, calculated on a per axis basis on samples collected over a period of at least 3 seconds at the fastest sampling rate, no greater than 0.5 µT.</li> - <li>SHOULD implement a TYPE_ROTATION_VECTOR composite sensor, if an accelerometer + <li>MUST implement a TYPE_ROTATION_VECTOR composite sensor, if an accelerometer sensor and a gyroscope sensor is also included.</li> <li>MAY implement the TYPE_GEOMAGNETIC_ROTATION_VECTOR sensor if an accelerometer sensor is also implemented. However if implemented, it MUST consume less than @@ -3494,7 +3494,7 @@ parameters between device reboots.</li> or rad^2 / s). The variance is allowed to vary with the sampling rate, but must be constrained by this value. In other words, if you measure the variance of the gyro at 1 Hz sampling rate it should be no greater than 1e-7 rad^2/s^2.</li> - <li>SHOULD implement a TYPE_ROTATION_VECTOR composite sensor, if an accelerometer + <li>MUST implement a TYPE_ROTATION_VECTOR composite sensor, if an accelerometer sensor and a magnetometer sensor is also included.</li> <li>If an accelerometer sensor is included, MUST implement the TYPE_GRAVITY and TYPE_LINEAR_ACCELERATION composite sensors and SHOULD implement the @@ -4489,9 +4489,9 @@ Project provides an implementation that satisfies this requirement.</p> <h2 id="9_7_kernel_security_features">9.7. Kernel Security Features</h2> -<p>The Android Sandbox includes features that can use the Security-Enhanced Linux +<p>The Android Sandbox includes features that use the Security-Enhanced Linux (SELinux) mandatory access control (MAC) system and other security features in -the Linux kernel. SELinux or any other security features, if implemented below +the Linux kernel. SELinux or any other security features implemented below the Android framework:</p> <ul> @@ -4506,31 +4506,28 @@ unblocked security violation occurs resulting in a successful exploit.</li> affect another application (such as a Device Administration API), the API MUST NOT allow configurations that break compatibility.</p> -<p>Devices MUST implement SELinux or an equivalent mandatory access control system -if using a kernel other than Linux and meet the following requirements, which -are satisfied by the reference implementation in the upstream Android Open -Source Project.</p> +<p>Devices MUST implement SELinux or, if using a kernel other than Linux, an +equivalent mandatory access control system. Devices MUST also meet the +following requirements, which are satisfied by the reference implementation +in the upstream Android Open Source Project.</p> <p>Device implementations:</p> <ul> - <li>MUST support a SELinux policy that allows the SELinux mode to be set on a -per-domain basis, and MUST configure all domains in enforcing mode. No -permissive mode domains are allowed, including domains specific to a -device/vendor.</li> - <li>SHOULD load policy from /sepolicy file on the device.</li> + <li>MUST set SELinux to global enforcing mode.</li> + <li>MUST configure all domains in enforcing mode. No permissive mode domains +are allowed, including domains specific to a device/vendor.</li> <li>MUST NOT modify, omit, or replace the neverallow rules present within the -sepolicy file provided in the upstream Android Open Source Project (AOSP) and -the policy MUST compile with all neverallow present, for both AOSP SELinux +external/sepolicy folder provided in the upstream Android Open Source Project (AOSP) and +the policy MUST compile with all neverallow rules present, for both AOSP SELinux domains as well as device/vendor specific domains.</li> - <li>MUST support dynamic updates of the SELinux policy file without requiring a -system image update.</li> </ul> <p>Device implementations SHOULD retain the default SELinux policy provided in the -upstream Android Open Source Project, until they have first audited their -additions to the SELinux policy. Device implementations MUST be compatible with -the upstream Android Open Source Project.</p> +external/sepolicy folder of the upstream Android Open Source Project and only +further add to this policy for their own device-specific configuration. Device +implementations MUST be compatible with the upstream Android Open Source Project. +</p> <h2 id="9_8_privacy">9.8. Privacy</h2> |