From 04c1f72d4c8ff2763c6961b6eae77a10abc00b66 Mon Sep 17 00:00:00 2001 From: Android Partner Docs Date: Tue, 21 Aug 2018 09:08:03 -0700 Subject: Docs: Changes to source.android.com - 209604809 Add note about dm-verity for low-ram devices where it onl... by Danielle Roberts - 209604691 Update August acknowledgements for CVE-2018-9441 by Danielle Roberts - 209486466 Add LEVEL_3 to Camera versioning by Kenneth Lau - 209486462 CL to update external severity ratings to the v6 severity... by Android Partner Docs - 209444238 Update _translation.yaml to exclude 2018 bulletins by Danielle Roberts - 209427959 Add arrow icon to external links in lists by Kenneth Lau - 209424658 Devsite localized content from translation request 968451. by Android Partner Docs - 209424637 Devsite localized content from translation request 968450. by Android Partner Docs - 209424628 Devsite localized content from translation request 966380. by Android Partner Docs - 209424625 Devsite localized content from translation request 964306. by Android Partner Docs - 209267798 Replaces gendered pronouns by a gender-neutral alternative. by Android Partner Docs - 209227647 Devsite localized content from translation request 965625. by Android Partner Docs - 209227634 Devsite localized content from translation request 957852. by Android Partner Docs - 209212984 Adding additional kernel configs by Heidi von Markham - 209202145 Fix typo by Kenneth Lau - 209200899 Change to external links by Kenneth Lau - 209199945 Add links to Wi-Fi Infrastructure Features by Kenneth Lau - 209197210 Update BiometricPrompt architecture diagram by Danielle Roberts - 209175201 Add missing method handle types to dex-format.html by Android Partner Docs - 209168733 Fix formatting issues by Kenneth Lau - 209045992 Remove "" typo that's causing localization to break by Danielle Roberts - 209045924 Remove "" typo that's causing localization to fail by Danielle Roberts - 209045830 Update header id that's causing localization failures by Danielle Roberts - 209042219 Update documentation for no more static java libraries. by Android Partner Docs - 209031438 Remove previously redirected landing pages by Clay Murphy - 209023482 Add a additional kernel requirement information for eBPF ... by Android Partner Docs - 209011451 Clarify documentation on conventions for method overloadi... by Android Partner Docs - 208971152 Create a BLE for Hearing Aids page on SAC. by Christina Nguyen - 208933222 Add "Matching AVB Version during OTA" section. by Android Partner Docs - 208891110 Update correct version for CTS 7.0_r24. Wrong version was... by Android Partner Docs - 208878378 Update CTS/CTS-Verifier downloads for CTS-Aug-2018 Releas... by Android Partner Docs - 208855756 Devsite localized content from translation request 965636. by Android Partner Docs - 208855746 Devsite localized content from translation request 964314. by Android Partner Docs - 208738524 Add version information by Kenneth Lau - 208733023 Update security researcher acknowledgements by Danielle Roberts - 208724203 Fix changelog links, messed up in last errata run. by Gina Dimino - 208723122 Add missing word "Android" by Android Partner Docs - 208700832 Devsite localized content from translation request 954736. by Android Partner Docs - 208688134 Devsite localized content from translation request 960242. by Android Partner Docs - 208688127 Devsite localized content from translation request 952102. by Android Partner Docs - 208672491 Fix file paths in immediate directory that were broken by... by Christina Nguyen - 208571761 Add Wi-Fi Infrastructure Features document by Kenneth Lau PiperOrigin-RevId: 209604809 Change-Id: If554e158c7c400736ca7722cce279231a53e0933 --- en/devices/architecture/hidl-java/index.html | 9 +- en/devices/architecture/hidl/versioning.html | 12 +- en/devices/architecture/kernel/config.html | 154 +++++++++++++++++-------- en/devices/architecture/vintf/dm.html | 2 +- en/devices/architecture/vintf/match-rules.html | 33 ++++++ 5 files changed, 150 insertions(+), 60 deletions(-) (limited to 'en/devices/architecture') diff --git a/en/devices/architecture/hidl-java/index.html b/en/devices/architecture/hidl-java/index.html index 45eefc7d..d56fd1cc 100644 --- a/en/devices/architecture/hidl-java/index.html +++ b/en/devices/architecture/hidl-java/index.html @@ -48,20 +48,19 @@ version 1.0 that is registered as service name foo-bar:

  • Add the following to Android.mk: -
    LOCAL_JAVA_LIBRARIES += android.hardware.foo-V1.0-java
    +
    LOCAL_STATIC_JAVA_LIBRARIES += android.hardware.foo-V1.0-java
    OR
  • Add the following to Android.bp: 
    -shared_libs: [
+static_libs: [
     /* … */
     "android.hardware.foo-V1.0-java",
 ],
    -The static version of the library is also available as -android.hardware.foo-V1.0-java-static.
    • +
  • Add the following to your Java file: @@ -117,7 +116,7 @@ stubs conform to the interface).

    -Lmakefile generates the rules that run this command at build time and allow you to include -android.hardware.foo-V1.0-java(-static)? and link against the +android.hardware.foo-V1.0-java and link against the appropriate files. A script that automatically does this for a project full of interfaces can be found at hardware/interfaces/update-makefiles.sh. The paths in this example are relative; hardware/interfaces can be a temporary diff --git a/en/devices/architecture/hidl/versioning.html b/en/devices/architecture/hidl/versioning.html index c67910d9..fe4ec95d 100644 --- a/en/devices/architecture/hidl/versioning.html +++ b/en/devices/architecture/hidl/versioning.html @@ -219,7 +219,7 @@ as a method parameter), use the fully-qualified type name:

    (e.g., android.hardware.nfc).
  • VERSION is the dot-separated major.minor-version format of the package (e.g., 1.0).
    • -
  • UDT is the the dot-separated name of a HIDL UDT. +
  • UDT is the dot-separated name of a HIDL UDT. Since HIDL supports nested UDTs and HIDL interfaces can contain UDTs (a type of nested declaration), dots are used to access the names.
    • @@ -656,10 +656,12 @@ enum Brightness : @1.0::Brightness { AUTOMATIC }; enum Color : @1.0::Brightness { HW_GREEN, RAINBOW }; -

    Unless a method warrants a new name, it should be named similarly to what it -is extending. For example, the method foo_1_1 in -@1.1::IFoo may replace the functionality of the foo -method in @1.0::IFoo.

    +

    If a method can have a new semantic name (for instance +fooWithLocation) then that is preferred. Otherwise, it should be +named similarly to what it is extending. For example, the method +foo_1_1 in @1.1::IFoo may replace the functionality +of the foo method in @1.0::IFoo if there is no better +alternative name.

    Package-level versioning

    HIDL versioning occurs at the package level; after a package is published, it diff --git a/en/devices/architecture/kernel/config.html b/en/devices/architecture/kernel/config.html index 49ae7e1d..94cba30d 100644 --- a/en/devices/architecture/kernel/config.html +++ b/en/devices/architecture/kernel/config.html @@ -5,6 +5,7 @@ + {% include "_versions.html" %} -

    Use the following configuration settings as a base for an Android kernel -configuration. Settings are organized into android-base, -android-base-<arch>, and android-recommended -.cfg files:

    +

    + Use the following configuration settings as a base for an Android kernel + configuration. Settings are organized into android-base, + android-base-ARCH, and + android-recommended .cfg files: +

      -
    • android-base. These options enable core Android features and -should be configured as specified by all devices.
      • -
    • android-base-<arch>. These options enable core Android -features and should be configured as specified by all devices of architecture -<arch>. Not all architectures have a corresponding file of -architecture-specific required options. If your architecture does not have a -file, it does not have any additional architecture-specific kernel configuration -requirements for Android.
      • -
    • android-recommended. These options enable advanced Android -features and are optional for devices.
      • +
    • android-base. These options enable core Android features and + should be configured as specified by all devices.
      • +
    • android-base-ARCH. These options enable core + Android features and should be configured as specified by all devices of + architecture ARCH. Not all architectures have a corresponding file + of architecture-specific required options. If your architecture does not have + a file, it does not have additional architecture-specific kernel configuration + requirements for Android.
      • +
    • android-recommended. These options enable advanced Android + features and are optional for devices.
    -

    These configuration files are located in the -kernel/configs -repo. Use the set of configuration files that corresponds to the version of the -kernel you are using.

    +

    + These configuration files are located in the + kernel/configs + repo. Use the set of configuration files that corresponds to the version of + the kernel you are using. +

    -

    For details on controls already undertaken to strengthen the kernel on your -devices, see System -and Kernel Security. For details on required settings, see the -Android Compatibility Definition -Document (CDD).

    +

    + For details on controls already undertaken to strengthen the kernel on your + devices, see System and + Kernel Security. For details on required settings, see the + Android Compatibility Definition Document + (CDD). +

    Generating kernel config

    -

    For devices that have a minimalist defconfig, you can use the -merge_config.sh script in the kernel tree to enable options:

    + +

    + For devices that have a minimalist defconfig, use the + merge_config.sh script in the kernel tree to enable options: +

    -ARCH=<arch> scripts/kconfig/merge_config.sh <...>/device_defconfig <...>/android-base.cfg <...>/android-base-<arch>.cfg <...>/android-recommended.cfg
+ARCH=ARCH scripts/kconfig/merge_config.sh <...>/device_defconfig <...>/android-base.cfg <...>/android-base-ARCH.cfg <...>/android-recommended.cfg
    -

    This generates a .config file you can use to save a new -defconfig or compile a new kernel with Android features enabled.

    +

    + This generates a .config file you can use to save a new + defconfig or compile a new kernel with Android features enabled. +

    + +

    Additional kernel config requirements

    + +

    + In some cases, the platform maintainer can choose from multiple kernel + features to satisfy an Android dependency. Such dependencies cannot be + expressed in the kernel config fragment files (described above) because the + format for those files does not support logical expressions. In Android + {{ androidPVersionNumber }}, + Compatibility Test Suite (CTS) and + Vendor Test Suite (VTS) verify the following + requirements are satisfied: +

    + +
      +
    • CONFIG_OF=y or CONFIG_ACPI=y
      • +
    • 4.4 and 4.9 kernels have CONFIG_ANDROID_LOW_MEMORY_KILLER=y + OR have both CONFIG_MEMCG=y and CONFIG_MEMCG_SWAP=y +
      • +
    • CONFIG_DEBUG_RODATA=y or + CONFIG_STRICT_KERNEL_RWX=y
      • +
    • CONFIG_DEBUG_SET_MODULE_RONX=y or + CONFIG_STRICT_MODULE_RWX=y
      • +
    • For ARM64 only: CONFIG_ARM64_SW_TTBR0_PAN=y or + CONFIG_ARM64_PAN=y
      • +
    + +

    + In addition, the CONFIG_INET_UDP_DIAG option must be set to + y for 4.9 kernels in Android {{ androidPVersionNumber }}. +

    Enabling USB host mode options

    -

    For USB host mode audio, enable the following options:

    +

    + For USB host mode audio, enable the following options: +

    + 
     CONFIG_SND_USB=y
 CONFIG_SND_USB_AUDIO=y
 # CONFIG_USB_AUDIO is for a peripheral mode (gadget) driver
    -

    For USB host mode MIDI, enable the following option:

    -
    -CONFIG_SND_USB_MIDI=y
-
    +

    + For USB host mode MIDI, enable the following option: +

    + +
    CONFIG_SND_USB_MIDI=y

    Seccomp-BPF with TSYNC

    -

    Seccomp-BPF is a kernel security technology that enables the creation of -sandboxes to restrict the system calls a process is allowed to make. The TSYNC -feature enables the use of Seccomp-BPF from multithreaded programs. This ability -is limited to architectures that have seccomp support upstream: ARM, ARM64, x86, -and x86_64.

    - -

    Backporting for Kernel 3.10 for ARM-32, X86, X86_64

    - -

    Ensure that CONFIG_SECCOMP_FILTER=y is enabled in the Kconfig -(verified as of the Android 5.0 CTS), then cherry-pick the following changes -from the AOSP kernel/common:android-3.10 repository: -9499cd23f9d05ba159fac6d55dc35a7f49f9ce76..a9ba4285aa5722a3b4d84888e78ba8adc0046b28 + +

    + Seccomp-BPF is a kernel security technology that enables the creation of + sandboxes to restrict the system calls a process is allowed to make. The + TSYNC feature enables the use of Seccomp-BPF from multithreaded programs. This + ability is limited to architectures that have seccomp support upstream (ARM, + ARM64, x86, and x86_64). +

    + +

    Backporting for kernel 3.10 for ARM-32, X86, +X86_64

    + +

    + Ensure CONFIG_SECCOMP_FILTER=y is enabled in the + Kconfig (verified as of the Android 5.0 CTS), then cherry-pick + the following changes from the + AOSP + kernel/common:android-3.10 repository:

      @@ -127,9 +179,13 @@ ARM: add seccomp syscall by Kees Cook

    Backporting for Kernel 3.10 for ARM-64

    -

    Ensure CONFIG_SECCOMP_FILTER=y is enabled in the Kconfig -(verified as of the Android 5.0 CTS), then cherry-pick the following changes -from the AOSP kernel/common:android-3.10 repository:

    + +

    + Ensure CONFIG_SECCOMP_FILTER=y is enabled in the + Kconfig (verified as of the Android 5.0 CTS), then cherry-pick + the following changes from the AOSP kernel/common:android-3.10 repository: +

    +
    • cfc7e99e9 arm64: Add __NR_* definitions for compat syscalls by JP Abgrall
      • diff --git a/en/devices/architecture/vintf/dm.html b/en/devices/architecture/vintf/dm.html index 091094dc..28884749 100644 --- a/en/devices/architecture/vintf/dm.html +++ b/en/devices/architecture/vintf/dm.html @@ -126,7 +126,7 @@ with. To bump the Target FCM Version of a device, vendors need to:

    • Modify HAL Versions in the device manifest file.
    • Modify the Target FCM Version in the device manifest file.
    • Remove deprecated HAL versions.
      • -
    • For devices launched with {{ androidPVersionNumber }} or older, cherry-pick +
    • For devices launched with Android {{ androidPVersionNumber }} or lower, cherry-pick these CLs before generating OTA update packages:
      • CL 722283
        • diff --git a/en/devices/architecture/vintf/match-rules.html b/en/devices/architecture/vintf/match-rules.html index dd79254b..b34b2190 100644 --- a/en/devices/architecture/vintf/match-rules.html +++ b/en/devices/architecture/vintf/match-rules.html @@ -4,6 +4,7 @@ + {% include "_versions.html" %}