From 28f304ca21458a83ae64be7bc253d66d64c6fe7d Mon Sep 17 00:00:00 2001
From: Android Partner Docs
Android 9 is the release of the development milestone code-named P. The source code for the following tests, including tests for instant apps, can be synced with the -'android-cts-9.0_r1' tag in the open-source tree.
+'android-cts-9.0_r2' tag in the open-source tree.Android 8.1 is the release of the development milestone code-named Oreo-MR1. The source code for the following tests can be synced with the -'android-cts-8.1_r8' tag in the open-source tree.
+'android-cts-8.1_r9' tag in the open-source tree.Android 8.0 is the release of the development milestone code-named Oreo. The source code for the following tests can be synced with the -'android-cts-8.0_r12' tag in the open-source tree.
+'android-cts-8.0_r13' tag in the open-source tree.Android 7.1 is the release of the development milestone code-named Nougat-MR1. The source code for the following tests can be synced with the -'android-cts-7.1_r20' tag in the open-source tree.
+'android-cts-7.1_r21' tag in the open-source tree.Android 7.0 is the release of the development milestone code-named Nougat. The source code for the following tests can be synced with the -'android-cts-7.0_r24' tag in the open-source tree.
+'android-cts-7.0_r25' tag in the open-source tree.Android 6.0 is the release of the development milestone code-named Marshmallow. The source code for the following tests can be synced with the -'android-cts-6.0_r31' tag in the open-source tree.
+'android-cts-6.0_r32' tag in the open-source tree.The Compatibility Test Suite (CTS) is a free, commercial-grade test suite, -available for download. The CTS represents the +available for download. The CTS represents the "mechanism" of compatibility.
The CTS runs on a desktop machine and executes test cases directly on @@ -40,17 +40,17 @@ development process.
The CTS is an automated testing harness that includes two major software components:
The CTS tradefed test harness runs on your desktop machine and manages test execution.
+The CTS tradefed test harness runs on your desktop machine and manages test execution.Individual test cases are executed on the Device Under Test (DUT). The test +Individual test cases are executed on the Device Under Test (DUT). The test cases are written in Java as JUnit tests and packaged as -Android .apk files to run on the actual device target.
+Android .apk files to run on the actual device target.The Compatibility Test Suite Verifier (CTS Verifier) is a supplement to the -CTS available for download. CTS Verifier +CTS available for download. CTS Verifier provides tests for APIs and functions that cannot be tested on a stationary device without manual input (e.g. audio quality, accelerometer, etc).
@@ -69,33 +69,35 @@ app.This diagram summarizes CTS workflow. Please refer to the subpages of this -section starting with Setup for detailed +section starting with Setup for detailed instructions.
The CTS includes the following types of test cases:
Unit tests test atomic units of code within the Android platform; e.g. a single class, such as java.util.HashMap.
+Unit tests test atomic units of code within the Android platform; +e.g. a single class, such as java.util.HashMap.Functional tests test a combination of APIs together in a higher-level use-case.
Future versions of the CTS will include the following types of test cases:
+Future versions of the CTS will include the following types of test cases:Robustness tests test the durability of the system under stress.
+Robustness tests test the durability of the system under stress.Performance tests test the performance of the system against defined benchmarks, for example rendering frames per second.
+Performance tests test the performance of the system against defined benchmarks, +for example rendering frames per second.0xFF
+ as the last data byte and have the respective status words and response
+ lengths for the following APDUs.
+
+ APDU | +Status word | +Response length (bytes) | +
---|---|---|
0x00C2080000 | +0x9000 | +2048 | +
0x00C4080002123400 | +0x9000 | +2048 | +
0x00C6080000 | +0x9000 | +2048 | +
0x00C8080002123400 | +0x9000 | +2048 | +
0x00C27FFF00 | +0x9000 | +2048 | +
0x00CF080000 | +0x9000 | +32767 | +
0x94C2080000 | +0x9000 | +2048 | +
0x9000
for
+ the given
APDU: 0x00F40000Android supports local on-device audio and remote off-device audio
over a wired 3.5 mm headset jack, USB connection, or Bluetooth.
Manufacturers should see the
What do you want to connect to your Android device? Alarm clock?
Keyboard? Thermostat? Robot? Learn how to connect existing equipment or
your own unique hardware to Android using the Android Open Accessory
diff --git a/en/devices/architecture/hidl/threading.html b/en/devices/architecture/hidl/threading.html
index 26c2cc12..fef555ad 100644
--- a/en/devices/architecture/hidl/threading.html
+++ b/en/devices/architecture/hidl/threading.html
@@ -112,7 +112,7 @@ concurrently with future calls from the client (unless the server threadpool has
only one thread). In addition to synchronous callbacks,
The client can optionally set bit
At the time AudioFlinger creates a normal mixer thread, it decides
diff --git a/en/devices/input/input-device-configuration-files.html b/en/devices/input/input-device-configuration-files.html
index 97234ab0..c99d1f7c 100644
--- a/en/devices/input/input-device-configuration-files.html
+++ b/en/devices/input/input-device-configuration-files.html
@@ -106,7 +106,7 @@ touch.orientationAware = 1
# Additional calibration properties...
# etc...
- The following property is common to all input device classes. Refer to the documentation of each input device class for information about the
special properties used by each class. The system provides a special built-in generic key layout file called
A key layout file is a plain text file consisting of key or axis declarations
and flags. Key declarations consist of the keyword Axis declarations each consist of the keyword A basic axis simply maps a Linux axis code to an Android axis code name. The
following declaration maps In the above example, if the value of A split axis maps a Linux axis code to two Android axis code names, such that
values less than or greater than a threshold are split across two different axes
when mapped. This mapping is useful when a single physical axis reported by the
@@ -130,7 +130,7 @@ of An inverted axis inverts the sign of the axis value. The following
declaration maps In the above example, if the value of A joystick device may report input events even when the joystick is not being used, due to noise.
This noise typically comes from the left and/or right sticks, and causes the driver to report
a position value near 0.
@@ -200,7 +200,7 @@ key 14 DEL
# etc...
- The input system provides special features for implementing virtual soft keys
in the following use cases:
-In addition to standard public native libraries, vendors may choose to provide
-additional native libraries accessible to apps by putting them under the
- The library folders are: The .txt files are:
+ Native libraries in the
+ Native libraries that are part of AOSP MUST NOT be made public (except the standard
+ public native libraries which are public by default). Only the additional libraries added by
+ silicon vendors or device manufacturers can be made accessible to apps.
diff --git a/en/devices/tech/display/adaptive-icons.html b/en/devices/tech/display/adaptive-icons.html
index 5d74b10c..31770a3a 100644
--- a/en/devices/tech/display/adaptive-icons.html
+++ b/en/devices/tech/display/adaptive-icons.html
@@ -109,7 +109,7 @@
class="prettyprint">public class Icon extends Parceleable {
method public Bitmap createWithAdaptiveBitmap();
}
-
Nothing needs to be done to render the static adaptive icons on any of the
System UI surfaces. When PackageManager returns a drawable, simply bind that to
@@ -131,7 +131,7 @@
A recommended manual test case can be found at:
platform/development/samples/AdaptiveIconSample/.
Known issues include the following:
The self-trusted-old-certs data structure is constructed by adding flags to each
-node indicating its membership, and properties, in the set. For example, a flag
+node indicating its membership and properties in the set. For example, a flag
may be present indicating that the signing certificate at a given node is
-trusted for obtaining Android signature permissions, so that other apps which
-are signed by it still may be granted that permission, even though they are now
-behind the defining app. Because the whole proof-of-rotation attribute resides
-in the signed data section of the v3
This format precludes multiple signing keys
@@ -192,7 +192,7 @@ ordering becomes a concern. What's more, it is no longer possible to sign APKs
independently, because the proof-of-rotation structure must have the old signing
certs signing the new set of certs, rather than signing them one-by-one. For
example, an APK signed by key A that wishes to be signed by two new keys B and C
-could not have the B signer just include a signature by A of B, because that is
+could not have the B signer just include a signature by A or B, because that is
a different signing identity than B and C. This would mean that the signers must
coordinate before building up such a struct.
Published October 1, 2018 | Updated October 1, 2018
+The Android Security Bulletin contains details of security vulnerabilities
+affecting Android devices. Security patch levels of 2018-10-05 or later address
+all of these issues. To learn how to check a device's security patch level, see
+Check and update your Android version.
+
+Android partners are notified of all issues at least a month before
+publication. Source code patches for these issues have been released to the
+Android Open Source Project (AOSP) repository and linked from this bulletin.
+This bulletin also includes links to patches outside of AOSP.
+The most severe of these issues is a critical security vulnerability in
+Framework that could enable a remote attacker using a specially crafted file
+to execute arbitrary code within the context of a privileged process. The
+severity
+assessment is based on the effect that exploiting the vulnerability would
+possibly have on an affected device, assuming the platform and service
+mitigations are turned off for development purposes or if successfully bypassed.
+
+We have had no reports of active customer exploitation or abuse of these newly
+reported issues. Refer to the
+Android and Google Play Protect mitigations
+section for details on the
+Android security platform protections
+and Google Play Protect, which improve the security of the Android platform.
+
+Note: Information on the latest over-the-air update (OTA) and
+firmware images for Google devices is available in the
+October 2018
+Pixel / Nexus Security Bulletin.
+
+This is a summary of the mitigations provided by the
+Android security platform
+and service protections such as
+Google Play
+Protect. These capabilities reduce the likelihood that security
+vulnerabilities could be successfully exploited on Android.
+
+In the sections below, we provide details for each of the security
+vulnerabilities that apply to the 2018-10-01 patch level. Vulnerabilities are
+grouped under the component they affect. There is a description of the
+issue and a table with the CVE, associated references,
+type of vulnerability,
+severity,
+and updated AOSP versions (where applicable). When available, we link the public
+change that addressed the issue to the bug ID, such as the AOSP change list. When
+multiple changes relate to a single bug, additional references are linked to
+numbers following the bug ID.
+ The most severe vulnerability in this section could enable a remote attacker
+using a specially crafted file to execute arbitrary code within the context of
+a privileged process. The most severe vulnerability in this section could enable a remote attacker
+using a specially crafted file to execute arbitrary code within the context of
+a privileged process. The most severe vulnerability in this section could enable a proximate
+attacker to execute arbitrary code within the context of a privileged
+process.
+In the sections below, we provide details for each of the security
+vulnerabilities that apply to the 2018-10-05 patch level. Vulnerabilities are
+grouped under the component they affect and include details such as the
+CVE, associated references, type of vulnerability,
+severity,
+component (where applicable), and updated AOSP versions (where applicable). When
+available, we link the public change that addressed the issue to the bug ID,
+such as the AOSP change list. When multiple changes relate to a single bug,
+additional references are linked to numbers following the bug ID.
+ The most severe vulnerability in this section could enable a local malicious
+application to execute arbitrary code within the context of a privileged
+process. This section answers common questions that may occur after reading this
+bulletin. 1. How do I determine if my device is updated to address these
+issues? To learn how to check a device's security patch level, see
+Check and update your Android version. Device manufacturers that include these updates should set the patch string
+level to: 2. Why does this bulletin have two security patch levels?
+This bulletin has two security patch levels so that Android partners have the
+flexibility to fix a subset of vulnerabilities that are similar across all
+Android devices more quickly. Android partners are encouraged to fix all issues
+in this bulletin and use the latest security patch level.
+
+Partners are encouraged to bundle the fixes for all issues they are addressing
+in a single update.
+
+3. What do the entries in the Type column mean?
+
+Entries in the Type column of the vulnerability details table
+reference the classification of the security vulnerability.
+
+4. What do the entries in the References column mean?
+
+Entries under the References column of the vulnerability details table
+may contain a prefix identifying the organization to which the reference value
+belongs.
+
+5. What does a * next to the Android bug ID in the References
+column mean?
+
+Issues that are not publicly available have a * next to the Android bug ID in
+the References column. The update for that issue is generally
+contained in the latest binary drivers for Pixel / Nexus devices
+available from the
+Google
+Developer site.
+
+6. Why are security vulnerabilities split between this bulletin and
+device / partner security bulletins, such as the
+Pixel / Nexus bulletin?
+
+Security vulnerabilities that are documented in this security bulletin are
+required to declare the latest security patch level on Android
+devices. Additional security vulnerabilities that are documented in the
+device / partner security bulletins are not required for
+declaring a security patch level. Android device and chipset manufacturers are
+encouraged to document the presence of other fixes on their devices through
+their own security websites, such as the
+Samsung,
+LGE, or
+Pixel / Nexus security bulletins.
+ Published October 1, 2018
+The Pixel / Nexus Security Bulletin contains details of security
+vulnerabilities and functional improvements affecting supported Google Pixel and Nexus devices (Google devices).
+For Google devices, security patch levels of 2018-10-05 or later address all
+issues in this bulletin and all issues in the October 2018 Android Security
+Bulletin. To learn how to check a device's security patch level, see Check & update your Android version.
+
+All supported Google devices will receive an update to the 2018-10-05 patch
+level. We encourage all customers to accept these updates to their devices.
+
+Note: The Google device firmware images are available on the
+Google
+Developer site.
+ There are no Pixel or Nexus security patches in the October 2018 Pixel / Nexus
+ Security Bulletin.
+
+These updates are included for affected Pixel devices to address functionality
+issues not related to the security of Pixel devices. The table includes
+associated references; the affected category, such as Bluetooth or mobile data;
+improvements; and affected devices.
+
+This section answers common questions that may occur after reading this
+bulletin.
+
+1. How do I determine if my device is updated to address these issues?
+
+
+Security patch levels of 2018-10-05 or later address all issues associated with
+the 2018-10-05 security patch level and all previous patch levels. To learn how
+to check a device's security patch level, read the instructions on the Pixel and Nexus update schedule.
+
+2. What do the entries in the Type column mean?
+
+Entries in the Type column of the vulnerability details table reference
+the classification of the security vulnerability.
+
+3. What do the entries in the References column mean?
+
+Entries under the References column of the vulnerability details table
+may contain a prefix identifying the organization to which the reference value
+belongs.
+
+4. What does a * next to the Android bug ID in the References
+column mean?
+
+Issues that are not publicly available have a * next to the Android bug ID in
+the References column. The update for that issue is generally contained
+in the latest binary drivers for Pixel / Nexus devices available
+from the Google Developer site.
+
+5. Why are security vulnerabilities split between this bulletin and the
+Android Security Bulletins?
+
+Security vulnerabilities that are documented in the Android Security Bulletins
+are required to declare the latest security patch level on Android
+devices. Additional security vulnerabilities, such as those documented in this
+bulletin are not required for declaring a security patch level.
+ In 2018, the security acknowledgements are listed by month. In prior years,
acknowledgements were listed together.
-This document describes the Generic System Image (GSI) for Android 9, including
-details on the differences between GSIs for devices launching with Android 9 and
-devices upgrading to Android 9.
+ A generic system image (GSI) is a system image with adjusted configurations
+ for Android devices. It is considered a "pure Android" implementation with
+ unmodified Android Open Source Project (AOSP) code that any Android device
+ should be able to run successfully.
+ The content in a GSI does not depend on the vendor image. To verify GSI
+ independence, the system image of an Android device is replaced with a GSI
+ then tested thoroughly with the Vendor Test
+ Suite (VTS) and the Compatibility Test Suite
+ (CTS). Similarly, you can use a GSI in place of your own system image
+ to verify your Android device implements vendor interfaces correctly.
+
+ The goal of a GSI is to offer a specific, universal configuration for all
+ Android devices while allowing for variances between different vendor devices.
+ The current GSI is based on Android {{ androidPVersionNumber }}.
+
+ The current GSI has the following configuration:
+
+ The current GSI includes following major variances:
+
-Android 9 supports the following GSIs:
+ The GSI type is determined by the Android version the device launches with.
+ Android {{ androidPVersionNumber }} supports the following GSIs:
-All GSIs are built from the Android 9 codebase.
+ All GSIs are built from the Android {{ androidPVersionNumber }} codebase. As
+ Legacy GSI support depends on the vendor interface implementation of the
+ device, not all devices launching with Android 8.0 or Android 8.1 can use the
+ Legacy GSI. For details, see
+ Vendor binaries and VNDK
+ dependencies.
-Devices launching with Android 9 must use P GSIs, which include the following
-major changes from earlier GSIs:
-
-To test devices launching with Android 9 with cts-on-gsi, use the build targets for P GSI.
+ Devices launching with Android {{ androidPVersionNumber }} must use Android
+ {{ androidPVersionNumber }} GSIs, which include the following major changes
+ from earlier GSIs:
-Devices upgrading to Android 9 can use Legacy GSI product named with suffix
-
-Legacy GSIs are build from the Android 9 source tree but contain the following
-backward compatible configurations for upgraded devices:
-
-To test devices upgrading to Android 9 with cts-on-gsi, use the build targets for Legacy GSI.
+ Devices upgrading to Android {{ androidPVersionNumber }} can use Legacy GSI
+ product named with suffix
-Note: If a pre-Android 9 device implements the Android 9 vendor
-interface and meets all requirements introduced in Android 9, don't use the
-Legacy GSIs; instead use P GSIs for VTS and cts-on-gsi.
+ Legacy GSIs are build from the Android {{ androidPVersionNumber }} source
+ tree but contain the following backward-compatible configurations for upgraded
+ devices:
-In earlier versions of Android, devices implementing Keymaster 3 or earlier were
-required to verify the version info (
-In Android 9, this requirement has changed for vendors to boot GSI: The
-Keymaster should not perform verification since the version info reported by the
-GSI may not match the version info reported by vendor's bootloader. For devices
-implementing Keymaster 3 or earlier, vendors must modify the Keymaster
-implementation to skip verification (or upgrade to Keymaster 4).
+ In earlier versions of Android, devices implementing Keymaster 3 or lower were
+ required to verify the version info (
-For details on Keymaster, refer to Hardware-backed
-Keystore on source.android.com.
+ In Android {{ androidPVersionNumber }}, this requirement has changed to enable
+ vendors to boot a GSI. Specifically, Keymaster should not perform verification
+ since the version info reported by the GSI may not match the version info
+ reported by vendor's bootloader. For devices implementing Keymaster 3 or
+ lower, vendors must modify the Keymaster implementation to skip verification
+ (or upgrade to Keymaster 4). For details on Keymaster, refer to
+ Hardware-backed Keystore.
-Devices upgrading to Android 9 have different upgrade paths depending on the
-version of vendor binaries in use on the device and the VNDK-related
-configurations used to build the device.
-
-The following table summarizes the Legacy GSI support for upgraded devices:
+ Devices upgrading to Android {{ androidPVersionNumber }} have different
+ upgrade paths depending on the version of vendor binaries in use on the device
+ and the VNDK-related configurations used to build the device. The following
+ table summarizes the Legacy GSI support for upgraded devices:
-The most common supported use case is #2, where the Legacy GSI supports devices
-running 8.1 that were built with
-The two unsupported use cases are #1.a and #1.b, where the Legacy GSI does NOT
-support devices running 8.1 that were not built with
-
-To make these devices compatible with the Legacy GSI, vendors must do one of the
-following:
-
-Use the following build target tables to determine the correct GSI version for
-your device.
+ Starting with Android {{ androidPVersionNumber }}, each Android version has a
+ GSI branch named
+ To build a GSI, set up the Android source tree by
+ downloading from a GSI branch and
+ choosing a GSI build
+ target. Use the build target tables below to determine the correct GSI
+ version for your device. After the build completes, the GSI is the system
+ image (e.g.
-The following P GSI build targets are for devices launching with Android 9. (Due
-to a reduction in variances between architectures, Android 9 includes only four
-GSI products).
+
+
+ Example: The following commands build the Legacy GSI build target
+
+ The following GSI build targets are for devices launching with Android
+ {{ androidPVersionNumber }}. Due to a reduction in variances between
+ architectures, Android {{ androidPVersionNumber }} includes only four GSI
+ products.
+
-The following Legacy GSI build targets are for devices upgrading to Android 9.
-Legacy GSI names include the suffix
** Could be added by request
-
-Note: These build targets will likely be removed in a future
-version of Android.
+ Android devices can have different designs, so no single command or set of
+ instructions for flashing a GSI to a specific device is possible. Use the
+ following general steps as guidelines:
-Android 8.1 GSIs support eight normal products (bolded in the
-table) and one special product built from Android 8.1 source tree.
+ For example, to flash a GSI to a Pixel 2 device:
-** Could be added by request
+ Android welcomes your contributions to GSI development. You can get involved
+ and help improve the GSI by:
Custom Accessories
+ Custom accessories
oneway
calls from a
-single-threadedclient may be handled concurrently by a server with multiple
+single-threaded client may be handled concurrently by a server with multiple
threads in its threadpool, but only if those oneway
calls are
executed on different interfaces. oneway
calls on the same
interface are always serialized.libhidltransport
's method
diff --git a/en/devices/audio/latency/design.html b/en/devices/audio/latency/design.html
index 59ab47e0..acbcc382 100644
--- a/en/devices/audio/latency/design.html
+++ b/en/devices/audio/latency/design.html
@@ -34,7 +34,7 @@ SoC vendors implement the design correctly on their particular devices
and chipsets. This article is not intended for application developers.
-Track Creation
+Track creation
AUDIO_OUTPUT_FLAG_FAST
in the
@@ -83,7 +83,7 @@ If the client's request was accepted, it is called a "fast track."
Otherwise it's called a "normal track."
Mixer Threads
+Mixer threads
Common Properties
+Common properties
Generic Key Layout File
+Generic key layout file
Generic.kl
. This key layout is intended to support a variety of
standard external keyboards and joysticks. Do not modify the generic key
@@ -71,7 +71,7 @@ layout!Key Declarations
+Key declarations
key
followed by a Linux
key code number and Android key code name, or the keyword usage followed by a
HID usage and Android key code name. The HID usage is represented as a 32-bit
@@ -95,12 +95,12 @@ adjacent to the main touch screen. This causes special debouncing logic to be
enabled (see below).
-Axis Declarations
+Axis declarations
axis
followed by a
Linux axis code number and qualifiers that control the behavior of the axis
including at least one Android axis code name.Basic Axes
+Basic axes
ABS_X
(indicated by 0x00
)
to AXIS_X
(indicated by X
).ABS_X
is 5
then AXIS_X
is set to 5
.Split Axes
+Split axes
ABS_Y
is 0x83
then AXIS_GAS
is set to
the split value of 0x7f
then both AXIS_GAS
and
AXIS_BRAKE
are set to 0
.Inverted Axes
+Inverted axes
ABS_RZ
(indicated by 0x05
) to
AXIS_BRAKE
(indicated by BRAKE
), and inverts the
@@ -141,7 +141,7 @@ axis 0x05 invert BRAKE
ABS_RZ
is 2
then AXIS_BRAKE
is set to -2
.Center Flat Option
+Center flat option
System Controls
+System controls
# This is an example of a key layout file for basic system controls,
# such as volume and power keys which are typically implemented as GPIO pins
@@ -211,7 +211,7 @@ key 115 VOLUME_UP
key 116 POWER
-Capacitive Buttons
+Capacitive buttons
# This is an example of a key layout file for a touch device with capacitive buttons.
@@ -221,7 +221,7 @@ key 158 BACK VIRTUAL
key 217 SEARCH VIRTUAL
-Headset Jack Media Controls
+Headset jack media controls
# This is an example of a key layout file for headset mounted media controls.
# A typical headset jack interface might have special control wires or detect known
@@ -269,7 +269,7 @@ axis 0x10 HAT_X
axis 0x11 HAT_Y
-Virtual Soft Keys
+Virtual soft keys
diff --git a/en/devices/tech/config/namespaces_libraries.html b/en/devices/tech/config/namespaces_libraries.html
index 1e94bf1b..5dae4b07 100644
--- a/en/devices/tech/config/namespaces_libraries.html
+++ b/en/devices/tech/config/namespaces_libraries.html
@@ -54,11 +54,43 @@ with
libpng
).
libraries
/vendor
library folder (/vendor/lib for 32 bit libraries and,
-/vendor/lib64 for 64 bit) and listing them in:
-/vendor/etc/public.libraries.txt
+In addition to standard public native libraries, silicon vendors (starting from Android 7.0) and
+device manufactures (starting from Android 9) may choose to provide additional native libraries
+accessible to apps by putting them under the respective library folders and explicitly listing them
+in .txt files.
+
+
/vendor/lib
(for 32-bit) and /vendor/lib64
(for 64-bit)
+ for libraries from silicon vendors/system/lib
(for 32-bit) and /system/lib64
(for 64-bit)
+ for libraries from device manufacturers
+
+
+
+
+/vendor/etc/public.libraries.txt
for libraries from silicon vendors/system/etc/public.libraries-COMPANYNAME.txt
for libraries from device manufacturers,
+ where COMPANYNAME
refers to a name of the manufacturer (such as
+ awesome.company
). COMPANYNAME
should match with
+ [A-Za-z0-9_.-]+
; alphanumeric characters, _, . (dot) and -. It is possible to
+ have multiple such .txt files in a device if some libraries are from external solution
+ providers.
+system
partition that are made public by device manufacturers
+ MUST be named lib*COMPANYNAME.so
, e.g., libFoo.awesome.company.so
.
+ In other words, libFoo.so
without the company name suffix MUST NOT be made public.
+ The COMPANYNAME
in the library file name MUST match with the COMPANYNAME
in the
+ txt file name in which the library name is listed.
+Reference Implementation
+ Reference implementation
Known Issues
+ Known issues
diff --git a/en/devices/tech/health/deprecation.md b/en/devices/tech/health/deprecation.md
index fcaf711f..9a31cd5b 100644
--- a/en/devices/tech/health/deprecation.md
+++ b/en/devices/tech/health/deprecation.md
@@ -49,21 +49,21 @@ To do so:
1. Remove `healthd` and `healthd.rc` from the system image by adding the
following line to the device-specific implementation in Soong:
- ```
- cc_binary {
- name: "android.hardware.health@2.0-service.device_name"
- overrides: ["healthd"],
- // ...
- }
- ```
-
- Or, if the module is in Make:
-
- ```yaml
- LOCAL_MODULE_NAME := \
- android.hardware.health@2.0-service.device_name
- LOCAL_OVERRIDES_MODULES := healthd
- ```
+ ```
+ cc_binary {
+ name: "android.hardware.health@2.0-service.device_name"
+ overrides: ["healthd"],
+ // ...
+ }
+ ```
+
+ Or, if the module is in Make:
+
+ ```yaml
+ LOCAL_MODULE_NAME := \
+ android.hardware.health@2.0-service.device_name
+ LOCAL_OVERRIDES_MODULES := healthd
+ ```
If the default implementation `android.hardware.health@2.0-service` is
installed, implement a device-specific
diff --git a/en/devices/tech/settings/info-architecture.html b/en/devices/tech/settings/info-architecture.html
index d0f027de..48f74bfe 100644
--- a/en/devices/tech/settings/info-architecture.html
+++ b/en/devices/tech/settings/info-architecture.html
@@ -103,7 +103,7 @@ single host fragment and multiple setting controllers.
DashboardFragment
is the host of plugin-style preference controllers.
The fragment inherits from PreferenceFragment
and has hooks to
-inflate and update both static preference lists and dynamic preference lists.
+expand and update both static preference lists and dynamic preference lists.
Static preferences
diff --git a/en/security/_toc-bulletins.yaml b/en/security/_toc-bulletins.yaml
index 6363024c..b3f51c04 100644
--- a/en/security/_toc-bulletins.yaml
+++ b/en/security/_toc-bulletins.yaml
@@ -11,6 +11,8 @@ toc:
section:
- title: 2018 Bulletins
section:
+ - title: October
+ path: /security/bulletin/2018-10-01
- title: September
path: /security/bulletin/2018-09-01
- title: August
@@ -107,6 +109,8 @@ toc:
path: /security/bulletin/pixel/index
- title: 2018 Bulletins
section:
+ - title: October
+ path: /security/bulletin/pixel/2018-10-01
- title: September
path: /security/bulletin/pixel/2018-09-01
- title: August
diff --git a/en/security/_translation.yaml b/en/security/_translation.yaml
index 67867a6b..858045e0 100644
--- a/en/security/_translation.yaml
+++ b/en/security/_translation.yaml
@@ -1,6 +1,6 @@
ignore_paths:
- /security/bulletin/...
-enable_continuous_translation: True
+enable_continuous_translation: true
title: Android Open Source Project Security tab
description: Translations for SAC Security tab
language:
diff --git a/en/security/apksigning/v3.html b/en/security/apksigning/v3.html
index e5b85947..f15428e6 100644
--- a/en/security/apksigning/v3.html
+++ b/en/security/apksigning/v3.html
@@ -139,13 +139,13 @@ should be as trusted as the older key(s).
signer
field, it is protected
-by the key used to sign the containing apk.
+trusted for obtaining Android signature permissions. This flag allows other apps
+signed by the older certificate to still be granted a signature permission
+defined by an app signed with the new signing certificate. Because the whole
+proof-of-rotation attribute resides in the signed data section of the v3
+signer
field, it is protected by the key used to sign the containing apk.
EoP
High
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
@@ -159,7 +159,7 @@ href="https://android.googlesource.com/platform/frameworks/base/+/623b2b604c4ffc
class="external">A-109824443
EoP
High
- 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9470
@@ -168,7 +168,7 @@ href="https://android.googlesource.com/platform/external/neven/+/86a561f79f97baa
class="external">A-78290481
EoP
High
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
@@ -236,7 +236,7 @@ href="https://android.googlesource.com/platform/frameworks/base/+/586b9102f32273
class="external">A-77600398
CVE-2018-9471
@@ -177,7 +177,7 @@ href="https://android.googlesource.com/platform/frameworks/base/+/eabaff1c7f0290
class="external">A-77599679
EoP
High
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
EoP
High
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
@@ -278,7 +278,7 @@ href="https://android.googlesource.com/platform/system/bt/+/43cd528a444d0cc5bbf3
class="external">A-79266386
CVE-2018-9440
@@ -248,7 +248,7 @@ href="https://android.googlesource.com/platform/frameworks/av/+/2870acaa4c58cf59
class="external">2]
DoS
Moderate
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
EoP
Critical
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9478
@@ -287,7 +287,7 @@ href="https://android.googlesource.com/platform/system/bt/+/68688194eade113ad316
class="external">A-79217522
EoP
Critical
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9479
@@ -296,7 +296,7 @@ href="https://android.googlesource.com/platform/system/bt/+/68688194eade113ad316
class="external">A-79217770
EoP
Critical
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9456
@@ -323,7 +323,7 @@ href="https://android.googlesource.com/platform/system/bt/+/75c22982624fb530bc1d
class="external">A-109757168
ID
High
- 8.0, 8.1, 9.0
+ 8.0, 8.1, 9
CVE-2018-9481
@@ -332,7 +332,7 @@ href="https://android.googlesource.com/platform/system/bt/+/75c22982624fb530bc1d
class="external">A-109757435
ID
High
- 8.0, 8.1, 9.0
+ 8.0, 8.1, 9
CVE-2018-9482
@@ -341,7 +341,7 @@ href="https://android.googlesource.com/platform/system/bt/+/75c22982624fb530bc1d
class="external">A-109757986
ID
High
- 8.0, 8.1, 9.0
+ 8.0, 8.1, 9
CVE-2018-9483
@@ -350,7 +350,7 @@ href="https://android.googlesource.com/platform/system/bt/+/d3689fb0ddcdede16c13
class="external">A-110216173
ID
High
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9484
@@ -359,7 +359,7 @@ href="https://android.googlesource.com/platform/system/bt/+/d5b44f6522c3294d6f5f
class="external">A-79488381
ID
High
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9485
@@ -368,7 +368,7 @@ href="https://android.googlesource.com/platform/system/bt/+/bdbabb2ca4ebb4dc5971
class="external">A-80261585
ID
High
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9486
@@ -377,7 +377,7 @@ href="https://android.googlesource.com/platform/system/bt/+/bc6aef4f29387d07e0c6
class="external">A-80493272
ID
High
- 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9.0
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9487
@@ -386,7 +386,7 @@ href="https://android.googlesource.com/platform/frameworks/base/+/cf6784bfbf713a
class="external">A-69873852
DoS
High
- 8.0, 8.1, 9.0
+ 8.0, 8.1, 9
@@ -425,7 +425,7 @@ href="https://android.googlesource.com/platform/system/libhidl/+/93484b9b015d47c
class="external">A-79376389
CVE-2018-9488
@@ -395,7 +395,7 @@ href="https://android.googlesource.com/platform/system/sepolicy/+/d4e094e2b1a47c
class="external">A-110107376
EoP
Moderate
- 8.0, 8.1, 9.0
+ 8.0, 8.1, 9
RCE
Critical
- 8.0, 8.1, 9.0
+ 8.0, 8.1, 9
diff --git a/en/security/bulletin/2018-10-01.html b/en/security/bulletin/2018-10-01.html
new file mode 100644
index 00000000..53b700fd
--- /dev/null
+++ b/en/security/bulletin/2018-10-01.html
@@ -0,0 +1,550 @@
+
+
+ CVE-2018-9427
@@ -434,7 +434,7 @@ href="https://android.googlesource.com/platform/frameworks/av/+/29d991fac25b261a
class="external">A-77486542
RCE
Critical
- 8.0, 8.1, 9.0
+ 8.0, 8.1, 9
Android and Google service mitigations
+
+
+2018-10-01 security patch level vulnerability details
+Framework
+
+
+
+
+
+
+ CVE
+ References
+ Type
+ Severity
+ Updated AOSP versions
+
+
+ CVE-2018-9490
+ A-111274046
+ [2]
+ EoP
+ Critical
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9491
+ A-111603051
+ RCE
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9492
+ A-111934948
+ EoP
+ High
+ 8.0, 8.1, 9
+
+
+ CVE-2018-9493
+ A-111085900
+ [2]
+ [3]
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+CVE-2018-9452
+ A-78464361
+ [2]
+ DoS
+ Moderate
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+ Media framework
+
+
+
+
+
+
+ CVE
+ References
+ Type
+ Severity
+ Updated AOSP versions
+
+
+ CVE-2018-9473
+ A-65484460
+ RCE
+ Critical
+ 8.0
+
+
+ CVE-2018-9496
+ A-110769924
+ RCE
+ Critical
+ 9
+
+
+ CVE-2018-9497
+ A-74078669
+ RCE
+ Critical
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9498
+ A-78354855
+ RCE
+ Critical
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1
+
+
+CVE-2018-9499
+ A-79218474
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+ System
+
+
+
+
+
+
+ CVE
+ References
+ Type
+ Severity
+ Updated AOSP versions
+
+
+ CVE-2017-13283
+ A-78526423
+ RCE
+ Critical
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9476
+ A-109699112
+ EoP
+ Critical
+ 8.0, 8.1
+
+
+ CVE-2018-9504
+ A-110216176
+ RCE
+ Critical
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9501
+ A-110034419
+ EoP
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9502
+ A-111936792
+ [2]
+ [3]
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9503
+ A-80432928
+ [2]
+ [3]
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9505
+ A-110791536
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9506
+ A-111803925
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9507
+ A-111893951
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9508
+ A-111936834
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1
+
+
+ CVE-2018-9509
+ A-111937027
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+ CVE-2018-9510
+ A-111937065
+ ID
+ High
+ 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
+
+
+CVE-2018-9511
+ A-111650288
+ DoS
+ High
+ 9
+ 2018-10-05 security patch level vulnerability details
+Kernel components
+
+
+
+
+
+ CVE
+ References
+ Type
+ Severity
+ Component
+
+
+ CVE-2018-9513
+ A-111081202*
+ EoP
+ High
+ Fork
+
+
+ CVE-2018-9514
+ A-111642636*
+ EoP
+ High
+ sdcardfs
+
+
+CVE-2018-9515
+ A-111641492*
+ EoP
+ High
+ sdcardfs
+ Common questions and answers
+
+
+
+
+
+
+
+
+
+
+ Abbreviation
+ Definition
+
+
+ RCE
+ Remote code execution
+
+
+ EoP
+ Elevation of privilege
+
+
+ ID
+ Information disclosure
+
+
+ DoS
+ Denial of service
+
+
+N/A
+ Classification not available
+
+
+
+
+ Prefix
+ Reference
+
+
+ A-
+ Android bug ID
+
+
+ QC-
+ Qualcomm reference number
+
+
+ M-
+ MediaTek reference number
+
+
+ N-
+ NVIDIA reference number
+
+
+B-
+ Broadcom reference number
+ Versions
+
+
+
diff --git a/en/security/bulletin/2018.html b/en/security/bulletin/2018.html
index 21939052..b172b8e3 100644
--- a/en/security/bulletin/2018.html
+++ b/en/security/bulletin/2018.html
@@ -36,6 +36,22 @@ of all bulletins, see the Android Securi
+
+ Version
+ Date
+ Notes
+
+
+ 1.0
+ October 1, 2018
+ Bulletin published.
+
+
+1.1
+ October 1, 2018
+ Bulletin revised to include AOSP links.
+ Published date
Security patch level
+
+
October 2018
+ Coming soon
+
+
+ October 1, 2018
+ 2018-10-01
+
+ 2018-10-05
+ September 2018
diff --git a/en/security/bulletin/_translation.yaml b/en/security/bulletin/_translation.yaml
index 6a8d393a..7ff6379d 100644
--- a/en/security/bulletin/_translation.yaml
+++ b/en/security/bulletin/_translation.yaml
@@ -41,7 +41,7 @@ ignore_paths:
- /security/bulletin/pixel/2017-12-01
- /security/bulletin/pixel/2017-11-01
- /security/bulletin/pixel/2017-10-01
-enable_continuous_translation: True
+enable_continuous_translation: true
title: Android Security Bulletins
description: Translations for Android Security Bulletins
language:
diff --git a/en/security/bulletin/index.html b/en/security/bulletin/index.html
index 55a42b19..512e1e88 100644
--- a/en/security/bulletin/index.html
+++ b/en/security/bulletin/index.html
@@ -68,6 +68,22 @@ Android Open Source Project (AOSP), the upstream Linux kernel, and system-on-chi
Published date
Security patch level
+
October 2018
+ Coming soon
+
+
+ October 1, 2018
+ 2018-10-01
+
+ 2018-10-05
+ September 2018
diff --git a/en/security/bulletin/pixel/2018-10-01.html b/en/security/bulletin/pixel/2018-10-01.html
new file mode 100644
index 00000000..264199bf
--- /dev/null
+++ b/en/security/bulletin/pixel/2018-10-01.html
@@ -0,0 +1,219 @@
+
+
+ Announcements
+
+Functional patches
+
+
+
+
+
+ References
+ Category
+ Improvements
+ Devices
+
+
+ A-112486006
+ Media
+ Improved performance for certain protected media formats
+ Pixel 2, Pixel 2 XL
+
+
+ A-112529920
+ Power
+ Improved fast-charging behavior for Pixel devices
+ Pixel, Pixel XL
+
+
+ A-79643956
+ Stability
+ Improved stability when using Android Auto
+ Pixel 2, Pixel 2 XL
+
+
+A-111467967
+ Performance
+ Modified Call Screening behavior when using Maps Navigation
+ All
+ Common questions and answers
+
+
+
+
+ Abbreviation
+ Definition
+
+
+ RCE
+ Remote code execution
+
+
+ EoP
+ Elevation of privilege
+
+
+ ID
+ Information disclosure
+
+
+ DoS
+ Denial of service
+
+
+N/A
+ Classification not available
+
+
+
+
+ Prefix
+ Reference
+
+
+ A-
+ Android bug ID
+
+
+ QC-
+ Qualcomm reference number
+
+
+ M-
+ MediaTek reference number
+
+
+ N-
+ NVIDIA reference number
+
+
+B-
+ Broadcom reference number
+ Versions
+
+
+
+
diff --git a/en/security/bulletin/pixel/2018.html b/en/security/bulletin/pixel/2018.html
index 29669c22..a9df99ca 100644
--- a/en/security/bulletin/pixel/2018.html
+++ b/en/security/bulletin/pixel/2018.html
@@ -38,6 +38,21 @@ Bulletins homepage.
+
+ Version
+ Date
+ Notes
+
+
+1.0
+ October 1, 2018
+ Bulletin published.
+ Published date
Security patch level
+
October 2018
+ Coming soon
+
+
+ October 1, 2018
+ 2018-10-05
+
+ September 2018
diff --git a/en/security/bulletin/pixel/index.html b/en/security/bulletin/pixel/index.html
index 8faa9771..bc54cfbe 100644
--- a/en/security/bulletin/pixel/index.html
+++ b/en/security/bulletin/pixel/index.html
@@ -58,6 +58,21 @@ AOSP 24–48 hours after the Pixel / Nexus bulletin is release
Published date
Security patch level
+
October 2018
+ Coming soon
+
+
+ October 1, 2018
+ 2018-10-05
+
September 2018
diff --git a/en/security/overview/acknowledgements.html b/en/security/overview/acknowledgements.html
index 864905b5..90a9adb9 100644
--- a/en/security/overview/acknowledgements.html
+++ b/en/security/overview/acknowledgements.html
@@ -37,6 +37,80 @@ Rewards program.
October
+
+
+
+
+
+ Researchers
+ CVEs
+
+
+ Abhishek Sidharthan (Amrita School of Engineering) and Pratheesh P
+Narayanan (Sree Narayana Gurukulam College of Engineering)
+ CVE-2018-9452
+
+
+ Chong Wang (weibo.com/csddl) of Chengdu
+Security Response Center, Qihoo 360 Technology Co. Ltd.
+ CVE-2018-9503, CVE-2018-9505
+
+
+ Daniel Kachakil, Senior Security Consultant, IOActive
+ CVE-2018-9493, CVE-2018-9546
+
+
+ Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.
+ CVE-2018-9490
+
+
+ Jann Horn of Google Project Zero
+ CVE-2018-9514, CVE-2018-9515
+
+
+ Jianjun Dai (@Jioun_dai) and
+Guang Gong (@oldfresher) of
+Alpha Team, Qihoo 360 Technology Co. Ltd
+ CVE-2017-13283
+
+
+ Michał Bednarski
+ CVE-2018-9492
+
+
+ Niky1235 (@jiych_guru)
+ CVE-2018-9473
+
+
+ Pengfei Ding (丁鹏飞) of Huawei Mobile Security Lab (华为移动安全实验室)
+ CVE-2018-9506, CVE-2018-9507
+
+
+ Raymond Wang
+ CVE-2018-9501
+
+
+ Stephan Zeisberg of Security Research Labs
+ CVE-2018-9497
+
+
+ Tamir Zahavi-Brunner (@tamir_zb) of Zimperium zLabs Team
+ CVE-2018-9499
+
+
+ Yongke Wang (@Rudykewang)
+and Xiangqian Zhang (@h3rb0x) of Tencent Security Xuanwu Lab
+ CVE-2018-9502, CVE-2018-9508, CVE-2018-9509, CVE-2018-9510
+
+
+Zinuo Han (weibo.com/ele7enxxh) of
+Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.
+ CVE-2018-9476, CVE-2018-9498, CVE-2018-9504
+ September
diff --git a/en/setup/_toc-build.yaml b/en/setup/_toc-build.yaml
index b5fae853..5f4050ac 100644
--- a/en/setup/_toc-build.yaml
+++ b/en/setup/_toc-build.yaml
@@ -1,7 +1,7 @@
toc:
- title: Use Reference Boards
path: /setup/build/devices
-- title: Find Generic System Images
+- title: Generic System Images
path: /setup/build/gsi
- title: Compile with Jack
path: /setup/build/jack
diff --git a/en/setup/_translation.yaml b/en/setup/_translation.yaml
index de17f36f..88d00f99 100644
--- a/en/setup/_translation.yaml
+++ b/en/setup/_translation.yaml
@@ -1,4 +1,4 @@
-enable_continuous_translation: True
+enable_continuous_translation: true
title: Android Open Source Project Setup tab
description: Translations for SAC Setup tab
language:
diff --git a/en/setup/build/gsi.html b/en/setup/build/gsi.html
index 5dcafdf4..a80be991 100644
--- a/en/setup/build/gsi.html
+++ b/en/setup/build/gsi.html
@@ -5,6 +5,7 @@
+ {% include "_versions.html" %}
-
Overview
GSI configuration and variances
+
+
+
+
+userdebug
+ build variant to enable running VTS and CTS. After replacing the system
+ image with GSI, you can root the device then test with a
+ user
-build vendor image and a userdebug
-build
+ system image.
+
+
GSI types
+
+
+
+
-
GSI Name
-
- Description
-
- Product Name
-
+ GSI name
+ Description
+ Product name
-
P GSI
-
- For devices launching with Android 9
-
-
+ aosp_$arch
- Android GSI
+ For devices launching with Android {{ androidPVersionNumber }}
+ aosp_$arch
-
Legacy GSI
-
- For devices upgrading to Android 9
-
-
+ aosp_$arch_a(b)
- Legacy GSI
+ For devices launching with Android 8.0 or Android 8.1
+ aosp_$arch_a(b)
Changes in GSIs for Android 9
-
-
+
+aosp_arm64
,
-aosp_x86
, etc.
-/system
directory. In Android 9, the root of the
-system image is mounted as the root of the device.
-BOARD_VNDK_RUNTIME_DISABLE
must not be set:
-BOARD_VNDK_RUNTIME_DISABLE := # must not be set
-
-PRODUCT_COMPATIBLE_PROPERTY_OVERRIDE := true
.Android {{ androidPVersionNumber }} GSI changes
+
Changes in Legacy GSIs
-_ab
or _a
(e.g. aosp_arm64_ab
,
-aosp_x86_a
). This GSI supports the following upgrade use cases:
-
-
+
+
+
+
aosp_arm64
,
+ aosp_x86
, etc./system
directory. In Android {{ androidPVersionNumber }}, the
+ root of the system image is mounted as the root of the device.BOARD_VNDK_RUNTIME_DISABLE
must not be set
+ (BOARD_VNDK_RUNTIME_DISABLE := # must not be set
).PRODUCT_COMPATIBLE_PROPERTY_OVERRIDE := true
).
-
+ To test devices launching with Android {{ androidPVersionNumber }} with
+ cts-on-gsi, use the build targets for the
+ Android {{ androidPVersionNumber }} GSI.
+
+
+_a
products (e.g.,
-aosp_arm_a
).
-/bluetooth
, /firmware/radio
,
-/persist
, etc.).Android {{ androidPVersionNumber }} Legacy GSI
+changes
+
_ab
or _a
(e.g.
+ aosp_arm64_ab
, aosp_x86_a
). This GSI supports the
+ following upgrade use cases:
+
+
Changes to Keymaster behavior
+
+
+
+
_a
products (e.g.,
+ aosp_arm_a
)./bluetooth
, /firmware/radio
,
+ /persist
, etc.).ro.build.version.release
and
-ro.build.version.security_patch
) reported by the running system
-matched the version info reported by bootloader. Such information was typically
-obtained from the boot image header.
+ To test devices upgrading to Android {{ androidPVersionNumber }} with
+ cts-on-gsi, use the build targets for
+ Legacy GSI.
Android {{ androidPVersionNumber }}
+Keymaster changes
+
ro.build.version.release
and
+ ro.build.version.security_patch
) reported by the running system
+ matched the version info reported by bootloader. Such information was
+ typically obtained from the boot image header.
Vendor binaries and VNDK
dependencies
+
+
-
Use Case
-
- Device
-Vendor Binaries
-
-
- BOARD_VNDK
-_VERSION
-
- BOARD_VNDK
-_RUNTIME_DISABLE
- Legacy GSI
-System Binaries
-
- Support
-
+ Use case
+ Vendor binaries version
+
+ BOARD_VNDK_VERSION
+ BOARD_VNDK_RUNTIME_DISABLE
Legacy GSI system binaries version
+ Legacy GSI support
-
1.a
-
- 8.1
-
- (empty)
-
- (any)
-
- P
-
- No
-
+ 0
+ 8.0
+ (any)
+ (N/A)
+ {{ androidPVersionNumber }}
+ No
-
1.b
-
- 8.1
-
-
- current
-
- true
- P
-
- No
-
+ 1.a
+ 8.1
+ (empty)
+ (any)
+ {{ androidPVersionNumber }}
+ No
-
2
-
- 8.1
-
-
- current
- (empty)
-
- P
-
- Yes
-
+ 1.b
+ 8.1
+
+ current
+ true
{{ androidPVersionNumber }}
+ No
-
3
-
- P
-
-
- current
-
- true
- P
-
- Yes
-
+ 2
+ 8.1
+
+ current
(empty)
+ {{ androidPVersionNumber }}
+ Yes
-
+ 4
-
- P
-
-
- current
- (empty)
-
- P
-
- Yes
-
+ 3
+ {{ androidPVersionNumber }}
+
+ current
+ true
{{ androidPVersionNumber }}
+ Yes
+
+
4
+ {{ androidPVersionNumber }}
+
+ current
(empty)
+ {{ androidPVersionNumber }}
+ Yes
BOARD_VNDK_VERSION
but built
-without BOARD_VNDK_RUNTIME_DISABLE
(i.e., runtime enforcement was
-NOT disabled).
+ The most common supported use case is #2, where the Legacy GSI supports
+ devices running Android 8.1 that were built with
+ BOARD_VNDK_VERSION
but built without
+ BOARD_VNDK_RUNTIME_DISABLE
(i.e., runtime enforcement was NOT
+ disabled).
BOARD_VNDK_VERSION
or built with
-BOARD_VNDK_RUNTIME_DISABLE
(i.e. runtime enforcement WAS disabled).
-These devices are not supported because their vendor binaries depend on 8.1
-non-VNDK shared libraries, which are not included in Legacy GSI.
+ The two unsupported use cases are #1.a and #1.b, where the Legacy GSI does NOT
+ support devices running Android 8.1 that were not built with
+ BOARD_VNDK_VERSION
or built with
+ BOARD_VNDK_RUNTIME_DISABLE
(i.e. runtime enforcement WAS
+ disabled). These devices are not supported because their vendor binaries
+ depend on Android 8.1 non-VNDK shared libraries, which are not included in
+ Legacy GSIs.
-
+BOARD_VNDK_VERSION
without
-BOARD_VNDK_RUNTIME_DISABLE
(use case #2)
+ To make these devices compatible with the Legacy GSI, vendors must do one of
+ the following:
+
+
+
+
-OR
-BOARD_VNDK_VERSION
without
+ BOARD_VNDK_RUNTIME_DISABLE
(use case #2)
+
ORBuilding GSIs
-Build targets
DESSERT-gsi
on AOSP (for example,
+ pie-gsi
is the GSI branch on Android
+ {{ androidPVersionNumber }}). GSI branches include the content of Android with
+ all security patches and
+ GSI patches applied.
P GSI build targets
+
+system.img
) and appears in the output folder
+ out/target/product/generic_arm64_ab
. The build
+ also outputs vbmeta.img
, which you can use to disable verify
+ boot on the devices using Android
+ Verified Boot.
aosp_arm64_ab-userdebug
on GSI branch pie-gsi
:
+$ repo init -u https://android.googlesource.com/platform/manifest -b pie-gsi
+$ repo sync -cq
+$ source build/envsetup.sh
+$ lunch aosp_arm64_ab-userdebug
+$ make -j4
+
+
+Android {{ androidPVersionNumber }} GSI build
+targets
+
+
-
-
GSI name
-
- CPU arch
-
- Binder interface bitness
-
- System-as-root
-
- Product name
-
+ GSI name
+ CPU arch
+ Binder interface bitness
+ System-as-root
+ Product name
-
- aosp_arm
-
- ARM
-
- 64
-
- Y
-
+ aosp_arm-userdebug
-
+ aosp_arm
+ ARM
+ 64
+ Y
aosp_arm-userdebug
-
- aosp_arm64
-
- ARM64
-
- 64
-
- Y
-
+ aosp_arm64-userdebug
-
+ aosp_arm64
+ ARM64
+ 64
+ Y
aosp_arm64-userdebug
-
- aosp_x86
-
- x86
-
- 64
-
- Y
-
+ aosp_x86-userdebug
-
+ aosp_x86
+ x86
+ 64
+ Y
aosp_x86-userdebug
-
- aosp_x86_64
-
- x86-64
-
- 64
-
- Y
-
+ aosp_x86_64-userdebug
-
+ aosp_x86_64
+ x86-64
+ 64
+ Y
aosp_x86_64-userdebug
Legacy GSI build targets
+
+Android {{ androidPVersionNumber }} Legacy
+GSI build targets
+
_ab
or _a
to
-distinguish them from P GSI names.
+ The following Legacy GSI build targets are for devices upgrading to Android
+ {{ androidPVersionNumber }}. Legacy GSI names include the suffix
+ _ab
or _a
to distinguish them from Android
+ {{ androidPVersionNumber }} GSI names.
-
-
GSI name
-
- CPU arch
-
- Binder interface bitness
-
- System-as-root
-
- Product name
-
+ GSI name
+ CPU arch
+ Binder interface bitness
+ System-as-root
+ Product name
-
- aosp_arm_a
-
- ARM
-
- 32
-
- N
-
+ aosp_arm_a-userdebug
-
+ aosp_arm_a
+ ARM
+ 32
+ N
aosp_arm_a-userdebug
-
- aosp_arm_ab
-
- ARM
-
- 32
-
- Y
-
+ aosp_arm_ab-userdebug
-
+ aosp_arm_ab
+ ARM
+ 32
+ Y
aosp_arm_ab-userdebug
-
- **NA
-
- ARM
-
- 64
-
- N
-
-
+
+ **NA
+ ARM
+ 64
+ N
-
- aosp_arm_64b_ab
-
- ARM
-
- 64
-
- Y
-
+ aosp_arm_64b_ab-userdebug
-
+ aosp_arm_64b_ab
+ ARM
+ 64
+ Y
aosp_arm_64b_ab-userdebug
-
- aosp_arm64_a
-
- ARM64
-
- 64
-
- N
-
+ aosp_arm64_a-userdebug
-
+ aosp_arm64_a
+ ARM64
+ 64
+ N
aosp_arm64_a-userdebug
-
- aosp_arm64_ab
-
- ARM64
-
- 64
-
- Y
-
+ aosp_arm64_ab-userdebug
-
+ aosp_arm64_ab
+ ARM64
+ 64
+ Y
aosp_arm64_ab-userdebug
-
- aosp_x86_a
-
- x86
-
- 32
-
- N
-
+ aosp_x86_a-userdebug
-
+ aosp_x86_a
+ x86
+ 32
+ N
aosp_x86_a-userdebug
-
- aosp_x86_ab
-
- x86
-
- 32
-
- Y
-
+ aosp_x86_ab-userdebug
-
+ aosp_x86_ab
+ x86
+ 32
+ Y
aosp_x86_ab-userdebug
-
- **NA
-
- x86
-
- 64
-
- N
-
-
+
+ **NA
+ x86
+ 64
+ N
-
- **NA
-
- x86
-
- 64
-
- Y
-
-
+
+ **NA
+ x86
+ 64
+ Y
-
- aosp_x86_64_a
-
- x86-64
-
- 64
-
- N
-
+ aosp_x86_64_a-userdebug
-
+ aosp_x86_64_a
+ x86-64
+ 64
+ N
aosp_x86_64_a-userdebug
-
- aosp_x86_64_ab
-
- x86-64
-
- 64
-
- Y
-
+ aosp_x86_64_ab-userdebug
-
+ aosp_x86_64_ab
+ x86-64
+ 64
+ Y
aosp_x86_64_ab-userdebug
Flashing GSIs
+
GSI 8.1 build targets
+
+
+
+
-
+
+
-
- GSI name
-
- CPU arch
-
- Binder interface bitness
-
- System-as-root
-
- Product name
-
-
-
-
- aosp_arm_a
-
- ARM
-
- 32
-
- N
-
- aosp_arm_a-userdebug
-
-
-
- aosp_arm_ab
-
- ARM
-
- 32
-
- Y
-
- aosp_arm_ab-userdebug
-
-
-
- aosp_arm_64b_a
-
- ARM
-
- 64
-
- N
-
- aosp_arm_64b_a-userdebug
-
-
-
- **NA
-
- ARM
-
- 64
-
- Y
-
-
-
-
-
- aosp_arm64_a
-
- ARM64
-
- 64
-
- N
-
- aosp_arm64_a-userdebug
-
-
-
- aosp_arm64_ab
-
- ARM64
-
- 64
-
- Y
-
- aosp_arm64_ab-userdebug
-
-
-
- aosp_x86_a
-
- x86
-
- 32
-
- N
-
- aosp_x86_a-userdebug
-
-
-
- aosp_x86_ab
-
- x86
-
- 32
-
- Y
-
- aosp_x86_ab-userdebug
-
-
-
- **NA
-
- x86
-
- 64
-
- N
-
-
-
-
-
- **NA
-
- x86
-
- 64
-
- Y
-
-
-
-
-
- aosp_x86_64_a
-
- x86-64
-
- 64
-
- N
-
- aosp_x86_64_a-userdebug
-
-
-
- aosp_x86_64_ab
-
- x86-64
-
- 64
-
- Y
-
- aosp_x86_64_ab-userdebug
-
+
+
+vbmeta.img
:
+$ fastboot flash vbmeta vbmeta.img
+$ fastboot erase system
+$ fastboot flash system system.img
+
$ fastboot -w
$ fastboot reboot
Contributing to GSIs
+
+
+
+DESSERT-gsi
is not a development
+ branch and accepts only cherrypicks from the AOSP master branch, to submit a
+ GSI patch, you must:
+
+
+ DESSERT-gsi
.