diff options
| author | Android Partner Docs <noreply@android.com> | 2017-06-06 19:46:10 +0000 |
|---|---|---|
| committer | android-build-merger <android-build-merger@google.com> | 2017-06-06 19:46:10 +0000 |
| commit | e5ecdabfcf75d07d42c93ab2b472b8340b674ae7 (patch) | |
| tree | bb3bfcccc604e52f790c41ba6e1f57680659f1b0 | |
| parent | 10f2d7f5d7f38bff628c784f953378db4ed31514 (diff) | |
| parent | 5bb2fb12897c2c887e0808f9b794557f461b04d3 (diff) | |
| download | source.android.com-oreo-dr1-dev.tar.gz | |
Merge "Docs: Changes to source.android.com" am: 9e286c1def am: 4ecfdb8d77 am: a529e1528coreo-dr1-dev
am: 5bb2fb1289
Change-Id: Icd46fae1801b46e3290e8e7974140024f2bbe608
| -rw-r--r-- | en/_index.yaml | 3 | ||||
| -rw-r--r-- | en/compatibility/cts/downloads.html | 72 | ||||
| -rw-r--r-- | en/devices/_toc-tech.yaml | 6 | ||||
| -rw-r--r-- | en/devices/tech/config/filesystem.html | 174 | ||||
| -rw-r--r-- | en/devices/tech/debug/index.html | 272 | ||||
| -rw-r--r-- | en/devices/tech/debug/strace.html | 121 | ||||
| -rw-r--r-- | en/devices/tech/debug/valgrind.html | 75 | ||||
| -rw-r--r-- | en/security/_toc.yaml | 2 | ||||
| -rw-r--r-- | en/security/bulletin/2017-06-01.html | 1400 | ||||
| -rw-r--r-- | en/security/bulletin/2017.html | 16 | ||||
| -rw-r--r-- | en/security/bulletin/index.html | 16 | ||||
| -rw-r--r-- | en/security/encryption/file-based.html | 2 | ||||
| -rw-r--r-- | en/security/overview/acknowledgements.html | 16 | ||||
| -rw-r--r-- | en/source/building-kernels.html | 10 | ||||
| -rw-r--r-- | zh-cn/_index.yaml | 4 |
15 files changed, 1945 insertions, 244 deletions
diff --git a/en/_index.yaml b/en/_index.yaml index 1d80ac8c..df0c381d 100644 --- a/en/_index.yaml +++ b/en/_index.yaml @@ -40,7 +40,8 @@ landing_page: buttons: - label: Test devices path: /compatibility/ - - classname: devsite-landing-row-large-headings devsite-landing-row-colored devsite-landing-row-grey devsite-landing-row-no-image-background tf-about-row devsite-landing-row-75 + - classname: devsite-landing-row-large-headings devsite-landing-row-no-image-background tf-about-row devsite-landing-row-75 + background: grey items: - heading: About the Android Open Source Project description: | diff --git a/en/compatibility/cts/downloads.html b/en/compatibility/cts/downloads.html index 6320be29..32186e70 100644 --- a/en/compatibility/cts/downloads.html +++ b/en/compatibility/cts/downloads.html @@ -31,77 +31,77 @@ R<number> in the link name.</p> <h2 id="android-71">Android 7.1</h2> <p>Android 7.1 is the release of the development milestone code-named Nougat-MR1. The source code for the following tests can be synced with the -'android-cts-7.1_r5' tag in the open-source tree.</p> +'android-cts-7.1_r6' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.1_r5-linux_x86-arm.zip">Android -7.1 R5 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.1_r6-linux_x86-arm.zip">Android +7.1 R6 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.1_r5-linux_x86-x86.zip">Android -7.1 R5 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.1_r6-linux_x86-x86.zip">Android +7.1 R6 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r5-linux_x86-arm.zip">Android -7.1 R5 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r6-linux_x86-arm.zip">Android +7.1 R6 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r5-linux_x86-x86.zip">Android -7.1 R5 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.1_r6-linux_x86-x86.zip">Android +7.1 R6 CTS Verifier - x86</a></li> </ul> <h2 id="android-70">Android 7.0</h2> <p>Android 7.0 is the release of the development milestone code-named Nougat. The source code for the following tests can be synced with the -'android-cts-7.0_r9' tag in the open-source tree.</p> +'android-cts-7.0_r10' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.0_r9-linux_x86-arm.zip">Android -7.0 R9 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.0_r10-linux_x86-arm.zip">Android +7.0 R10 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-7.0_r9-linux_x86-x86.zip">Android -7.0 R9 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-7.0_r10-linux_x86-x86.zip">Android +7.0 R10 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r9-linux_x86-arm.zip">Android -7.0 R9 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r10-linux_x86-arm.zip">Android +7.0 R10 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r9-linux_x86-x86.zip">Android -7.0 R9 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-7.0_r10-linux_x86-x86.zip">Android +7.0 R10 CTS Verifier - x86</a></li> </ul> <h2 id="android-60">Android 6.0</h2> <p>Android 6.0 is the release of the development milestone code-named Marshmallow. The source code for the following tests can be synced with the -'android-cts-6.0_r18' tag in the open-source tree.</p> +'android-cts-6.0_r19' tag in the open-source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-6.0_r18-linux_x86-arm.zip">Android -6.0 R18 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-6.0_r19-linux_x86-arm.zip">Android +6.0 R19 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-6.0_r18-linux_x86-x86.zip">Android -6.0 R18 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-6.0_r19-linux_x86-x86.zip">Android +6.0 R19 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r18-linux_x86-arm.zip">Android -6.0 R18 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r19-linux_x86-arm.zip">Android +6.0 R19 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r18-linux_x86-x86.zip">Android -6.0 R18 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-6.0_r19-linux_x86-x86.zip">Android +6.0 R19 CTS Verifier - x86</a></li> </ul> <h2 id="android-51">Android 5.1</h2> <p>Android 5.1 is the release of the development milestone code-named Lollipop-MR1. The source code for the following tests can be synced with the -'android-cts-5.1_r19' tag in the open source tree.</p> +'android-cts-5.1_r20' tag in the open source tree.</p> <ul> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-5.1_r19-linux_x86-arm.zip">Android -5.1 R19 Compatibility Test Suite (CTS) - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-5.1_r20-linux_x86-arm.zip">Android +5.1 R20 Compatibility Test Suite (CTS) - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-5.1_r19-linux_x86-x86.zip">Android -5.1 R19 Compatibility Test Suite (CTS) - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-5.1_r20-linux_x86-x86.zip">Android +5.1 R20 Compatibility Test Suite (CTS) - x86</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r19-linux_x86-arm.zip">Android -5.1 R19 CTS Verifier - ARM</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r20-linux_x86-arm.zip">Android +5.1 R20 CTS Verifier - ARM</a></li> <li><a -href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r19-linux_x86-x86.zip">Android -5.1 R19 CTS Verifier - x86</a></li> +href="https://dl.google.com/dl/android/cts/android-cts-verifier-5.1_r20-linux_x86-x86.zip">Android +5.1 R20 CTS Verifier - x86</a></li> </ul> <h2 id="android-50">Android 5.0</h2> diff --git a/en/devices/_toc-tech.yaml b/en/devices/_toc-tech.yaml index 21f05f00..13534b2d 100644 --- a/en/devices/_toc-tech.yaml +++ b/en/devices/_toc-tech.yaml @@ -27,7 +27,7 @@ toc: path: /devices/tech/config/carrier - title: Connectivity Tests path: /devices/tech/config/connect_tests - - title: File System + - title: File DAC Configuration path: /devices/tech/config/filesystem - title: Kernel Configuration path: /devices/tech/config/kernel @@ -107,6 +107,10 @@ toc: path: /devices/tech/debug/netstats - title: RAM Use path: /devices/tech/debug/procstats + - title: Strace + path: /devices/tech/debug/strace + - title: Valgrind + path: /devices/tech/debug/valgrind - title: Device Administration section: - title: Overview diff --git a/en/devices/tech/config/filesystem.html b/en/devices/tech/config/filesystem.html index c1f13dc0..c2a3fd3f 100644 --- a/en/devices/tech/config/filesystem.html +++ b/en/devices/tech/config/filesystem.html @@ -1,6 +1,6 @@ <html devsite> <head> - <title>Configuring the File System</title> + <title>File DAC Configuration</title> <meta name="project_path" value="/_project.yaml" /> <meta name="book_path" value="/_book.yaml" /> </head> @@ -22,56 +22,122 @@ --> +<p>Earlier versions of Android used a system configuration file that was +not extensible, preventing device manufacturers from adding named binaries to +specify Discretionary Access Controls (DAC) of ownership, access mode, or +executable capabilities. This limitation occurred as a result of support for +Linux kernels 3.14 and higher in which wake lock is enabled via the +<code>CAP_SUSPEND_BLOCK</code> capability; partner-supplied GPS daemons were +required to hold this wake lock (and thus have this capability set in the file +system).</p> + +<p>As of Android 6.0, <code>fs_config</code> and associated structure definitions +(<code>system/core/include/private/android_filesystem_config.h</code>) are now +located in <code>system/core/libcutils/fs_config.c</code> where they can be +updated or overridden by binary files installed in +<code>/system/etc/fs_config_dirs</code> and +<code>/system/etc/fs_config_files</code>. For clarity, Android uses separate +matching and parsing rules for directories and files (which can use additional +glob expressions) and handles directories and files in two different tables. +Structure definitions in <code>system/core/libcutils/fs_config.c</code> not only +allow runtime reading of directories and files, but the host may use the same +files during build time to construct filesystem images as +<code>${OUT}/system/etc/fs_config_dirs</code> and +<code>${OUT}/system/etc/fs_config_files</code>.</p> + +<h2 id=gen-files>Generating override files</h2> + +<p>You can generate the aligned binary files +<code>/system/etc/fs_config_dirs</code> and +<code>/system/etc/fs_config_files</code> using the +<code>fs_config_generate</code> tool in <code>build/tools/fs_config</code>. The +tool uses a <code>libcutils</code> library function +(<code>fs_config_generate()</code>) to manage DAC requirements into a buffer +and defines rules for an include file to institutionalize the DAC rules.</p> + +<p>To use, create an include file in +<code>device/<em>vendor</em>/<em>device</em>/android_filesystem_config.h</code> +that acts as the override. The file must use the +<code>structure fs_path_config</code> format defined in +<code>system/core/include/private/android_filesystem_config.h</code> with the +following structure initializations for directory and file symbols:</p> +<ul> +<li>For directories, use <code>android<strong>_device</strong>_dirs[]</code>.</li> +<li>For files, use <code>android<strong>_device</strong>_files[]</code>.</li> +</ul> -<h2 id=abstract>Abstract</h2> - -<p>This document describes impending changes to the manner in which the Android -file system is configured.</p> - -<p>The Android file system configuration file (<code>system/core/include/private/android_filesystem_config.h</code>) is not extensible in that device manufacturers have no means to add their own -named binaries to the list to specify Discretionary Access Controls (DAC) of -ownership, access mode, or executable capabilities. This limitation is shown -with the introduction of support for Linux kernels 3.14 and higher where the -wake lock is enabled via a capability <code>CAP_SUSPEND_BLOCK</code>; partner-supplied GPS daemons will need to hold this wake lock and thus have -this capability set in the file system.</p> - -<p>Therefore, the Android M release is planned to move both the <code>fs_config</code> inline and the structure definitions in <code>system/core/include/private/android_filesystem_config.h</code> that it feeds on into <code>system/core/libcutils/fs_config.c</code> to be updated or overridden by binary files installed in <code>/system/etc/fs_config_dirs </code>and<code> /system/etc/fs_config_files</code>.</p> - -<h2 id=implementation>Implementation</h2> - -<p>Separate matching and parsing rules exist for directories and files. Files get -the advantage of utilizing additional glob expressions. Files and Directories -are handled separately by two different tables.</p> - -<p>The Android M release will remove the <code>fs_config</code> inline and the structure definitions that it feeds on, and place the code and -default definitions into <code>system/core/libcutils/fs_config.c</code>. The <code>fs_config.c</code> file is modified beyond the basic definition to allow runtime reading of <code>/system/etc/fs_config_dirs</code> and <code>/system/etc/fs_config_files</code> to garner override that the device manufacturer would wish to extend. The same -files accessed during build time to construct filesystem images as <code>${OUT}/system/etc/fs_config_dirs</code> and <code>${OUT}/system/etc/fs_config_files</code> may be used on the host.</p> - -<p><strong>Caution</strong>: This change is disruptive, as it removes some includes, structures and inline -definitions; it also adds a need to refer to <code>libcutils</code> instead of running directly from <code>system/core/include/private/android_filesystem_config.h</code>. It also requires all device manufacturers to be informed that the location -for adjustments for file system configuration has changed.</p> +<p>When not using <code>android_device_dirs[]</code> and +<code>android_device_files[]</code>, you can define +<code>NO_ANDROID_FILESYSTEM_CONFIG_DEVICE_DIRS</code> and <code>NO_ANDROID_FILESYSTEM_CONFIG_DEVICE_FILES</code> (see the +<a href="#example">example</a> below).</p> -<p>There is also a tool to generate the aligned binary files <code>/system/etc/fs_config_dirs</code> and <code>/system/etc/fs_config_files</code> content that is delivered on the target.</p> +<p>You can also specify the +override file using <code>TARGET_ANDROID_FILESYSTEM_CONFIG_H</code> in the board +configuration, with an enforced basename of +<code>android_filesystem_config.h</code>. -<p>A new function in <code>libcutils</code> - <code>fs_config_generate()</code> - is used to manage the DAC requirements into a buffer. <code>build/tools/fs_config</code> in turn houses the new tool <code>fs_config_generate</code> that uses this library function and defines rules for an include file to -institutionalize the DAC rules. It expects an include file in <code>device/<vendor>/<device>/android_filesystem_config.h</code> to act as the override in <code>structure fs_path_config</code> format as defined in <code>system/core/include/private/android_filesystem_config.h</code>, except defining the structure initialization for the symbols struct -fs_path_config android<strong>_device</strong>_dirs[] and struct fs_path_config android<strong>_device</strong>_files[] for directories and files, respectively. See the example below.</p> +<h2 id=include-files>Including files</h2> -<p>The override file may also be specified using <code>TARGET_ANDROID_FILESYSTEM_CONFIG_H </code>in the board configuration, with an enforced basename of <code>android_filesystem_config.h</code>. Finally, <code>PRODUCT_PACKAGES</code> must include <code>fs_config_dirs</code> and/or <code>fs_config_files</code> in order to install them to <code>/system/etc/fs_config_dirs</code> and <code>/system/etc/fs_config_files</code>, respectively.</p> +<p><code>PRODUCT_PACKAGES</code> must include <code>fs_config_dirs</code> +and/or <code>fs_config_files</code> to install them to +<code>/system/etc/fs_config_dirs</code> and +<code>/system/etc/fs_config_files</code>, respectively.</p> -<h3 id=instructions>Instructions</h3> +<p>The build system searches for custom <code>android_filesystem_config.h</code> +in <code>$(TARGET_DEVICE_DIR)</code>, where <code>BoardConfig.mk</code> exists. +If this file exists elsewhere, set board config variable +<code>TARGET_ANDROID_FILESYSTEM_CONFIG_H</code> to point to that location.</p> -<p>Follow these steps to configure the Android file system in the M release and -later.</p> +<h2 id=configuring>Configuring</h2> +<p>To configure the file system in Android 6.0 and higher:</p> <ol> - <li> Create the <code>$(TARGET_DEVICE_DIR)/android_filesystem_config.h</code> file - <li> Add the <code>fs_config_dirs</code> and/or <code>fs_config_files</code> to <code>PRODUCT_PACKAGES </code>in the board configuration file (eg: <code>$(TARGET_DEVICE_DIR)/device.mk</code>) +<li>Create the <code>$(TARGET_DEVICE_DIR)/android_filesystem_config.h</code> +file.</li> +<li>Add the <code>fs_config_dirs</code> and/or <code>fs_config_files</code> to +<code>PRODUCT_PACKAGES </code>in the board configuration file (e.g., +<code>$(TARGET_DEVICE_DIR)/device.mk</code>).</li> </ol> -<h3 id=example>Example</h3> +<h2 id=migration-concerns>Migration concerns</h2> +<p>Migrating system configurations from Android 5.0 and earlier can be +disruptive. When planning such a migration, keep in mind that Android 6.0:</p> +<ul> +<li>Removes some includes, structures, and inline definitions.</li> +<li>Requires a reference to <code>libcutils</code> instead of running directly +from <code>system/core/include/private/android_filesystem_config.h</code>. +Device manufacturer private executables that depend on +<code>system/code/include/private_filesystem_config.h</code> for the file or +directory structures or <code>fs_config</code> must add <code>libcutils</code> +library dependencies.</li> +<li>Requires device manufacturer private branch copies of the +<code>system/core/include/private/android_filesystem_config.h</code> with extra +content on existing targets to move to +<code>device/<em>vendor</em>/<em>device</em>/android_filesystem_config.h</code>. +</li> +<li>As Android reserves the right to apply SELinux Mandatory Access Controls (MAC) +to configuration files on the target system, implementations that include +custom target executables using <code>fs_config()</code> must ensure access.</li> +</ul> + +<h2 id=example>Example</h2> + +<p>This example shows a patch for overriding the <code>system/bin/glgps</code> +daemon to add wake lock support in the +<code>device/<em>vendor</em>/<em>device</em></code> directory. Keep the +following in mind:</p> -<p>In order to activate an override for the<code> system/bin/glgps</code> daemon to add wake lock support, one would do something like this within the <code>device/<vendor>/<device></code> directory (in patch format, relevant actions are highlighted for clarity):</p> +<ul> +<li>Each structure entry is the mode, uid, gid, capabilities, and the name. +<code>system/core/include/private/android_filesystem_config.h</code> is included +automatically to provide the manifest #defines (<code>AID_ROOT</code>, + <code>AID_SHELL</code>, <code>CAP_BLOCK_SUSPEND</code>).</li> +<li>The <code>android_device_files[]</code> section includes an action to +suppress access to <code>system/etc/fs_config_dirs</code> when unspecified, +which serves as an additional DAC protection for lack of content for directory +overrides. However, this is weak protection; if someone has control over +<code>/system</code>, they can typically do anything they want.</li> +</ul> <pre> diff --git a/android_filesystem_config.h b/android_filesystem_config.h @@ -130,36 +196,12 @@ index 0c71d21..235c1a7 100644 - wpa_supplicant.conf + wpa_supplicant.conf \ + fs_config_files - + ifeq ($(TARGET_PREBUILT_KERNEL),) ifeq ($(USE_SVELTE_KERNEL), true) </pre> -<h3 id=checklist>Checklist</h3> - -<ol> - <li> <code>NO_ANDROID_FILESYSTEM_CONFIG_DEVICE_DIRS</code> and <code>NO_ANDROID_FILESYSTEM_CONFIG_DEVICE_FILES</code> are available to be defined when android_device_dirs[] and -android_device_files[] is not being filled out. - - <li> Each structure entry is the mode, uid, gid, capabilities and the name. <code>system/core/include/private/android_filesystem_config.h</code> has been included already automatically to provide the manifest defines (<code>AID_ROOT</code>, <code>AID_SHELL</code>, <code>CAP_BLOCK_SUSPEND</code> in the above). - - <li> The action above in the example android_device_files[] to suppress access to <code>system/etc/fs_config_dirs</code> when we have not specified it will act as an additional DAC protection for our -lack of any content for the directory overrides. It is considered pedantic weak -protection since if someone has control over<code> /system</code>, they can typically do anything they want. - <li> The build system searches for the custom <code>android_filesystem_config.h</code> in <code>$(TARGET_DEVICE_DIR)</code>, in which the BoardConfig.mk exists. You can also set board config variable <code>TARGET_ANDROID_FILESYSTEM_CONFIG_H</code> to point to the file, if it exists elsewhere. - - <li> On the target system, we reserve the right to apply SELinux Mandatory Access -Controls (MAC) to these configuration files. Please check if you have custom -target executables that utilize fs_config() to make sure you permit access if -not provided otherwise. -</ol> - -<h3 id=architectural_concerns>Architectural Concerns</h3> - -<ul> - <li> Device manufacturer private branch copies of the <code>system/core/include/private/android_filesystem_config.h</code> with extra content on existing targets will have to move over to: <code>device/<vendor>/<device>/android_filesystem_config.h</code> - <li> Device manufacturer private executables that depend on <code>system/code/include/private_filesystem_config.h</code> for the file or directory structures or <code>fs_config</code> will have to add <code>libcutils</code> library dependencies. - </body> +</body> </html> diff --git a/en/devices/tech/debug/index.html b/en/devices/tech/debug/index.html index 49881821..b2f4c140 100644 --- a/en/devices/tech/debug/index.html +++ b/en/devices/tech/debug/index.html @@ -23,102 +23,167 @@ -<p>This page contains a summary of useful tools and related commands for -debugging, tracing, and profiling native Android platform code. The pages -within this section contain detailed information on other debugging tools for -use during development of platform-level features.</p> - -<p>For example, you may learn how to explore system services with <a -href="dumpsys.html">Dumpsys</a> and evaluate <a -href="netstats.html">network</a> and <a href="procstats.html">RAM</a> use. See -the subpages for tools and methods not described below.</p> - -<h2 id=debuggerd>debuggerd</h2> - -<p>The <code>debuggerd</code> process dumps registers and unwinds the -stack. When a dynamically-linked executable starts, several signal handlers are -registered that connect to <code>debuggerd</code> (or <code>debuggerd64)</code> in the event that signal -is sent to the process.</p> +<p>This section summarizes useful tools and related commands for debugging, +tracing, and profiling native Android platform code when developing +platform-level features. This page covers use of <code>debuggerd</code>, a +daemon process for collecting error information after applications crash, and +the GNU Project debugger (GDB).</p> + +<p>Other pages in this section explore system services with +<a href="/devices/tech/debug/dumpsys.html">Dumpsys</a>, viewing +<a href="/devices/tech/debug/native-memory.html">native memory</a>, +<a href="/devices/tech/debug/netstats.html">network</a>, and +<a href="/devices/tech/debug/procstats.html">RAM</a> usage, using +<a href="/devices/tech/debug/asan.html">AddressSanitizer</a> to detect memory +bugs in native code, evaluating +<a href="/devices/tech/debug/eval_perf.html"> performance issues</a> (includes +<a href="/devices/tech/debug/systrace">systrace</a>), and several other +debugging tools.</p> + +<h2 id=debuggerd>Using debuggerd</h2> + +<p>The <code>debuggerd</code> process dumps registers and unwinds the stack. +When a dynamically linked executable starts, several signal handlers are +registered that connect to <code>debuggerd</code> (or <code>debuggerd64)</code> +in the event that signals (such as SIGSEGV or SIGABRT) are sent to the process.</p> <p>It's possible for <code>debuggerd</code> to attach only if nothing else is -already attached. This means that using tools like <code>strace</code> or -<code>gdb</code> will prevent <code>debuggerd</code> from working. Also, if -you call <code>prctl(PR_SET_DUMPABLE, 0)</code> you can prevent -<code>debuggerd</code> from attaching. This can be useful if you wish to -explicitly opt out of crash reporting.</p> +already attached, which means using tools such as <code>strace</code> or +<code>gdb</code> will prevent <code>debuggerd</code> from working. You can also +explicitly prevent <code>debuggerd</code> from attaching by calling +<code>prctl(PR_SET_DUMPABLE, 0)</code>, which can be useful when you need to +opt out of crash reporting.</p> -<p>Here is example output (with timestamps and extraneous information removed):</p> +<p>Example <code>debuggerd</code> output (with timestamps and extraneous +information removed):</p> <pre class="no-pretty-print"> *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** -Build fingerprint: 'Android/aosp_flounder/flounder:5.1.51/AOSP/enh08201009:eng/test-keys' +Build fingerprint: 'Android/aosp_angler/angler:7.1.1/NYC/enh12211018:eng/test-keys' Revision: '0' ABI: 'arm' -pid: 1656, tid: 1656, name: crasher >>> crasher <<< -signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr -------- -Abort message: 'some_file.c:123: some_function: assertion "false" failed' - r0 00000000 r1 00000678 r2 00000006 r3 f70b6dc8 - r4 f70b6dd0 r5 f70b6d80 r6 00000002 r7 0000010c - r8 ffffffed r9 00000000 sl 00000000 fp ff96ae1c - ip 00000006 sp ff96ad18 lr f700ced5 pc f700dc98 cpsr 400b0010 +pid: 17946, tid: 17949, name: crasher >>> crasher <<< +signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xc + r0 0000000c r1 00000000 r2 00000000 r3 00000000 + r4 00000000 r5 0000000c r6 eccdd920 r7 00000078 + r8 0000461a r9 ffc78c19 sl ab209441 fp fffff924 + ip ed01b834 sp eccdd800 lr ecfa9a1f pc ecfd693e cpsr 600e0030 + backtrace: - #00 pc 00042c98 /system/lib/libc.so (tgkill+12) - #01 pc 00041ed1 /system/lib/libc.so (pthread_kill+32) - #02 pc 0001bb87 /system/lib/libc.so (raise+10) - #03 pc 00018cad /system/lib/libc.so (__libc_android_abort+34) - #04 pc 000168e8 /system/lib/libc.so (abort+4) - #05 pc 0001a78f /system/lib/libc.so (__libc_fatal+16) - #06 pc 00018d35 /system/lib/libc.so (__assert2+20) - #07 pc 00000f21 /system/xbin/crasher - #08 pc 00016795 /system/lib/libc.so (__libc_init+44) - #09 pc 00000abc /system/xbin/crasher + #00 pc 0004793e /system/lib/libc.so (pthread_mutex_lock+1) + #01 pc 0001aa1b /system/lib/libc.so (readdir+10) + #02 pc 00001b91 /system/xbin/crasher (readdir_null+20) + #03 pc 0000184b /system/xbin/crasher (do_action+978) + #04 pc 00001459 /system/xbin/crasher (thread_callback+24) + #05 pc 00047317 /system/lib/libc.so (_ZL15__pthread_startPv+22) + #06 pc 0001a7e5 /system/lib/libc.so (__start_thread+34) Tombstone written to: /data/tombstones/tombstone_06 </pre> -<p>This can be pasted into <code>development/scripts/stack</code> to get a more detailed unwind -with line number information (assuming the unstripped binaries can be found).</p> - -<p>Some libraries on the system are built with <code>LOCAL_STRIP_MODULE := -keep_symbols</code> to provide usable backtraces directly from <code>debuggerd</code>. This makes -your library or executable slightly larger, but not nearly as large as an -unstripped version.</p> +<p>The last line of <code>debuggerd</code> output dumps a summary to the log and +writes a full <em>tombstone</em> to disk. The tombstone is simply a file with +extra data about the crashed process; it contains information that can be +helpful in debugging a crash, in particular the stack traces for all threads in +the crashing process (not just the thread that caught the signal) and a full +memory map.</p> + +<p>Assuming the unstripped binaries can be found, you can get a more detailed +unwind with line number information by pasting the above example into +<code>development/scripts/stack</code>:</p> + +<p class="key-point"><strong>Tip:</strong> For convenience, if you've lunched +<code>stack</code> will be on your $PATH already so you don't need to give the +full path.</p> + +<pre> +$ development/tools/stack +Reading native crash info from stdin +03-02 23:53:49.477 17951 17951 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** +03-02 23:53:49.477 17951 17951 F DEBUG : Build fingerprint: 'Android/aosp_angler/angler:7.1.1/NYC/enh12211018:eng/test-keys' +03-02 23:53:49.477 17951 17951 F DEBUG : Revision: '0' +03-02 23:53:49.477 17951 17951 F DEBUG : ABI: 'arm' +03-02 23:53:49.478 17951 17951 F DEBUG : pid: 17946, tid: 17949, name: crasher >>> crasher <<< +03-02 23:53:49.478 17951 17951 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xc +03-02 23:53:49.478 17951 17951 F DEBUG : r0 0000000c r1 00000000 r2 00000000 r3 00000000 +03-02 23:53:49.478 17951 17951 F DEBUG : r4 00000000 r5 0000000c r6 eccdd920 r7 00000078 +03-02 23:53:49.478 17951 17951 F DEBUG : r8 0000461a r9 ffc78c19 sl ab209441 fp fffff924 +03-02 23:53:49.478 17951 17951 F DEBUG : ip ed01b834 sp eccdd800 lr ecfa9a1f pc ecfd693e cpsr 600e0030 +03-02 23:53:49.491 17951 17951 F DEBUG : +03-02 23:53:49.491 17951 17951 F DEBUG : backtrace: +03-02 23:53:49.492 17951 17951 F DEBUG : #00 pc 0004793e /system/lib/libc.so (pthread_mutex_lock+1) +03-02 23:53:49.492 17951 17951 F DEBUG : #01 pc 0001aa1b /system/lib/libc.so (readdir+10) +03-02 23:53:49.492 17951 17951 F DEBUG : #02 pc 00001b91 /system/xbin/crasher (readdir_null+20) +03-02 23:53:49.492 17951 17951 F DEBUG : #03 pc 0000184b /system/xbin/crasher (do_action+978) +03-02 23:53:49.492 17951 17951 F DEBUG : #04 pc 00001459 /system/xbin/crasher (thread_callback+24) +03-02 23:53:49.492 17951 17951 F DEBUG : #05 pc 00047317 /system/lib/libc.so (_ZL15__pthread_startPv+22) +03-02 23:53:49.492 17951 17951 F DEBUG : #06 pc 0001a7e5 /system/lib/libc.so (__start_thread+34) +03-02 23:53:49.492 17951 17951 F DEBUG : Tombstone written to: /data/tombstones/tombstone_06 +Reading symbols from /huge-ssd/aosp-arm64/out/target/product/angler/symbols +Revision: '0' +pid: 17946, tid: 17949, name: crasher >>> crasher <<< +signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xc + r0 0000000c r1 00000000 r2 00000000 r3 00000000 + r4 00000000 r5 0000000c r6 eccdd920 r7 00000078 + r8 0000461a r9 ffc78c19 sl ab209441 fp fffff924 + ip ed01b834 sp eccdd800 lr ecfa9a1f pc ecfd693e cpsr 600e0030 +Using arm toolchain from: /huge-ssd/aosp-arm64/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.9/bin/ + +Stack Trace: + RELADDR FUNCTION FILE:LINE + 0004793e pthread_mutex_lock+2 bionic/libc/bionic/pthread_mutex.cpp:515 + v------> ScopedPthreadMutexLocker bionic/libc/private/ScopedPthreadMutexLocker.h:27 + 0001aa1b readdir+10 bionic/libc/bionic/dirent.cpp:120 + 00001b91 readdir_null+20 system/core/debuggerd/crasher.cpp:131 + 0000184b do_action+978 system/core/debuggerd/crasher.cpp:228 + 00001459 thread_callback+24 system/core/debuggerd/crasher.cpp:90 + 00047317 __pthread_start(void*)+22 bionic/libc/bionic/pthread_create.cpp:202 (discriminator 1) + 0001a7e5 __start_thread+34 bionic/libc/bionic/clone.cpp:46 (discriminator 1) +</pre> -<p>Note also the last line of <code>debuggerd</code> output --- in addition to dumping a -summary to the log, <code>debuggerd</code> writes a full “tombstone” to disk. This contains -a lot of extra information that can be helpful in debugging a crash, in -particular the stack traces for all the threads in the crashing process (not -just the thread that caught the signal) and a full memory map.</p> +<p class="note"><strong>Note:</strong> Some system libraries are built with +<code>LOCAL_STRIP_MODULE := keep_symbols</code> to provide usable backtraces +directly from <code>debuggerd</code> without taking up anywhere near as much +space as an unstripped version.</p> -<p>For more information about diagnosing native crashes and tombstones, see -<a href="/devices/tech/debug/native-crash.html">Diagnosing Native Crashes</a></p> +<p>You can also <code>stack</code> an entire tombstone. Example:</p> +<pre> +$ stack < FS/data/tombstones/tombstone_05 +</pre> +<p>This is useful if you've just unzipped a bugreport in the current directory. +For more information about diagnosing native crashes and tombstones, see +<a href="/devices/tech/debug/native-crash.html">Diagnosing Native Crashes</a>. +</p> <h3>Getting a stack trace/tombstone from a running process</h3> -<p>You can also ask <code>debuggerd</code> to operate on a running process by invoking it from -the command line. Given a PID it will dump a full tombstone to stdout, or you can use -<code>-b</code> (short for <code>--backtrace</code>) to just get the stack for every thread in the -given process. +<p>You can also use <code>debuggerd</code> on a running process. From the +command line, invoke <code>debuggerd</code> using a process ID (PID) to dump the +full tombstone to <code>stdout</code>. To get just the stack for every thread in +the process, include the <code>-b</code> or <code>--backtrace</code> flag. + +<h2 id=native>Using GDB</h2> -<h2 id=native>Native Debugging with GDB</h2> +<p>The GNU Project debugger (GDB) is a commonly used Unix debugger.</p> <h3 id=running>Debugging a running app</h3> -<p>To connect to an already-running app or native daemon, use <code>gdbclient</code>.</p> +<p>To connect to an already-running app or native daemon, use +<code>gdbclient</code> with a PID. For example, to debug the process with PID +1234, run:</p> -<p>Current versions of gdbclient just require the process ID (PID). So to debug a process with -PID 1234, simply run:</p> <pre class="no-pretty-print"> $ gdbclient 1234 </pre> -<p>The script will set up port forwarding, start the appropriate -<code>gdbserver</code> on the device, start the appropriate <code>gdb</code> on -the host, configure <code>gdb</code> to find symbols, and connect + +<p>The script sets up port forwarding, starts the appropriate +<code>gdbserver</code> on the device, starts the appropriate <code>gdb</code> on +the host, configures <code>gdb</code> to find symbols, and connects <code>gdb</code> to the remote <code>gdbserver</code>.</p> <h3 id=starts>Debugging a native process as it starts</h3> -<p>If you want to debug a process as it starts, you’ll need to use <code>gdbserver</code> -or <code>gdbserver64</code> manually, but that’s easy too:</p> +<p>To debug a process as it starts, use <code>gdbserver</code> or +<code>gdbserver64</code> (for 64-bit processes). For example:</p> <pre class="no-pretty-print"> $ adb shell gdbserver :5039 /system/bin/<em>my_test_app</em> @@ -126,18 +191,18 @@ Process my_test_app created; pid = 3460 Listening on port 5039 </pre> -<p>Identify the app’s PID from the <code>gdbserver</code> output, and then in -another window:</p> +<p>Next, identify the application PID from the <code>gdbserver</code> output and +use it in another terminal window:</p> <pre class="no-pretty-print"> $ gdbclient <em><app pid></em> </pre> -<p>Then enter <strong>continue</strong> at the <code>gdb</code> prompt.</p> +<p>Finally, enter <strong>continue</strong> at the <code>gdb</code> prompt.</p> -<p>Note that to debug a 64-bit process, you'll need to use <code>gdbserver64</code>. -The error messages from <code>gdb</code> if you made the wrong choice are unhelpful -(along the lines of <code>Reply contains invalid hex digit 59</code>).</p> +<p class="note"><strong>Note:</strong> If you use the wrong +<code>gdbserver</code>, you'll get an unhelpful error message (such as +"<code>Reply contains invalid hex digit 59</code>").</p> <h3 id=crash>Debugging processes that crash</h3> @@ -152,69 +217,22 @@ $ adb shell setprop debug.debuggerd.wait_for_gdb true $ adb shell setprop debug.db.uid 999999 </pre> -<p>At the end of the usual crash output, <code>debuggerd</code> will give you -instructions on how to connect <code>gdb</code> using the typical command: +<p>At the end of the usual crash output, <code>debuggerd</code> provides +instructions on how to connect <code>gdb</code> using the command: <pre class="no-pretty-print"> $ gdbclient <pid> </pre> <h3 id=symbols>Debugging without symbols</h3> -<p>If you don’t have symbols, sometimes <code>gdb</code> will get confused about the -instruction set it is disassembling (ARM or Thumb). The instruction set that is -chosen as the default when symbol information is missing can be switched -between ARM or Thumb like so:</p> +<p>For 32-bit ARM, if you don’t have symbols, <code>gdb</code> can get confused +about the instruction set it is disassembling (ARM or Thumb). To specify the +instruction set chosen as the default when symbol information is missing, set +the following property:</p> <pre class="no-pretty-print"> -$ set arm fallback-mode arm # or 'thumb' -</pre> - -<h2 id=symbols>Other tools</h2> - -<h3 id=valgrind>Valgrind</h3> - -<p>The following steps show you how to use <a -href="http://valgrind.org/">Valgrind</a> on Android. This tool suite contains a -number of tools including Memcheck for detecting memory-related errors in C and -C++.</p> - -<p>Android platform developers usually use -<a href="/devices/tech/debug/asan.html">AddressSanitizer (ASan)</a> rather than valgrind.</p> - -<ol> - <li>To build Valgrind, run: -<pre class="no-pretty-print"> -$ mmma -j6 external/valgrind -</pre> - <li>Set up the temporary directory: -<pre class="no-pretty-print"> -$ adb shell mkdir /data/local/tmp -$ adb shell chmod 777 /data/local/tmp -</pre> - <li>Run the system server with Valgrind: -<pre class="no-pretty-print"> -$ adb shell setprop wrap.system_server "logwrapper valgrind" -$ adb shell stop && adb shell start -</pre> - <li>For debug symbols, push unstripped libraries to <code>/data/local/symbols</code>: -<pre class="no-pretty-print"> -$ adb shell mkdir /data/local/symbols -$ adb push $OUT/symbols /data/local/symbols +$ set arm fallback-mode arm # or thumb </pre> - <li>To use Valgrind during boot up, edit <code>out/target/product/XXXX/root/init.rc</code> and -change:<br> -<code>service example /system/bin/foo --arg1 --arg2</code><br> -to:<br> -<code>service example /system/bin/logwrapper /system/bin/valgrind /system/bin/foo --arg1 --arg2</code><br> -To see the effects, you need to create a <code>boot.img</code> and reflash the device. -</ol> - -<h3 id=systrace>Systrace</h3> - -<p>See <a -href="https://developer.android.com/tools/help/systrace.html">Systrace on -developer.android.com</a> for deriving execution times of applications and -other Android system processes.</p> </body> </html> diff --git a/en/devices/tech/debug/strace.html b/en/devices/tech/debug/strace.html new file mode 100644 index 00000000..a69a64b4 --- /dev/null +++ b/en/devices/tech/debug/strace.html @@ -0,0 +1,121 @@ +<html devsite> + <head> + <title>Using Strace</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p><a href="https://strace.io">Strace</a> enables you to see the system calls a +process makes and what those system calls return. A typical process makes a lot +of system calls, so you'll want to review the +<a href="http://man7.org/linux/man-pages/man1/strace.1.html">strace man page</a> +to learn how to collect only data you're actually interested in.</p> + +<h2 id=build-strace>Building strace</h2> + +<p>To build strace, run the following: +<pre> +$ mmma -j6 external/strace +</pre> + +<h2 id=attach-strace>Attaching to a running process</h2> + +<p>The simplest and most common use case for strace is to attach it to a running +process, which you can do with:</p> +<pre> +$ adb shell strace -f -p PID +</pre> +<p>The <code>-f</code> flag tells strace to attach to all the threads in the +process, plus any new threads spawned later.</p> + +<h2 id=app-strace>Using on an application</h2> +<p>To use strace on an application:</p> + +<ol> +<li>Set up a directory for strace logs: +<pre> +$ adb shell setenforce 0 +$ adb shell mkdir /data/local/tmp/strace +$ adb shell chmod 777 /data/local/tmp/strace +</pre> +</li> + +<li>Choose the process to trace before launching it: +<pre> +$ adb shell setprop wrap.com.google.android.browser "logwrapper strace -f -o /data/local/tmp/strace/strace.com.google.android.browser.txt" +</pre> +</li> +<li>Launch the process normally.</li> +</ol> + +<h2 id=zygote-systrace>Using on the zygote</h2> +<p>To use strace on the zygote, fix the relevant <code>init.rc</code> zygote +line (requires <code>adb shell setenforce 0</code>): +</p> + +<pre> +$ cd system/core/ +$ patch -p1 <<EOF +--- a/rootdir/init.zygote32.rc ++++ b/rootdir/init.zygote32.rc +@@ -1,4 +1,4 @@ +-service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server ++service zygote /system/xbin/strace -o /data/local/tmp/zygote.strace /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server + class main + socket zygote stream 660 root system + onrestart write /sys/android_power/request_state wake +EOF +</pre> + +<h2 id=get-logs-boot>Getting strace logs during Android boot</h2> + +<p>To get strace logs during Android boot, make the following changes:</p> + +<ul> +<li>Since the process name changes from <code>zygote</code> to +<code>strace</code>, the given service may fail to start due to the missing +SELinux <code>file_context</code> for <code>strace</code>. The solution is to +add a new line for strace in <code>system/sepolicy/private/file_contexts</code> +and copy the original file context over. Example: +<pre> +/dev/socket/zygote u:object_r:zygote_socket:s0 ++ /system/xbin/strace u:object_r:zygote_socket:s0 +</pre> +</li> + +<li>Add kernel command, then boot the device in SELinux permissive mode. You can +do this by adding <code>androidboot.selinux=permissive</code>to +<code>BOARD_KERNEL_CMDLINE</code>. (This variable becomes read-only in +<code>build/core/Makefile</code> but is always available under +<code>/device/*/BoardConfig</code>.) + +<br> +<br>Example for the Pixel (sailfish) device in +<code>/device/google/marlin/sailfish/BoardConfig.mk</code>: +<pre> +- BOARD_KERNEL_CMDLINE := .... androidboot.hardware=sailfish ... ++BOARD_KERNEL_CMDLINE := .... androidboot.hardware=sailfish ... androidboot.selinux=permissive +</pre> +After making the change, build and flash the boot image and the device will boot +in permissive mode. +</li> +</ul> + + </body> +</html> diff --git a/en/devices/tech/debug/valgrind.html b/en/devices/tech/debug/valgrind.html new file mode 100644 index 00000000..d8f1e42b --- /dev/null +++ b/en/devices/tech/debug/valgrind.html @@ -0,0 +1,75 @@ +<html devsite> + <head> + <title>Using Valgrind</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> + +<p>The <a href="http://valgrind.org/">Valgrind</a> tool suite includes Memcheck +(for detecting memory-related errors in C and C++), Cachegrind (a cache +profiler), Massif (a heap profiler), and several other tools.</p> + +<p class="note"><strong>Note:</strong> While you can use Valgrind for Android +debugging, most Android platform developers use +<a href="/devices/tech/debug/asan.html">AddressSanitizer</a> instead.</p> + +<h2 id=build-valgrind>Building Valgrind</h2> +<p>To build Valgrind:</p> +<pre class="no-pretty-print"> +$ mmma -j6 external/valgrind +</pre> + +<h2 id=app-valgrind>Using on an application</h2> +<p>To use Valgrind on an application:</p> + +<pre class="no-pretty-print"> +$ adb shell setprop wrap.<em>app_name</em> "logwrapper valgrind" +$ adb shell am start -a android.intent.action.MAIN -n <em>app_name</em>/.MainActivity +</pre> + +<code><em>app_name</em></code> must be a fully-qualified name such as +<strong>com.google.example_app</strong>. + +<h2 id=server-valgrind>Using on the system server</h2> +<p>To run the system server with Valgrind:</p> + +<pre class="no-pretty-print"> +$ adb shell setprop wrap.system_server "logwrapper valgrind" +$ adb shell stop && adb shell start +</pre> + + +<h2 id=symbols-valgrind>Getting debug symbols</h2> +<p>For debug symbols, push unstripped libraries to <code>/data/local/symbols</code>:</p> +<pre class="no-pretty-print"> +$ adb shell mkdir /data/local/symbols +$ adb push $OUT/symbols /data/local/symbols +</pre> + +<h2 id=boot-valgrind>Using during boot up</h2> +<p>To use Valgrind during boot up, edit +<code>out/target/product/XXXX/root/init.rc</code> by changing</p> +<p><code>service example /system/bin/foo --arg1 --arg2</code></p> +<p>to:</p> +<p><code>service example /system/bin/logwrapper /system/bin/valgrind /system/bin/foo --arg1 --arg2</code></p> +<p>To see the effects, create a <code>boot.img</code> and reflash the +device.</p> + + </body> +</html> diff --git a/en/security/_toc.yaml b/en/security/_toc.yaml index d3168de0..61e02b71 100644 --- a/en/security/_toc.yaml +++ b/en/security/_toc.yaml @@ -37,6 +37,8 @@ toc: path: /security/advisory/ - title: 2017 Bulletins section: + - title: June + path: /security/bulletin/2017-06-01 - title: May path: /security/bulletin/2017-05-01 - title: April diff --git a/en/security/bulletin/2017-06-01.html b/en/security/bulletin/2017-06-01.html new file mode 100644 index 00000000..8c3f8faf --- /dev/null +++ b/en/security/bulletin/2017-06-01.html @@ -0,0 +1,1400 @@ +<html devsite> + <head> + <title>Android Security Bulletin—June 2017</title> + <meta name="project_path" value="/_project.yaml" /> + <meta name="book_path" value="/_book.yaml" /> + </head> + <body> + <!-- + Copyright 2017 The Android Open Source Project + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + --> +<p><em>Published June 5, 2017</em></p> + +<p>The Android Security Bulletin contains details of security vulnerabilities +affecting Android devices. Security patch levels of June 05, 2017 or later +address all of these issues. Refer to the <a +href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel +and Nexus update schedule</a> to learn how to check a device's security patch +level.</p> + +<p>Partners were notified of the issues described in the bulletin at least a +month ago. Source code patches for these issues will be released to the Android +Open Source Project (AOSP) repository in the next 48 hours. We will revise this +bulletin with the AOSP links when they are available.</p> + +<p>The most severe of these issues is a critical security vulnerability in Media +Framework that could enable a remote attacker using a specially crafted file to +cause memory corruption during media file and data processing. The <a +href="/security/overview/updates-resources.html#severity">severity +assessment</a> is based on the effect that exploiting the vulnerability would +possibly have on an affected device, assuming the platform and service +mitigations are turned off for development purposes or if successfully bypassed.</p> + +<p>We have had no reports of active customer exploitation or abuse of these newly +reported issues. Refer to the +<a href="#mitigations">Android and Google Play Protect mitigations</a> +section for details on the <a +href="/security/enhancements/index.html">Android +security platform protections</a> and <a +href="https://www.android.com/play-protect">Google Play Protect</a>, +which improve the security of the Android platform.</p> + +<p>We encourage all customers to accept these updates to their devices.</p> + +<p class="note"><strong>Note:</strong> Information on the latest over-the-air update (OTA) and +firmware images for Google devices is available in the <a +href="#google-device-updates">Google device updates</a> section.</p> + +<h2 id="announcements">Announcements</h2> +<ul> + <li>We've streamlined the monthly security bulletin to make + it easier to read. As part of this update, vulnerability information is + categorized by affected component, sorted by component name within a + security patch level, and Google device-specific information + is hosted in a <a href="#google-device-updates">dedicated section</a>.</li> + <li>This bulletin has two security patch level strings to provide Android + partners with the flexibility to more quickly fix a subset of vulnerabilities + that are similar across all Android devices. See <a + href="#common-questions-and-answers">Common questions and answers</a> for + additional information: + <ul> + <li><strong>2017-06-01</strong>: Partial security patch level string. This + security patch level string indicates that all issues associated with 2017-06-01 + (and all previous security patch level strings) are addressed.</li> + <li><strong>2017-06-05</strong>: Complete security patch level string. This + security patch level string indicates that all issues associated with 2017-06-01 + and 2017-06-05 (and all previous security patch level strings) are + addressed.</li> + </ul> + </li> +</ul> + +<h2 id="mitigations">Android and Google Play Protect mitigations</h2> +<p>This is a summary of the mitigations provided by the <a +href="/security/enhancements/index.html">Android +security platform</a> and service protections such as +<a href="https://www.android.com/play-protect">Google Play Protect</a>. +These capabilities reduce the likelihood that security +vulnerabilities could be successfully exploited on Android.</p> +<ul> + <li>Exploitation for many issues on Android is made more difficult by + enhancements in newer versions of the Android platform. We encourage all users + to update to the latest version of Android where possible.</li> + <li>The Android security team actively monitors for abuse through + <a href="https://www.android.com/play-protect">Google Play Protect</a> + and warns users about <a + href="/security/reports/Google_Android_Security_PHA_classifications.pdf">Potentially + Harmful Applications</a>. Google Play Protect is enabled by default on devices + with <a href="http://www.android.com/gms">Google Mobile Services</a>, and is + especially important for users who install apps from outside of Google Play.</li> +</ul> + +<h2 id="2017-06-01-details">2017-06-01 security patch level—Vulnerability details</h2> +<p>In the sections below, we provide details for each of the security +vulnerabilities that apply to the 2017-06-01 patch level. Vulnerabilities are +grouped under the component that they affect. There is a description of the +issue and a table with the CVE, associated references, <a +href="#vulnerability-type">type of vulnerability</a>, <a +href="/security/overview/updates-resources.html#severity">severity</a>, +and updated AOSP versions (where applicable). When available, we link the public +change that addressed the issue to the bug ID, like the AOSP change list. When +multiple changes relate to a single bug, additional references are linked to +numbers following the bug ID.</p> + +<h3 id="bluetooth">Bluetooth</h3> +<p>The most severe vulnerability in this section could enable a local malicious app +to access data outside of its permission levels.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0639</td> + <td>A-35310991</td> + <td>ID</td> + <td>High</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0645</td> + <td>A-35385327</td> + <td>EoP</td> + <td>Moderate</td> + <td>6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0646</td> + <td>A-33899337</td> + <td>ID</td> + <td>Moderate</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> +</table> +<h3 id="libraries">Libraries</h3> +<p>The most severe vulnerability in this section could enable a remote attacker +using a specially crafted file execute arbitrary code within the context of an +unprivileged process.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2015-8871</td> + <td>A-35443562</td> + <td>RCE</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + </tr> + <tr> + <td>CVE-2016-8332</td> + <td>A-37761553</td> + <td>RCE</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1</td> + </tr> + <tr> + <td>CVE-2016-5131</td> + <td>A-36554209</td> + <td>RCE</td> + <td>High</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2016-4658</td> + <td>A-36554207</td> + <td>RCE</td> + <td>High</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0663</td> + <td>A-37104170</td> + <td>RCE</td> + <td>High</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-7376</td> + <td>A-36555370</td> + <td>RCE</td> + <td>High</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-5056</td> + <td>A-36809819</td> + <td>RCE</td> + <td>Moderate</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-7375</td> + <td>A-36556310</td> + <td>RCE</td> + <td>Moderate</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0647</td> + <td>A-36392138</td> + <td>ID</td> + <td>Moderate</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2016-1839</td> + <td>A-36553781</td> + <td>DoS</td> + <td>Moderate</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> +</table> +<h3 id="media-framework">Media framework</h3> +<p>The most severe vulnerability in this section could enable a remote attacker +using a specially crafted file to cause memory corruption during media file and +data processing.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0637</td> + <td>A-34064500</td> + <td>RCE</td> + <td>Critical</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0391</td> + <td>A-32322258</td> + <td>DoS</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0640</td> + <td>A-33129467</td> + <td>DoS</td> + <td>High</td> + <td>6.0, 6.0.1, 7.0, 7.1.1</td> + </tr> + <tr> + <td>CVE-2017-0641</td> + <td>A-34360591</td> + <td>DoS</td> + <td>High</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0642</td> + <td>A-34819017</td> + <td>DoS</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td> + </tr> + <tr> + <td>CVE-2017-0643</td> + <td>A-35645051</td> + <td>DoS</td> + <td>High</td> + <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1</td> + </tr> + <tr> + <td>CVE-2017-0644</td> + <td>A-35472997</td> + <td>DoS</td> + <td>High</td> + <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td> + </tr> +</table> +<h3 id="system-ui">System UI</h3> +<p>The most severe vulnerability in this section could enable an attacker using a +specially crafted file to execute arbitrary code within the context of an +unprivileged process.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2017-0638</td> + <td>A-36368305</td> + <td>RCE</td> + <td>High</td> + <td>7.1.1, 7.1.2</td> + </tr> +</table> +<h2 id="2017-06-05-details">2017-06-05 +security patch level—Vulnerability details</h2> +<p>In the sections below, we provide details for each of the security +vulnerabilities that apply to the 2017-06-05 patch level. Vulnerabilities are +grouped under the component that they affect and include details such as the +CVE, associated references, <a +href="#vulnerability-type">type of vulnerability</a>, <a +href="/security/overview/updates-resources.html#severity">severity</a>, +component (where +applicable), and updated AOSP versions (where applicable). When available, we +link the public change that addressed the issue to the bug ID, like the AOSP +change list. When multiple changes relate to a single bug, additional references +are linked to numbers following the bug ID.</p> + +<h3 id="kernel-components">Kernel components</h3> +<p>The most severe vulnerability in this section could enable a local malicious app +to execute arbitrary code within the context of the kernel.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-0648</td> + <td>A-36101220<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>High</td> + <td>FIQ debugger</td> + </tr> + <tr> + <td>CVE-2017-0651</td> + <td>A-35644815<a href="#asterisk">*</a></td> + <td>ID</td> + <td>Low</td> + <td>ION subsystem</td> + </tr> +</table> +<h3 id="libraries-05">Libraries</h3> +<p>The most severe vulnerability in this section could enable a remote attacker +using a specially crafted file to gain access to sensitive information.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Updated AOSP versions</th> + </tr> + <tr> + <td>CVE-2015-7995</td> + <td>A-36810065</td> + <td>ID</td> + <td>Moderate</td> + <td>4.4.4</td> + </tr> +</table> +<h3 id="mediatek-components">MediaTek components</h3> +<p>The most severe vulnerability in this section could enable a local malicious app +to execute arbitrary code within the context of the kernel.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-0636</td> + <td>A-35310230<a href="#asterisk">*</a><br> + M-ALPS03162263</td> + <td>EoP</td> + <td>High</td> + <td>Command queue driver</td> + </tr> + <tr> + <td>CVE-2017-0649</td> + <td>A-34468195<a href="#asterisk">*</a><br> + M-ALPS03162283</td> + <td>EoP</td> + <td>Moderate</td> + <td>Sound driver</td> + </tr> +</table> +<h3 id="nvidia-components">NVIDIA components</h3> +<p>The most severe vulnerability in this section could enable a local malicious app +to execute arbitrary code within the context of the kernel.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-6247</td> + <td>A-34386301<a href="#asterisk">*</a><br> + N-CVE-2017-6247</td> + <td>EoP</td> + <td>High</td> + <td>Sound driver</td> + </tr> + <tr> + <td>CVE-2017-6248</td> + <td>A-34372667<a href="#asterisk">*</a><br> + N-CVE-2017-6248</td> + <td>EoP</td> + <td>Moderate</td> + <td>Sound driver</td> + </tr> +</table> +<h3 id="qualcomm-components">Qualcomm components</h3> +<p>The most severe vulnerability in this section could enable a proximate attacker +to execute arbitrary code within the context of the kernel.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-7371</td> + <td>A-36250786<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=e02e63b8014f7a0a5ea17a5196fb4ef1283fd1fd">QC-CR#1101054</a></td> + <td>RCE</td> + <td>Critical</td> + <td>Bluetooth driver</td> + </tr> + <tr> + <td>CVE-2017-7365</td> + <td>A-32449913<br> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=da49bf21d1c19a6293d33c985066dc0273c476db">QC-CR#1017009</a></td> + <td>EoP</td> + <td>High</td> + <td>Bootloader</td> + </tr> + <tr> + <td>CVE-2017-7366</td> + <td>A-36252171<br> + <a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f4c9ffd6cd7960265f38e285ac43cbecf2459e45">QC-CR#1036161</a> +[<a +href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=7c4d5736d32f91f0cafe6cd86d00e26389970b00">2</a>]</td> + <td>EoP</td> + <td>High</td> + <td>GPU driver</td> + </tr> + <tr> + <td>CVE-2017-7367</td> + <td>A-34514708<br> + <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=07174af1af48c60a41c7136f0c80ffdf4ccc0b57">QC-CR#1008421</a></td> + <td>DoS</td> + <td>High</td> + <td>Bootloader</td> + </tr> + <tr> + <td>CVE-2016-5861</td> + <td>A-36251375<br> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=cf3c97b8b6165f13810e530068fbf94b07f1f77d">QC-CR#1103510</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Video driver</td> + </tr> + <tr> + <td>CVE-2016-5864</td> + <td>A-36251231<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=cbc21ceb69cb7bca0643423a7ca982abce3ce50a">QC-CR#1105441</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Sound driver</td> + </tr> + <tr> + <td>CVE-2017-6421</td> + <td>A-36251986<br> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=be42c7ff1f0396484882451fd18f47144c8f1b6b">QC-CR#1110563</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>MStar touchscreen driver</td> + </tr> + <tr> + <td>CVE-2017-7364</td> + <td>A-36252179<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=3ce6c47d2142fcd2c4c1181afe08630aaae5a267">QC-CR#1113926</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Video driver</td> + </tr> + <tr> + <td>CVE-2017-7368</td> + <td>A-33452365<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=143ef972be1621458930ea3fc1def5ebce7b0c5d">QC-CR#1103085</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Sound driver</td> + </tr> + <tr> + <td>CVE-2017-7369</td> + <td>A-33751424<br> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=75ed08a822cf378ffed0d2f177d06555bd77a006">QC-CR#2009216</a> +[<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=ae8f1d5f60644983aba7fbab469d0e542a187c6e">2</a>]</td> + <td>EoP</td> + <td>Moderate</td> + <td>Sound driver</td> + </tr> + <tr> + <td>CVE-2017-7370</td> + <td>A-34328139<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=970edf007fbe64b094437541a42477d653802d85">QC-CR#2006159</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Video driver</td> + </tr> + <tr> + <td>CVE-2017-7372</td> + <td>A-36251497<br> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=1806be003731d6d4be55e5b940d14ab772839e13">QC-CR#1110068</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Video driver</td> + </tr> + <tr> + <td>CVE-2017-7373</td> + <td>A-36251984<br> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=e5eb0d3aa6fe62ee437a2269a1802b1a72f61b75">QC-CR#1090244</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Video driver</td> + </tr> + <tr> + <td>CVE-2017-8233</td> + <td>A-34621613<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=64b7bc25e019dd07e8042e0a6ec6dc6a1dd0c385">QC-CR#2004036</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Camera driver</td> + </tr> + <tr> + <td>CVE-2017-8234</td> + <td>A-36252121<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6266f954a52641f550ef71653ea83c80bdd083be">QC-CR#832920</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Camera driver</td> + </tr> + <tr> + <td>CVE-2017-8235</td> + <td>A-36252376<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=7e4424a1b5f6a6536066cca7aac2c3a23fd39f6f">QC-CR#1083323</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Camera driver</td> + </tr> + <tr> + <td>CVE-2017-8236</td> + <td>A-35047217<br> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=cf0d31bc3b04cf2db7737d36b11a5bf50af0c1db">QC-CR#2009606</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>IPA driver</td> + </tr> + <tr> + <td>CVE-2017-8237</td> + <td>A-36252377<br> + <a href="https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=342d16ac6fb01e304ec75344c693257e00628ecf">QC-CR#1110522</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Networking driver</td> + </tr> + <tr> + <td>CVE-2017-8242</td> + <td>A-34327981<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6a3b8afdf97e77c0b64005b23fa6d32025d922e5">QC-CR#2009231</a></td> + <td>EoP</td> + <td>Moderate</td> + <td>Secure execution environment communication driver</td> + </tr> + <tr> + <td>CVE-2017-8239</td> + <td>A-36251230<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=01db0e012f86b8ba6974e5cb9905261a552a0610">QC-CR#1091603</a></td> + <td>ID</td> + <td>Moderate</td> + <td>Camera driver</td> + </tr> + <tr> + <td>CVE-2017-8240</td> + <td>A-36251985<br> + <a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=22b8b6608174c1308208d5bc6c143f4998744547">QC-CR#856379</a></td> + <td>ID</td> + <td>Moderate</td> + <td>Pin controller driver</td> + </tr> + <tr> + <td>CVE-2017-8241</td> + <td>A-34203184<br> + <a href="https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=90213394b7efb28fa511b2eaebc1343ae3b54724">QC-CR#1069175</a></td> + <td>ID</td> + <td>Low</td> + <td>Wi-Fi driver</td> + </tr> +</table> +<h3 id="synaptics-components">Synaptics components</h3> +<p>The most severe vulnerability in this section could enable a local malicious app +to access data outside of its permission levels.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2017-0650</td> + <td>A-35472278<a href="#asterisk">*</a></td> + <td>EoP</td> + <td>Low</td> + <td>Touchscreen driver</td> + </tr> +</table> +<h3 id="qualcomm-closed-source-components">Qualcomm closed-source +components</h3> +<p>These vulnerabilities affect Qualcomm components and are described in further +detail in Qualcomm AMSS security bulletins from 2014–2016. They are included in +this Android security bulletin to associate their fixes with an Android security +patch level. Fixes for these vulnerabilities are available directly from Qualcomm.</p> + +<table> + <col width="17%"> + <col width="19%"> + <col width="9%"> + <col width="14%"> + <col width="39%"> + <tr> + <th>CVE</th> + <th>References</th> + <th>Type</th> + <th>Severity</th> + <th>Component</th> + </tr> + <tr> + <td>CVE-2014-9960</td> + <td>A-37280308<a href="#asterisk">*</a><br> + QC-CR#381837</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9961</td> + <td>A-37279724<a href="#asterisk">*</a><br> + QC-CR#581093</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9953</td> + <td>A-36714770<a href="#asterisk">*</a><br> + QC-CR#642173</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9967</td> + <td>A-37281466<a href="#asterisk">*</a><br> + QC-CR#739110</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9026</td> + <td>A-37277231<a href="#asterisk">*</a><br> + QC-CR#748397</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9027</td> + <td>A-37279124<a href="#asterisk">*</a><br> + QC-CR#748407</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9008</td> + <td>A-36384689<a href="#asterisk">*</a><br> + QC-CR#762111</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9009</td> + <td>A-36393600<a href="#asterisk">*</a><br> + QC-CR#762182</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9010</td> + <td>A-36393101<a href="#asterisk">*</a><br> + QC-CR#758752</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9011</td> + <td>A-36714882<a href="#asterisk">*</a><br> + QC-CR#762167</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9024</td> + <td>A-37265657<a href="#asterisk">*</a><br> + QC-CR#740680</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9012</td> + <td>A-36384691<a href="#asterisk">*</a><br> + QC-CR#746617</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9013</td> + <td>A-36393251<a href="#asterisk">*</a><br> + QC-CR#814373</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9014</td> + <td>A-36393750<a href="#asterisk">*</a><br> + QC-CR#855220</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9015</td> + <td>A-36714120<a href="#asterisk">*</a><br> + QC-CR#701858</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9029</td> + <td>A-37276981<a href="#asterisk">*</a><br> + QC-CR#827837</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10338</td> + <td>A-37277738<a href="#asterisk">*</a><br> + QC-CR#987699</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10336</td> + <td>A-37278436<a href="#asterisk">*</a><br> + QC-CR#973605</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10333</td> + <td>A-37280574<a href="#asterisk">*</a><br> + QC-CR#947438</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10341</td> + <td>A-37281667<a href="#asterisk">*</a><br> + QC-CR#991476</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10335</td> + <td>A-37282802<a href="#asterisk">*</a><br> + QC-CR#961142</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10340</td> + <td>A-37280614<a href="#asterisk">*</a><br> + QC-CR#989028</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10334</td> + <td>A-37280664<a href="#asterisk">*</a><br> + QC-CR#949933</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10339</td> + <td>A-37280575<a href="#asterisk">*</a><br> + QC-CR#988502</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10298</td> + <td>A-36393252<a href="#asterisk">*</a><br> + QC-CR#1020465</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10299</td> + <td>A-32577244<a href="#asterisk">*</a><br> + QC-CR#1058511</td> + <td>N/A</td> + <td>Critical</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9954</td> + <td>A-36388559<a href="#asterisk">*</a><br> + QC-CR#552880</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9955</td> + <td>A-36384686<a href="#asterisk">*</a><br> + QC-CR#622701</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9956</td> + <td>A-36389611<a href="#asterisk">*</a><br> + QC-CR#638127</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9957</td> + <td>A-36387564<a href="#asterisk">*</a><br> + QC-CR#638984</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9958</td> + <td>A-36384774<a href="#asterisk">*</a><br> + QC-CR#638135</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9962</td> + <td>A-37275888<a href="#asterisk">*</a><br> + QC-CR#656267</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9963</td> + <td>A-37276741<a href="#asterisk">*</a><br> + QC-CR#657771</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9959</td> + <td>A-36383694<a href="#asterisk">*</a><br> + QC-CR#651900</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9964</td> + <td>A-37280321<a href="#asterisk">*</a><br> + QC-CR#680778</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9965</td> + <td>A-37278233<a href="#asterisk">*</a><br> + QC-CR#711585</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2014-9966</td> + <td>A-37282854<a href="#asterisk">*</a><br> + QC-CR#727398</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9023</td> + <td>A-37276138<a href="#asterisk">*</a><br> + QC-CR#739802</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9020</td> + <td>A-37276742<a href="#asterisk">*</a><br> + QC-CR#733455</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9021</td> + <td>A-37276743<a href="#asterisk">*</a><br> + QC-CR#735148</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9025</td> + <td>A-37276744<a href="#asterisk">*</a><br> + QC-CR#743985</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9022</td> + <td>A-37280226<a href="#asterisk">*</a><br> + QC-CR#736146</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9028</td> + <td>A-37277982<a href="#asterisk">*</a><br> + QC-CR#762764</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9031</td> + <td>A-37275889<a href="#asterisk">*</a><br> + QC-CR#866015</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9032</td> + <td>A-37279125<a href="#asterisk">*</a><br> + QC-CR#873202</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9033</td> + <td>A-37276139<a href="#asterisk">*</a><br> + QC-CR#892541</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2015-9030</td> + <td>A-37282907<a href="#asterisk">*</a><br> + QC-CR#854667</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10332</td> + <td>A-37282801<a href="#asterisk">*</a><br> + QC-CR#906713<br> + QC-CR#917701<br> + QC-CR#917702</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10337</td> + <td>A-37280665<a href="#asterisk">*</a><br> + QC-CR#977632</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> + <tr> + <td>CVE-2016-10342</td> + <td>A-37281763<a href="#asterisk">*</a><br> + QC-CR#988941</td> + <td>N/A</td> + <td>High</td> + <td>Closed-source component</td> + </tr> +</table> +<h2 id="google-device-updates">Google device updates</h2> +<p>This table contains the security patch level in the latest over-the-air update +(OTA) and firmware images for Google devices. The Google device firmware images +are available on the <a +href="https://developers.google.com/android/nexus/images">Google Developer +site</a>.</p> + +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Google device</th> + <th>Security patch level</th> + </tr> + <tr> + <td>Pixel / Pixel XL</td> + <td>June 05, 2017</td> + </tr> + <tr> + <td>Nexus 5X</td> + <td>June 05, 2017</td> + </tr> + <tr> + <td>Nexus 6</td> + <td>June 05, 2017</td> + </tr> + <tr> + <td>Nexus 6P</td> + <td>June 05, 2017</td> + </tr> + <tr> + <td>Nexus 9</td> + <td>June 05, 2017</td> + </tr> + <tr> + <td>Nexus Player</td> + <td>June 05, 2017</td> + </tr> + <tr> + <td>Pixel C</td> + <td>June 05, 2017</td> + </tr> +</table> +<h2 id="acknowledgements">Acknowledgements</h2> +<p>We would like to thank these researchers for their contributions:</p> + +<table> + <col width="17%"> + <col width="83%"> + <tr> + <th>CVEs</th> + <th>Researchers</th> + </tr> + <tr> + <td>CVE-2017-0643, CVE-2017-0641</td> + <td>Ecular Xu(徐健) of Trend Micro</td> + </tr> + <tr> + <td>CVE-2017-0645, CVE-2017-0639</td> + <td>En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) and Bo Liu +of <a href="http://www.ms509.com">MS509Team</a></td> + </tr> + <tr> + <td>CVE-2017-0649</td> + <td>Gengjia Chen (<a +href="https://twitter.com/chengjia4574">@chengjia4574</a>) and <a +href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360 Technology Co. +Ltd.</td> + </tr> + <tr> + <td>CVE-2017-0646</td> + <td>Godzheng (郑文选 -<a +href="https://twitter.com/VirtualSeekers">@VirtualSeekers</a>) of Tencent PC +Manager</td> + </tr> + <tr> + <td>CVE-2017-0636</td> + <td>Jake Corina and Nick Stephens of Shellphish Grill Team</td> + </tr> + <tr> + <td>CVE-2017-8233</td> + <td>Jianqiang Zhao (<a +href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) and <a +href="http://weibo.com/jfpan">pjf </a>of IceSword Lab, Qihoo 360</td> + </tr> + <tr> + <td>CVE-2017-7368</td> + <td>Lubo Zhang (<a +href="mailto:zlbzlb815@163.com">zlbzlb815@163.com</a>),Yuan-Tsung Lo (<a +href="mailto:computernik@gmail.com">computernik@gmail.com</a>), and Xuxian Jiang +of <a href="http://c0reteam.org">C0RE Team</a></td> + </tr> + <tr> + <td>CVE-2017-8242</td> + <td>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>) of +Tesla's Product Security Team</td> + </tr> + <tr> + <td>CVE-2017-0650</td> + <td>Omer Shwartz, Amir Cohen, Dr. Asaf Shabtai, and Dr. Yossi Oren of Ben +Gurion University Cyber Lab</td> + </tr> + <tr> + <td>CVE-2017-0648</td> + <td>Roee Hay (<a href="https://twitter.com/roeehay">@roeehay</a>) of <a +href="https://alephsecurity.com/">Aleph Research</a>, HCL Technologies</td> + </tr> + <tr> + <td>CVE-2017-7369, CVE-2017-6249, CVE-2017-6247, CVE-2017-6248</td> + <td>sevenshen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) +of TrendMicro</td> + </tr> + <tr> + <td>CVE-2017-0642, CVE-2017-0637, CVE-2017-0638</td> + <td>Vasily Vasiliev</td> + </tr> + <tr> + <td>CVE-2017-0640</td> + <td>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) of <a +href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">Mobile +Threat Response Team</a>, <a href="http://www.trendmicro.com">Trend Micro</a></td> + </tr> + <tr> + <td>CVE-2017-8236</td> + <td>Xiling Gong of Tencent Security Platform Department</td> + </tr> + <tr> + <td>CVE-2017-0647</td> + <td>Yangkang (<a href="https://twitter.com/dnpushme">@dnpushme</a>) and +Liyadong of Qex Team, Qihoo 360</td> + </tr> + <tr> + <td>CVE-2017-7370</td> + <td>Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>) of +IceSword Lab, Qihoo 360 Technology Co. Ltd</td> + </tr> + <tr> + <td>CVE-2017-0651</td> + <td>Yuan-Tsung Lo (<a +href="mailto:computernik@gmail.com">computernik@gmail.com</a>) and Xuxian Jiang +of <a href="http://c0reteam.org">C0RE Team</a></td> + </tr> + <tr> + <td>CVE-2017-8241</td> + <td>Zubin Mithra of Google</td> + </tr> +</table> +<h2 id="common-questions-and-answers">Common questions and answers</h2> +<p>This section answers common questions that may occur after reading this +bulletin.</p> + +<p><strong>1. How do I determine if my device is updated to address these issues? +</strong></p> + +<p>To learn how to check a device's security patch level, read the instructions on +the <a +href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel +and Nexus update schedule</a>.</p> +<ul> +<li>Security patch levels of 2017-06-01 or later address all issues associated +with the 2017-06-01 security patch level.</li> +<li>Security patch levels of 2017-06-05 or later address all issues associated +with the 2017-06-05 security patch level and all previous patch levels.</li></ul> +<p>Device manufacturers that include these updates should set the patch string +level to:</p> +<ul> +<li>[ro.build.version.security_patch]:[2017-06-01]</li> +<li>[ro.build.version.security_patch]:[2017-06-05]</li></ul> +<p><strong>2. Why does this bulletin have two security patch levels?</strong></p> + +<p>This bulletin has two security patch levels so that Android partners have the +flexibility to fix a subset of vulnerabilities that are similar across all +Android devices more quickly. Android partners are encouraged to fix all issues +in this bulletin and use the latest security patch level.</p> +<ul> +<li>Devices that use the June 01, 2017 security patch level must include all +issues associated with that security patch level, as well as fixes for all +issues reported in previous security bulletins.</li> +<li>Devices that use the security patch level of June 05, 2017 or newer must +include all applicable patches in this (and previous) security +bulletins.</li></ul> +<p>Partners are encouraged to bundle the fixes for all issues they are addressing +in a single update.</p> + +<p id="vulnerability-type"><strong>3. What do the entries in the <em>Type</em> column mean?</strong></p> + +<p>Entries in the <em>Type</em> column of the vulnerability details table reference +the classification of the security vulnerability.</p> + +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Abbreviation</th> + <th>Definition</th> + </tr> + <tr> + <td>RCE</td> + <td>Remote code execution</td> + </tr> + <tr> + <td>EoP</td> + <td>Elevation of privilege</td> + </tr> + <tr> + <td>ID</td> + <td>Information disclosure</td> + </tr> + <tr> + <td>DoS</td> + <td>Denial of service</td> + </tr> + <tr> + <td>N/A</td> + <td>Classification not available</td> + </tr> +</table> +<p><strong>4. What do the entries in the <em>References</em> column mean?</strong></p> + +<p>Entries under the <em>References</em> column of the vulnerability details table +may contain a prefix identifying the organization to which the reference value +belongs.</p> + +<table> + <col width="25%"> + <col width="75%"> + <tr> + <th>Prefix</th> + <th>Reference</th> + </tr> + <tr> + <td>A-</td> + <td>Android bug ID</td> + </tr> + <tr> + <td>QC-</td> + <td>Qualcomm reference number</td> + </tr> + <tr> + <td>M-</td> + <td>MediaTek reference number</td> + </tr> + <tr> + <td>N-</td> + <td>NVIDIA reference number</td> + </tr> + <tr> + <td>B-</td> + <td>Broadcom reference number</td> + </tr> +</table> +<p id="asterisk"><strong>5. What does a <a href="#asterisk">*</a> next to the Android bug ID in the <em>References</em> +column mean?</strong></p> + +<p>Issues that are not publicly available have a <a href="#asterisk">*</a> next to the Android bug ID in +the <em>References</em> column. The update for that issue is generally contained +in the latest binary drivers for Nexus devices available from the <a +href="https://developers.google.com/android/nexus/drivers">Google Developer +site</a>.</p> + +<h2 id="versions">Versions</h2> +<table> + <col width="25%"> + <col width="25%"> + <col width="50%"> + <tr> + <th>Version</th> + <th>Date</th> + <th>Notes</th> + </tr> + <tr> + <td>1.0</td> + <td>June 5, 2017</td> + <td>Bulletin published.</td> + </tr> +</table> +</body> +</html> diff --git a/en/security/bulletin/2017.html b/en/security/bulletin/2017.html index 13b8a154..dcaad8f3 100644 --- a/en/security/bulletin/2017.html +++ b/en/security/bulletin/2017.html @@ -37,6 +37,22 @@ of all bulletins, see the <a href="index.html">Android Security Bulletins</a> ho <th>Security patch level</th> </tr> <tr> + <td><a href="2017-06-01.html">June 2017</a></td> + <td>Coming soon + <!-- + <a href="/security/bulletin/2017-06-01.html">English</a> / + <a href="/security/bulletin/2017-06-01.html?hl=ja">日本語</a> / + <a href="/security/bulletin/2017-06-01.html?hl=ko">한국어</a> / + <a href="/security/bulletin/2017-06-01.html?hl=ru">ру́сский</a> / + <a href="/security/bulletin/2017-06-01.html?hl=zh-cn">中文 (中国)</a> / + <a href="/security/bulletin/2017-06-01.html?hl=zh-tw">中文 (台灣)</a> + --> + </td> + <td>June 5, 2017</td> + <td>2017-06-01<br> + 2017-06-05</td> + </tr> + <tr> <td><a href="2017-05-01.html">May 2017</a></td> <td> <a href="/security/bulletin/2017-05-01.html">English</a> / diff --git a/en/security/bulletin/index.html b/en/security/bulletin/index.html index ab0c338b..29967c80 100644 --- a/en/security/bulletin/index.html +++ b/en/security/bulletin/index.html @@ -75,6 +75,22 @@ Android Open Source Project (AOSP), the upstream Linux kernel, and system-on-chi <th>Security patch level</th> </tr> <tr> + <td><a href="/security/bulletin/2017-06-01.html">June 2017</a></td> + <td>Coming soon + <!-- + <a href="/security/bulletin/2017-06-01.html">English</a> / + <a href="/security/bulletin/2017-06-01.html?hl=ja">日本語</a> / + <a href="/security/bulletin/2017-06-01.html?hl=ko">한국어</a> / + <a href="/security/bulletin/2017-06-01.html?hl=ru">ру́сский</a> / + <a href="/security/bulletin/2017-06-01.html?hl=zh-cn">中文 (中国)</a> / + <a href="/security/bulletin/2017-06-01.html?hl=zh-tw">中文 (台灣)</a> + --> + </td> + <td>June 5, 2017</td> + <td>2017-06-01<br> + 2017-06-05</td> + </tr> + <tr> <td><a href="/security/bulletin/2017-05-01.html">May 2017</a></td> <td> <a href="/security/bulletin/2017-05-01.html">English</a> / diff --git a/en/security/encryption/file-based.html b/en/security/encryption/file-based.html index 5033a8b8..f1471519 100644 --- a/en/security/encryption/file-based.html +++ b/en/security/encryption/file-based.html @@ -39,7 +39,7 @@ File-based encryption enables a new feature introduced in Android 7.0 called <a href="https://developer.android.com/training/articles/direct-boot.html">Direct Boot</a>. Direct Boot allows encrypted devices to boot straight to the lock screen. Previously, on encrypted devices using <a href="full-disk.html">full-disk -encryption</a> (FDE), users needed to provided credentials before any data could +encryption</a> (FDE), users needed to provide credentials before any data could be accessed, preventing the phone from performing all but the most basic of operations. For example, alarms could not operate, accessibility services were unavailable, and phones could not receive calls but were limited to only basic diff --git a/en/security/overview/acknowledgements.html b/en/security/overview/acknowledgements.html index 762bd153..7524e93e 100644 --- a/en/security/overview/acknowledgements.html +++ b/en/security/overview/acknowledgements.html @@ -43,6 +43,10 @@ Rewards</a> program.</p> <p>Alexandru Blanda</p> +<p>Amir Cohen of Ben Gurion University Cyber Lab</p> + +<p>Dr. Asaf Shabtai of Ben Gurion University Cyber Lab</p> + <p>Baozeng Ding of Alibaba Mobile Security Group</p> <p>Ben Actis (<a href="https://twitter.com/ben_ra">@Ben_RA</a>)</p> @@ -121,6 +125,8 @@ Urbana-Champaign</a></p> <p>Jack Tang of Trend Micro Inc.</p> +<p>Jake Corina of Shellphish Grill Team</p> + <p>Jeff Sharkey of Google</p> <p>Jeff Trim</p> @@ -139,6 +145,8 @@ href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a></p> <p>Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室)</p> +<p>Liyadong of Qex Team, Qihoo 360</p> + <p><a href="mailto:zlbzlb815@163.com">Lubo Zhang</a> of <a href="http://c0reteam.org">C0RE Team</a></p> @@ -165,6 +173,8 @@ of <a href="http://c0reteam.org">C0RE Team</a></p> <p>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>) of Tesla Motors Product Security Team</p> +<p>Nick Stephens of Shellphish Grill Team</p> + <p>Nikolay Elenkov of LINE Corporation</p> <p><a href="mailto:jiych.guru@gmail.com">Niky1235</a> @@ -172,6 +182,8 @@ of Tesla Motors Product Security Team</p> <p>Ning You of Alibaba Mobile Security Group</p> +<p>Omer Shwartz of Ben Gurion University Cyber Lab</p> + <p>Peide Zhang of Vulpecker Team, Qihoo 360 Technology Co. Ltd.</p> <p>Peng Xiao of Alibaba Mobile Security Group</p> @@ -262,6 +274,8 @@ of <a href="http://c0reteam.org">C0RE Team</a></p> <p>Yang Song of Alibaba Mobile Security Group</p> +<p>Yangkang (<a href="https://twitter.com/dnpushme">@dnpushme</a>) of Qex Team, Qihoo 360</p> + <p><a href="mailto:yaojun8558363@gmail.com">Yao Jun</a> of <a href="http://c0reteam.org">C0RE Team</a></p> @@ -271,6 +285,8 @@ of <a href="http://c0reteam.org">C0RE Team</a></p> <p>Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>) of IceSword Lab, Qihoo 360 Technology Co. Ltd.</p> +<p>Dr. Yossi Oren of Ben Gurion University Cyber Lab</p> + <p>Yu Pan of Vulpecker Team, Qihoo 360 Technology Co. Ltd</p> <p><a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> of diff --git a/en/source/building-kernels.html b/en/source/building-kernels.html index f305f3e5..5bdd796b 100644 --- a/en/source/building-kernels.html +++ b/en/source/building-kernels.html @@ -237,16 +237,6 @@ and can be used as a starting point for work on Intel x86_64 chipsets.</li> and can be used as a starting point for work on HiSilicon 620 chipsets.</li> </ul> -<h2 id="downloading-a-prebuilt-gcc">Downloading a prebuilt gcc</h2> -<p>Ensure the prebuilt toolchain is in your path:</p> -<pre>$ export PATH=$(pwd)/prebuilts/gcc/linux-x86/arm/arm-eabi-4.6/bin:$PATH</pre> -<p>or</p> -<pre>$ export PATH=$(pwd)/prebuilts/gcc/darwin-x86/arm/arm-eabi-4.6/bin:$PATH</pre> - -<p>On a Linux host, if you don't have an Android source tree, you can download -the prebuilt toolchain from: -<pre>$ git clone https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/arm/arm-eabi-4.6</pre> - <h2 id="building">Building the kernel</h2> <p>When you know the last commit message for a kernel and have successfully downloaded the kernel source and prebuilt gcc, you are ready to build the diff --git a/zh-cn/_index.yaml b/zh-cn/_index.yaml index f5bd1b06..024d1e9e 100644 --- a/zh-cn/_index.yaml +++ b/zh-cn/_index.yaml @@ -32,8 +32,8 @@ landing_page: buttons: - label: 测试设备 path: /compatibility/ - - classname: devsite-landing-row-large-headings devsite-landing-row-colored devsite-landing-row-grey - devsite-landing-row-no-image-background tf-about-row devsite-landing-row-75 + - classname: devsite-landing-row-large-headings devsite-landing-row-no-image-background tf-about-row devsite-landing-row-75 + background: grey items: - heading: Android 开放源代码项目简介 description: | |