一、关键点
13、运行时:Runtime
14、APK校验:APK Validation
15、USB连接:USB Connection
16、Android企业版变化:Android for Work Changes
二、详述:
13、Runtime
The ART runtime now properly implements access rules for the newInstance() method. This change fixes a problem where Dalvik was checking access rules incorrectly in previous versions. If your app uses the newInstance() method and you want to override access checks, call the setAccessible()method with the input parameter set to true. If your app uses the v7 appcompat library or the v7 recyclerview library, you must update your app to use to the latest versions of these libraries. Otherwise, make sure that any custom classes referenced from XML are updated so that their class constructors are accessible.
ART运行时现在已经完全实现了newInstance()方法的访问规则。这个改变修复了之前版本Dalvik检查访问规则不正确的问题。如果你的APP使用了newInstance() 方法,想要重写访问检查,调用setAccessible()方法并将参数设置成true。如果你的APP使用 v7 appcompat库or the v7 recyclerview库,你必须更新你的APP使用最新版本的库。也就是说,确保设计XML的客户类必须更新以便构造方法可访问。
This release updates the behavior of the dynamic linker. The dynamic linker now understands the difference between a library’s soname and its path (public bug 6670), and search by soname is now implemented. Apps which previously worked that have bad DT_NEEDED entries (usually absolute paths on the build machine’s file system) may fail when loaded.
此版本更新了动态链接器的行为,动态链接器现在可以理解库的soname和路径直接的区别,根据soname搜索也实现了。APP之前因为DT_NEEDED错误(通常是绝对路径在构建的虚拟机文件系统中)无法运行的现在也会加载失败。
The dlopen(3) RTLD_LOCAL flag is now correctly implemented. Note that RTLD_LOCAL is the default, so calls to dlopen(3)
that didn’t explicitly useRTLD_LOCAL will be affected (unless your app explicitly used RTLD_GLOBAL). With RTLD_LOCAL
, symbols will not be made available to libraries loaded by later calls to dlopen(3) (as opposed to being referenced by DT_NEEDED entries).
dlopen(3) RTLD_LOCAL标识现在已经正确实现了。注意RTLD_LOCAL是默认的,因此调用dlopen(3)没有确定使用RTLD_LOCAL也会被影响(至少你的APP确定使用了RTLD_GLOBAL)。
On previous versions of Android, if your app requested the system to load a shared library with text relocations, the system displayed a warning but still allowed the library to be loaded. Beginning in this release, the system rejects this library if your app's target SDK version is 23 or higher. To help you detect if a library failed to load, your app should log the dlopen(3) failure, and include the problem description text that the dlerror(3) call returns. To learn more about handling text relocations, see this guide
在之前的Android版本中,如果你通过text relocations的方式请求一个共享库,系统会显示一个警告但会允许库被加载。从这个发布版开始,如果你APP的SDK版本是23或更高系统会拒绝。为了帮助你检测库的加载被拒绝,你的APP应该记录dlopen(3)的失败日志,包括dlerror(3)返回的问题描述。想了解更多text relocations,查看:guide
14、APK Validation
The platform now performs stricter validation of APKs. An APK is considered corrupt if a file is declared in the manifest but not present in the APK itself. An APK must be re-signed if any of the contents are removed.
平台现在执行严格的APK校验,如果一个文件在manifest中定义了但没有在APK中出现会被认为是一个坏APK。如果有内容改变APK必须重新签名。
15、USB Connection
Device connections through the USB port are now set to charge-only mode by default. To access the device and its content over a USB connection, users must explicitly grant permission for such interactions. If your app supports user interactions with the device over a USB port, take into consideration that the interaction must be explicitly enabled.
设备通过USB端口连接现在会默认设置为“仅充电”模式。想通过USB访问设备内容必须明确通过用户交互完成授权。如果你的应用支持通过USB端口的交互,要考虑到这种交互必须被明确的启用。
16、Android for Work Changes
This release includes the following behavior changes for Android for Work:
Work contacts in personal contexts. The Google Dialer Call Log now displays work contacts when the user views past calls. Setting[setCrossProfileCallerIdDisabled()](https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setCrossProfileCallerIdDisabled(android.content.ComponentName, boolean))
to true
hides the work profile contacts in the Google Dialer Call Log. Work contacts can be displayed along with personal contacts to devices over Bluetooth only if you set [setBluetoothContactSharingDisabled()](https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setBluetoothContactSharingDisabled(android.content.ComponentName, boolean))
to false
. By default, it is set to true
.Wi-Fi configuration removal: Wi-Fi configurations added by a Profile Owner (for example, through calls to the addNetwork()
method) are now removed if that work profile is deleted.Wi-Fi configuration lockdown: Any Wi-Fi configuration created by an active Device Owner can no longer be modified or deleted by the user ifWIFI_DEVICE_OWNER_CONFIGS_LOCKDOWN
is non-zero. The user can still create and modify their own Wi-Fi configurations. Active Device Owners have the privilege of editing or removing any Wi-Fi configurations, including those not created by them.Download device policy controller via Google account addition: When a Google account that requires management via a device policy controller (DPC) app is added to a device outside of a managed context, the add account flow now prompts the user to install the appropriate WPC. This behavior also applies to accounts added via Settings > Accounts and in the initial device setup wizard.
-
Changes to specific DevicePolicyManager
API behaviors:Calling the [setCameraDisabled()](https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setCameraDisabled(android.content.ComponentName, boolean))
method affects the camera for the calling user only; calling it from the managed profile doesn’t affect camera apps running on the primary user.In addition, the [setKeyguardDisabledFeatures()](https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setKeyguardDisabledFeatures(android.content.ComponentName, int))
method is now available for Profile Owners, as well as to Device Owners.A Profile Owner can set these keyguard restrictions:KEYGUARD_DISABLE_TRUST_AGENTS
and KEYGUARD_DISABLE_FINGERPRINT
, which affect the keyguard settings for the profile’s parent user.
KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS
, which only affects notifications generated by applications in the managed profile.The DevicePolicyManager.createAndInitializeUser()
and DevicePolicyManager.createUser()
methods have been deprecated.The [setScreenCaptureDisabled()](https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setScreenCaptureDisabled(android.content.ComponentName, boolean))
method now also blocks the assist structure when an app of the given user is in the foreground.EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM
now defaults to SHA-256. SHA-1 is still supported for backwards compatibility but will be removed in future. EXTRA_PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM
now only accepts SHA-256.Device initializer APIs which existed in the Android 6.0 (API level 23) are now removed.
EXTRA_PROVISIONING_RESET_PROTECTION_PARAMETERS
is removed so NFC bump provisioning cannot programmatically unlock a factory reset protected device.You can now use the EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE
extra to pass data to the device owner app during NFC provisioning of the managed device.Android for Work APIs are optimized for M runtime permissions, including Work profiles, assist layer, and others. New DevicePolicyManager
permission APIs don't affect pre-M apps.When users back out of the synchronous part of the setup flow initiated through an ACTION_PROVISION_MANAGED_PROFILE
orACTION_PROVISION_MANAGED_DEVICE
intent, the system now returns a RESULT_CANCELED
result code.
Changes to other APIs:Data Usage: The android.app.usage.NetworkUsageStats
class has been renamed NetworkStats.-
Changes to global settings:
-
These settings can no longer be set via [setGlobalSettings()](https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setGlobalSetting(android.content.ComponentName, java.lang.String, java.lang.String)):
- BLUETOOTH_ON
- DEVELOPMENT_SETTINGS_ENABLED
- MODE_RINGER
- NETWORK_PREFERENCE
- WIFI_ON
-
These global settings can now be set via [setGlobalSettings()](https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#setGlobalSetting(android.content.ComponentName, java.lang.String, java.lang.String)):
-
