Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / docs / source.android.com / 41641fb82d096ece6271a73346a18fa8f80619c3^! / . / src / compatibility / android-cdd.html
commit41641fb82d096ece6271a73346a18fa8f80619c3[log] [tgz]
authorUnsuk Jung <unsuk@google.com>Tue Sep 29 11:19:49 2015 -0700
committerBert McMeen <amcmeen@google.com>Thu Oct 01 22:41:11 2015 +0000
tree3da08129361c0c77e0cee21f700b9cd651b561b8
parent35691fcbdfa89a75d2c5cfb362a6905fc8749aad [diff] [blame]
CDD: Require full-disk encryption to be on by default

The full-disk encryption, on devices with adequate AES crypto
performance and with a secure screenlock, must be turned on
by default on Android 6.0 devices.

Since Android 5.0 CDD, it was noted that this requirement will
become REQUIRED instead of RECOMMENDED in the next version.

Bug: 19029256
Change-Id: Ib7098d061dc1acf6cc9d0199c6af660563324158

diff --git a/src/compatibility/android-cdd.html b/src/compatibility/android-cdd.html
index 55fa014..199de24 100644
--- a/src/compatibility/android-cdd.html
+++ b/src/compatibility/android-cdd.html

@@ -4364,16 +4364,24 @@
 <p>Optional for Android device implementations without a lock screen.</p>
 </div>
 
+<p>If the device implementation supports a secure lock screen reporting "<code>true</code>"
+for KeyguardManager.isDeviceSecure()
+[<a href="http://developer.android.com/reference/android/app/KeyguardManager.html#isDeviceSecure()">Resources, XX</a>],
+and is not a device with restricted memory as reported through the
+ActivityManager.isLowRamDevice() method, then the device MUST support full-disk encryption
+[<a href="http://source.android.com/devices/tech/security/encryption/index.html">Resources, 107</a>]
+of the application private data (/data partition), as well as the application
+shared storage partition (/sdcard partition) if it is a permanent, non-removable
+part of the device.</p>
 
-<p>If the device implementation supports a lock screen with PIN (numeric) or
-PASSWORD (alphanumeric), the device MUST support full-disk encryption of the
-application private data (/data partition), as well
-as the SD card partition if it is a permanent, non-removable part of the device
-[<a href="http://source.android.com/devices/tech/security/encryption/index.html">Resources, 107</a>]. For devices supporting full-disk encryption, the full-disk encryption SHOULD
-be enabled all the time after the user has completed the out-of-box experience.
-While this requirement is stated as SHOULD for this version of the Android
-platform, it is <strong>very strongly RECOMMENDED</strong> as we expect this to change to MUST in the future versions of Android.
-Encryption MUST use AES with a key of 128-bits (or greater) and a mode designed
+<p>For device implementations supporting full-disk encryption and with Advanced
+Encryption Standard (AES) crypto performance above 50MiB/sec, the full-disk
+encryption MUST be enabled by default at the time the user has completed the out-of-box
+setup experience. If a device implementation is already launched on an earlier Android
+version with full-disk encryption disabled by default, such a device cannot
+meet the requirement through a system software update and thus MAY be exempted.</p>
+
+<p>Encryption MUST use AES with a key of 128-bits (or greater) and a mode designed
 for storage (for example, AES-XTS, AES-CBC-ESSIV). The encryption key MUST NOT
 be written to storage at any time without being encrypted. Other than when in
 active use, the encryption key SHOULD be AES encrypted with the lockscreen