blob: 6ee0af0d09c1e8f06a31fef680a354a45ea4bde4 [file] [log] [blame]
page.title=Behavior Changes
<div id="qv-wrapper">
<div id="qv">
<h2>In this document</h2>
<ol id="toc44" class="hide-nested">
<li><a href="#behavior-runtime-permissions">Runtime Permissions</a></li>
<li><a href="#behavior-power">Power-Saving Optimizations</a>
<li><a href="#behavior-doze">Doze</a></li>
<li><a href="#behavior-app-standby">App Standby</a></li>
<li><a href="#behavior-adoptable-storage">Adoptable Storage Devices</a></li>
<li><a href="#behavior-apache-http-client">Apache HTTP Client Removal</a></li>
<li><a href="#behavior-audiomanager-Changes">AudioManager Changes</a></li>
<li><a href="#behavior-test-selection">Text Selection</a></li>
<li><a href="#behavior-keystore">Android Keystore Changes</a></li>
<li><a href="#behavior-network">Wi-Fi and Networking Changes</a></li>
<li><a href="#behavior-camera">Camera Service Changes</a></li>
<li><a href="#behavior-runtime">Runtime</a></li>
<li><a href="#behavior-apk-validation">APK Validation</a></li>
<li><a href="#behavior-usb">USB Connection</a></li>
<li><a href="#behavior-afw">Android for Work Changes</a></li>
<h2>API Differences</h2>
<li><a href="{@docRoot}preview/download.html">API level 22 to M Preview &raquo;</a> </li>
<h2>See Also</h2>
<li><a href="{@docRoot}preview/api-overview.html">M Developer Preview API Overview</a> </li>
<p>Along with new features and capabilities, the M Developer Preview includes a variety of
system changes and API behavior changes. This document highlights
some of the key changes that you should understand and account for in your apps.</p>
<p>If you have previously published an app for Android, be aware that these changes in the
platform affect your app.</p>
<h2 id="behavior-runtime-permissions">Runtime Permissions</h1>
<p>This preview introduces a new permissions model, where users can now directly manage
app permissions at runtime. This model gives users improved visibility and control over
permissions, while streamlining the installation and auto-update processes for app developers.
Users can grant or revoke permissions individually for installed apps. </p>
<p>On your apps that target the M Preview release or higher, make sure to check for and request
permissions at runtime. To determine if your app has been granted a permission, call the
new {@code Context.checkSelfPermission()} method. To request a permission, call the new
{@code Activity.requestPermission()} method. Even if your app is not targeting the M Preview
release, you should test your app under the new permissions model.</p>
<p>For details on supporting the new permissions model in your app, see the
<a href="{@docRoot}preview/features/runtime-permissions.html">
Permissions</a> developer preview page. For tips on how to assess the impact on your app,
see the <a href="{@docRoot}preview/testing/guide.html#runtime-permissions">Testing Guide</a></p>
<h2 id="behavior-power">Power-Saving Optimizations</h2>
<p>This preview introduces new power-saving optimizations for idle devices and apps.</p>
<h3 id="behavior-doze">Doze</h3>
<p>If a device is unplugged and left stationary with the screen off for a period of time, it
goes into <em>Doze</em> mode where it attempts to keep the system in a sleep state. In this mode,
devices periodically resume normal operations for brief periods of time so that app syncing can
occur and the system can perform any pending operations.</p>
<p>The following restrictions apply to your apps while in Doze:</p>
<li>Network access is disabled, unless your app receives a high priority Google Cloud Messaging
<li><a href="{@docRoot}reference/android/os/PowerManager.WakeLock.html">Wake locks</a> are ignored.</li>
<li>Alarms scheduled with the {@link} class are disabled, except for
alarms that you've set with the {@link setAlarmClock()}
method and {@code AlarmManager.setAndAllowWhileIdle()}.</li>
<li>WiFi scans are not performed.</li>
<li>Syncs and jobs for your sync adapters and {@link} are not
permitted to run.</li>
<p>When the device exits doze, it executes any jobs and syncs that are pending.</p>
<p>You can test this feature by connecting a device running the M Preview to your development
machine and calling the following commands:
<pre class="no-prettyprint">
$ adb shell dumpsys battery unplug
$ adb shell dumpsys deviceidle step
$ adb shell dumpsys deviceidle -h
<p class="note"><strong>Note</strong>: The upcoming
<a href="" class="external-link">
Google Cloud Messaging</a> release lets you designate
high-priority messages. If your app receives high-priority GCM messages, it’s granted
brief network access even when the device is in doze.
<p>See the
<a href="{@docRoot}preview/testing/guide.html#doze-standby">Testing Guide</a> for tips on how
to test Doze in your apps. </p>
<h3 id="behavior-app-standby">App standby</h3>
<p>With this preview, the system may determine that apps are idle when they are not in active
use. Your app is considered idle after a period of time, unless the system detects
any of these signals:</p>
<li>The app is explicitly launched by the user.</li>
<li>The app has a process currently in the foreground (either as an activity or foreground service,
or in use by another activity or foreground service).</li>
<li>The app generates a notification that users see on the lock screen or in the
notification tray.</li>
<li>The user explicitly asks for the app to be exempt from optimizations,
via <strong>Settings</strong>.</li>
<p>If the device is unplugged, apps deemed idle will have their network access disabled
and their syncs and jobs suspended. When the device is plugged into a power supply, these apps are
allowed network access and can execute any jobs and syncs that are pending. If the
device is idle for long periods of time, idle apps are allowed network access around once a day.</p>
<p>You can test this feature by connecting a device running the M Preview to your development
machine and calling the following commands:
<pre class="no-prettyprint">
$ adb shell dumpsys battery unplug
$ adb shell am set-idle &lt;packageName&gt; true
$ adb shell am set-idle &lt;packageName&gt; false
$ adb shell am get-idle &lt;packageName&gt;
<p class="note"><strong>Note</strong>: The upcoming
<a href="" class="external-link">
Google Cloud Messaging</a> (GCM) release lets you
designate high-priority messages. If your app receives high-priority GCM messages, it’s granted
brief network access even when the app is idle.
<p>See the
<a href="{@docRoot}preview/testing/guide.html#doze-standby">Testing Guide</a> for tips on how
to test App Standby in your apps. </p>
<h2 id="behavior-adoptable-storage">Adoptable Storage Devices</h2>
With this preview, users can <em>adopt</em> external storage devices such as SD cards. Adopting an
external storage device encrypts and formats the device to behave like internal storage. This
feature allows users to move both apps and private data of those apps between storage devices. When
moving apps, the system respects the
<a href="{@docRoot}guide/topics/manifest/manifest-element.html#install">{@code android:installLocation}</a>
preference in the manifest.</p>
<p>If your app accesses the following APIs or fields, be aware that the file paths they return
will dynamically change when the app is moved between internal and external storage devices.
When building file paths, it is strongly recommended that you always call these APIs dynamically.
Don’t use hardcoded file paths or persist fully-qualified file paths that were built previously.</p>
<li>{@link android.content.Context} methods:
<li>{@link android.content.Context#getFilesDir() getFilesDir()}</li>
<li>{@link android.content.Context#getCacheDir() getCacheDir()}</li>
<li>{@link android.content.Context#getCodeCacheDir() getCodeCacheDir()}</li>
<li>{@link android.content.Context#getDatabasePath(java.lang.String) getDatabasePath()}</li>
<li>{@link android.content.Context#getDir(java.lang.String,int) getDir()}</li>
<li>{@link android.content.Context#getNoBackupFilesDir() getNoBackupFilesDir()}</li>
<li>{@link android.content.Context#getFileStreamPath(java.lang.String) getFileStreamPath()}</li>
<li>{@link android.content.Context#getPackageCodePath() getPackageCodePath()}</li>
<li>{@link android.content.Context#getPackageResourcePath() getPackageResourcePath()}</li>
<li>{@link} fields:
<li>{@link dataDir}</li>
<li>{@link sourceDir}</li>
<li>{@link nativeLibraryDir}</li>
<li>{@link publicSourceDir}</li>
<li>{@link splitSourceDirs}</li>
<li>{@link splitPublicSourceDirs}</li>
<p>To debug this feature in the developer preview, you can enable adoption of a USB drive that is
connected to an Android device through a USB On-The-Go (OTG) cable, by running this command:</p>
<pre class="no-prettyprint">
$ adb shell sm set-force-adoptable true
<h2 id="behavior-apache-http-client">Apache HTTP Client Removal</h2>
<p>This preview removes support for the Apache HTTP client. If your app is using this client and
targets Android 2.3 (API level 9) or higher, use the {@link} class
instead. This API is more efficient because it reduces network use through transparent compression
and response caching, and minimizes power consumption. To continue using the Apache HTTP APIs, you
must first declare the following compile-time dependency in your {@code build.gradle} file:
android {
useLibrary 'org.apache.http.legacy'
<p>Android is moving away from OpenSSL to the
<a href="" class="external-link">BoringSSL</a>
library. If you’re using the Android NDK in your app, don't link against cryptographic libraries
that are not a part of the NDK API, such as {@code} and {@code}. These
libraries are not public APIs, and may change or break without notice across releases and devices.
In addition, you may expose yourself to security vulnerabilities. Instead, modify your
native code to call the Java cryptography APIs via JNI or to statically link against a
cryptography library of your choice.</p>
<h2 id="behavior-audiomanager-Changes">AudioManager Changes</h2>
<p>Setting the volume directly or muting specific streams via the {@link}
class is no longer supported. The {@link,boolean)
setStreamSolo()} method is deprecated, and you should call the
{@code AudioManager.requestAudioFocus()} method instead. Similarly, the
{@link,boolean) setStreamMute()} method is
deprecated; instead, call the {@code AudioManager.adjustStreamVolume()} method
and pass in the direction value {@code ADJUST_MUTE} or {@code ADJUST_UNMUTE}.</p>
<h2 id="behavior-test-selection">Text Selection</h2>
<img src="{@docRoot}preview/images/text-selection.gif"
style="float:right; margin:0 0 20px 30px" width="360" height="640" />
<p>When users select text in your app, you can now display text selection actions such as
<em>Cut</em>, <em>Copy</em>, and <em>Paste</em> in a
<a href=""
class="external-link">floating toolbar</a>. The user interaction implementation is similar to that
for the contextual action bar, as described in
<a href="{@docRoot}guide/topics/ui/menus.html#CABforViews">
Enabling the contextual action mode for individual views</a>.</p>
<p>To implement a floating toolbar for text selection, make the following changes in your existing
<li>In your {@link android.view.View} or {@link} object, change your
{@link android.view.ActionMode} calls from
{@code startActionMode(Callback)} to {@code startActionMode(Callback, ActionMode.TYPE_FLOATING)}.</li>
<li>Take your existing implementation of {@code ActionMode.Callback} and make it extend
{@code ActionMode.Callback2} instead.</li>
<li>Override the {@code Callback2.onGetContentRect()} method to provide the coordinates of the
content {@link} object (such as a text selection rectangle) in the view.</li>
<li>If the rectangle positioning is no longer valid, and this is the only element to be invalidated,
call the {@code ActionMode.invalidateContentRect()} method.</li>
<p>If you are using <a href="{@docRoot}tools/support-library/index.html">
Android Support Library</a> revision 22.2, be aware that floating toolbars are not
backward-compatible and appcompat takes control over {@link android.view.ActionMode} objects by
default. This prevents floating toolbars from being displayed. To enable
{@link android.view.ActionMode} support in an
{@link}, call
{@code}, then call
{@code} on the returned
{@link} object and set the input
parameter to {@code false}. This call returns control of {@link android.view.ActionMode} objects to
the framework. In devices running the M Preview, that allows the framework to support
{@link} or floating toolbar modes, while on pre-M Preview devices,
only the {@link} modes are supported.</p>
<h2 id="behavior-keystore">Android Keystore Changes</h2>
<p>With this preview, the
<a href="{@docRoot}training/articles/keystore.html">Android Keystore provider</a> no longer supports
DSA. ECDSA is still supported.</p>
<p>Keys which do not require encryption at rest will no longer be deleted when secure lock screen
is disabled or reset (for example, by the user or a Device Administrator). Keys which require
encryption at rest will be deleted during these events.</p>
<h2 id="behavior-network">Wi-Fi and Networking Changes</h2>
<p>This preview introduces the following behavior changes to the Wi-Fi and networking APIs.</p>
<li>Your apps can now change the state of {@link} objects only
if you created these objects. You are not permitted to modify or delete
{@link} objects created by the user or by other apps.
Previously, if an app forced the device to connect to a specific Wi-Fi network by using
{@link,boolean) enableNetwork()} with the
{@code disableAllOthers=true} setting, the device disconnected from other networks such as
cellular data. In this preview, the device no longer disconnects from such other networks. If
your app’s {@code targetSdkVersion} is {@code “20”} or lower, it is pinned to the selected
Wi-Fi network. If your app’s {@code targetSdkVersion} is {@code “21”} or higher, use the
multinetwork APIs (such as
{@link openConnection()},
{@link bindSocket()}, and the new
{@code ConnectivityManager.bindProcessToNetwork()} method) to ensure that its network traffic is
sent on the selected network.</li>
<h2 id="behavior-camera">Camera Service Changes</h2>
<p>In this preview, the model for accessing shared resources in the camera service has been changed
from the previous “first come, first serve” access model to an access model where high-priority
processes are favored. Changes to the service behavior include:</p>
<li>Access to camera subsystem resources, including opening and configuring a camera device, is
awarded based on the “priority” of the client application process. Application processes with
user-visible or foreground activities are generally given a higher-priority, making camera resource
acquisition and use more dependable.</li>
<li>Active camera clients for lower priority apps may be “evicted” when a higher priority
application attempts to use the camera. In the deprecated {@link android.hardware.Camera} API,
this results in
{@link android.hardware.Camera.ErrorCallback#onError(int,android.hardware.Camera) onError()} being
called for the evicted client. In the {@link android.hardware.camera2 Camera2} API, it results in
{@link android.hardware.camera2.CameraDevice.StateCallback#onDisconnected(android.hardware.camera2.CameraDevice) onDisconnected()}
being called for the evicted client.</li>
<li>On devices with appropriate camera hardware, separate application processes are able to
independently open and use separate camera devices simultaneously. However, multi-process use
cases, where simultaneous access causes significant degradation of performance or capabilities of
any of the open camera devices, are now detected and disallowed by the camera service. This change
may result in “evictions” for lower priority clients even when no other app is directly
attempting to access the same camera device.
Changing the current user causes active camera clients in apps owned by the previous user account
to be evicted. Access to the camera is limited to user profiles owned by the current device user.
In practice, this means that a “Guest” account, for example, will not be able to leave running
processes that use the camera subsystem when the user has switched to a different account.
<h2 id="behavior-runtime">Runtime</h2>
<p>The ART runtime now properly implements access rules for the
{@link java.lang.reflect.Constructor#newInstance(java.lang.Object...) newInstance()} method. This
change fixes a problem where Dalvik was checking access rules incorrectly in previous versions.
If your app uses the
{@link java.lang.reflect.Constructor#newInstance(java.lang.Object...) newInstance()} method and you
want to override access checks, call the
{@link java.lang.reflect.Constructor#setAccessible(boolean) setAccessible()} method with the input
parameter set to {@code true}. If your app uses the
<a href="{@docRoot}tools/support-library/features.html#v7-appcompat">v7 appcompat library</a> or the
<a href="{@docRoot}tools/support-library/features.html#v7-recyclerview">v7 recyclerview library</a>,
you must update your app to use to the latest versions of these libraries. Otherwise, make sure that
any custom classes referenced from XML are updated so that their class constructors are accessible.</p>
<p>This preview updates the behavior of the dynamic linker. The dynamic linker now understands the
difference between a library’s {@code soname} and its path
(<a href="" class="external-link">
public bug 6670</a>), and search by {@code soname} is now
implemented. Apps which previously worked that have bad {@code DT_NEEDED} entries
(usually absolute paths on the build machine’s file system) may fail when loaded.</p>
<p>The {@code dlopen(3) RTLD_LOCAL} flag is now correctly implemented. Note that
{@code RTLD_LOCAL} is the default, so calls to {@code dlopen(3)} that didn’t explicitly use
{@code RTLD_LOCAL} will be affected (unless your app explicitly used {@code RTLD_GLOBAL}). With
{@code RTLD_LOCAL}, symbols will not be made available to libraries loaded by later calls to
{@code dlopen(3)} (as opposed to being referenced by {@code DT_NEEDED} entries).</p>
<h2 id="behavior-apk-validation">APK Validation</h2>
<p>The platform now performs stricter validation of APKs. An APK is considered corrupt if a file is
declared in the manifest but not present in the APK itself. An APK must be re-signed if any of the
contents are removed.</p>
<h2 id="behavior-usb">USB Connection</h2>
<p>Device connections through the USB port are now set to charge-only mode by default. To access
the device and its content over a USB connection, users must explicitly grant permission for such
interactions. If your app supports user interactions with the device over a USB port, take into
consideration that the interaction must be explicitly enabled.
<h2 id="behavior-afw">Android for Work Changes</h2>
<p>This preview includes the following behavior changes for Android for Work:</p>
<li><strong>Work contacts in personal contexts.</strong> The Google Dialer
Call Log now displays work contacts when the user views past calls.
{@link, boolean) setCrossProfileCallerIdDisabled()}
to {@code true} hides the work profile contacts in the Google Dialer Call Log. Work contacts can be
displayed along with personal contacts to devices over Bluetooth only if
you set {@code DevicePolicyManager.setBluetoothContactSharingDisabled()} to {@code false}. By
default, it is set to {@code true}.
<li><strong>WiFi configuration removal:</strong> WiFi configurations added by a Profile Owner
(for example, through calls to the
addNetwork()} method) are now removed if that work profile is deleted.</li>
<li><strong>WiFi configuration lockdown:</strong> Any WiFi configuration created by
an active Device Owner can no longer be modified or deleted by the user if
<code>Settings.Global.WIFI_DEVICE_OWNER_CONFIGS_LOCKDOWN</code> is non-zero.
The user can still create and modify their own WiFi configurations. Active Device
Owners have the privilege of editing/removing any WiFi configurations, including
those not created by them.
<li><strong>Download Work Policy Controller via Google account addition:</strong> When a Google
account that requires management via a Work Policy Controller (WPC) app is added to a device
outside of a managed context, the add account flow now prompts the user to install the
appropriate WPC. This behavior also applies to accounts added via
<strong>Settings > Accounts</strong> and in the initial device setup wizard.</li>
<li><strong>Changes to specific DevicePolicyManager API behaviors:</strong>
<li>Calling the {@link,boolean) setCameraDisabled()}
method affects the camera for the calling user only; calling it from the managed profile doesn’t
affect camera apps running on the primary user. </li>
<li>In addition, the
{@link,int) setKeyguardDisabledFeatures()}
method is now available for Profile Owners, in addition to Device Owners. </li>
<li>A Profile Owner can set these keyguard restrictions:
<li>{@link} and
{@link}, which affect the
keyguard settings for the profile’s parent user.</li>
<li>{@link}, which
only affects notifications generated by applications in the managed profile.</li>
<li>The {@link, java.lang.String, java.lang.String, android.content.ComponentName, android.os.Bundle) createAndInitializeUser()} and {@link, java.lang.String) createUser()} methods have been deprecated.</li>
<li>The {@link, boolean) setScreenCaptureDisabled()} method now also blocks the assist structure when an app of the given user is in the foreground. </li>
<li><code>EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM</code> now defaults to SHA-256. SHA-1 is still supported for backwards compatibility but will be removed in future. <code>EXTRA_PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM</code> now only accepts SHA-256.</li>
<li>Device initializer APIs which existed in the MNC preview are now removed. They will not appear in the final M release.</li>
<li>Android for Work APIs are optimized for M runtime permissions, including Work profiles, assist layer, and others. New DevicePolicyManager permission APIs don't affect pre-M apps.</li>
<li><strong>Changes to global settings</strong> &mdash; the settings below can no longer be set via {@link, java.lang.String, java.lang.String) setGlobalSettings()}</code>: