Expand Minimize Picture-in-picture Power Device Status Voice Recognition Skip Back Skip Forward Minus Plus Play Search
Documentation
Sidebar

SDL Core 4.3.0 Release Notes

New Features

EXTENDED_POLICY modes:

  • The EXTENDED_POLICY CMake variable (previously ENABLE_EXTENDED_POLICY) now has three possible configurations
    • HTTP (previously ENABLE_EXTENDED_POLICY: OFF) - Details
    • PROPRIETARY (previously ENABLE_EXTENDED_POLICY: ON) - Details
    • EXTERNAL_PROPRIETARY (new, fully featured version of PROPRIETARY mode) - Details

EXTERNAL_PROPRIETARY mode:

New policy table update sequence

A new policy table update flow was created specifically for the EXTERNAL_PROPRIETARY policy mode

External Policy Manager

As part of the EXTERNAL_PROPRIETARY policy mode, the concept of an "external policy manager" is necessary. This policy manager is a separate program which is in charge of encrypting/decrypting policy tables and attaching an HTTP header to the OnSystemRequest payload when performing a Policy Table Update.

As part of this release, a sample application which performs this function was added to this repository for those who wish to implement this new policy mode, and this program can be started along with Core using an included bash script. This sample application does nothing with the policy table snapshot during the encryption and decryption phases, allowing for OEMs to implement their own encryption algorithms in their place.

Users can now control what functional groups that they want apps to be able to access, as well as decide whether to enable SDL functionality at all on a device-by-device basis.

  • Logic was added to allow the user to control what devices are permitted to use SDL functionality - Details
    • Users are prompted when activating an app on a new device for the first time whether or not to allow the device to use SDL functionality (sequence shown in this diagram)
  • Logic was added to the Policy Manager to allow the user to control what apps have access to specific functional groups - Details
    • Users are prompted when activating an app for the first time (or modifying permissions in settings) with information on what access a requested functional group requires. The user responds to determine whether or not to allow this functionality within the new app (sequence shown in this diagram)

External user consent allows the HMI to define several groups of permissions within the policy table. This allows the user to enable/disable several functional groups at once.

  • The externalConsentStatus field is included as part of a GetListOfPermissions response from SDL Core to communicate which groups are activated - Details
  • External consent groups can be used to enable sets of functional groups using the disallowed_by_external_consent_entities_off field in the Policy Table - Details
    • If this external consent group is set to ON, all functional groupings with this parameter are allowed by the user - Details
    • If this external consent group is set to OFF, all functional groupings with this parameter are disallowed by the user - Details
  • External consent groups can be used to disable sets of functional groups using the disallowed_by_external_consent_entities_on field in the Policy Table
    • If this external consent group is set to ON, all functional groupings with this parameter are disallowed by the user
    • If this external consent group is set to OFF, all functional groupings with this parameter are allowed by the user

Cache Manager Function Implementations

Prior to this release, several functions included in cache_manager.cc were not fully implemented and would not query the local policy table for defined rules and policies. The newly implemented functions for the EXTERNAL_PROPRIETARY cache manager are listed below:

Security behavior

Requirements/Details

HMI_API additions:

A new RPC was added as part of the implementation of EXTERNAL_PROPRIETARY policy mode

Several API additions were made as part of the implementation of the external user consent feature

Implemented proposals

Two new evolution proposals were implemented in release 4.3.0:

  • Add API Patch Version SDL-0050
  • A patch version was added to the MOBILE API version, HMI API interface versions, and SyncMsgVersion struct
  • External Policy Manager SDL-0045
  • Details for the implementation of this proposal can be found in the External Policy Manager section of these release notes

Fixes

  • Includes fixes for all defects found by the Coverity scan tool that were introduced in this release - Link
  • Includes fixes for several Coverity defects that were previously implemented in the coverity branch - Link
View on GitHub.com
Previous Section Next Section