CHANGELOG.md

4.3.0 Release Candidate

New Features

EXTENDED_POLICY modes:

• The EXTENDED_POLICY CMake variable (previously ENABLE_EXTENDED_POLICY) now has three possible configurations
  • HTTP (previously ENABLE_EXTENDED_POLICY: OFF) - #941
  • PROPRIETARY (previously ENABLE_EXTENDED_POLICY: ON) - #940
  • EXTERNAL_PROPRIETARY (new, fully featured version of PROPRIETARY mode) - #942

EXTERNAL_PROPRIETARY mode:

New policy table update sequence

A new policy table update flow was created specifically for the EXTERNAL_PROPRIETARY policy mode

• Requirements/Details - #933
• Diagram - https://user-images.githubusercontent.com/10549248/26896053-9417c604-4b91-11e7-9e47-524c930eb542.png

External Policy Manager

As part of the EXTERNAL_PROPRIETARY policy mode, the concept of an "external policy manager" is necessary. This policy manager is a separate program which is in charge of encrypting/decrypting policy tables and attaching an HTTP header to the OnSystemRequest payload when performing a Policy Table Update.

As part of this release, a sample application which performs this function was added to this repository for those who wish to implement this new policy mode, and this program can be started along with Core using an included bash script. This sample application does nothing with the policy table snapshot during the encryption and decryption phases, allowing for OEMs to implement their own encryption algorithms in their place.

App permissions/User consent

Users can now control what functional groups that they want apps to be able to access, as well as decide whether to enable SDL functionality at all on a device-by-device basis.

• Logic was added to allow the user to control what devices are permitted to use SDL functionality - #934
  • Users are prompted when activating an app on a new device for the first time whether or not to allow the device to use SDL functionality (sequence shown in this diagram)
• Logic was added to the Policy Manager to allow the user to control what apps have access to specific functional groups - #939
  • Users are prompted when activating an app for the first time (or modifying permissions in settings) with information on what access a requested functional group requires. The user responds to determine whether or not to allow this functionality within the new app (sequence shown in this diagram)

External user consent

External user consent allows the HMI to define several groups of permissions within the policy table. This allows the user to enable/disable several functional groups at once.

• The externalConsentStatus field is included as part of a GetListOfPermissions response from SDL Core to communicate which groups are activated - #1047
• External consent groups can be used to enable sets of functional groups using the disallowed_by_external_consent_entities_off field in the Policy Table - #1049
  • If this external consent group is set to ON, all functional groupings with this parameter are allowed by the user - #1048
  • If this external consent group is set to OFF, all functional groupings with this parameter are disallowed by the user - #1050
• External consent groups can be used to disable sets of functional groups using the disallowed_by_external_consent_entities_on field in the Policy Table
  • If this external consent group is set to ON, all functional groupings with this parameter are disallowed by the user
  • If this external consent group is set to OFF, all functional groupings with this parameter are allowed by the user

Cache Manager Function Implementations

Prior to this release, several functions included in cache_manager.cc were not fully implemented and would not query the local policy table for defined rules and policies. The newly implemented functions for the EXTERNAL_PROPRIETARY cache manager are listed below:

• CanAppKeepContext()
• CanAppStealFocus()
• GetDefaultHMI()
• ResetUserConsent()
• GetUserPermissionsForDevice()
• GetPreconsentedGroups()
• GetConsentedGroups()
• GetUnconsentedGroups()
• RemoveAppConsentForGroup()
• GetDeviceGroupsFromPolicies()
• SetDeviceData()
• SetUserPermissionsForDevice()
• ReactOnUserDevConsentForApp()
• SetUserPermissionsForApp()
• CountUnconsentedGroups()
• SetMetaInfo()
• IsMetaInfoPresent()
• SetSystemLanguage()
• CleanupUnpairedDevices()
• SetVinValue()
• ResetPT()

Security behavior

Requirements/Details - #937

HMI_API additions:

A new RPC was added as part of the implementation of EXTERNAL_PROPRIETARY policy mode

• DecryptCertificate RPC

Several API additions were made as part of the implementation of the external user consent feature

• EntityStatus enum
• ExternalConsentStatus struct
• externalConsentStatus field added to OnAppPermissionConsent and GetListOfPermissions

Fixes

• Includes fixes for all defects found by the Coverity scan tool that were introduced in this release - #1641
• Includes fixes for several Coverity defects that were previously implemented in the coverity branch - #1637

Implemented proposals

Two new evolution proposals were implemented in release 4.3.0:

• Add API Patch Version SDL-0050
  • A patch version was added to the MOBILE API version, HMI API interface versions, and SyncMsgVersion struct
• External Policy Manager SDL-0045
  • Details for the implementation of this proposal can be found in the External Policy Manager section of these release notes