14 DAY TRIAL // Android Nougat would include more security features borrowed from the Linux kernel, Google announced yesterday, such as better memory protection and changes to reduce the overall attack surface.
Few people know that the Android operating system is nothing more than a modified version of the Linux kernel. It's a stand-alone OS, different from GNU Linux, but at its core, Android is powered by the Linux kernel.
As such, there is no reason for Google engineers to ignore the monumental work put by thousands of coders into the Linux kernel's security features, especially when Android has become a big blinking target for hackers and nation states alike.
The first security features that ended up in the Android OS were introduced a few years back, in Android 4.3 (nicknamed JeyllBean), via the SEAndroid (Security Enhancements for Android) component, a re-write of the SELinux project.
Continuing on this path, Google's Android team has now announced the addition of new security features to Android, inspired by the similar work put into the Linux kernel project.
More memory protection features
Part of the features added to boost memory protection, Google's Jeff Vander Stoep announced two new configuration options called CONFIG_DEBUG_RODATA and CONFIG_CPU_SW_DOMAIN_PAN.
The first can allow developers to control what memory segments are writeable and executable. By limiting how much of the memory apps and features can access and interact with, developers also limit the memory available to attackers when they manage to compromise that app or feature. This feature has been backported to Android 3.18 and will be made available to older devices.
The second option limits if and how much of the userspace memory the kernel can access. Since exploits tend to leverage the userspace memory first and wait for functions with kernel level to access that space, this narrows down the attack surface and reduces the probability of malicious code reaching the kernel, leading to total device compromise. This feature too has been backported down to Android 4.1.
Further, the Android team has also improved protection against stack buffer overflows by adding coverage for additional array types.
Reducing the attack surface
To reduce the overall Android kernel attack surface, Google engineers did three things.
First, they cut off default access to the kernel's debug feature, then they made the seccomp component (sandboxing-related system) a requirement, and they also restricted app access to IOCTL commands.
The last was of grave importance. "Most of the kernel vulnerabilities reported on Android occur in drivers and are reached using the ioctl syscall," Stoep explains. "Some ioctl commands are needed by third-party applications, however most are not and access can be restricted without breaking legitimate functionality."
Android 7.0 Nougat will be released this fall. Google has made security hardening a priority for the Nougat release. These and many other are included.