Linked by Thom Holwerda on Sat 2nd Sep 2017 00:34 UTC

The hardening of Android's userspace has increasingly made the underlying Linux kernel a more attractive target to attackers. As a result, more than a third of Android security bugs were found in the kernel last year. In Android 8.0 (Oreo), significant effort has gone into hardening the kernel to reduce the number and impact of security bugs.

Android Nougat worked to protect the kernel by isolating it from userspace processes with the addition of SELinux ioctl filtering and requiring seccomp-bpf support, which allows apps to filter access to available system calls when processing untrusted input. Android 8.0 focuses on kernel self-protection with four security-hardening features backported from upstream Linux to all Android kernels supported in devices that first ship with this release.

Is it common to have to backport security features of newer Linux versions to older ones? Or is this just a peculiarity of Android's Linux kernel being so far behind the times?

Permalink for comment 648526
To read all comments associated with this story, please click here.
Member since:

For lack of a better choice, people have settled on overloading "Linux" to have two different meanings:

1. The kernel used in products like Android and Ubuntu.

2. The family of Unixy distros built around the Linux kernel, which includes distros like Alpine Linux, which use a non-GNU userland.

That's why "Android is not Linux"... because, despite being built on the Linux kernel, it considers its POSIXy undercarriage to be an implementation detail and its creators intentionally distance it from "Linux distros"... thus, it does not belong to the second definition.

Reply Parent Score: 1