Android: Protecting the Kernel - Kernel Security Strategies

Explore a comprehensive lecture on Android kernel protection delivered by Jeffrey Vander Stoep from Google at a Linux Foundation event. Delve into the evolving landscape of root access on Android devices, understanding how SELinux and DAC capabilities have altered the traditional root process. Discover why rooting exploits now target the Linux kernel to disable SELinux and restore root privileges. Gain insights into the specific areas where the kernel faces attacks, learn about the kernel protections implemented in AOSP/Android-N, and explore innovative ideas and prototypes for future security measures. Examine a detailed analysis of kernel vulnerabilities, including types of bugs, mitigation strategies, and their impact on system security. Investigate topics such as heap overflows, null pointer dereferences, attack surface reduction, and memory safety. Benefit from Vander Stoep's expertise as a software engineer on the Android security team at Google, working to enhance the overall security of the Android platform.

Introduction
Good News
Agenda
A note
Why this talk
The data set
The kernel
Userspace bugs
Is it increasing
Kernel defenses
Types of bugs
Mitigations
Heap Overflows
NullPointer Dereferences
Cobra View
Attack Surface Reduction
Bugs by Driver
Bugs by Entrypoint
Other Mitigation
Impact of Mitigation
Gaps
Computer Safety
Memory Safety