For anyone who reads that is actually tracking this issue, this won't be news, but I haven't seen that much buzz about it online and I think that it's a pretty big thing.
In Android 11, Google added some special, software-based checks that were meant to emulate MTE by causing crashes if some app were to abuse a pointer to the heap. This was framed, essentially, as trying to ease developers into the mindset that you should be using pointers as they're given to you and not doing stupid things with them, and if you continue to do stupid things in the future, your code might stop working. So Google included this feature, but allowed it to be disabled.
Since then, google has published the Android 12 beta and enumerate a list of Compatibility Framework changes.
The above link should take you to the relevant section, but if you're reading this far in the future, I'll summarize:
Google has added the options for using MTE on hardware that supports it and added flags for two different tag checking strategies (Synchronous and Asynchronous).
Currently, by default, these MTE options are disabled, however, this further goes to show that Google is really hammering down on MTE support.
With the release of the Pixel 6 upcoming, I think it's safe to say with some certainty that it will support MTE.
I may sound like I'm freaking out over some obscure feature, but... Properly implemented, this is the same type of generational leap in security that the security community saw when ASLR was introduced, when W^X came about, when Apple adopted PAC on their iPhones. MTE, if handled correctly can kill large swaths of existing bugs and exploits and make finding new ones far more difficult than before.
I'm on the edge of my seat, don't know about you. Let's see what happens...
No comments:
Post a Comment