Exploring GrapheneOS secure allocator: Hardened Malloc

CGG

https://www.synacktiv.com/en/publications/exploring-grapheneos-secure-allocator-hardened-malloc

I was reading this analysis and I think its very important for the community understand how serious are the GOS team.

You guys are lions!

indigomadelin

In order to benefit from MTE, a binary must be compiled with the appropriate flags. For the purposes of this article, the flags below were added to the Application.mk file of our test binaries to enable MTE.

APP_CFLAGS := -fsanitize=memtag -fno-omit-frame-pointer -march=armv8-a+memtag
APP_LDFLAGS := -fsanitize=memtag -march=armv8-a+memtag

How can I tell if an app has been compiled in this way? If it hasn't and I have enabled MTE for all apps, will MTE still work?

CGG

This is a question for GOS team. But, yes, if the app is not compiled with the appropriate flags the MTE for that specific app will be bypassed, BUT..... all grapheneos is compiled with mte because the protection is inherited in the system. So if your non mte app try to corrput some component of GOS system memory which is mte enabled it will possibly be detected anyway. Memory tag is just one of the vast security procedures graphene os takes to avoid memory violation. Alone MTE is bypassable...but not in this case and as shown in the arcticle... graphene offers much more protections (hardened malloc, ASLR
for example) that togheter make the system hardened.

Maybe someone can explain better this for you.

GrapheneOS

CGG GrapheneOS still heavily uses MTE for code not compiled with it. Compiling code with support for heap MTE only marks it as compatible with MTE. On modern computers, each process has their own address space. MTE is for protecting code from itself to protect it from being exploited. It isn't relevant to preventing accessing memory of other processes because that's already prevented by the baseline virtual memory and sandboxing.

CGG

@admin may be the best to anwser this.

Andromxda

Make sure to upvote the Hacker News and Lemmy posts! https://news.ycombinator.com/item?id=45337395

https://lemmy.ml/post/36558634

CGG

GrapheneOS Thatś what i was trying to explain... but you did it perfect... thank you