Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities.
谷歌正在强调Clang消毒剂在加固Android操作系统中的数字基带安全性方面所起的作用,并防止特定类型的漏洞。
This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer (UBSan), a tool designed to catch various kinds of undefined behavior during program execution.
这包括整数溢出消毒剂(IntSan)和边界消毒剂(BoundSan),它们都是未定义行为消毒剂(UBSan)的一部分,旨在在程序执行期间捕捉各种类型的未定义行为。
"They are architecture agnostic, suitable for bare-metal deployment, and should be enabled in existing C/C++ code bases to mitigate unknown vulnerabilities," Ivan Lozano and Roger Piqueras Jover said in a Tuesday post.
"它们与架构无关,适用于裸机部署,并应在现有的C/C++代码库中启用,以减轻未知的漏洞," Ivan Lozano和Roger Piqueras Jover在周二的一篇文章中说。
The development comes months after the tech giant said it's working with ecosystem partners to increase the security of firmware that interacts with Android, thereby making it difficult for threat actors to achieve remote code execution within the Wi-Fi SoC or the cellular baseband.
此消息发布几个月后,这家技术巨头表示正在与生态系统合作伙伴合作,以增强与Android交互的固件的安全性,从而使威胁行为者难以实现在Wi-Fi SoC或数字基带中实现远程代码执行。
IntSan and BoundSan are two of the compiler-based sanitizers that Google has enabled as an exploit mitigation measure to detect arithmetic overflows and perform bounds checks around array accesses, respectively.
IntSan和BoundSan是谷歌启用的两种基于编译器的消毒剂,用作漏洞利用的限制措施,以检测算术溢出,并围绕数组访问执行边界检查。
Google acknowledged that while both BoundSan and IntSan incur a substantial performance overhead, it has enabled it in security-critical attack surfaces ahead of a full-fledged rollout over the entire codebase. This covers -
谷歌承认,尽管BoundSan和IntSan都会产生大量性能开销,但它已在安全关键的攻击面上启用了它,在全面应用前覆盖整个代码库。这包括-
-
Functions parsing messages delivered over the air in 2G, 3G, 4G, and 5G
在2G、3G、4G和5G上解析传送的消息的功能
-
Libraries encoding/decoding complex formats (e.g., ASN.1, XML, DNS, etc.)
编码/解码复杂格式的库(例如ASN.1、XML、DNS等)
-
IMS, TCP, and IP stacks, and
IMS、TCP和IP堆栈,以及
-
Messaging functions (SMS, MMS)
消息功能(SMS、MMS)
"In the particular case of 2G, the best strategy is to disable the stack altogether by supporting Android's '2G toggle,'" the researchers said. "However, 2G is still a necessary mobile access technology in certain parts of the world and some users might need to have this legacy protocol enabled."
"在2G的特定情况下,最好的策略是通过支持安卓的'2G切换'来完全禁用堆栈," 研究人员说。"然而,在世界某些地区,2G仍然是必要的移动访问技术,并且一些用户可能需要启用这种传统协议。"
It's worth noting that the "tangible" benefits arising out of deploying sanitizers notwithstanding, they do not address other classes of vulnerabilities, such as those related to memory safety, necessitating a transition of the codebase to a memory-safe language like Rust.
值得注意的是,尽管部署消毒剂带来的"切实的"好处,但它们并未解决其他类别的漏洞,比如与内存安全相关的漏洞,这需要将代码库转换为像Rust这样的内存安全语言。
In early October 2023, Google announced that it had rewritten the Android Virtualization Framework's (AVF) protected VM (pVM) firmware in Rust to provide a memory-safe foundation for the pVM root of trust.
2023年10月初,谷歌宣布已使用Rust将Android虚拟化框架(AVF)的受保护VM(pVM)固件重写,以为pVM信任根提供一个内存安全的基础。
"As the high-level operating system becomes a more difficult target for attackers to successfully exploit, we expect that lower level components such as the baseband will attract more attention," the researchers concluded.
"随着高级操作系统成为攻击者成功利用的更加困难的目标,我们预计低级组件,如数字基带,将吸引更多的注意力," 研究人员总结道。
"By using modern toolchains and deploying exploit mitigation technologies, the bar for attacking the baseband can be raised as well."
"通过使用现代工具链和部署漏洞利用技术,可以提高对基带的攻击门槛。"
原文始发于微信公众号(知机安全):谷歌使用Clang净化器保护安卓免受基带脆弱性攻击
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论