Pulser_G2 · Nov 1, 2013 at 06:30 pm

Google Taking Aim at Device Modders in Android 4.4 KitKat

Android 4.4 introduces a number of changes intended to reduce the risks of rootkits on the platform. In addition to SELinux, the dm-verity kernel feature is also used on boot. The dm-verity feature is used to verify the filesystem storage, and detect modifications to the device at block level (rather than file level). In essence, dm-verity aims to prevent root software from modifying the device file system. This is done by detecting the modifications made to the filesystem, which will no longer match the expected configuration.

In dm-verity, each block of the storage device has a SHA-256 hash associated with it. (For reference, a block is simply a unit of address for storage, typically around 4 KB on flash devices.) A tree of hashes is formed across pages, such that only the “top” hash in the tree (known as the root hash) needs to be trusted, in order for the entire filesystem to be trusted. If any block is modified, this will change the hash, breaking the chain.

The boot partition of the device will contain a public key, which the OEM is expected to externally verify (perhaps via the bootloader or low-level CPU features). This public key is used to ensure the signature of the hash on the file system is valid and unmodified.

In order to reduce the time taken to verify the filesystem, blocks are only verified when they are accessed, and are verified in parallel with the regular read operation (to essentially eliminate any latency with accessing the storage). If the verification changes (i.e. files have changed on the system partition), then a read error is generated. Depending on the application accessing the data, it may proceed if it’s not a critical action, but it is also possible for applications to decline to operate under these conditions.

While nobody can predict the future with 100% accuracy, I think it’s fair to say that “rooting” and modifying devices running Android 4.4 with locked bootloaders (i.e. where root exploits are required, as the OEM will not permit custom kernels) may well be considerably more difficult than in previous Android versions. It seems that Android 4.4 is taking a few leaves out of the Chrome OS book, as these changes essentially implement “verified boot,” as found on Chrome OS.

To re-iterate, if you are able to change the kernel your device uses, this feature will not be a concern. It’s possible to either disable dm-verity in the kernel, or to set it up to use your own keys to authenticate the system hash. For users who choose to buy carrier-branded devices and accept a locked bootloader, but find a way to root the device, take heed of this warning. It’s not at all unlikely (in my technical opinion) for this to happen on future devices. If you want the ability to modify the software on your phone, I’d avoid anything with a locked bootloader, and ensure you can modify the kernel (to disable or modify the dm-verity signatures).

Right now, little is known about what this will actually mean, but aside from greater security for users on stock ROMs, I suspect there will be some noticeable impact on casual users wishing to make small changes to Android. Until we see devices from other OEMs shipping with 4.4, it’s difficult to really assess how (or if) this will change things. But take note, and bear it in mind.

Source: Android Source Code Documentation

Want something on the XDA Portal? Send us a tip!


Pulser_G2 is an editor on XDA-Developers, the largest community for Android users. Developer Admin at xda-developers, interested in everything in mobile and security. A developer and engineer, who would re-write everything in C or Assembler if the time was there. View Pulser_G2's posts and articles here.
Chris Gilliam · May 24, 2015 at 03:59 pm · 2 comments

XDA Recap: This Week In Android (May 17 – 23)

Another week, another recap. The Sunday tradition marches on this week with a fresh no-nonsense look at big-picture news. Here in the digital XDA writers’ room, we spend our days pouring over an average of 2,500 news items and forum threads every 24 hours. Only the most timely and interesting bits survive the editing process, but the portal’s front page still sees weekly counts in excess of 100 posts. This is a glut of content to absorb, especially if following...

Mario Tomás Serrafero · May 24, 2015 at 11:00 am · 1 comment

Sunday Debate: Are Smaller Bezels Better or Worth It?

Bezels have been getting smaller and smaller as the years go by, and while devices from 2011 needed to trim some fat, there is no absolute rule that says that smaller bezels, after a happy medium, are beneficial to a phone. Part of this is that, with today’s current smartphone paradigms, an absolute lack of bezels does not produce an inherently better user experience.   With each technological advancement come limitations and compromises of some sort, and bezels are not...

Jimmy McGee · May 24, 2015 at 06:00 am · 3 comments

LG G4 First Impressions and Unboxing – XDA TV

The latest in LG’s signature line of “G phones” has been released. The LG G4 is the successor to the popular LG G3. Coming with many different design styles, from two types of leather to ceramic white, the LG G4 has the looks, but does it have the power? In this episode of XDA TV, Producer TK gets hands on with a new LG G4. TK opens the box for a standard unboxing. Then, TK shows off the phone and...

Share This