Adaptive Kernell Live Patching: An Open Collaborative Effort to Ameliorate Android N-day Root Exploits

by Yulong Zhang, Tao Wei
Sept. 14, 2017 1 comment Pen Testing & Audits kernell

In this talk, we present an adaptive Android kernel live patching framework, which enables open and live patching for kernels. It has the following advantages: (1) It enables online hotpatching without interrupting user-experience. Unlike existing Linux kernel hotpatching solutions, it works directly on binaries and can automatically adjust to different device models with different Android kernel versions. (2) It enables third party vendors, who may not access the exact source code of the device kernel and drivers, to perform live patching. (3) Except for the binary patching scheme, it also provides a Lua based patching scheme, which makes patch generation and delivery even easier. It also has stronger confinement. This framework saves developers from repeating the tedious and error-prone patch porting work, and patches can be provided from various vendors, thus the patch deployment period can be greatly shortened.

Steven Ulm 6 months ago

I also believe that only the open collaborative efforts (like these) can truly make internet and the OS safer environments..