The Linux kernel continues to add security protections so developers don’t have to build them on their own. As a result, one of the first steps security experts recommend for protecting against embedded Linux malware threats is to work with the latest possible kernel release and then regularly update field devices. Now that Android is getting long in the tooth — it was nine years ago this month that Sergey Brin and Larry Page rollerbladed onto the stage to announcethe debut of the flagship HTC G1 phone — more and more Android devices are being attacked due to out-of-date Linux kernels. To address the problem before it adds to Android’s substantial challenge with malware generated from rogue or unprotected apps, Google has announced new requirements in Android 8.0 (“Oreo”) to build on Linux kernels no older than kernel 4.4.
These new requirements, which were revealed after last week’s launch of Android 8.0, are intended to support its Project Treble technology for speeding firmware updates. Oreo has also backported several kernel hardening features from upstream Linux kernels. In the coming years, Google may well be tapping security enhancements built into this week’s release of Linux 4.13 – the 13th version of the 4.x kernel – which updates its SMB support and adds Transport Layer Security support (see farther below).
Android Oreo kernel requirements and Project Treble
Google’s first minimum Linux kernel requirements for Android were posted last week on the Android Source page and revealed by Doug Lynch on XDA-Developers. Any new SoC that ships in 2017 or later that appears on an Android 8.0 device must have a Linux 4.4 or higher kernel, says Google. Oreo-based products with older SoCs must start with Linux 3.18 or higher, which is generous considering Kernel 3.18 is listed by kernel.org as EOL.
There are no requirements for recent Linux kernels on older devices that are upgrading to Oreo. In addition, Android Open Source Project (AOSP) code for Oreo is available without any requirements for those who don’t need Android branding and access to Google Services.
On its requirements page, Google notes: “Regardless of launch date, all SoCs with device launches on Android O remain subject to kernel changes required to enable Treble.” Here, Google is referring to Project Treble, which formally debuts in Oreo. This modularization of Android is intended add some separation between the lower-level, device specific firmware written by chip manufacturers and the main OS framework.
Project Treble is implemented via a new Vendor Interface that is validated with a Vendor Test Suite (VTS). These tools give silicon makers a more detailed requirement spec for booting a new Android release so they can speed testing.