Add 4.3 security documentation.
Bug: 8776692
Change-Id: Id93dc3348913d2b689c217013701b39c102d4c30
diff --git a/src/devices/devices_toc.cs b/src/devices/devices_toc.cs
index a1a37c6..34fe84c 100644
--- a/src/devices/devices_toc.cs
+++ b/src/devices/devices_toc.cs
@@ -158,6 +158,11 @@
<span class="en">Security Enhancements in Android 4.2</span>
</a>
</li>
+ <li>
+ <a href="<?cs var:toroot ?>devices/tech/security/enhancements43.html">
+ <span class="en">Security Enhancements in Android 4.3</span>
+ </a>
+ </li>
</ul>
</li>
diff --git a/src/devices/tech/security/enhancements43.jd b/src/devices/tech/security/enhancements43.jd
new file mode 100644
index 0000000..4ecae12
--- /dev/null
+++ b/src/devices/tech/security/enhancements43.jd
@@ -0,0 +1,85 @@
+page.title=Security Enhancements in Android 4.3
+@jd:body
+
+<p>
+Every Android release includes dozens of security enhancements to protect
+users. The following are some of the security enhancements available
+in Android 4.3:
+</p>
+
+<ul>
+ <li><strong>Android sandbox reinforced with SELinux.</strong>
+ Android now uses SELinux,
+ a mandatory access control (MAC) system in the Linux kernel originally
+ designed for government security, to augment the UID based Application
+ sandbox. This protects the operating system against potential security
+ vulnerabilities.</li>
+
+ <li><strong>No setuid/setgid programs.</strong>
+ Added support for filesystem capabilities
+ to Android system files and removed all setuid/setguid programs. This
+ reduces root attack surface and the likelihood of potential security
+ vulnerabilities.</li>
+
+ <li><strong>ADB Authentication.</strong>
+ Since Android 4.2.2, connections to ADB are
+ authenticated with an RSA keypair. This prevents unauthorized use of
+ ADB where the attacker has physical access to a device.</li>
+
+ <li><strong>Restrict Setuid from Android Apps.</strong>
+ The /system partition is now mounted
+ nosuid for zygote-spawned processes, preventing Android applications
+ from executing setuid programs. This reduces root attack surface and
+ the likelihood of potential security vulnerabilities.</li>
+
+ <li><strong>Capability bounding.</strong>
+ Android zygote and ADB now use prctl(PR_CAPBSET_DROP) to drop
+ unnecessary capabilities prior to executing applications.
+ This prevents Android applications and applications launched from
+ the shell from acquiring privileged capabilities.</li>
+
+ <li><strong>AndroidKeyStore Provider.</strong>
+ Android now has a keystore provider that allows
+ applications to create exclusive use keys. This provides applications
+ with an API to create or store private keys that cannot be used by
+ other applications.</li>
+
+ <li><strong>KeyChain isBoundKeyAlgorithm.</strong>
+ Keychain API now provides a method
+ (isBoundKeyType) that allows applications to confirm that system-wide keys
+ are bound to a hardware root of trust for the device. This provides
+ a place to create or store private keys that cannot be exported off the
+ device, even in the event of a root compromise.</li>
+
+ <li><strong>NO_NEW_PRIVS.</strong>
+ Android zygote now uses prctl(PR_SET_NO_NEW_PRIVS) to block addition
+ of new privileges prior to execution application code. This
+ prevents Android applications from performing operations which can
+ elevate privileges via execve. (This requires Linux kernel version 3.5
+ or greater).</li>
+
+ <li><strong>FORTIFY_SOURCE enhancements.</strong>
+ Enabled FORTIFY_SOURCE on Android x86 and MIPS
+ and fortified strchr(), strrchr(), strlen(), and umask() calls. This
+ can detect potential memory corruption vulnerabilities or unterminated
+ string constants.</li>
+
+ <li><strong>Relocation protections.</strong>
+ Enabled read only relocations (relro) for
+ statically linked executables and removed all text relocations in Android
+ code. This provides defense in depth against potential memory corruption
+ vulnerabilities.</li>
+
+ <li><strong>Improved EntropyMixer.</strong>
+ EntropyMixer now writes entropy at shutdown /
+ reboot, in addition to periodic mixing. This allows retention of all
+ entropy generated while devices are powered on, and is especially useful
+ for devices that are rebooted immediately after provisioning.</li>
+
+ <li><strong>Security Fixes.</strong>
+ Android 4.3 also includes fixes for Android-specific
+ vulnerabilities. Information about these vulnerabilities has been provided
+ to Open Handset Alliance members and fixes are available in Android Open
+ Source Project. To improve security, some devices with earlier versions
+ of Android may also include these fixes.</li>
+</ul>
