Something went wrong on our end
-
Daniel Micay authoredThese APIs expose sensitive information via timing side channels. This leaves access via the adb shell intact along with the current uses by dumpstate, init and system_server. The /proc/interrupts and /proc/stat files were covered in this paper: https://www.lightbluetouchpaper.org/2016/07/29/yet-another-android-side-channel/ The /proc/softirqs, /proc/timer_list and /proc/timer_stats files are also relevant. Access to /proc has been greatly restricted since then, with untrusted apps no longer having direct access to these, but stricter restrictions beyond that would be quite useful. Change-Id: Ibed16674856569d26517e5729f0f194b830cfedd
Daniel Micay authoredThese APIs expose sensitive information via timing side channels. This leaves access via the adb shell intact along with the current uses by dumpstate, init and system_server. The /proc/interrupts and /proc/stat files were covered in this paper: https://www.lightbluetouchpaper.org/2016/07/29/yet-another-android-side-channel/ The /proc/softirqs, /proc/timer_list and /proc/timer_stats files are also relevant. Access to /proc has been greatly restricted since then, with untrusted apps no longer having direct access to these, but stricter restrictions beyond that would be quite useful. Change-Id: Ibed16674856569d26517e5729f0f194b830cfedd