owasp-mastg icon indicating copy to clipboard operation
owasp-mastg copied to clipboard

Published 20 hours ago verified publisher icon OWASP

Add content for secure compiler settings for Android NDK

Open sushi2k opened this issue 6 years ago • 2 comments

In chapter: "Testing Code Quality and Build Settings of Android Apps"

Enhance section "Make Sure That Free Security Features Are Activated (MSTG-CODE-9)" with "Secure Compiler Settings for Android NDK".

  • What do you have to consider when compiling your NDK binaries?
  • How is this done in the latest Android Studio release. What are the defaults? What has to be considered by the developer?
  • What else can be done with the new ndk changes? (https://developer.android.com/about/versions/10/features#fg-service-types)

Refs:

  • PIE enabled: http://vinsol.com/blog/2014/08/19/compiling-native-libraries-for-android-l/
  • https://code.google.com/archive/p/android-developer-preview/issues/888
  • http://web.guohuiwang.com/technical-notes/androidndk2

sushi2k avatar May 15 '18 02:05 sushi2k

explain:

  • what secure compiler settings should be set?
  • what configuration should be avoided?

commjoen avatar Aug 19 '19 19:08 commjoen

Hints, you can find useful information in https://developer.android.com/ndk/downloads/revision_history

  • Android NDK, Revision r18b (September 2018): Support for ICS (android-14 and android-15) has been removed. Apps using executables no longer need to provide both a PIE and non-PIE executable.
  • Android NDK, Revision 10d (December 2014): Introduced the requirement, starting from API level 21, to use -fPIE -pie when building. In API levels 16 and higher, ndk-build uses PIE when building. This change has a number of implications, which are discussed in Developer Preview Issue 888. These implications do not apply to shared libraries.
  • Android NDK, Revision 8b (July 2012): Updated build options to enable the Never eXecute (NX) bit and relro/bind_now protections by default:
    • Added --noexecstack to assembler and -z noexecstack to linker that provides NX protection against buffer overflow attacks by enabling NX bit on stack and heap.
    • Added -z relro and -z now to linker for hardening of internal data sections after linking to guard against security vulnerabilities caused by memory corruption. (more info: 1, 2) These features can be disabled using the following options:
      1. Disable NX protection by setting the --execstack option for the assembler and -z execstack for the linker.
      2. Disable hardening of internal data by setting the -z norelro and -z lazy options for the linker.
      3. Disable these protections in the NDK jni/Android.mk by setting the following options:
LOCAL_DISABLE_NO_EXECUTE=true  # disable "--noexecstack" and "-z noexecstack"
DISABLE_RELRO=true             # disable "-z relro" and "-z now"

cpholguera avatar Oct 02 '19 10:10 cpholguera