[KERNEL][ICS][07-04-12] AniDroid-Hardened-TF101 (2.6.39.4)

Search This thread
By:
Advanced…
novic_dev

novic_dev

Senior Member
Aug 23, 2010
309
601
38
Moscow
www.anikos.su
AniDroid-Hardened-TF101 Kernel​

Short Kernel information:​

AniDroid-Hardened Kernel is the first Hardened kernel for Android that uses GRSecurity subsystem to provide different useful Security functionality.
AniDroid-Hardened Kernel now is in early stage of developing but it's almost ready for using and testing on Asus Transformer TF101 and Google (Samsung) Nexus S devices ;)

Provided Features:
  • Linux Kernel version 2.6.39.4
  • GRSecurity version 2.2.2 with different security features enabled by default (see GRSecurity Feature List for details)
  • EXT4, NTFS, CIFS support
  • init.d support
  • Compatible with any OTA-based and AOSP ICS Roms
  • 1024 Kb ReadAhead support
  • Automatic Process Group Scheduling
  • -fstack-protector buffer overflow detection

GRSecurity Feature List:​
  • Kernel Memory Protection (restrict read/write access to /dev/kmem, /dev/mem, and /dev/port)
  • Active Exploits Protection (deter exploit bruteforcing, active kernel exploit response)
  • Role Based Access Control (RBAC)
  • Filesystem Advanced Protection (including advanced security for applications running in CHROOT environment)
  • Full Kernel Auditing (event logging for many kernel events)
  • Executable Protection (deter ptrace-based process snooping)
  • Network Protection (TCP/UDP blackhole and LAST_ACK DoS prevention)
  • Managing support via Sysctl Interface

  • Ondemand (Default)
  • Interactive
  • Conservative
  • Powersave
  • Performance

  • CFQ (Default)
  • Noop
  • Deadline (tweaked for flash devices)
  • Simple IO (SIO)

Links:​

Changelogs and issues info:​

Alpha 1 known issues:
  • BCM4329 WiFi kernel module temporarely doesn't work :(
  • SU is temporarely cause "Permission denied" :(

WARNING!!!
AniDroid-Hardened-TF101 Kernel is still need testing!
So, you can flash and use this kernel at your oun risk! :)



Thanks to msticninja, guevor, eugene373, koush, ezekeel, supercurio, morfic, franciscofranco, sztupy, reddv1, byeonggonlee!!!
 
Last edited:
  • Like
Reactions: PXN, hearts king101, sert00 and 3 others
sert00

sert00

Senior Member
May 28, 2011
1,091
496
cesena,IT
hi!great to see new kernelz every week!after reading all the features in the nexus 3ad,i wonder if you'll put some of them un future in this tf's build...some of them i use every day on smartphones and are very Usefull..like touchwake,liveOC,BLX , fast charge and others..(fast charge especially);)glad to test this kernel now,hoping that wifi works,anyway thanks for the hard work and keep it up in future release!i'll report how it goes...:D
 
  • Like
Reactions: novic_dev
A

a.mcdear

Senior Member
May 20, 2010
1,716
455
Phoenix, Arizona
sert00 said:
hi!great to see new kernelz every week!after reading all the features in the nexus 3ad,i wonder if you'll put some of them un future in this tf's build...some of them i use every day on smartphones and are very Usefull..like touchwake,liveOC,BLX , fast charge and others..(fast charge especially);)glad to test this kernel now,hoping that wifi works,anyway thanks for the hard work and keep it up in future release!i'll report how it goes...:D
Click to expand...
Click to collapse

As far as I know, fast charge from a computer USB port isn't possible on the tf101 because it requires 12v to go into fast charge mode where a normal USB port only provides 5v.
 
  • Like
Reactions: novic_dev, sert00 and will8578
M

msticninja

Senior Member
Mar 16, 2007
731
174
Congrats on getting the kernel compiled with your changes. I'll post some fixes tomorrow that you might want to pull to your git. I have to be honest though, I don't really see the point of grsecurity on android. Do people actually get hacked?
 
  • Like
Reactions: novic_dev
j3tt3

j3tt3

Senior Member
Feb 21, 2012
340
49
noted but will flash when somebody got the balls to try...

Sent from my Transformer TF101 using xda premium
 
K

K900

Senior Member
Aug 12, 2010
4,846
2,893
Moscow
Basically, su won't work with GRSec because of the RBAC model. Another way needs to be found

Sent from my LT26i using XDA
 
  • Like
Reactions: novic_dev
novic_dev

novic_dev

Senior Member
Aug 23, 2010
309
601
38
Moscow
www.anikos.su
K900 said:
Basically, su won't work with GRSec because of the RBAC model. Another way needs to be found

Sent from my LT26i using XDA
Click to expand...
Click to collapse

SU will work as privileged user can be allowed to run privileged operations useful for such apps as Titanium Backup and so on ..it's not GRSec issue - vanilla asus source have tha same issue for me.. it's either compiler or ramdisk problem..
 
Last edited:
K

K900

Senior Member
Aug 12, 2010
4,846
2,893
Moscow
novic_dev said:
SU will work as privileged user can be allowed to run privileged operations useful for such apps as Titanium Backup and so on ..it's not GRSec issue - vanilla asus source have tha same issue for me.. it's either compiler or ramdisk problem..
Click to expand...
Click to collapse

I meant that you need to either allow switching to root, which defeats the whole purpose of GRSec or use its own access controls, which needs to be done in apps.

Sent from my LT26i using XDA
 
  • Like
Reactions: novic_dev
You must log in or register to reply here.

Similar threads

mike1986.
[ROM] Android Revolution HD 3.6 | High Quality & Performance | ICS | TF101/101G
Replies
7K
Views
2M
T
turkceng
gnufabio
[ROM] Revolver 4 by Gnufabio | 4.2.1 - IC421(G) | Sep 5 | TF101-TF101G-SL101 | Fast
Replies
4K
Views
1M
oknguyen
oknguyen
teameos
  • Locked
[ROM][JB 4.2.2] [Team EOS 4] [Nightlies -- TF101]
Replies
6K
Views
1M
teameos
teameos
G
[Kernel] ICS (3.1 and 2.6.39 versions) (V25.5 and V1.1)
Replies
3K
Views
608K
VashlaK Belarus
VashlaK Belarus
teameos
[ROM][JB] Team EOS 3 *JELLYBEAN* Nightlies - TF101
Replies
3K
Views
719K
aspros21
aspros21

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 6
    novic_dev
    novic_dev
    AniDroid-Hardened-TF101 Kernel​

    Short Kernel information:​

    AniDroid-Hardened Kernel is the first Hardened kernel for Android that uses GRSecurity subsystem to provide different useful Security functionality.
    AniDroid-Hardened Kernel now is in early stage of developing but it's almost ready for using and testing on Asus Transformer TF101 and Google (Samsung) Nexus S devices ;)

    Provided Features:
    • Linux Kernel version 2.6.39.4
    • GRSecurity version 2.2.2 with different security features enabled by default (see GRSecurity Feature List for details)
    • EXT4, NTFS, CIFS support
    • init.d support
    • Compatible with any OTA-based and AOSP ICS Roms
    • 1024 Kb ReadAhead support
    • Automatic Process Group Scheduling
    • -fstack-protector buffer overflow detection

    GRSecurity Feature List:​
    • Kernel Memory Protection (restrict read/write access to /dev/kmem, /dev/mem, and /dev/port)
    • Active Exploits Protection (deter exploit bruteforcing, active kernel exploit response)
    • Role Based Access Control (RBAC)
    • Filesystem Advanced Protection (including advanced security for applications running in CHROOT environment)
    • Full Kernel Auditing (event logging for many kernel events)
    • Executable Protection (deter ptrace-based process snooping)
    • Network Protection (TCP/UDP blackhole and LAST_ACK DoS prevention)
    • Managing support via Sysctl Interface

    • Ondemand (Default)
    • Interactive
    • Conservative
    • Powersave
    • Performance

    • CFQ (Default)
    • Noop
    • Deadline (tweaked for flash devices)
    • Simple IO (SIO)

    Links:​

    Changelogs and issues info:​

    Alpha 1 known issues:
    • BCM4329 WiFi kernel module temporarely doesn't work :(
    • SU is temporarely cause "Permission denied" :(

    WARNING!!!
    AniDroid-Hardened-TF101 Kernel is still need testing!
    So, you can flash and use this kernel at your oun risk! :)



    Thanks to msticninja, guevor, eugene373, koush, ezekeel, supercurio, morfic, franciscofranco, sztupy, reddv1, byeonggonlee!!!
    View
    3
    A
    a.mcdear
    sert00 said:
    hi!great to see new kernelz every week!after reading all the features in the nexus 3ad,i wonder if you'll put some of them un future in this tf's build...some of them i use every day on smartphones and are very Usefull..like touchwake,liveOC,BLX , fast charge and others..(fast charge especially);)glad to test this kernel now,hoping that wifi works,anyway thanks for the hard work and keep it up in future release!i'll report how it goes...:D
    Click to expand...
    Click to collapse

    As far as I know, fast charge from a computer USB port isn't possible on the tf101 because it requires 12v to go into fast charge mode where a normal USB port only provides 5v.
    View
    1
    L
    linuques
    Great to see another kernel option. Awesome work, mate!
    I'll give it a try.
    View
    1
    sert00
    sert00
    hi!great to see new kernelz every week!after reading all the features in the nexus 3ad,i wonder if you'll put some of them un future in this tf's build...some of them i use every day on smartphones and are very Usefull..like touchwake,liveOC,BLX , fast charge and others..(fast charge especially);)glad to test this kernel now,hoping that wifi works,anyway thanks for the hard work and keep it up in future release!i'll report how it goes...:D
    View
    1
    M
    msticninja
    Congrats on getting the kernel compiled with your changes. I'll post some fixes tomorrow that you might want to pull to your git. I have to be honest though, I don't really see the point of grsecurity on android. Do people actually get hacked?
    View

New posts