search

mollyim / mollyim-android

Enhanced and security-focused fork of Signal.
GNU Affero General Public License v3.0
1.37k stars 77 forks source link

Opt-in in MTE #236

Open ghost opened 8 months ago

ghost commented 8 months ago

Is there an existing request for this?

Feature description

As the title says. MTE aims to mitigate memory-related vulnerabilities. It is a very useful feature which greatly improves security.

For context:

https://source.android.com/docs/security/test/memory-safety/arm-mte

https://developer.android.com/ndk/guides/arm-mte

https://source.android.com/docs/security/test/memory-safety/mte-configuration

https://community.arm.com/arm-community-blogs/b/architectures-and-processors-blog/posts/enhanced-security-through-mte

sycam0r-e commented 7 months ago

Good stuff, would love to see MTE support! However, do keep in mind that MTE is currently available only for a very small fraction of Android smartphone users so currently its usefulness has to be weighed against its implementation costs.

miles992 commented 6 months ago

If you are using it with GrapheneOS you will have MTE for the app enabled by default and it works fine (Pixel 8 required).