Add 4.3 security documentation.

Bug: 8776692
Change-Id: Id93dc3348913d2b689c217013701b39c102d4c30

2 files changed, 90 insertions, 0 deletions

diff --git a/src/devices/devices_toc.cs b/src/devices/devices_toc.cs
index a1a37c62..34fe84ca 100644
--- a/src/devices/devices_toc.cs
+++ b/src/devices/devices_toc.cs
@@ -158,6 +158,11 @@
                 <span class="en">Security Enhancements in Android 4.2</span>
               </a>
             </li>
+            <li>
+              <a href="<?cs var:toroot ?>devices/tech/security/enhancements43.html">
+                <span class="en">Security Enhancements in Android 4.3</span>
+              </a>
+            </li>
           </ul>
       </li>
       
diff --git a/src/devices/tech/security/enhancements43.jd b/src/devices/tech/security/enhancements43.jd
new file mode 100644
index 00000000..4ecae12b
--- /dev/null
+++ b/src/devices/tech/security/enhancements43.jd
@@ -0,0 +1,85 @@
+page.title=Security Enhancements in Android 4.3
+@jd:body
+
+<p>
+Every Android release includes dozens of security enhancements to protect
+users. The following are some of the security enhancements available
+in Android 4.3:
+</p>
+
+<ul>
+  <li><strong>Android sandbox reinforced with SELinux.</strong>
+  Android now uses SELinux,
+  a mandatory access control (MAC) system in the Linux kernel originally
+  designed for government security, to augment the UID based Application
+  sandbox. This protects the operating system against potential security
+  vulnerabilities.</li>
+
+  <li><strong>No setuid/setgid programs.</strong>
+  Added support for filesystem capabilities
+  to Android system files and removed all setuid/setguid programs.  This
+  reduces root attack surface and the likelihood of potential security
+  vulnerabilities.</li>
+
+  <li><strong>ADB Authentication.</strong>
+  Since Android 4.2.2, connections to ADB are
+  authenticated with an RSA keypair. This prevents unauthorized use of
+  ADB where the attacker has physical access to a device.</li>
+
+  <li><strong>Restrict Setuid from Android Apps.</strong>
+  The /system partition is now mounted
+  nosuid for zygote-spawned processes, preventing Android applications
+  from executing setuid programs. This reduces root attack surface and
+  the likelihood of potential security vulnerabilities.</li>
+
+  <li><strong>Capability bounding.</strong>
+  Android zygote and ADB now use prctl(PR_CAPBSET_DROP) to drop
+  unnecessary capabilities prior to executing applications.
+  This prevents Android applications and applications launched from
+  the shell from acquiring privileged capabilities.</li>
+
+  <li><strong>AndroidKeyStore Provider.</strong>
+  Android now has a keystore provider that allows
+  applications to create exclusive use keys. This provides applications
+  with an API to create or store private keys that cannot be used by
+  other applications.</li>
+
+  <li><strong>KeyChain isBoundKeyAlgorithm.</strong>
+  Keychain API now provides a method
+  (isBoundKeyType) that allows applications to confirm that system-wide keys
+  are bound to a hardware root of trust for the device. This provides
+  a place to create or store private keys that cannot be exported off the
+  device, even in the event of a root compromise.</li>
+
+  <li><strong>NO_NEW_PRIVS.</strong>
+  Android zygote now uses prctl(PR_SET_NO_NEW_PRIVS) to block addition
+  of new privileges prior to execution application code. This
+  prevents Android applications from performing operations which can
+  elevate privileges via execve. (This requires Linux kernel version 3.5
+  or greater).</li>
+
+  <li><strong>FORTIFY_SOURCE enhancements.</strong>
+  Enabled FORTIFY_SOURCE on Android x86 and MIPS
+  and fortified strchr(), strrchr(), strlen(), and umask() calls. This
+  can detect potential memory corruption vulnerabilities or unterminated
+  string constants.</li>
+
+  <li><strong>Relocation protections.</strong>
+  Enabled read only relocations (relro) for
+  statically linked executables and removed all text relocations in Android
+  code. This provides defense in depth against potential memory corruption
+  vulnerabilities.</li>
+
+  <li><strong>Improved EntropyMixer.</strong>
+  EntropyMixer now writes entropy at shutdown /
+  reboot, in addition to periodic mixing. This allows retention of all
+  entropy generated while devices are powered on, and is especially useful
+  for devices that are rebooted immediately after provisioning.</li>
+
+  <li><strong>Security Fixes.</strong>
+  Android 4.3 also includes fixes for Android-specific
+  vulnerabilities. Information about these vulnerabilities has been provided
+  to Open Handset Alliance members and fixes are available in Android Open
+  Source Project. To improve security, some devices with earlier versions
+  of Android may also include these fixes.</li>
+</ul>