Maintainer: Shawn C[a.k.a "citypw"], citypw@gmail.com
Thanks to:
Copyright (c) TYA infotech ltd http://tya.company/
This project is a PoC to proved Android kernel can be protected by PaX/Grsecurity. Most of work( hardened-flo) has done in May 28 2015.
Testing environment:
flo( Nexus 7 2013)
marlin( Pixel XL)
Notes: The combination of PXN( inspired by PaX's KERNEXEC), HARDENED_USERCOPY( implemented and ported from PaX/Grsecurity's PAX_USERCOPY partially), RO vdso, DEBUG_RODATA/STRICT_MEMORY_RWX( it originally implemented by PaX's KERNEXEC) and software-based PAN( not strong as PaX's UDEREF) is unlikely to defeat highly customized exploitation( even some exploit vectors, which old dudes forgot already and new dudes never know) but it's strong enough to defeat those easy-to-write exploits used by malwares, which might cause massive affection.
Write-up: