this post was submitted on 01 Nov 2023
5 points (64.7% liked)

GrapheneOS [Unofficial]

1696 readers
2 users here now

Welcome to the GrapheneOS (Unofficial) community

This feed is currently only used for announcements and news.

Official support available on our forum and matrix chat rooms

GrapheneOS is a privacy and security focused mobile OS with Android app compatibility.

Links

More Site links

Social Media

This is a community based around the GrapheneOS projects including the hardened Android Open Source Project fork, Auditor, AttestationServer, the hardened malloc implementation and other projects.

founded 4 years ago
MODERATORS
KindnessInfinity@lemmy.ml
maade@lemmy.ml
akc3n@lemmy.ml
treequell@lemmy.world
5
GrapheneOS version 2023103000 released (grapheneos.org)
submitted 2 years ago by KindnessInfinity@lemmy.ml to c/grapheneos@lemmy.ml
0 comments fedilink hide all child comments
 

Pixel 4, Pixel 4 XL and Pixel 4a are end-of-life and shouldn't be used anymore due to lack of most security patches for firmware and drivers. We're considering porting them to Android 14 to continue providing extended support longer than initially planned to keep them as a way to preview the current version of the OS despite them not being secure. It will be a significant effort to port them properly without lost functionality and we're looking for a new developer to fund rather than reassigning any developers from their existing work on the OS.

Tags:

  • 2023103000 (Pixel 4a (5G), Pixel 5, Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, emulator, generic, other targets)
  • 2023103000-shusky (Pixel 8, Pixel 8 Pro)

Changes since the 2023102300 release:

  • add infrastructure for hardware memory tagging support
  • hardened_malloc: add support for hardware memory tagging launched with the ARMv9 cores on the Pixel 8 and Pixel 8 Pro
  • Settings: enable memory tagging toggle at Settings -> Security -> More security settings -> Advanced memory protection beta
  • Pixel 8, Pixel 8 Pro: enable memory tagging support for everything built by GrapheneOS (other than Vanadium, since Chromium currently disables it) and also user installed apps without native libraries (will be expanded to Vanadium later along with the option to use it for all user installed apps)
  • Pixel 8, Pixel 8 Pro: use asymmetric memory tagging mode on all cores to provide much higher security than asynchronous mode without much more overhead unlike the very expensive synchronous mode without any clear security benefits over asymmetric
  • enable parallel compilation of non-precompiled bytecode to native code for first-boot and first-boot-after-update with 2 processes for now (can be increased later)
  • improve user interface for reporting background package compilation progress
  • show crash dialog for first crash of an app since boot instead of waiting until the second crash like upstream Android
  • Gallery: fix low resolution image preview in editor
  • restore Android 13 behavior for installing APKs from the file manager by requesting permission for the app which created the APK (current Google Files behavior is a bit different and requests permission for Google Files, but the AOSP Files approach seems more useful)
  • SELinux policy: use per-app-instance MLS level for the update client domain as used for regular apps to provide better isolation from other system components
  • kernel (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Generic 5.10): update to latest GKI LTS branch revision including update to 5.10.198
  • kernel (Generic 5.15): update to latest GKI LTS branch revision including update to 5.15.137
  • Vanadium: update to version 118.0.5993.111.0
  • Vanadium: update to version 119.0.6045.53.1
  • Vanadium: update to version 119.0.6045.53.1
  • GmsCompatConfig: update to version 80
no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here