I've been working on reviving my security hardening for Android's standard C library (Bionic) and the Android Runtime (ART) used by languages compiled to dex bytecode (primarily Java and Kotlin). Porting from 8.x -> 9.x has been fairly easy but there are older features to revive.
Conversation
Compilation model configuration has already been restored: disabling the JIT compiler / profiler and moving back to full ahead-of-time compilation to native code. AOT compilation is still fully supported, but normally only used in a lightweight mode based on saved JIT profiles.
Replying to
The main ART changes are to support independent app address spaces via runtime relocation for non-position-independent images and hooks to make exec-based spawning in the Zygote fully compatible. GC hooks for purging freed memory in the background need to be done from scratch.
1
1
GC is much more complicated than a few years ago when it was implemented. There are multiple implementations and multiple heaps used alongside each other for different purposes. The concept is still workable though. Nothing to salvage from assorted ART compiler hardening though.
1
1
Bionic changes involved isolating memory regions (library region, secondary stacks), protecting function pointers outside the scope covered by type-based CFI, dynamic overflow checks (via a custom API needs to be finished for the new malloc) and a lot of small assorted features.
1